Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/4otLsfz6HR-Ht04WbHNRLZV1sRI.roa
File: 4otLsfz6HR-Ht04WbHNRLZV1sRI.roa (raw, json)
Hash identifier: SeLZ8bre6bUlUP9BpBDAjO013B7DmZAolCj8FsIPjbA=
Subject key identifier: E2:8B:4B:B1:FC:FA:1D:1F:87:B7:4E:16:6C:73:51:2D:95:75:B1:12
Certificate issuer: /CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9
Certificate serial: 018D78ADDB1AB4B87104F6518F89DD296905
Authority key identifier: 90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/4otLsfz6HR-Ht04WbHNRLZV1sRI.roa
Signing time: Mon 05 Feb 2024 09:51:16 +0000
ROA not before: Mon 05 Feb 2024 09:51:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12479
IP address blocks: 80.251.64.0/20 maxlen: 24
185.124.20.0/22 maxlen: 24
217.173.112.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:ad:db:1a:b4:b8:71:04:f6:51:8f:89:dd:29:69:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9
Validity
Not Before: Feb 5 09:51:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e28b4bb1fcfa1d1f87b74e166c73512d9575b112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2c:7d:62:02:c7:02:c7:cd:48:ef:b0:63:b4:
84:97:61:c2:54:86:62:84:36:f4:1b:6f:88:d9:bc:
e7:dc:3f:1b:57:1a:6a:b9:ad:6e:82:35:8f:c7:90:
16:24:fe:ea:7f:ad:30:8f:ab:94:ea:37:79:2c:3c:
d9:e6:52:4c:88:16:9f:ae:78:92:7a:ae:50:01:b7:
42:51:d4:5b:63:ad:d4:cf:9a:f2:95:a8:27:73:69:
0d:f3:1b:d4:bc:06:2d:01:58:a6:ef:8a:f4:c1:59:
8b:c5:ce:79:44:01:fd:d9:78:bf:fe:42:f4:83:d0:
9b:c5:e0:bb:a6:a0:18:2b:56:33:ce:7a:4f:32:8b:
e8:86:17:35:e4:e6:85:b7:8c:9a:06:b5:00:61:09:
69:12:b4:93:79:ca:97:ec:f3:47:e9:70:2b:f5:1d:
f8:57:4d:4e:c0:60:68:53:a4:f5:86:f5:96:6b:48:
d3:e7:7d:75:35:dd:04:70:7a:21:ef:96:29:5c:eb:
1b:d4:7c:14:3b:5a:0b:8a:54:98:b5:da:4f:2f:6d:
9b:0a:d4:76:ec:47:62:6e:90:2f:92:ba:32:d0:62:
ef:67:8b:b0:9a:19:ab:8c:18:f8:88:3b:3b:79:22:
b3:10:54:89:1d:1a:4d:16:3a:b1:a8:22:ce:6d:b8:
cc:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:8B:4B:B1:FC:FA:1D:1F:87:B7:4E:16:6C:73:51:2D:95:75:B1:12
X509v3 Authority Key Identifier:
keyid:90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/4otLsfz6HR-Ht04WbHNRLZV1sRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.251.64.0/20
185.124.20.0/22
217.173.112.0/20
Signature Algorithm: sha256WithRSAEncryption
3a:8e:ca:97:f5:b3:81:6a:d5:a0:16:b1:0b:90:e5:b1:dd:de:
44:e2:b2:a9:f2:91:61:6f:3d:28:f0:1d:eb:20:a5:5b:97:5a:
15:47:b0:7d:6d:75:e1:67:8b:53:4d:59:4e:c8:b2:a4:d7:bc:
6e:9d:be:99:39:43:a3:6c:0c:90:56:b5:d2:45:93:f3:59:dd:
49:07:ac:2b:a6:cf:73:12:b8:5b:d1:89:17:21:38:c7:a2:fd:
4a:28:24:49:6f:75:79:6f:de:08:da:e5:c1:04:49:7e:16:2b:
4b:1d:63:28:73:d6:6d:21:31:5d:36:3e:dc:89:58:40:71:41:
93:c4:49:9e:cb:6f:58:16:18:36:5d:35:16:b2:6b:7a:f8:39:
37:26:13:a5:30:18:67:47:44:0c:80:5e:e2:aa:9f:a4:c4:c5:
f8:85:75:94:18:0e:84:7d:9e:f2:36:c5:7c:63:94:8c:09:41:
65:ba:7f:0c:1e:db:97:de:6c:08:bf:28:b8:11:10:99:2a:b6:
ee:ae:22:b4:cb:24:c2:5b:c2:a8:e1:bf:0b:74:5c:87:0f:3c:
7f:c7:69:f5:8f:ee:76:5e:59:2b:b3:a9:0c:4f:b3:9d:af:2d:
a7:26:f8:69:9d:30:79:98:27:12:93:83:e9:08:57:23:41:77:
41:2b:e5:ce
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY14rdsatLhxBPZRj4ndKWkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYzAwMTM3ZWU2ZGZhZWI0ZWE0ODIzYmMxNzNjM2JjMDAw
MzFkZjkwHhcNMjQwMjA1MDk1MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjhiNGJiMWZjZmExZDFmODdiNzRlMTY2YzczNTEyZDk1NzViMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCx9YgLHAsfNSO+wY7SEl2HCVIZi
hDb0G2+I2bzn3D8bVxpqua1ugjWPx5AWJP7qf60wj6uU6jd5LDzZ5lJMiBafrniS
eq5QAbdCUdRbY63Uz5rylagnc2kN8xvUvAYtAVim74r0wVmLxc55RAH92Xi//kL0
g9CbxeC7pqAYK1YzznpPMovohhc15OaFt4yaBrUAYQlpErSTecqX7PNH6XAr9R34
V01OwGBoU6T1hvWWa0jT5311Nd0EcHoh75YpXOsb1HwUO1oLilSYtdpPL22bCtR2
7EdibpAvkroy0GLvZ4uwmhmrjBj4iDs7eSKzEFSJHRpNFjqxqCLObbjMpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOKLS7H8+h0fh7dOFmxzUS2VdbESMB8GA1UdIwQY
MBaAFJDAATfubfrrTqSCO8Fzw7wAAx35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUt
MGE1MjViNjlkYjhmLzEvNG90THNmejZIUi1IdDA0V2JITlJMWlYxc1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUtMGE1MjViNjlkYjhm
LzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUPtAAwQC
uXwUAwQE2a1wMA0GCSqGSIb3DQEBCwUAA4IBAQA6jsqX9bOBatWgFrELkOWx3d5E
4rKp8pFhbz0o8B3rIKVbl1oVR7B9bXXhZ4tTTVlOyLKk17xunb6ZOUOjbAyQVrXS
RZPzWd1JB6wrps9zErhb0YkXITjHov1KKCRJb3V5b94I2uXBBEl+FitLHWMoc9Zt
ITFdNj7ciVhAcUGTxEmey29YFhg2XTUWsmt6+Dk3JhOlMBhnR0QMgF7iqp+kxMX4
hXWUGA6EfZ7yNsV8Y5SMCUFlun8MHtuX3mwIvyi4ERCZKrburiK0yyTCW8Ko4b8L
dFyHDzx/x2n1j+52Xlkrs6kMT7Odry2nJvhpnTB5mCcSk4PpCFcjQXdBK+XO
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:04:20 2024 by rpki-client on console-ams.rpki-client.org