Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/eda8ef-36d3-45d4-911e-5fa90c13e1b7/1/KXezRoFRDaACEhVG5e99QdkFVUE.roa
File: KXezRoFRDaACEhVG5e99QdkFVUE.roa (raw, json)
Hash identifier: 97l6XF0A33u/hw3FO9QqEgbIu6uz1LD2DRE+NF2pHVI=
Subject key identifier: 29:77:B3:46:81:51:0D:A0:02:12:15:46:E5:EF:7D:41:D9:05:55:41
Certificate issuer: /CN=f8cfdc0e5edb1cc323f9344fe2827c793e95ac6f
Certificate serial: 018CC5011A5E8C53601F495378072FECF47B
Authority key identifier: F8:CF:DC:0E:5E:DB:1C:C3:23:F9:34:4F:E2:82:7C:79:3E:95:AC:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-M_cDl7bHMMj-TRP4oJ8eT6VrG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/eda8ef-36d3-45d4-911e-5fa90c13e1b7/1/KXezRoFRDaACEhVG5e99QdkFVUE.roa
Signing time: Mon 01 Jan 2024 12:30:33 +0000
ROA not before: Mon 01 Jan 2024 12:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 194.113.20.0/23 maxlen: 24
2001:678:b38::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/eda8ef-36d3-45d4-911e-5fa90c13e1b7/1/1-M_cDl7bHMMj-TRP4oJ8eT6VrG8.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/eda8ef-36d3-45d4-911e-5fa90c13e1b7/1/1-M_cDl7bHMMj-TRP4oJ8eT6VrG8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-M_cDl7bHMMj-TRP4oJ8eT6VrG8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 14:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:1a:5e:8c:53:60:1f:49:53:78:07:2f:ec:f4:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8cfdc0e5edb1cc323f9344fe2827c793e95ac6f
Validity
Not Before: Jan 1 12:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2977b34681510da002121546e5ef7d41d9055541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2b:51:e8:b6:80:06:2f:30:d7:4d:80:d3:ef:
5b:2b:36:00:50:93:fc:74:7d:90:50:2d:bc:a6:77:
27:5c:4f:74:50:d9:d4:28:79:61:19:88:86:c1:c0:
86:43:d5:e9:2d:ad:27:8c:81:50:e8:76:a9:a7:e7:
df:82:f5:30:35:bf:43:9e:58:62:71:44:4a:f3:b6:
e5:c9:c0:d3:a6:33:80:11:a5:eb:fb:ed:f7:41:2d:
6f:d4:2a:8e:4f:f4:01:12:7c:f1:44:8e:c1:c1:a6:
b9:f3:04:58:37:e4:c3:c5:c6:26:13:8b:ae:82:94:
9b:6b:c7:c9:8a:22:ed:75:76:70:be:46:1c:a7:d8:
74:ae:b9:3f:68:56:e5:e5:2b:46:b3:47:56:5e:91:
23:2e:67:f6:a8:60:ce:97:3b:d8:b3:75:d4:95:d1:
5b:8c:47:da:2f:50:b0:41:b3:f4:cc:08:e1:b1:33:
5d:64:87:54:b9:c3:03:6d:65:37:38:47:d8:d4:6d:
ff:da:d6:bc:3e:8d:10:99:58:b2:91:b4:f0:d1:cf:
91:ad:2e:b2:d1:11:d7:d8:ba:ea:18:6e:6a:75:b0:
86:e6:b7:a9:85:bb:19:6f:6b:6c:ff:1e:ad:f4:83:
23:1f:4b:49:6f:02:b9:ad:cb:f0:f1:01:cd:74:72:
d7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:77:B3:46:81:51:0D:A0:02:12:15:46:E5:EF:7D:41:D9:05:55:41
X509v3 Authority Key Identifier:
keyid:F8:CF:DC:0E:5E:DB:1C:C3:23:F9:34:4F:E2:82:7C:79:3E:95:AC:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-M_cDl7bHMMj-TRP4oJ8eT6VrG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/eda8ef-36d3-45d4-911e-5fa90c13e1b7/1/KXezRoFRDaACEhVG5e99QdkFVUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/eda8ef-36d3-45d4-911e-5fa90c13e1b7/1/1-M_cDl7bHMMj-TRP4oJ8eT6VrG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.20.0/23
IPv6:
2001:678:b38::/48
Signature Algorithm: sha256WithRSAEncryption
54:6b:62:1d:14:3b:49:e6:9e:3d:49:21:f0:06:d5:c6:2f:40:
45:9c:44:c0:dc:26:d0:6f:09:57:62:51:3d:c5:29:15:eb:04:
a1:6b:d2:56:80:05:e5:8e:9c:a5:b8:b8:a7:73:ba:b8:ad:9f:
79:43:84:d7:59:54:23:bf:fc:4f:b2:5d:21:d9:92:76:d0:5f:
69:d1:cf:5a:a7:67:7d:6e:2b:24:76:45:99:e1:e6:ef:ff:76:
5e:7c:f9:6a:d3:2f:26:e0:ec:ee:fe:16:b8:a4:0a:f3:46:0e:
b2:32:81:3d:f1:5b:a9:e8:10:e5:5d:25:80:91:31:74:fe:a7:
e1:96:0e:ce:c0:90:92:87:68:56:bd:5a:c1:44:d5:f9:6b:14:
3e:97:68:39:d5:5a:80:98:3a:52:ca:4b:f6:e5:b8:26:c6:d8:
59:27:0d:08:ac:70:b4:e9:04:19:2c:47:0a:6d:bf:f2:9f:cb:
19:3a:67:80:4f:2e:c3:a7:42:3d:96:73:cc:82:10:21:07:54:
f0:df:65:d5:a0:da:3e:c0:ed:ac:a8:0f:66:43:2e:75:5d:78:
fd:a3:68:91:ff:ac:24:6e:92:53:88:ea:4f:8d:e3:a0:e7:21:
53:5e:b1:7f:e6:46:ce:b5:4c:4a:4e:70:58:04:28:59:14:fb:
0f:b9:dc:15
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzFARpejFNgH0lTeAcv7PR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4Y2ZkYzBlNWVkYjFjYzMyM2Y5MzQ0ZmUyODI3Yzc5M2U5
NWFjNmYwHhcNMjQwMTAxMTIzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTc3YjM0NjgxNTEwZGEwMDIxMjE1NDZlNWVmN2Q0MWQ5MDU1NTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtytR6LaABi8w102A0+9bKzYAUJP8
dH2QUC28pncnXE90UNnUKHlhGYiGwcCGQ9XpLa0njIFQ6Happ+ffgvUwNb9Dnlhi
cURK87blycDTpjOAEaXr++33QS1v1CqOT/QBEnzxRI7Bwaa58wRYN+TDxcYmE4uu
gpSba8fJiiLtdXZwvkYcp9h0rrk/aFbl5StGs0dWXpEjLmf2qGDOlzvYs3XUldFb
jEfaL1CwQbP0zAjhsTNdZIdUucMDbWU3OEfY1G3/2ta8Po0QmViykbTw0c+RrS6y
0RHX2LrqGG5qdbCG5rephbsZb2ts/x6t9IMjH0tJbwK5rcvw8QHNdHLX3QIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFCl3s0aBUQ2gAhIVRuXvfUHZBVVBMB8GA1UdIwQY
MBaAFPjP3A5e2xzDI/k0T+KCfHk+laxvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1NX2NEbDdiSE1Nai1UUlA0b0o4ZVQ2VnJHOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcvZWRhOGVmLTM2ZDMtNDVkNC05MTFl
LTVmYTkwYzEzZTFiNy8xL0tYZXpSb0ZSRGFBQ0VoVkc1ZTk5UWRrRlZVRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTcvZWRhOGVmLTM2ZDMtNDVkNC05MTFlLTVmYTkwYzEzZTFi
Ny8xLzEtTV9jRGw3YkhNTWotVFJQNG9KOGVUNlZyRzguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAHCcRQw
DwQCAAIwCQMHACABBngLODANBgkqhkiG9w0BAQsFAAOCAQEAVGtiHRQ7SeaePUkh
8AbVxi9ARZxEwNwm0G8JV2JRPcUpFesEoWvSVoAF5Y6cpbi4p3O6uK2feUOE11lU
I7/8T7JdIdmSdtBfadHPWqdnfW4rJHZFmeHm7/92Xnz5atMvJuDs7v4WuKQK80YO
sjKBPfFbqegQ5V0lgJExdP6n4ZYOzsCQkodoVr1awUTV+WsUPpdoOdVagJg6UspL
9uW4JsbYWScNCKxwtOkEGSxHCm2/8p/LGTpngE8uw6dCPZZzzIIQIQdU8N9l1aDa
PsDtrKgPZkMudV14/aNokf+sJG6SU4jqT43joOchU16xf+ZGzrVMSk5wWAQoWRT7
D7ncFQ==
-----END CERTIFICATE-----
Generated at Mon May 13 17:18:43 2024 by rpki-client on console-ams.rpki-client.org