Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/kR85N8bsq---A9qrVIEQXnfNjjQ.roa
File: kR85N8bsq---A9qrVIEQXnfNjjQ.roa (raw, json)
Hash identifier: UyQedTvQusRS2wUkMONd/B2uQlHMaGvPBpXIUEszMlQ=
Subject key identifier: 91:1F:39:37:C6:EC:AB:EF:BE:03:DA:AB:54:81:10:5E:77:CD:8E:34
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 01929511E95A62BCE66BB12E72FE8783AE85
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/kR85N8bsq---A9qrVIEQXnfNjjQ.roa
Signing time: Wed 16 Oct 2024 11:23:51 +0000
ROA not before: Wed 16 Oct 2024 11:23:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30058
IP address blocks: 213.254.179.0/24 maxlen: 24
2a01:e947::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:11:e9:5a:62:bc:e6:6b:b1:2e:72:fe:87:83:ae:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Oct 16 11:23:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=911f3937c6ecabefbe03daab5481105e77cd8e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0c:e8:19:a7:cf:f2:c8:c3:ae:c1:70:76:94:
94:20:fc:ad:0c:b4:ae:51:fe:b5:70:56:7e:28:35:
23:9b:ae:da:43:ef:00:3b:5c:51:0d:8c:91:bd:bf:
22:a8:cf:57:b1:53:9e:51:9e:20:3c:c1:8d:52:61:
a1:1d:b4:74:dd:09:51:38:f7:e5:1c:03:35:94:b4:
7e:84:b4:56:b0:f2:97:f3:c3:36:67:9a:10:4e:aa:
81:9d:80:be:dc:b0:82:d8:82:61:d1:2b:08:90:d0:
9f:e9:99:91:90:fb:07:62:aa:96:2d:fe:a8:4f:52:
b2:42:89:ad:7d:65:72:c7:83:16:bd:ae:64:3f:df:
cd:f4:d0:5d:e7:2d:35:f1:1d:96:01:b0:ad:d7:e5:
7a:9b:4a:b5:fc:9a:20:a9:3f:51:84:31:9a:57:cd:
47:ae:15:b8:a7:4a:dd:63:0c:33:a9:1a:77:4b:6e:
88:6a:4a:82:b0:48:60:9f:48:53:80:f9:c6:1e:56:
d3:b3:56:bc:4e:a9:90:c8:7e:31:14:ec:fb:97:b5:
17:d8:ce:f7:17:0c:45:22:95:da:f7:79:f0:f3:33:
e8:4e:16:a4:d9:fc:4a:d3:ab:e3:02:64:fe:a0:a6:
e8:83:3e:a7:2a:7a:1a:08:53:9b:a6:9a:c2:85:e8:
36:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1F:39:37:C6:EC:AB:EF:BE:03:DA:AB:54:81:10:5E:77:CD:8E:34
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/kR85N8bsq---A9qrVIEQXnfNjjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.254.179.0/24
IPv6:
2a01:e947::/48
Signature Algorithm: sha256WithRSAEncryption
91:be:db:f3:1f:82:fd:89:a9:9f:ea:63:37:c9:15:31:12:e5:
6c:a2:0c:90:d0:d5:20:d8:d9:da:d7:ce:c6:0f:34:e1:91:e9:
d4:e2:8c:d9:e5:ee:f3:bd:7b:77:ec:81:d0:22:13:8b:a7:97:
55:ed:fe:b2:18:15:b4:45:6e:43:56:d8:a8:6e:1a:cc:0d:71:
83:de:56:7d:9b:53:9c:8a:67:6d:f6:79:bf:a1:6f:bb:b2:f3:
90:2c:ba:b6:db:48:04:ea:15:9d:ce:7b:22:c1:8c:29:ba:71:
7f:20:de:44:58:c8:a5:80:08:8e:be:0c:8d:e6:d5:35:86:77:
06:61:80:39:80:24:85:91:be:7b:94:0c:ea:f0:57:b1:75:0f:
7e:5d:17:e4:15:1e:5c:28:82:b6:40:1b:3f:13:39:c6:e4:c3:
ae:2f:05:35:7a:36:4f:78:59:a4:1f:53:cb:2f:6b:c8:cd:3b:
17:c5:98:e6:38:ce:3c:d0:d7:62:6d:7c:a2:19:70:db:25:f6:
4a:fa:d0:d3:56:80:e7:44:f7:3c:68:a0:61:36:ab:c9:00:9d:
22:e4:3d:ca:35:1d:e0:08:8b:c3:f0:0a:fe:f6:3c:f6:5f:98:
fa:64:e7:dd:71:de:82:51:34:f2:26:4c:7d:ec:b3:1a:0b:62:
4d:f9:4a:fc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZKVEelaYrzma7Eucv6Hg66FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjQxMDE2MTEyMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFmMzkzN2M2ZWNhYmVmYmUwM2RhYWI1NDgxMTA1ZTc3Y2Q4ZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wzoGafP8sjDrsFwdpSUIPytDLSu
Uf61cFZ+KDUjm67aQ+8AO1xRDYyRvb8iqM9XsVOeUZ4gPMGNUmGhHbR03QlROPfl
HAM1lLR+hLRWsPKX88M2Z5oQTqqBnYC+3LCC2IJh0SsIkNCf6ZmRkPsHYqqWLf6o
T1KyQomtfWVyx4MWva5kP9/N9NBd5y018R2WAbCt1+V6m0q1/JogqT9RhDGaV81H
rhW4p0rdYwwzqRp3S26IakqCsEhgn0hTgPnGHlbTs1a8TqmQyH4xFOz7l7UX2M73
FwxFIpXa93nw8zPoThak2fxK06vjAmT+oKbogz6nKnoaCFObpprCheg2TQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJEfOTfG7KvvvgPaq1SBEF53zY40MB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEva1I4NU44YnNxLS0tQTlxclZJRVFYbmZOampRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1f6zMA8E
AgACMAkDBwAqAelHAAAwDQYJKoZIhvcNAQELBQADggEBAJG+2/Mfgv2JqZ/qYzfJ
FTES5WyiDJDQ1SDY2drXzsYPNOGR6dTijNnl7vO9e3fsgdAiE4unl1Xt/rIYFbRF
bkNW2KhuGswNcYPeVn2bU5yKZ232eb+hb7uy85AsurbbSATqFZ3OeyLBjCm6cX8g
3kRYyKWACI6+DI3m1TWGdwZhgDmAJIWRvnuUDOrwV7F1D35dF+QVHlwogrZAGz8T
Ocbkw64vBTV6Nk94WaQfU8sva8jNOxfFmOY4zjzQ12JtfKIZcNsl9kr60NNWgOdE
9zxooGE2q8kAnSLkPco1HeAIi8PwCv72PPZfmPpk591x3oJRNPImTH3ssxoLYk35
Svw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:13:40 2024 by rpki-client on console-ams.rpki-client.org