Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/KpNVvRZIqyiDuUx9FFux5VS4g_U.roa
File: KpNVvRZIqyiDuUx9FFux5VS4g_U.roa (raw, json)
Hash identifier: HrNFZXlt7L1i4TpFqWhLEyBy30QPbENISG2SSmB6Yd4=
Subject key identifier: 2A:93:55:BD:16:48:AB:28:83:B9:4C:7D:14:5B:B1:E5:54:B8:83:F5
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 01925BC45F1ABC4A688AC115DE11796E353A
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/KpNVvRZIqyiDuUx9FFux5VS4g_U.roa
Signing time: Sat 05 Oct 2024 08:20:48 +0000
ROA not before: Sat 05 Oct 2024 08:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214107
IP address blocks: 212.232.18.0/24 maxlen: 24
212.232.19.0/24 maxlen: 24
2a14:6780:2::/48 maxlen: 48
2a14:6780:3::/48 maxlen: 48
2a14:6780:4::/48 maxlen: 48
2a14:6780:ca::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:5b:c4:5f:1a:bc:4a:68:8a:c1:15:de:11:79:6e:35:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Oct 5 08:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a9355bd1648ab2883b94c7d145bb1e554b883f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:9a:94:de:96:30:8a:be:b2:33:a3:29:64:ff:
6f:cd:08:fc:a5:80:f7:0e:9e:9f:6a:9c:60:79:3c:
5d:f5:64:a8:42:00:5a:ce:7b:fe:db:af:9a:c1:ce:
7e:ce:62:96:fa:b5:62:cb:0c:e8:8c:64:5a:5a:94:
28:dd:c4:d9:27:a4:ec:d0:fa:69:1b:bc:dd:78:6c:
78:41:4f:05:54:93:e4:d3:de:37:cd:3d:31:fa:64:
0f:72:49:f1:9e:73:f1:94:5a:f4:17:1c:5a:a6:10:
19:6b:da:8f:15:7e:7f:06:00:a8:40:30:b0:db:80:
15:21:b3:58:a7:ed:58:fe:25:64:8c:46:ef:dd:5a:
40:74:5f:4a:b5:9f:16:f0:86:1a:06:d0:d0:5b:7a:
38:da:ed:36:11:3e:17:58:41:e1:fa:e1:2b:98:f3:
5f:21:d6:4d:e0:7d:45:09:49:c0:5e:2e:30:b3:74:
6b:57:e3:63:9b:5d:b1:4c:2e:c4:6a:6e:e8:d7:07:
f4:98:2b:ab:da:dc:c5:f9:3a:a0:92:b8:17:82:43:
23:98:58:d6:d1:2e:09:3d:30:92:42:54:a6:a0:63:
a1:49:09:13:7a:55:a4:41:2a:f1:fa:e6:8b:dd:45:
91:2a:49:21:1f:2d:2f:5e:9f:4c:f0:28:14:50:f1:
ff:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:93:55:BD:16:48:AB:28:83:B9:4C:7D:14:5B:B1:E5:54:B8:83:F5
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/KpNVvRZIqyiDuUx9FFux5VS4g_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.232.18.0/23
IPv6:
2a14:6780:2::-2a14:6780:4:ffff:ffff:ffff:ffff:ffff
2a14:6780:ca::/48
Signature Algorithm: sha256WithRSAEncryption
4d:62:52:d6:c1:44:b1:f3:fb:ff:a0:f6:f1:4e:56:6e:15:1d:
6a:cd:3c:0f:9f:c2:33:c7:60:22:57:50:d3:f2:e5:0b:81:6d:
c5:65:56:7e:35:ef:cc:ff:1a:61:f3:96:dd:e8:b7:9f:26:07:
a0:5f:a5:00:c6:5e:00:0f:f5:18:81:bb:a1:df:fe:a0:64:e5:
aa:ac:12:e2:7a:89:da:0c:3f:89:17:fd:fc:01:32:11:b6:94:
fc:0c:32:5e:de:eb:32:f9:8b:a3:a7:28:a3:bf:84:d7:7c:32:
7f:d3:f0:cd:dd:75:7e:31:a3:28:aa:ec:76:5b:16:20:5b:d1:
b1:63:19:5d:28:58:10:f0:c8:3e:60:04:56:24:f8:cf:1f:e8:
65:35:6a:90:e4:e8:f1:76:c8:a9:3a:10:15:b3:61:f0:5e:ef:
64:ab:b7:6d:96:33:78:99:3f:0e:fe:ee:50:3a:a8:bd:2d:9a:
80:4f:6b:a5:52:5f:30:80:95:9b:c3:b5:61:a4:63:d5:7b:c6:
52:28:61:34:37:1b:69:6f:3e:3e:37:70:ac:a4:a7:24:ae:22:
be:af:8f:58:f5:e2:1c:79:a3:60:f6:a2:30:78:96:4a:5c:41:
5c:70:0b:93:c7:a6:65:ab:43:c0:0e:89:9a:64:f4:6b:8f:60:
9c:2f:05:47
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZJbxF8avEpoisEV3hF5bjU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjQxMDA1MDgyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTkzNTViZDE2NDhhYjI4ODNiOTRjN2QxNDViYjFlNTU0Yjg4M2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65qU3pYwir6yM6MpZP9vzQj8pYD3
Dp6fapxgeTxd9WSoQgBaznv+26+awc5+zmKW+rViywzojGRaWpQo3cTZJ6Ts0Ppp
G7zdeGx4QU8FVJPk0943zT0x+mQPcknxnnPxlFr0FxxaphAZa9qPFX5/BgCoQDCw
24AVIbNYp+1Y/iVkjEbv3VpAdF9KtZ8W8IYaBtDQW3o42u02ET4XWEHh+uErmPNf
IdZN4H1FCUnAXi4ws3RrV+Njm12xTC7Eam7o1wf0mCur2tzF+TqgkrgXgkMjmFjW
0S4JPTCSQlSmoGOhSQkTelWkQSrx+uaL3UWRKkkhHy0vXp9M8CgUUPH/zwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFCqTVb0WSKsog7lMfRRbseVUuIP1MB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvS3BOVnZSWklxeWlEdVV4OUZGdXg1VlM0Z19VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQB1OgSMCME
AgACMB0wEgMHASoUZ4AAAgMHACoUZ4AABAMHACoUZ4AAyjANBgkqhkiG9w0BAQsF
AAOCAQEATWJS1sFEsfP7/6D28U5WbhUdas08D5/CM8dgIldQ0/LlC4FtxWVWfjXv
zP8aYfOW3ei3nyYHoF+lAMZeAA/1GIG7od/+oGTlqqwS4nqJ2gw/iRf9/AEyEbaU
/AwyXt7rMvmLo6coo7+E13wyf9Pwzd11fjGjKKrsdlsWIFvRsWMZXShYEPDIPmAE
ViT4zx/oZTVqkOTo8XbIqToQFbNh8F7vZKu3bZYzeJk/Dv7uUDqovS2agE9rpVJf
MICVm8O1YaRj1XvGUihhNDcbaW8+PjdwrKSnJK4ivq+PWPXiHHmjYPaiMHiWSlxB
XHALk8emZatDwA6JmmT0a49gnC8FRw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:13:24 2024 by rpki-client on console-fra.rpki-client.org