Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/_kNcMVMqxDCF-CxqwcWkB34Gd9Q.roa
File: _kNcMVMqxDCF-CxqwcWkB34Gd9Q.roa (raw, json)
Hash identifier: eBw9bYoYTbIGVV82iCe5lndBsTABNrAk3ZyCnCOSAwI=
Subject key identifier: FE:43:5C:31:53:2A:C4:30:85:F8:2C:6A:C1:C5:A4:07:7E:06:77:D4
Certificate issuer: /CN=90218e801a532595e9b71c643684ea05f96bf5f3
Certificate serial: 0191BEEC9B13934A5B6FE4FCA20815FAB628
Authority key identifier: 90:21:8E:80:1A:53:25:95:E9:B7:1C:64:36:84:EA:05:F9:6B:F5:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kCGOgBpTJZXptxxkNoTqBflr9fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/_kNcMVMqxDCF-CxqwcWkB34Gd9Q.roa
Signing time: Wed 04 Sep 2024 21:24:22 +0000
ROA not before: Wed 04 Sep 2024 21:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9205
IP address blocks: 87.76.128.0/17 maxlen: 17
87.76.254.0/23 maxlen: 23
193.110.112.0/22 maxlen: 22
193.110.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/kCGOgBpTJZXptxxkNoTqBflr9fM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/kCGOgBpTJZXptxxkNoTqBflr9fM.mft
rsync://rpki.ripe.net/repository/DEFAULT/kCGOgBpTJZXptxxkNoTqBflr9fM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:be:ec:9b:13:93:4a:5b:6f:e4:fc:a2:08:15:fa:b6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90218e801a532595e9b71c643684ea05f96bf5f3
Validity
Not Before: Sep 4 21:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe435c31532ac43085f82c6ac1c5a4077e0677d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3e:67:4a:2f:07:4f:07:41:64:a2:96:f7:22:
c8:3f:7a:94:e0:80:46:ed:75:ce:73:cb:8c:6d:81:
5c:80:08:e8:12:b4:7f:90:95:c7:24:b7:29:a6:af:
09:dd:29:22:9f:d9:d6:67:44:3d:28:3c:13:96:a0:
db:b5:a1:99:77:fe:98:39:8c:dd:9c:14:f0:30:49:
37:38:60:4f:ee:f2:a4:c2:65:a5:11:ed:ce:50:89:
44:3c:b3:d5:27:99:d9:af:bf:5d:f3:14:56:17:92:
5f:fa:a3:3d:b5:b8:26:6f:0e:61:d5:58:73:d7:47:
a5:9e:e6:89:c6:82:68:aa:4e:e7:47:be:4f:b9:dc:
8b:6f:a3:5a:d9:f9:d5:e0:af:de:d7:1e:a5:e7:af:
19:dd:d8:51:5c:dc:22:b2:3b:54:d4:41:5c:42:e8:
3b:e4:ff:1a:57:c0:0c:49:d4:d8:1d:19:60:2c:7f:
11:45:75:43:6f:9d:2e:85:ce:04:0a:6e:0f:e4:3f:
63:3f:53:7b:9f:77:5c:49:bb:53:3c:c4:3a:42:d7:
33:8c:a0:1c:36:d1:27:0e:5e:9b:c7:95:46:08:74:
8f:4d:e6:2b:9d:2c:65:80:ce:83:e1:d6:59:6f:2b:
60:e2:f6:b1:78:44:cd:81:46:43:84:b5:a6:5c:9a:
45:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:43:5C:31:53:2A:C4:30:85:F8:2C:6A:C1:C5:A4:07:7E:06:77:D4
X509v3 Authority Key Identifier:
keyid:90:21:8E:80:1A:53:25:95:E9:B7:1C:64:36:84:EA:05:F9:6B:F5:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kCGOgBpTJZXptxxkNoTqBflr9fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/_kNcMVMqxDCF-CxqwcWkB34Gd9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/kCGOgBpTJZXptxxkNoTqBflr9fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.128.0/17
193.110.112.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:37:40:a1:41:58:28:bd:33:bd:70:e7:d5:3a:de:78:15:78:
3d:7c:28:a5:bf:08:1f:66:5b:20:b2:07:c4:74:98:10:15:ce:
b7:50:34:45:f1:58:c5:4d:c1:3c:01:f3:27:13:48:0f:96:b3:
72:af:4b:24:47:d8:a5:57:13:0b:bc:fb:8e:74:c7:7a:14:1d:
78:b8:0e:2b:0f:1e:b5:32:fd:64:9f:31:3e:cc:19:05:a2:0b:
33:aa:6f:c7:05:a7:24:79:a0:72:5a:46:64:65:26:f1:07:5c:
54:98:52:f1:5b:4a:e7:2e:00:69:a5:23:e7:25:af:f1:12:ad:
14:cb:01:59:81:62:70:c6:f8:66:ab:18:61:92:86:a1:8a:f6:
f7:99:27:ab:b6:b7:e4:27:62:d3:e6:00:0d:df:33:e3:4f:0a:
3f:9e:f2:f0:51:5a:27:63:9d:48:de:67:4d:c5:61:09:95:65:
56:c5:82:8d:c3:a7:2f:3d:7e:c7:9c:3a:04:13:86:c3:1f:dc:
ac:34:4a:a3:3a:e0:20:86:de:19:97:d9:0d:77:2e:97:9d:6f:
9e:d9:f3:ff:6a:9e:a8:78:06:a8:bc:b4:18:db:35:82:be:fe:
1f:04:8c:e2:0e:28:e8:ec:09:bd:58:79:a0:4f:55:8b:f0:de:
d1:ce:94:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZG+7JsTk0pbb+T8oggV+rYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMjE4ZTgwMWE1MzI1OTVlOWI3MWM2NDM2ODRlYTA1Zjk2
YmY1ZjMwHhcNMjQwOTA0MjEyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQzNWMzMTUzMmFjNDMwODVmODJjNmFjMWM1YTQwNzdlMDY3N2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT5nSi8HTwdBZKKW9yLIP3qU4IBG
7XXOc8uMbYFcgAjoErR/kJXHJLcppq8J3Skin9nWZ0Q9KDwTlqDbtaGZd/6YOYzd
nBTwMEk3OGBP7vKkwmWlEe3OUIlEPLPVJ5nZr79d8xRWF5Jf+qM9tbgmbw5h1Vhz
10elnuaJxoJoqk7nR75PudyLb6Na2fnV4K/e1x6l568Z3dhRXNwisjtU1EFcQug7
5P8aV8AMSdTYHRlgLH8RRXVDb50uhc4ECm4P5D9jP1N7n3dcSbtTPMQ6QtczjKAc
NtEnDl6bx5VGCHSPTeYrnSxlgM6D4dZZbytg4vaxeETNgUZDhLWmXJpF1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP5DXDFTKsQwhfgsasHFpAd+BnfUMB8GA1UdIwQY
MBaAFJAhjoAaUyWV6bccZDaE6gX5a/XzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0NHT2dCcFRKWlhwdHh4a05vVHFCZmxyOWZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xYjY2MjQtODQ0MS00ZDAxLTk2ZTMt
NjAxODEyZWY0MjhiLzEvX2tOY01WTXF4RENGLUN4cXdjV2tCMzRHZDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xYjY2MjQtODQ0MS00ZDAxLTk2ZTMtNjAxODEyZWY0Mjhi
LzEva0NHT2dCcFRKWlhwdHh4a05vVHFCZmxyOWZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHV0yAAwQC
wW5wMA0GCSqGSIb3DQEBCwUAA4IBAQDCN0ChQVgovTO9cOfVOt54FXg9fCilvwgf
ZlsgsgfEdJgQFc63UDRF8VjFTcE8AfMnE0gPlrNyr0skR9ilVxMLvPuOdMd6FB14
uA4rDx61Mv1knzE+zBkFogszqm/HBackeaByWkZkZSbxB1xUmFLxW0rnLgBppSPn
Ja/xEq0UywFZgWJwxvhmqxhhkoahivb3mSertrfkJ2LT5gAN3zPjTwo/nvLwUVon
Y51I3mdNxWEJlWVWxYKNw6cvPX7HnDoEE4bDH9ysNEqjOuAght4Zl9kNdy6XnW+e
2fP/ap6oeAaovLQY2zWCvv4fBIziDijo7Am9WHmgT1WL8N7RzpSt
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:59:56 2024 by rpki-client on console-fra.rpki-client.org