Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/k1I5LKerBjqrx2OT9VblwXHXPKk.roa
File: k1I5LKerBjqrx2OT9VblwXHXPKk.roa (raw, json)
Hash identifier: 8boRgeVtN8opDbZed62EjIoKXgldbzgTf/F9hIlF5jw=
Subject key identifier: 93:52:39:2C:A7:AB:06:3A:AB:C7:63:93:F5:56:E5:C1:71:D7:3C:A9
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 018CC87076CAA48364462B721B7EE86C382E
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/k1I5LKerBjqrx2OT9VblwXHXPKk.roa
Signing time: Tue 02 Jan 2024 04:31:02 +0000
ROA not before: Tue 02 Jan 2024 04:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212384
IP address blocks: 185.242.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:76:ca:a4:83:64:46:2b:72:1b:7e:e8:6c:38:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Jan 2 04:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9352392ca7ab063aabc76393f556e5c171d73ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6e:58:5a:8b:8e:0c:fd:3e:0c:1f:73:d2:39:
96:92:5f:76:97:5f:aa:07:c8:7e:fc:66:0f:68:5d:
ab:9c:f6:58:35:6e:1f:90:64:1d:c9:29:64:76:e5:
b9:2d:7f:06:da:25:ec:fe:bf:ff:3f:a2:67:9a:1a:
97:80:06:c7:19:f2:2b:d1:c0:ed:52:24:ea:cd:1e:
ad:2c:da:58:76:7e:a9:9a:7f:0c:93:b4:5e:26:cf:
c6:25:4b:41:3e:93:d0:5b:80:b1:21:cf:35:34:b3:
e5:d8:46:3c:91:7f:38:ad:7d:83:7b:11:9e:de:b6:
fe:81:71:13:b3:b3:a4:84:4f:c5:85:de:aa:47:b9:
d3:2c:fa:12:ea:59:46:60:e8:84:21:26:47:f9:e3:
c1:c6:83:1e:37:5c:0f:37:d8:95:17:48:8c:13:1a:
25:53:fa:73:b5:1b:6c:b4:3f:98:02:b2:5e:fa:d4:
fa:74:ac:ca:1c:b6:f3:d0:e0:ff:d0:18:82:ae:9e:
91:5a:50:6a:81:d6:e4:4a:26:0d:c0:27:6e:76:ac:
d0:3f:01:dc:c9:7b:17:d6:34:00:43:20:c5:ca:33:
52:e9:ec:07:3c:24:5c:c8:f2:00:a4:90:e0:4e:bc:
9b:f4:47:d5:fe:e1:51:0a:0d:de:60:06:00:29:ff:
bf:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:52:39:2C:A7:AB:06:3A:AB:C7:63:93:F5:56:E5:C1:71:D7:3C:A9
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/k1I5LKerBjqrx2OT9VblwXHXPKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.108.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:e4:b1:2d:01:15:80:db:7e:6f:f4:a4:88:2e:96:25:b8:a7:
eb:eb:97:ca:a5:fa:89:58:a5:dc:45:c1:43:57:5a:2e:96:69:
71:7b:f4:ee:9d:ee:56:7a:a9:ef:ef:0e:76:6f:50:40:60:73:
a2:92:f1:a1:ff:8a:9d:08:a9:e6:d4:fc:4d:11:80:5c:e2:45:
f8:58:ef:92:47:b8:85:8b:90:74:4f:a3:2b:f7:5e:49:8b:4c:
1f:72:5a:91:f1:f5:0c:88:04:a3:b1:c8:dd:d0:ca:4d:75:2a:
fb:e5:e5:10:de:5a:59:34:53:fe:b0:53:03:de:99:d1:d1:cf:
b2:42:a1:0d:38:95:12:67:85:3a:e7:5e:f2:91:7b:fe:97:42:
4a:72:60:c9:6e:6e:62:3a:6b:bd:32:8c:da:a6:b9:5a:1a:1e:
18:21:73:d8:da:3b:6f:ef:aa:19:6d:36:7b:8d:a8:3f:ce:b9:
d4:dd:9f:5e:e5:07:68:fc:b8:93:d2:d4:31:a4:ae:c1:41:a3:
d2:ce:f4:91:93:ae:de:3a:a7:97:82:85:e4:91:ac:9e:98:d2:
82:77:45:44:46:86:2c:67:16:0b:56:2b:49:19:f8:44:85:75:
ff:ce:c8:8c:2a:e6:2d:c8:03:61:18:dd:0c:f8:f6:f4:79:54:
3d:93:d9:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcHbKpINkRityG37obDguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjQwMTAyMDQzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzUyMzkyY2E3YWIwNjNhYWJjNzYzOTNmNTU2ZTVjMTcxZDczY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq25YWouODP0+DB9z0jmWkl92l1+q
B8h+/GYPaF2rnPZYNW4fkGQdySlkduW5LX8G2iXs/r//P6JnmhqXgAbHGfIr0cDt
UiTqzR6tLNpYdn6pmn8Mk7ReJs/GJUtBPpPQW4CxIc81NLPl2EY8kX84rX2DexGe
3rb+gXETs7OkhE/Fhd6qR7nTLPoS6llGYOiEISZH+ePBxoMeN1wPN9iVF0iMExol
U/pztRtstD+YArJe+tT6dKzKHLbz0OD/0BiCrp6RWlBqgdbkSiYNwCdudqzQPwHc
yXsX1jQAQyDFyjNS6ewHPCRcyPIApJDgTryb9EfV/uFRCg3eYAYAKf+/0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNSOSynqwY6q8djk/VW5cFx1zypMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvazFJNUxLZXJCanFyeDJPVDlWYmx3WEhYUEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufJsMA0G
CSqGSIb3DQEBCwUAA4IBAQB85LEtARWA235v9KSILpYluKfr65fKpfqJWKXcRcFD
V1oulmlxe/Tune5Weqnv7w52b1BAYHOikvGh/4qdCKnm1PxNEYBc4kX4WO+SR7iF
i5B0T6Mr915Ji0wfclqR8fUMiASjscjd0MpNdSr75eUQ3lpZNFP+sFMD3pnR0c+y
QqENOJUSZ4U6517ykXv+l0JKcmDJbm5iOmu9MozaprlaGh4YIXPY2jtv76oZbTZ7
jag/zrnU3Z9e5Qdo/LiT0tQxpK7BQaPSzvSRk67eOqeXgoXkkayemNKCd0VERoYs
ZxYLVitJGfhEhXX/zsiMKuYtyANhGN0M+Pb0eVQ9k9m1
-----END CERTIFICATE-----
Generated at Sun Apr 21 03:49:37 2024 by rpki-client on console-fra.rpki-client.org