Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/Ke3fPbyPoP0iliEO-Uxm5ka7GR4.roa
File: Ke3fPbyPoP0iliEO-Uxm5ka7GR4.roa (raw, json)
Hash identifier: 71+dNE7DDYN9SsbzDneRhpVvS2KJwnBuE4cfmD8jMKg=
Subject key identifier: 29:ED:DF:3D:BC:8F:A0:FD:22:96:21:0E:F9:4C:66:E6:46:BB:19:1E
Certificate issuer: /CN=694e515cc5be4e27e9d3d13e5e1c11dc7529274b
Certificate serial: 018CC801BC31E46F9E77A737189A48FC5C23
Authority key identifier: 69:4E:51:5C:C5:BE:4E:27:E9:D3:D1:3E:5E:1C:11:DC:75:29:27:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aU5RXMW-Tifp09E-XhwR3HUpJ0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/Ke3fPbyPoP0iliEO-Uxm5ka7GR4.roa
Signing time: Tue 02 Jan 2024 02:30:06 +0000
ROA not before: Tue 02 Jan 2024 02:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51101
IP address blocks: 195.43.66.0/23 maxlen: 23
185.230.224.0/22 maxlen: 22
88.135.186.0/24 maxlen: 24
178.217.112.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/aU5RXMW-Tifp09E-XhwR3HUpJ0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/aU5RXMW-Tifp09E-XhwR3HUpJ0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/aU5RXMW-Tifp09E-XhwR3HUpJ0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:bc:31:e4:6f:9e:77:a7:37:18:9a:48:fc:5c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=694e515cc5be4e27e9d3d13e5e1c11dc7529274b
Validity
Not Before: Jan 2 02:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29eddf3dbc8fa0fd2296210ef94c66e646bb191e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:be:3a:df:bb:77:3f:ec:8f:c0:0d:81:49:58:
0c:2a:ff:91:64:f4:e7:14:19:1c:06:1c:77:77:da:
f0:71:72:99:2a:b1:64:d7:16:fb:eb:10:ac:0e:57:
6b:95:8e:03:78:37:4d:5c:f8:ad:45:da:5c:8d:b8:
b4:7b:e3:a7:10:07:0c:9f:f2:79:b8:73:7a:6e:63:
f8:0d:44:81:1c:30:c5:9d:4c:a3:a2:7e:31:08:a5:
7c:27:d9:70:cc:e6:ce:71:03:55:5b:c6:6d:de:20:
86:4f:25:ad:5f:3d:0a:34:88:23:52:0b:ce:71:2b:
97:ff:08:9b:e7:51:ba:26:31:4d:16:7b:26:5b:c9:
4b:5d:e4:b0:bf:07:e7:da:c7:ee:b5:5b:fd:88:04:
95:01:82:23:c7:4e:a0:11:50:b4:c2:9d:23:6d:0e:
50:53:02:01:01:5f:f4:25:6c:4a:18:77:db:1c:18:
21:d7:b5:5a:45:a8:0c:f2:c2:01:2d:b1:35:c8:10:
60:bd:14:42:6e:3a:08:fc:dd:9d:a6:fa:31:7a:cf:
bc:37:b5:d7:9a:ff:6f:d1:c6:fa:51:c3:44:c8:0e:
c5:c3:46:ac:90:b6:4b:3f:28:9d:04:af:3f:bb:d6:
60:e8:4d:f1:e8:2c:f2:e9:cd:43:dc:6b:78:cc:76:
a3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:ED:DF:3D:BC:8F:A0:FD:22:96:21:0E:F9:4C:66:E6:46:BB:19:1E
X509v3 Authority Key Identifier:
keyid:69:4E:51:5C:C5:BE:4E:27:E9:D3:D1:3E:5E:1C:11:DC:75:29:27:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aU5RXMW-Tifp09E-XhwR3HUpJ0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/Ke3fPbyPoP0iliEO-Uxm5ka7GR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/aU5RXMW-Tifp09E-XhwR3HUpJ0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.186.0/24
178.217.112.0/21
185.230.224.0/22
195.43.66.0/23
Signature Algorithm: sha256WithRSAEncryption
18:60:93:37:f4:5b:62:20:18:af:33:61:aa:0a:2d:90:9d:41:
f4:b2:95:c0:9e:9a:ff:8f:cd:b1:d9:73:9a:e1:21:23:8d:25:
75:40:e5:e3:d3:27:4e:d1:9e:9a:6f:ec:a8:16:6c:6c:80:cd:
77:af:ec:e8:b6:ac:ca:15:fa:2f:0b:3f:f8:b0:21:eb:f3:d9:
a8:ed:56:40:ac:66:e6:b0:56:ff:89:0b:b7:b0:2f:64:36:c4:
e9:d1:59:1c:89:70:43:a0:ea:52:4f:f9:32:2a:fd:0e:5b:99:
4d:36:7d:52:fc:12:ab:fd:ee:ea:ae:e8:73:6b:db:76:b6:32:
5d:e1:44:8c:71:d3:b4:53:71:db:dd:b0:fd:27:c1:c5:8d:4b:
05:4d:63:dc:a6:1d:f2:e7:8a:bc:62:99:a0:79:f2:3c:67:6e:
aa:0b:d4:b9:c8:aa:7a:71:91:0b:df:22:61:f1:3a:8e:fa:06:
10:29:53:52:f2:fa:38:6c:53:d6:8f:73:51:4e:69:d6:32:eb:
85:b8:7a:d8:4f:8c:6a:98:e4:55:98:dc:b2:e7:fb:99:a9:36:
9c:78:b5:7c:30:b1:6c:fe:72:b2:20:f3:1b:88:80:5d:d4:6b:
7f:51:46:09:53:e2:6d:00:e3:9e:eb:3a:6c:55:e0:40:af:68:
9c:bd:b5:37
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAbwx5G+ed6c3GJpI/FwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGU1MTVjYzViZTRlMjdlOWQzZDEzZTVlMWMxMWRjNzUy
OTI3NGIwHhcNMjQwMTAyMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWVkZGYzZGJjOGZhMGZkMjI5NjIxMGVmOTRjNjZlNjQ2YmIxOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub4637t3P+yPwA2BSVgMKv+RZPTn
FBkcBhx3d9rwcXKZKrFk1xb76xCsDldrlY4DeDdNXPitRdpcjbi0e+OnEAcMn/J5
uHN6bmP4DUSBHDDFnUyjon4xCKV8J9lwzObOcQNVW8Zt3iCGTyWtXz0KNIgjUgvO
cSuX/wib51G6JjFNFnsmW8lLXeSwvwfn2sfutVv9iASVAYIjx06gEVC0wp0jbQ5Q
UwIBAV/0JWxKGHfbHBgh17VaRagM8sIBLbE1yBBgvRRCbjoI/N2dpvoxes+8N7XX
mv9v0cb6UcNEyA7Fw0askLZLPyidBK8/u9Zg6E3x6Czy6c1D3Gt4zHajaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCnt3z28j6D9IpYhDvlMZuZGuxkeMB8GA1UdIwQY
MBaAFGlOUVzFvk4n6dPRPl4cEdx1KSdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVU1UlhNVy1UaWZwMDlFLVhod1IzSFVwSjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83OTU2MjAtMjAwMy00Nzg1LTk5OWYt
NTFjNzdjYzQ5MTQ2LzEvS2UzZlBieVBvUDBpbGlFTy1VeG01a2E3R1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83OTU2MjAtMjAwMy00Nzg1LTk5OWYtNTFjNzdjYzQ5MTQ2
LzEvYVU1UlhNVy1UaWZwMDlFLVhod1IzSFVwSjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWIe6AwQD
stlwAwQCuebgAwQBwytCMA0GCSqGSIb3DQEBCwUAA4IBAQAYYJM39FtiIBivM2Gq
Ci2QnUH0spXAnpr/j82x2XOa4SEjjSV1QOXj0ydO0Z6ab+yoFmxsgM13r+zotqzK
FfovCz/4sCHr89mo7VZArGbmsFb/iQu3sC9kNsTp0VkciXBDoOpST/kyKv0OW5lN
Nn1S/BKr/e7qruhza9t2tjJd4USMcdO0U3Hb3bD9J8HFjUsFTWPcph3y54q8Ypmg
efI8Z26qC9S5yKp6cZEL3yJh8TqO+gYQKVNS8vo4bFPWj3NRTmnWMuuFuHrYT4xq
mORVmNyy5/uZqTaceLV8MLFs/nKyIPMbiIBd1Gt/UUYJU+JtAOOe6zpsVeBAr2ic
vbU3
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:26:49 2024 by rpki-client on console-ams.rpki-client.org