Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/kxRECUmp1SPKrXenzK2WAMICDg8.roa
File: kxRECUmp1SPKrXenzK2WAMICDg8.roa (raw, json)
Hash identifier: ZJsOauj7MYd2DqkUCO6HOTVfCXIjTbkgQK/HJxoFsMQ=
Subject key identifier: 93:14:44:09:49:A9:D5:23:CA:AD:77:A7:CC:AD:96:00:C2:02:0E:0F
Certificate issuer: /CN=184d1c002f060ec956e64e5cfe4f1dc098587fd6
Certificate serial: 018CC64B2E73ED522756E691F3DE000C95AA
Authority key identifier: 18:4D:1C:00:2F:06:0E:C9:56:E6:4E:5C:FE:4F:1D:C0:98:58:7F:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GE0cAC8GDslW5k5c_k8dwJhYf9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/kxRECUmp1SPKrXenzK2WAMICDg8.roa
Signing time: Mon 01 Jan 2024 18:31:04 +0000
ROA not before: Mon 01 Jan 2024 18:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208425
IP address blocks: 217.28.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/GE0cAC8GDslW5k5c_k8dwJhYf9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/GE0cAC8GDslW5k5c_k8dwJhYf9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GE0cAC8GDslW5k5c_k8dwJhYf9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:2e:73:ed:52:27:56:e6:91:f3:de:00:0c:95:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=184d1c002f060ec956e64e5cfe4f1dc098587fd6
Validity
Not Before: Jan 1 18:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9314440949a9d523caad77a7ccad9600c2020e0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1c:c0:d3:06:f1:d1:11:20:0d:0f:f3:0a:e7:
ee:c1:42:46:b0:68:b9:c1:1e:b5:fd:24:e5:bf:cf:
e3:5a:fc:44:3c:2a:3e:90:d4:9d:c5:9a:19:9e:80:
8d:d0:a6:f7:11:81:73:95:47:be:4d:b3:30:6b:09:
7b:9e:42:6b:fc:37:c5:f4:95:c0:9b:d2:97:6e:43:
ba:69:3a:d2:4b:8c:41:1b:f6:db:8c:e2:1d:09:e7:
75:a4:53:09:82:b5:8b:83:2d:88:75:b3:fc:27:70:
81:60:46:ab:36:ba:01:dd:6d:69:2d:ae:2f:f5:0e:
ae:92:03:cd:72:7d:78:0c:8a:53:e2:93:11:33:1c:
23:7d:5d:d3:53:e0:c1:fa:f0:bb:c3:8b:79:e8:98:
34:e6:b6:74:fa:ca:03:e8:d1:03:2a:a8:6f:60:3b:
44:bf:b5:d8:3d:d8:77:5d:d8:78:2c:3a:97:7d:88:
ba:13:ca:47:eb:65:c3:3e:f4:d6:4b:21:a8:04:2b:
83:26:84:37:d6:f3:08:67:4f:73:ca:c6:20:ed:93:
97:db:3e:ae:7a:6d:d7:52:dc:b8:9e:fb:53:68:46:
f8:85:52:fb:da:6b:75:2f:62:87:99:91:fa:af:1a:
b8:19:cb:84:5e:7f:ad:8e:8a:f2:71:1a:a7:5a:16:
98:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:14:44:09:49:A9:D5:23:CA:AD:77:A7:CC:AD:96:00:C2:02:0E:0F
X509v3 Authority Key Identifier:
keyid:18:4D:1C:00:2F:06:0E:C9:56:E6:4E:5C:FE:4F:1D:C0:98:58:7F:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GE0cAC8GDslW5k5c_k8dwJhYf9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/kxRECUmp1SPKrXenzK2WAMICDg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/GE0cAC8GDslW5k5c_k8dwJhYf9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.139.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:06:09:2e:5c:36:71:8e:e6:5f:79:b1:59:ab:9a:ac:b1:cd:
5c:82:6d:f7:2b:01:18:22:37:3d:b8:45:8e:70:5a:4b:46:6c:
82:69:dd:bf:d2:5d:b7:f7:6f:e7:5a:91:69:7f:94:91:24:52:
d0:78:28:ec:e2:ac:f5:88:31:db:19:b1:35:9e:98:94:2b:8b:
eb:b4:ec:30:c8:e3:56:81:82:a9:94:3f:2d:cf:2d:b7:71:1b:
6a:fd:d1:e7:c5:bf:7a:63:a0:89:db:34:8b:0c:ac:d0:04:dd:
0b:69:19:71:7e:81:c8:73:a5:b3:6a:b4:b0:ff:76:b3:0b:eb:
83:5e:e4:fe:82:0b:57:df:e3:99:5e:bf:91:64:d5:0b:ca:99:
c7:be:ff:a5:e6:ff:7a:39:ed:2f:b8:a9:9d:f8:2c:03:9d:05:
d7:9a:f5:2d:1e:e8:ef:ae:72:13:9f:c3:5a:b9:f6:2b:7e:0f:
16:af:d8:57:68:db:97:8f:6a:ea:e0:02:1f:48:24:b2:87:80:
36:c4:ce:8a:91:b5:b5:7e:ae:db:c9:96:e4:ce:bf:49:1d:d5:
26:c1:e4:f1:80:80:27:91:43:16:8a:26:15:0b:b6:45:db:85:
ed:07:4c:61:90:c7:87:38:1c:3b:45:25:0f:31:d3:fc:c8:9e:
46:bf:3d:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSy5z7VInVuaR894ADJWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NGQxYzAwMmYwNjBlYzk1NmU2NGU1Y2ZlNGYxZGMwOTg1
ODdmZDYwHhcNMjQwMTAxMTgzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzE0NDQwOTQ5YTlkNTIzY2FhZDc3YTdjY2FkOTYwMGMyMDIwZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBzA0wbx0REgDQ/zCufuwUJGsGi5
wR61/STlv8/jWvxEPCo+kNSdxZoZnoCN0Kb3EYFzlUe+TbMwawl7nkJr/DfF9JXA
m9KXbkO6aTrSS4xBG/bbjOIdCed1pFMJgrWLgy2IdbP8J3CBYEarNroB3W1pLa4v
9Q6ukgPNcn14DIpT4pMRMxwjfV3TU+DB+vC7w4t56Jg05rZ0+soD6NEDKqhvYDtE
v7XYPdh3Xdh4LDqXfYi6E8pH62XDPvTWSyGoBCuDJoQ31vMIZ09zysYg7ZOX2z6u
em3XUty4nvtTaEb4hVL72mt1L2KHmZH6rxq4GcuEXn+tjorycRqnWhaYwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMURAlJqdUjyq13p8ytlgDCAg4PMB8GA1UdIwQY
MBaAFBhNHAAvBg7JVuZOXP5PHcCYWH/WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0UwY0FDOEdEc2xXNWs1Y19rOGR3SmhZZjlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wNGRmOTItYTk3OS00MjFmLTgwNDYt
MTQxNWM5Nzc5ZTE3LzEva3hSRUNVbXAxU1BLclhlbnpLMldBTUlDRGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wNGRmOTItYTk3OS00MjFmLTgwNDYtMTQxNWM5Nzc5ZTE3
LzEvR0UwY0FDOEdEc2xXNWs1Y19rOGR3SmhZZjlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyLMA0G
CSqGSIb3DQEBCwUAA4IBAQBsBgkuXDZxjuZfebFZq5qssc1cgm33KwEYIjc9uEWO
cFpLRmyCad2/0l2392/nWpFpf5SRJFLQeCjs4qz1iDHbGbE1npiUK4vrtOwwyONW
gYKplD8tzy23cRtq/dHnxb96Y6CJ2zSLDKzQBN0LaRlxfoHIc6WzarSw/3azC+uD
XuT+ggtX3+OZXr+RZNULypnHvv+l5v96Oe0vuKmd+CwDnQXXmvUtHujvrnITn8Na
ufYrfg8Wr9hXaNuXj2rq4AIfSCSyh4A2xM6KkbW1fq7byZbkzr9JHdUmweTxgIAn
kUMWiiYVC7ZF24XtB0xhkMeHOBw7RSUPMdP8yJ5Gvz08
-----END CERTIFICATE-----
Generated at Sat May 18 02:12:20 2024 by rpki-client on console-ams.rpki-client.org