Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/R2dA2ty1pCSycjHQ6L6ZKx1cBQE.roa
File: R2dA2ty1pCSycjHQ6L6ZKx1cBQE.roa (raw, json)
Hash identifier: ZrZbEiKnYvdF1ybpvLV8JmkMRlMKNday5EBcJJ1oW0k=
Subject key identifier: 47:67:40:DA:DC:B5:A4:24:B2:72:31:D0:E8:BE:99:2B:1D:5C:05:01
Certificate issuer: /CN=dc899c28664ee8194a64048e46c60c6e5f190c53
Certificate serial: 018CC8017C4F10B0B3AA87C5F2FFAFE4DBCE
Authority key identifier: DC:89:9C:28:66:4E:E8:19:4A:64:04:8E:46:C6:0C:6E:5F:19:0C:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ImcKGZO6BlKZASORsYMbl8ZDFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/R2dA2ty1pCSycjHQ6L6ZKx1cBQE.roa
Signing time: Tue 02 Jan 2024 02:29:49 +0000
ROA not before: Tue 02 Jan 2024 02:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60492
IP address blocks: 213.167.75.0/24 maxlen: 24
213.167.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/3ImcKGZO6BlKZASORsYMbl8ZDFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/3ImcKGZO6BlKZASORsYMbl8ZDFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ImcKGZO6BlKZASORsYMbl8ZDFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 12:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:7c:4f:10:b0:b3:aa:87:c5:f2:ff:af:e4:db:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc899c28664ee8194a64048e46c60c6e5f190c53
Validity
Not Before: Jan 2 02:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=476740dadcb5a424b27231d0e8be992b1d5c0501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d7:66:6a:1a:6f:e2:5e:c5:68:d7:ac:07:cf:
ea:20:fb:56:80:fd:3f:ff:d3:3f:f1:a2:6f:fb:8f:
e1:7f:1a:3e:29:df:cd:b2:d5:78:32:73:5f:b1:4a:
58:5a:e5:45:54:88:97:37:f3:f4:ed:74:92:32:4c:
2e:19:85:5b:cd:76:6b:5a:81:a7:b3:d1:31:1d:eb:
85:ed:67:30:e7:a4:3d:61:56:ed:c6:b0:28:b0:8a:
4a:d0:76:a4:b2:f7:78:2a:7f:3f:45:35:b6:46:34:
30:1d:0e:64:a6:95:48:ae:bb:82:33:35:8e:7e:77:
eb:ec:d3:a3:2e:25:6e:48:a2:54:39:48:c3:82:bd:
cc:2f:68:9d:79:6b:45:b8:bb:ce:06:d6:d6:49:54:
c8:67:2c:c5:39:88:ba:a1:7a:ac:a4:f5:69:8c:79:
19:28:f3:12:34:36:30:e8:a2:ca:c0:b4:c0:f2:c3:
8c:7d:8a:cb:1a:96:69:ee:bd:8c:66:fa:ac:30:ea:
17:97:b1:83:54:36:73:4a:33:5d:d2:4c:60:f6:8c:
14:8b:b1:a1:92:a8:88:29:2e:af:f8:b2:0c:38:aa:
07:a5:ed:6f:57:30:5d:e6:08:eb:3e:e6:69:f4:79:
48:6c:fd:93:c7:f8:1e:99:20:01:c5:cf:48:4a:6a:
44:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:67:40:DA:DC:B5:A4:24:B2:72:31:D0:E8:BE:99:2B:1D:5C:05:01
X509v3 Authority Key Identifier:
keyid:DC:89:9C:28:66:4E:E8:19:4A:64:04:8E:46:C6:0C:6E:5F:19:0C:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ImcKGZO6BlKZASORsYMbl8ZDFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/R2dA2ty1pCSycjHQ6L6ZKx1cBQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/56d6a8-0752-4cbd-8845-52fe10513129/1/3ImcKGZO6BlKZASORsYMbl8ZDFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.167.75.0/24
213.167.81.0/24
Signature Algorithm: sha256WithRSAEncryption
46:c1:47:92:0a:fd:e7:a4:2c:33:eb:7f:bb:b5:b3:75:61:8f:
18:c1:ef:6a:9f:a7:7e:80:19:80:44:e7:f4:cd:43:6c:09:52:
6d:23:b2:d8:61:08:e3:df:ca:60:07:e3:ff:59:44:74:c0:b3:
c2:ec:a5:34:e1:ad:ff:af:dc:d4:19:a7:89:b7:fc:3e:26:1b:
8a:e7:24:e3:07:81:8f:e7:7a:a6:4c:af:1a:2d:82:13:ad:f0:
d9:53:b3:2b:7c:d4:fa:ae:73:16:71:3a:05:92:69:55:29:d3:
1a:8b:20:4e:e7:28:b6:00:27:40:9d:3c:00:f6:60:86:ed:d7:
21:92:41:6b:36:34:32:cf:a6:86:e3:39:03:a6:6b:ab:7c:c2:
fd:7b:5f:0f:4d:50:04:44:1b:4a:3b:16:c5:52:44:23:19:92:
89:2c:55:3c:af:ad:b9:36:57:bb:f5:21:8b:9a:e3:29:f8:2a:
f6:ac:be:4a:1b:06:3c:6e:ca:a4:90:47:65:1a:3b:eb:55:01:
22:cc:e3:b1:22:3b:b7:a4:52:d9:46:88:2b:1e:86:a5:d7:7c:
ec:ca:41:d6:95:93:1a:73:7d:05:26:88:03:aa:32:17:f3:97:
fc:e4:de:40:85:08:05:6d:1c:e2:c4:8d:9d:bb:43:fd:53:26:
f7:e3:17:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAXxPELCzqofF8v+v5NvOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODk5YzI4NjY0ZWU4MTk0YTY0MDQ4ZTQ2YzYwYzZlNWYx
OTBjNTMwHhcNMjQwMTAyMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzY3NDBkYWRjYjVhNDI0YjI3MjMxZDBlOGJlOTkyYjFkNWMwNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuddmahpv4l7FaNesB8/qIPtWgP0/
/9M/8aJv+4/hfxo+Kd/NstV4MnNfsUpYWuVFVIiXN/P07XSSMkwuGYVbzXZrWoGn
s9ExHeuF7Wcw56Q9YVbtxrAosIpK0Haksvd4Kn8/RTW2RjQwHQ5kppVIrruCMzWO
fnfr7NOjLiVuSKJUOUjDgr3ML2ideWtFuLvOBtbWSVTIZyzFOYi6oXqspPVpjHkZ
KPMSNDYw6KLKwLTA8sOMfYrLGpZp7r2MZvqsMOoXl7GDVDZzSjNd0kxg9owUi7Gh
kqiIKS6v+LIMOKoHpe1vVzBd5gjrPuZp9HlIbP2Tx/gemSABxc9ISmpEkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEdnQNrctaQksnIx0Oi+mSsdXAUBMB8GA1UdIwQY
MBaAFNyJnChmTugZSmQEjkbGDG5fGQxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0ltY0tHWk82QmxLWkFTT1JzWU1ibDhaREZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NmQ2YTgtMDc1Mi00Y2JkLTg4NDUt
NTJmZTEwNTEzMTI5LzEvUjJkQTJ0eTFwQ1N5Y2pIUTZMNlpLeDFjQlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81NmQ2YTgtMDc1Mi00Y2JkLTg4NDUtNTJmZTEwNTEzMTI5
LzEvM0ltY0tHWk82QmxLWkFTT1JzWU1ibDhaREZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1adLAwQA
1adRMA0GCSqGSIb3DQEBCwUAA4IBAQBGwUeSCv3npCwz63+7tbN1YY8Ywe9qn6d+
gBmAROf0zUNsCVJtI7LYYQjj38pgB+P/WUR0wLPC7KU04a3/r9zUGaeJt/w+JhuK
5yTjB4GP53qmTK8aLYITrfDZU7MrfNT6rnMWcToFkmlVKdMaiyBO5yi2ACdAnTwA
9mCG7dchkkFrNjQyz6aG4zkDpmurfML9e18PTVAERBtKOxbFUkQjGZKJLFU8r625
Nle79SGLmuMp+Cr2rL5KGwY8bsqkkEdlGjvrVQEizOOxIju3pFLZRogrHoal13zs
ykHWlZMac30FJogDqjIX85f85N5AhQgFbRzixI2du0P9Uyb34xeJ
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:02:03 2024 by rpki-client on console-fra.rpki-client.org