Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/c-KfKSydRJITJXsjbnycxjow-wM.roa
File: c-KfKSydRJITJXsjbnycxjow-wM.roa (raw, json)
Hash identifier: jTkfDQGxF+QGQXO1hx+VTFhj+Rm4OJo3JPkFq07AQV0=
Subject key identifier: 73:E2:9F:29:2C:9D:44:92:13:25:7B:23:6E:7C:9C:C6:3A:30:FB:03
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 01904FF3C7EE1012EE10F5795BC23F96637C
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/c-KfKSydRJITJXsjbnycxjow-wM.roa
Signing time: Tue 25 Jun 2024 15:11:34 +0000
ROA not before: Tue 25 Jun 2024 15:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29321
IP address blocks: 80.243.96.0/20 maxlen: 20
94.143.168.0/21 maxlen: 21
109.239.64.0/20 maxlen: 20
194.59.240.0/22 maxlen: 22
217.195.160.0/20 maxlen: 20
2a02:b20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4f:f3:c7:ee:10:12:ee:10:f5:79:5b:c2:3f:96:63:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Jun 25 15:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73e29f292c9d449213257b236e7c9cc63a30fb03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:23:31:9d:33:cd:0f:d3:e2:45:f0:a4:e9:e0:
e3:0c:fc:f0:df:fd:5f:5b:60:37:cf:5f:de:3a:ef:
ec:c2:85:fb:2f:1e:94:aa:5a:a1:94:42:ba:f0:d1:
b2:92:b5:86:7d:83:fa:dd:7d:35:3c:0c:37:a8:3c:
c6:b5:32:59:ec:60:fd:a8:d7:ba:e1:09:a8:f3:7b:
04:6e:ca:e3:e4:fb:1a:5b:e2:17:86:2b:dd:cd:8b:
ab:25:e6:70:89:03:27:2b:f4:2e:c1:e8:62:88:90:
c9:b3:0b:dc:dc:bc:c0:15:76:49:67:b7:55:fe:cf:
45:32:b0:3d:43:98:cd:21:c0:41:a2:5d:5f:10:f6:
69:ff:b5:ce:79:8d:23:42:30:fe:da:95:32:8e:83:
e5:e7:99:56:ec:01:9f:07:b0:cd:8a:02:39:ec:bc:
fb:43:42:31:09:79:07:86:7d:92:c8:3d:f3:60:7b:
e3:0c:a6:6a:98:b5:e3:3f:43:a7:3c:94:15:7d:7f:
3b:f8:48:e8:9d:6e:31:93:22:04:31:bd:52:6f:b6:
51:7f:d7:ae:d6:f7:67:44:b9:a8:00:7f:7b:32:2a:
99:16:b9:8f:ee:b9:cc:72:3e:92:20:e4:11:be:6b:
31:1b:66:8a:ee:6e:24:d7:08:62:36:a8:15:75:1a:
04:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E2:9F:29:2C:9D:44:92:13:25:7B:23:6E:7C:9C:C6:3A:30:FB:03
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/c-KfKSydRJITJXsjbnycxjow-wM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.96.0/20
94.143.168.0/21
109.239.64.0/20
194.59.240.0/22
217.195.160.0/20
IPv6:
2a02:b20::/32
Signature Algorithm: sha256WithRSAEncryption
9a:dd:74:91:89:11:59:9c:8e:30:3f:56:7f:44:00:49:05:e4:
95:58:b2:a7:0d:de:26:d3:21:6a:fc:07:bc:4a:a5:b9:47:2a:
45:37:ee:70:3e:36:a7:4c:54:70:ee:a2:5a:4f:64:52:81:74:
f7:f8:5b:1a:67:b9:cf:41:67:88:3f:53:a9:36:f0:67:2d:d7:
35:25:ee:b0:ec:fb:cd:df:c0:56:83:a6:67:55:68:2b:be:14:
fb:45:b4:21:de:a9:89:7d:d5:52:49:c5:cd:fb:56:92:4d:75:
92:27:61:23:20:48:a3:ed:37:43:35:a2:29:e5:b9:d9:00:6c:
8f:b4:0e:74:6f:b0:c7:28:72:f7:f6:8c:fa:01:e3:fb:d9:9b:
92:55:e0:8e:0d:66:dd:e3:da:73:27:13:89:6e:b8:38:85:15:
ed:42:d2:4a:ba:19:be:11:34:9a:5a:f9:a0:11:16:d5:ce:99:
00:75:19:aa:de:50:c0:6a:6e:d8:cb:24:7a:72:b7:7f:48:b0:
76:bc:7b:af:35:c9:5e:dc:0a:37:d0:97:78:96:ff:cd:f3:e7:
47:20:1e:23:f0:34:e5:be:9a:d9:9f:7c:40:1d:ae:28:07:94:
cd:84:6d:df:d5:08:10:4d:07:eb:7d:96:70:90:ca:13:35:e7:
6e:68:f7:80
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZBP88fuEBLuEPV5W8I/lmN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjQwNjI1MTUxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2UyOWYyOTJjOWQ0NDkyMTMyNTdiMjM2ZTdjOWNjNjNhMzBmYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSMxnTPND9PiRfCk6eDjDPzw3/1f
W2A3z1/eOu/swoX7Lx6UqlqhlEK68NGykrWGfYP63X01PAw3qDzGtTJZ7GD9qNe6
4Qmo83sEbsrj5PsaW+IXhivdzYurJeZwiQMnK/QuwehiiJDJswvc3LzAFXZJZ7dV
/s9FMrA9Q5jNIcBBol1fEPZp/7XOeY0jQjD+2pUyjoPl55lW7AGfB7DNigI57Lz7
Q0IxCXkHhn2SyD3zYHvjDKZqmLXjP0OnPJQVfX87+EjonW4xkyIEMb1Sb7ZRf9eu
1vdnRLmoAH97MiqZFrmP7rnMcj6SIOQRvmsxG2aK7m4k1whiNqgVdRoEqQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHPinyksnUSSEyV7I258nMY6MPsDMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvYy1LZktTeWRSSklUSlhzamJueWN4am93LXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEUPNgAwQD
Xo+oAwQEbe9AAwQCwjvwAwQE2cOgMA0EAgACMAcDBQAqAgsgMA0GCSqGSIb3DQEB
CwUAA4IBAQCa3XSRiRFZnI4wP1Z/RABJBeSVWLKnDd4m0yFq/Ae8SqW5RypFN+5w
PjanTFRw7qJaT2RSgXT3+FsaZ7nPQWeIP1OpNvBnLdc1Je6w7PvN38BWg6ZnVWgr
vhT7RbQh3qmJfdVSScXN+1aSTXWSJ2EjIEij7TdDNaIp5bnZAGyPtA50b7DHKHL3
9oz6AeP72ZuSVeCODWbd49pzJxOJbrg4hRXtQtJKuhm+ETSaWvmgERbVzpkAdRmq
3lDAam7YyyR6crd/SLB2vHuvNcle3Ao30Jd4lv/N8+dHIB4j8DTlvprZn3xAHa4o
B5TNhG3f1QgQTQfrfZZwkMoTNeduaPeA
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:17:09 2024 by rpki-client on console-fra.rpki-client.org