Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rdkC52OLN8IVYRwbMfiwzDkXG08.roa
File: rdkC52OLN8IVYRwbMfiwzDkXG08.roa (raw, json)
Hash identifier: 8sfqJQm3CizAfyIKlIVdYP71YBwYmKUrZQExaX1DPXo=
Subject key identifier: AD:D9:02:E7:63:8B:37:C2:15:61:1C:1B:31:F8:B0:CC:39:17:1B:4F
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 018E7C963E80D0EA7046DA48F9FFFCEAF39A
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rdkC52OLN8IVYRwbMfiwzDkXG08.roa
Signing time: Tue 26 Mar 2024 21:06:44 +0000
ROA not before: Tue 26 Mar 2024 21:06:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 87.58.64.0/24 maxlen: 24
87.58.65.0/24 maxlen: 24
194.9.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7c:96:3e:80:d0:ea:70:46:da:48:f9:ff:fc:ea:f3:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Mar 26 21:06:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=add902e7638b37c215611c1b31f8b0cc39171b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5b:63:b9:25:33:04:2c:7a:9f:8d:5f:83:69:
47:19:e6:79:5a:bb:fe:aa:27:53:71:09:d1:03:58:
85:5b:12:6d:3e:25:b2:a4:21:bd:a5:16:f9:f9:34:
e9:8f:32:47:00:e0:e0:7f:96:ad:2b:1f:e1:66:a5:
2f:6d:28:d0:9f:87:f4:bb:8e:95:37:ce:17:24:7c:
97:20:31:72:2f:47:66:c9:ff:7e:a2:20:98:11:e6:
43:fd:6b:73:d4:0f:f4:e8:ca:8e:e7:6f:4c:6d:b2:
5f:93:14:40:d9:9e:24:cc:c9:8c:d5:c5:33:f4:3f:
dd:30:8b:5e:f3:ea:2c:b5:9c:55:f7:e2:78:e6:44:
ef:50:ab:02:4a:88:c3:50:aa:e5:c9:1a:7a:39:0d:
66:f1:4b:e7:18:17:90:24:fe:5d:98:69:48:74:be:
4c:c3:9f:9f:0e:0c:9b:ad:0b:21:f9:3c:df:ce:e3:
53:c9:cb:e4:03:6a:82:e3:7a:70:c5:74:8b:0d:30:
eb:d7:86:c7:15:6a:3e:17:66:e5:25:e0:38:4e:8f:
11:66:15:0f:c1:bf:80:88:68:bd:fa:fa:8c:d1:a0:
a2:c7:d2:ba:79:41:dc:b7:de:8c:e9:ea:84:0a:9d:
d5:ca:44:c9:4f:ce:5b:e5:e4:53:0a:97:e2:f2:a2:
64:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D9:02:E7:63:8B:37:C2:15:61:1C:1B:31:F8:B0:CC:39:17:1B:4F
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rdkC52OLN8IVYRwbMfiwzDkXG08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.58.64.0/23
194.9.116.0/24
Signature Algorithm: sha256WithRSAEncryption
32:9e:5e:a4:55:ac:16:52:28:b4:25:24:bb:67:aa:0d:4e:a9:
0d:cf:bd:4b:a8:f4:df:b3:99:e3:c1:72:56:46:60:86:d7:5a:
bd:f1:b2:12:b6:cd:f5:09:b3:98:2c:ae:26:97:77:67:56:49:
b4:f6:aa:6b:79:4b:55:82:ef:5c:bc:e8:17:20:22:d6:cd:06:
5d:0e:ba:54:58:ee:9e:cf:54:f6:ae:c2:1b:58:bc:7f:be:91:
76:18:e9:31:43:8b:9d:6d:ed:55:94:fb:8d:eb:79:74:ae:8c:
af:9a:0a:94:49:fa:67:c1:0b:1f:da:6c:16:d9:30:c5:ed:44:
ee:04:4a:88:ef:6d:1e:e7:c7:62:c3:de:8b:e2:55:a5:15:c3:
92:09:f1:0a:1e:df:c6:28:a0:d5:2b:2f:37:4e:0c:1d:2c:c2:
f5:3a:f0:02:af:b6:7c:da:14:a9:88:d7:24:c0:cd:96:77:2b:
ac:d4:98:aa:1b:7a:5e:94:22:96:ab:7c:96:54:59:0d:41:d0:
9e:da:50:09:24:a2:c6:cd:da:2f:36:3a:ef:1b:d3:81:61:e3:
04:f3:25:8c:0c:83:3a:04:e9:31:66:a3:21:20:4b:af:0a:d7:
66:50:cf:93:fc:62:56:24:b6:cd:03:e1:25:c9:63:4e:60:49:
ab:1d:b9:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY58lj6A0OpwRtpI+f/86vOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjQwMzI2MjEwNjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGQ5MDJlNzYzOGIzN2MyMTU2MTFjMWIzMWY4YjBjYzM5MTcxYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1tjuSUzBCx6n41fg2lHGeZ5Wrv+
qidTcQnRA1iFWxJtPiWypCG9pRb5+TTpjzJHAODgf5atKx/hZqUvbSjQn4f0u46V
N84XJHyXIDFyL0dmyf9+oiCYEeZD/Wtz1A/06MqO529MbbJfkxRA2Z4kzMmM1cUz
9D/dMIte8+ostZxV9+J45kTvUKsCSojDUKrlyRp6OQ1m8UvnGBeQJP5dmGlIdL5M
w5+fDgybrQsh+TzfzuNTycvkA2qC43pwxXSLDTDr14bHFWo+F2blJeA4To8RZhUP
wb+AiGi9+vqM0aCix9K6eUHct96M6eqECp3VykTJT85b5eRTCpfi8qJkpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK3ZAudjizfCFWEcGzH4sMw5FxtPMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvcmRrQzUyT0xOOElWWVJ3Yk1maXd6RGtYRzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVzpAAwQA
wgl0MA0GCSqGSIb3DQEBCwUAA4IBAQAynl6kVawWUii0JSS7Z6oNTqkNz71LqPTf
s5njwXJWRmCG11q98bISts31CbOYLK4ml3dnVkm09qpreUtVgu9cvOgXICLWzQZd
DrpUWO6ez1T2rsIbWLx/vpF2GOkxQ4udbe1VlPuN63l0royvmgqUSfpnwQsf2mwW
2TDF7UTuBEqI720e58diw96L4lWlFcOSCfEKHt/GKKDVKy83TgwdLML1OvACr7Z8
2hSpiNckwM2Wdyus1JiqG3pelCKWq3yWVFkNQdCe2lAJJKLGzdovNjrvG9OBYeME
8yWMDIM6BOkxZqMhIEuvCtdmUM+T/GJWJLbNA+ElyWNOYEmrHblj
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:16:59 2024 by rpki-client on console-ams.rpki-client.org