Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/36-ql6caYOy0gDUzBNV0HCnCbKo.roa
File: 36-ql6caYOy0gDUzBNV0HCnCbKo.roa (raw, json)
Hash identifier: BokC7ZgBpHai3M8OLZtYQZel/oVwh91k+e8DbjMobmA=
Subject key identifier: DF:AF:AA:97:A7:1A:60:EC:B4:80:35:33:04:D5:74:1C:29:C2:6C:AA
Certificate issuer: /CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Certificate serial: 018FCDA216BF8239268CB6D8BAB074EC104B
Authority key identifier: 5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/36-ql6caYOy0gDUzBNV0HCnCbKo.roa
Signing time: Fri 31 May 2024 07:51:42 +0000
ROA not before: Fri 31 May 2024 07:51:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214791
IP address blocks: 213.140.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/XYqf18UZJuIuqKozs7iDjpPovt0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/XYqf18UZJuIuqKozs7iDjpPovt0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cd:a2:16:bf:82:39:26:8c:b6:d8:ba:b0:74:ec:10:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Validity
Not Before: May 31 07:51:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfafaa97a71a60ecb480353304d5741c29c26caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0f:11:4f:e4:46:7d:71:77:be:d2:2c:b8:ec:
a9:b1:27:74:11:7f:cd:96:38:39:a2:2d:98:7e:c2:
a3:d7:dc:55:8a:45:ac:e2:25:88:96:4b:48:61:89:
9e:74:7f:72:a5:8b:23:61:ac:a1:2b:5c:d8:99:d4:
25:0a:0e:2e:9b:46:94:f0:63:10:e3:c1:aa:fd:4b:
12:72:b4:65:a2:41:c3:e4:a5:97:60:5f:5a:31:7b:
91:16:79:34:83:1b:7e:a4:55:23:bd:90:0d:1a:2b:
87:f0:a6:7d:16:f8:10:4c:53:f1:06:ea:8d:52:20:
99:4a:d4:5f:5f:cb:12:fa:44:24:3f:1e:f9:e3:ed:
a7:ad:7c:06:42:5b:5c:e2:84:69:f5:57:fe:96:3a:
85:17:3d:a9:ea:7e:9e:09:b9:be:31:44:80:64:25:
ec:41:9c:e8:84:23:b5:d8:df:33:ce:e8:5b:20:9e:
a1:f8:fc:c6:72:c2:00:46:c8:c1:75:f5:47:b6:25:
a8:24:4b:3c:17:4b:e8:96:d9:3e:7b:4b:b7:9d:58:
f0:33:88:02:57:cd:3d:19:3c:8f:ab:0f:62:b0:99:
6b:62:7e:60:f0:fb:35:d2:ab:4b:0d:1c:8e:a5:f9:
a5:a3:10:28:cb:e0:bd:14:f2:d9:47:b9:41:08:7b:
e4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:AF:AA:97:A7:1A:60:EC:B4:80:35:33:04:D5:74:1C:29:C2:6C:AA
X509v3 Authority Key Identifier:
keyid:5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/36-ql6caYOy0gDUzBNV0HCnCbKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/XYqf18UZJuIuqKozs7iDjpPovt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.140.147.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e8:53:94:06:b8:b1:78:de:cb:f1:6c:a3:de:ab:38:b8:a6:
e5:f1:64:b8:df:7d:21:13:fd:fe:d0:6f:ff:fc:97:61:c2:1c:
07:48:46:a5:da:80:4c:c4:c8:cb:86:bd:46:89:28:ed:9e:89:
73:90:f8:78:f4:c6:7f:bf:96:70:b0:74:00:81:58:e9:4c:c4:
3a:51:78:8d:5d:20:4f:41:79:f1:22:25:01:6c:f3:79:7a:82:
9a:3c:a6:59:43:bd:02:a0:f8:07:f8:99:5d:b7:c3:46:e6:ea:
38:6a:31:0f:48:66:b8:66:22:ea:39:ae:29:f8:c5:7d:91:5c:
3f:23:33:2b:13:21:52:f4:e9:d3:77:fd:05:83:fc:d7:d6:6d:
a4:7c:b5:4d:e4:a5:ad:74:d8:df:13:63:20:74:92:d0:3b:f3:
a4:20:42:a2:cd:f1:84:9e:89:d0:5a:30:8b:11:2d:e7:8b:c9:
b4:00:9e:4e:4f:eb:eb:e5:5c:78:66:d6:51:f5:0e:8a:b1:60:
b0:c5:b0:32:5b:01:23:99:c7:5c:33:2e:86:45:da:78:bf:06:
2f:3a:0f:5a:58:4e:9f:35:13:5d:de:ec:d2:08:fc:b3:fc:d3:
07:0f:ff:ea:82:39:8a:e7:10:df:4c:07:9b:00:23:67:98:04:
c8:a0:75:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/Noha/gjkmjLbYurB07BBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGE5ZmQ3YzUxOTI2ZTIyZWE4YWEzM2IzYjg4MzhlOTNl
OGJlZGQwHhcNMjQwNTMxMDc1MTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmFmYWE5N2E3MWE2MGVjYjQ4MDM1MzMwNGQ1NzQxYzI5YzI2Y2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1g8RT+RGfXF3vtIsuOypsSd0EX/N
ljg5oi2YfsKj19xVikWs4iWIlktIYYmedH9ypYsjYayhK1zYmdQlCg4um0aU8GMQ
48Gq/UsScrRlokHD5KWXYF9aMXuRFnk0gxt+pFUjvZANGiuH8KZ9FvgQTFPxBuqN
UiCZStRfX8sS+kQkPx754+2nrXwGQltc4oRp9Vf+ljqFFz2p6n6eCbm+MUSAZCXs
QZzohCO12N8zzuhbIJ6h+PzGcsIARsjBdfVHtiWoJEs8F0voltk+e0u3nVjwM4gC
V809GTyPqw9isJlrYn5g8Ps10qtLDRyOpfmloxAoy+C9FPLZR7lBCHvkrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+vqpenGmDstIA1MwTVdBwpwmyqMB8GA1UdIwQY
MBaAFF2Kn9fFGSbiLqiqM7O4g46T6L7dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlxZjE4VVpKdUl1cUtvenM3aURqcFBvdnQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9iYjg2MWQtMzMwZi00YTk3LTlmOWMt
NjZjNTNmMmIxZjAyLzEvMzYtcWw2Y2FZT3kwZ0RVekJOVjBIQ25DYktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9iYjg2MWQtMzMwZi00YTk3LTlmOWMtNjZjNTNmMmIxZjAy
LzEvWFlxZjE4VVpKdUl1cUtvenM3aURqcFBvdnQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YyTMA0G
CSqGSIb3DQEBCwUAA4IBAQCC6FOUBrixeN7L8Wyj3qs4uKbl8WS4330hE/3+0G//
/JdhwhwHSEal2oBMxMjLhr1GiSjtnolzkPh49MZ/v5ZwsHQAgVjpTMQ6UXiNXSBP
QXnxIiUBbPN5eoKaPKZZQ70CoPgH+Jldt8NG5uo4ajEPSGa4ZiLqOa4p+MV9kVw/
IzMrEyFS9OnTd/0Fg/zX1m2kfLVN5KWtdNjfE2MgdJLQO/OkIEKizfGEnonQWjCL
ES3ni8m0AJ5OT+vr5Vx4ZtZR9Q6KsWCwxbAyWwEjmcdcMy6GRdp4vwYvOg9aWE6f
NRNd3uzSCPyz/NMHD//qgjmK5xDfTAebACNnmATIoHXZ
-----END CERTIFICATE-----
Generated at Sat Nov 16 01:17:21 2024 by rpki-client on console-fra.rpki-client.org