Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/ReEQTyht1kCHnZpryXgDzTLe9_E.roa
File: ReEQTyht1kCHnZpryXgDzTLe9_E.roa (raw, json)
Hash identifier: yQKsYMbvYuh+lyJBme7TI0hMSk7Uupm9iuhz02yclcc=
Subject key identifier: 45:E1:10:4F:28:6D:D6:40:87:9D:9A:6B:C9:78:03:CD:32:DE:F7:F1
Certificate issuer: /CN=ce9135dfed0bb6335d19ddd6d7e99f48afbe3c01
Certificate serial: 018CC8DEA27C161D4CF833A27112448D861C
Authority key identifier: CE:91:35:DF:ED:0B:B6:33:5D:19:DD:D6:D7:E9:9F:48:AF:BE:3C:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/ReEQTyht1kCHnZpryXgDzTLe9_E.roa
Signing time: Tue 02 Jan 2024 06:31:22 +0000
ROA not before: Tue 02 Jan 2024 06:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13005
IP address blocks: 213.170.132.0/24 maxlen: 32
213.170.128.0/22 maxlen: 32
213.170.136.0/22 maxlen: 32
213.170.134.0/24 maxlen: 32
85.113.68.0/23 maxlen: 32
213.170.144.0/24 maxlen: 32
213.170.140.0/24 maxlen: 32
213.170.150.0/24 maxlen: 32
213.170.152.0/23 maxlen: 32
213.170.148.0/23 maxlen: 32
213.170.147.0/24 maxlen: 32
213.170.154.0/24 maxlen: 32
2001:be0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/zpE13-0LtjNdGd3W1-mfSK--PAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/zpE13-0LtjNdGd3W1-mfSK--PAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 12:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:a2:7c:16:1d:4c:f8:33:a2:71:12:44:8d:86:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce9135dfed0bb6335d19ddd6d7e99f48afbe3c01
Validity
Not Before: Jan 2 06:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45e1104f286dd640879d9a6bc97803cd32def7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:48:27:09:c2:8a:f9:b6:28:f6:1a:38:c7:05:
d2:b2:46:0c:d3:68:8b:f9:bd:31:a0:7d:33:05:3a:
0f:1a:52:30:ca:c5:52:34:8b:1a:ab:af:30:e8:de:
50:6b:8b:fa:45:4b:8c:db:c7:c3:c7:f0:6c:e3:c9:
23:36:9c:25:a2:12:7e:50:47:6a:58:8c:86:99:0b:
ea:9c:97:ec:64:04:86:e7:24:cd:0e:a2:b8:a8:ce:
97:af:f6:51:57:bf:f4:d6:7c:5a:29:e0:0e:7c:09:
9a:ec:95:30:ac:40:8a:80:cf:35:dc:db:82:dc:a0:
59:4f:74:f3:b5:ac:21:25:36:2c:5c:f7:6e:d8:7b:
1a:22:92:a2:c9:85:1c:7d:1b:ac:69:f3:e9:98:7d:
8a:e7:e0:0b:61:c5:c2:2e:8a:11:99:46:8d:2c:a9:
4d:3c:a6:14:34:f3:7b:86:64:b5:88:e9:25:8a:a2:
31:5c:0e:23:26:bb:58:ba:9c:e7:9f:f1:25:cb:ca:
bd:03:72:5a:5c:25:a9:ae:f9:df:b4:0e:dc:15:71:
a9:0f:22:65:b0:92:ba:92:ae:6d:d2:08:2b:1b:3d:
09:de:f6:6a:41:08:be:86:34:bf:a6:53:d9:59:fb:
4d:1e:39:cc:81:2b:6d:3e:bf:34:bd:ec:91:9c:38:
3d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E1:10:4F:28:6D:D6:40:87:9D:9A:6B:C9:78:03:CD:32:DE:F7:F1
X509v3 Authority Key Identifier:
keyid:CE:91:35:DF:ED:0B:B6:33:5D:19:DD:D6:D7:E9:9F:48:AF:BE:3C:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/ReEQTyht1kCHnZpryXgDzTLe9_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/zpE13-0LtjNdGd3W1-mfSK--PAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.113.68.0/23
213.170.128.0-213.170.132.255
213.170.134.0/24
213.170.136.0-213.170.140.255
213.170.144.0/24
213.170.147.0-213.170.150.255
213.170.152.0-213.170.154.255
IPv6:
2001:be0::/32
Signature Algorithm: sha256WithRSAEncryption
3d:c9:ef:7b:99:1a:6a:2a:97:33:a0:10:69:2c:f2:53:14:46:
8d:f5:3e:e9:74:ab:59:1a:2c:a5:57:fb:79:4f:b6:82:ec:5a:
fa:6c:a2:2e:f3:81:39:71:b2:36:77:25:eb:49:f6:ca:d3:dc:
da:55:2c:da:cd:e2:c9:b8:60:86:d5:c0:b8:9c:dc:c4:ef:8a:
b2:fc:06:2a:40:24:9c:50:68:71:37:4a:fa:4c:28:3d:f4:24:
5b:86:00:fe:7d:0a:50:43:97:78:ba:63:03:84:1a:05:1a:dd:
ee:b6:ab:9b:5e:91:3a:c4:c2:1c:f1:9e:eb:c4:17:b5:d5:d8:
23:da:13:98:ec:d2:24:7b:e2:07:39:5b:ea:71:aa:83:0d:90:
e5:9d:a9:87:07:e1:56:37:23:9e:74:3f:c9:bb:bb:b1:3e:5f:
60:63:45:66:21:fd:25:24:18:c1:94:ca:0f:87:37:d4:77:03:
39:bb:8f:97:53:e1:a3:9a:a8:cb:40:c4:77:03:b3:17:aa:ed:
8e:fe:79:ad:3d:a9:46:da:1a:4d:41:f4:55:bb:88:72:f4:5b:
26:24:dc:61:6a:1c:76:f2:43:cf:16:a6:73:2f:0a:51:26:85:
94:03:02:1d:4a:66:0e:80:50:5e:6e:db:4a:67:6d:66:8a:65:
4f:81:cf:3c
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYzI3qJ8Fh1M+DOicRJEjYYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOTEzNWRmZWQwYmI2MzM1ZDE5ZGRkNmQ3ZTk5ZjQ4YWZi
ZTNjMDEwHhcNMjQwMTAyMDYzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWUxMTA0ZjI4NmRkNjQwODc5ZDlhNmJjOTc4MDNjZDMyZGVmN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUgnCcKK+bYo9ho4xwXSskYM02iL
+b0xoH0zBToPGlIwysVSNIsaq68w6N5Qa4v6RUuM28fDx/Bs48kjNpwlohJ+UEdq
WIyGmQvqnJfsZASG5yTNDqK4qM6Xr/ZRV7/01nxaKeAOfAma7JUwrECKgM813NuC
3KBZT3TztawhJTYsXPdu2HsaIpKiyYUcfRusafPpmH2K5+ALYcXCLooRmUaNLKlN
PKYUNPN7hmS1iOkliqIxXA4jJrtYupznn/Ely8q9A3JaXCWprvnftA7cFXGpDyJl
sJK6kq5t0ggrGz0J3vZqQQi+hjS/plPZWftNHjnMgSttPr80veyRnDg9qQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFEXhEE8obdZAh52aa8l4A80y3vfxMB8GA1UdIwQY
MBaAFM6RNd/tC7YzXRnd1tfpn0ivvjwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenBFMTMtMEx0ak5kR2QzVzEtbWZTSy0tUEFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zYzljM2MtZDYwOC00ZWEyLTlhMjgt
YzExZWM2ZWE4NmI4LzEvUmVFUVR5aHQxa0NIblpwcnlYZ0R6VExlOV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zYzljM2MtZDYwOC00ZWEyLTlhMjgtYzExZWM2ZWE4NmI4
LzEvenBFMTMtMEx0ak5kR2QzVzEtbWZTSy0tUEFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQBVXFEMAwD
BAfVqoADBADVqoQDBADVqoYwDAMEA9WqiAMEANWqjAMEANWqkDAMAwQA1aqTAwQA
1aqWMAwDBAPVqpgDBADVqpowDQQCAAIwBwMFACABC+AwDQYJKoZIhvcNAQELBQAD
ggEBAD3J73uZGmoqlzOgEGks8lMURo31Pul0q1kaLKVX+3lPtoLsWvpsoi7zgTlx
sjZ3JetJ9srT3NpVLNrN4sm4YIbVwLic3MTvirL8BipAJJxQaHE3SvpMKD30JFuG
AP59ClBDl3i6YwOEGgUa3e62q5tekTrEwhzxnuvEF7XV2CPaE5js0iR74gc5W+px
qoMNkOWdqYcH4VY3I550P8m7u7E+X2BjRWYh/SUkGMGUyg+HN9R3Azm7j5dT4aOa
qMtAxHcDsxeq7Y7+ea09qUbaGk1B9FW7iHL0WyYk3GFqHHbyQ88WpnMvClEmhZQD
Ah1KZg6AUF5u20pnbWaKZU+Bzzw=
-----END CERTIFICATE-----
Generated at Tue Nov 26 21:06:46 2024 by rpki-client on console-fra.rpki-client.org