Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/rUs1ks5JdiEUtJSOF-jg1OCkWQw.roa
File: rUs1ks5JdiEUtJSOF-jg1OCkWQw.roa (raw, json)
Hash identifier: yUL20mOfRyFiZ79Kl1pbjZ89eCHFvE/Z9OD5IjfVzFY=
Subject key identifier: AD:4B:35:92:CE:49:76:21:14:B4:94:8E:17:E8:E0:D4:E0:A4:59:0C
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 018CC6B8FA1C30E4ABEC621A6A2054DF4E58
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/rUs1ks5JdiEUtJSOF-jg1OCkWQw.roa
Signing time: Mon 01 Jan 2024 20:31:00 +0000
ROA not before: Mon 01 Jan 2024 20:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6667
IP address blocks: 192.136.74.0/24 maxlen: 24
192.136.73.0/24 maxlen: 24
213.192.184.0/21 maxlen: 21
192.175.45.0/24 maxlen: 24
2001:670::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:fa:1c:30:e4:ab:ec:62:1a:6a:20:54:df:4e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Jan 1 20:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad4b3592ce49762114b4948e17e8e0d4e0a4590c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:60:7a:92:b7:2f:23:c9:7f:2e:d9:c3:29:71:
b3:2c:e3:de:a3:85:e7:0d:5f:4c:4a:7f:4a:cb:7c:
41:69:f7:06:64:a0:e7:20:29:0c:5a:82:52:cf:22:
2d:22:b5:3f:83:ee:11:40:11:ed:df:63:8b:fa:e0:
ff:5e:c0:d4:38:15:71:03:64:19:4e:38:79:71:36:
e6:f4:76:fe:0a:06:03:34:9f:64:39:58:bf:14:1f:
32:d0:92:ae:4d:60:10:7c:a1:5a:96:f0:67:47:72:
f2:bc:a6:e5:4e:fc:58:09:db:36:8f:46:81:98:b6:
94:16:5e:3c:7d:b1:e8:83:65:3b:9d:2c:97:de:7b:
ef:f0:93:75:fa:e7:d3:02:b5:ea:c7:9d:88:14:12:
85:5c:1b:d1:a6:9e:2c:f9:4f:a7:05:c4:ce:80:0f:
fb:05:ca:2b:8e:67:24:f9:c0:3b:0d:89:b8:e0:dc:
12:3e:82:4c:c5:3b:75:c6:fb:6b:d4:e3:83:ad:10:
d7:4b:7b:69:d6:78:8d:dd:63:11:c6:70:87:26:6f:
4d:31:bc:30:2c:d2:ed:e9:70:15:60:35:0e:ea:91:
94:76:ee:3c:19:7e:16:ad:1c:03:b8:79:14:7e:a4:
2c:3a:fa:ab:f8:03:c7:02:46:82:51:22:b1:c9:3c:
94:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:4B:35:92:CE:49:76:21:14:B4:94:8E:17:E8:E0:D4:E0:A4:59:0C
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/rUs1ks5JdiEUtJSOF-jg1OCkWQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.136.73.0-192.136.74.255
192.175.45.0/24
213.192.184.0/21
IPv6:
2001:670::/32
Signature Algorithm: sha256WithRSAEncryption
06:c3:8b:00:5d:c5:20:b0:ed:f6:9a:d4:21:6f:7c:37:78:b8:
44:ff:d0:65:0f:d6:cf:52:7f:8c:77:b8:67:35:c5:4b:61:b6:
8e:83:99:b7:38:7b:a5:36:5a:2e:18:41:43:9b:b6:b1:88:0e:
4f:de:4f:18:a5:23:05:cc:0d:b0:0a:72:ad:d4:64:c5:dd:20:
bd:4d:06:6b:07:bc:8a:4e:d5:20:f8:40:61:99:47:d5:c0:e5:
29:52:69:7b:64:f2:9b:f3:4e:27:0c:f7:65:34:0b:e9:73:43:
58:b0:08:ff:cd:50:67:22:13:8d:e6:1d:c7:7b:a2:fb:18:dd:
f8:fe:03:cc:65:85:29:e4:78:b3:2e:9e:b8:8e:00:8f:be:34:
06:bb:b0:3a:e3:64:3c:63:d0:ba:ed:5e:9a:30:66:fc:33:11:
8a:f4:f1:d0:dd:b6:c6:65:30:85:01:53:e6:64:5e:04:31:95:
9a:df:ce:66:09:a5:d3:d6:e5:76:d8:d7:a1:8d:f3:fc:c2:3a:
58:46:31:fc:b5:26:eb:26:f1:49:10:c9:21:7c:0f:4b:65:ab:
b5:65:51:1a:6f:b1:21:94:07:d4:46:fb:6f:dc:52:e4:89:ca:
c0:c6:25:3d:33:51:38:c7:b3:e2:66:ac:66:ca:6d:0f:d7:93:
e5:4f:38:70
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzGuPocMOSr7GIaaiBU305YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjQwMTAxMjAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDRiMzU5MmNlNDk3NjIxMTRiNDk0OGUxN2U4ZTBkNGUwYTQ1OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmB6krcvI8l/LtnDKXGzLOPeo4Xn
DV9MSn9Ky3xBafcGZKDnICkMWoJSzyItIrU/g+4RQBHt32OL+uD/XsDUOBVxA2QZ
Tjh5cTbm9Hb+CgYDNJ9kOVi/FB8y0JKuTWAQfKFalvBnR3LyvKblTvxYCds2j0aB
mLaUFl48fbHog2U7nSyX3nvv8JN1+ufTArXqx52IFBKFXBvRpp4s+U+nBcTOgA/7
Bcorjmck+cA7DYm44NwSPoJMxTt1xvtr1OODrRDXS3tp1niN3WMRxnCHJm9NMbww
LNLt6XAVYDUO6pGUdu48GX4WrRwDuHkUfqQsOvqr+APHAkaCUSKxyTyUKwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFK1LNZLOSXYhFLSUjhfo4NTgpFkMMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvclVzMWtzNUpkaUVVdEpTT0YtamcxT0NrV1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBADAiEkD
BADAiEoDBADAry0DBAPVwLgwDQQCAAIwBwMFACABBnAwDQYJKoZIhvcNAQELBQAD
ggEBAAbDiwBdxSCw7faa1CFvfDd4uET/0GUP1s9Sf4x3uGc1xUthto6Dmbc4e6U2
Wi4YQUObtrGIDk/eTxilIwXMDbAKcq3UZMXdIL1NBmsHvIpO1SD4QGGZR9XA5SlS
aXtk8pvzTicM92U0C+lzQ1iwCP/NUGciE43mHcd7ovsY3fj+A8xlhSnkeLMunriO
AI++NAa7sDrjZDxj0LrtXpowZvwzEYr08dDdtsZlMIUBU+ZkXgQxlZrfzmYJpdPW
5XbY16GN8/zCOlhGMfy1Jusm8UkQySF8D0tlq7VlURpvsSGUB9RG+2/cUuSJysDG
JT0zUTjHs+JmrGbKbQ/Xk+VPOHA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:17:13 2024 by rpki-client on console-fra.rpki-client.org