Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/RKrtDJsonf_eT-X_IWBtsRe3S-A.roa
File: RKrtDJsonf_eT-X_IWBtsRe3S-A.roa (raw, json)
Hash identifier: TkaGTCWLvkcQK97BPrYga1BHRS8pGF27lYrNhY2SNQw=
Subject key identifier: 44:AA:ED:0C:9B:28:9D:FF:DE:4F:E5:FF:21:60:6D:B1:17:B7:4B:E0
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018E224A7AEC5589507A903B6A1DEEA7B1DA
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/RKrtDJsonf_eT-X_IWBtsRe3S-A.roa
Signing time: Sat 09 Mar 2024 08:18:10 +0000
ROA not before: Sat 09 Mar 2024 08:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212384
IP address blocks: 81.21.3.0/24 maxlen: 24
176.57.49.0/24 maxlen: 24
176.57.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:22:4a:7a:ec:55:89:50:7a:90:3b:6a:1d:ee:a7:b1:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Mar 9 08:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44aaed0c9b289dffde4fe5ff21606db117b74be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:dc:8e:d3:8c:4a:4e:2e:78:39:92:6a:a0:5a:
91:54:d4:f2:71:98:8e:55:45:dd:5a:4d:31:10:29:
a8:4c:82:ac:1d:0b:37:26:d0:72:5a:0f:82:19:0d:
04:34:14:81:85:fa:d0:0c:88:a9:30:25:9d:f7:89:
34:59:d7:42:ad:02:4c:11:b9:52:1a:60:06:35:eb:
7c:b1:d0:5d:b8:fe:a7:e4:0c:0f:d9:a0:c3:82:73:
46:d1:7d:6d:c6:2e:c9:9f:f5:06:00:ff:f5:32:47:
65:33:a8:98:0e:5a:1e:ae:26:fa:ee:2e:f9:12:b5:
fb:d0:49:bc:8b:ac:ff:cb:7c:51:18:99:31:54:4c:
d2:16:65:9e:43:0f:6a:de:15:64:fb:f3:6d:3b:4a:
2f:3a:7e:e6:4a:a6:3e:24:1f:26:27:42:d2:a5:53:
33:d5:fb:04:50:da:f0:d8:28:2f:4b:39:e6:2f:e3:
59:3f:77:63:a5:f7:3f:8f:ad:8a:b6:35:76:a9:3f:
e5:27:d6:6a:51:cc:13:e7:6d:67:e6:d3:85:a4:c8:
d4:ab:93:c8:06:0a:19:15:67:12:81:64:5f:c8:b0:
65:34:24:b4:bc:3f:24:0e:30:b7:99:45:c8:97:8b:
f7:e7:3b:25:85:3b:8c:11:94:a4:8e:bc:b9:9d:82:
1f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AA:ED:0C:9B:28:9D:FF:DE:4F:E5:FF:21:60:6D:B1:17:B7:4B:E0
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/RKrtDJsonf_eT-X_IWBtsRe3S-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.3.0/24
176.57.49.0/24
176.57.58.0/24
Signature Algorithm: sha256WithRSAEncryption
30:4f:2b:44:eb:e6:42:67:d3:36:d6:b9:c2:86:29:5f:45:79:
04:ab:03:68:f7:11:34:5e:d7:8b:47:ab:cb:2c:88:e6:56:42:
03:97:32:e1:4f:b8:78:a8:8f:9f:1d:0c:25:e8:df:c6:e3:86:
f9:5f:8b:5c:94:a0:57:0f:8e:84:c9:86:55:6b:1c:bd:88:84:
98:d9:76:d0:ff:a8:58:80:8a:cc:23:ac:07:28:0a:0f:f4:23:
12:f8:7c:3a:44:0b:80:6a:a9:af:e8:16:2d:f1:b2:75:6f:f6:
53:eb:4b:22:48:58:14:d5:fd:94:88:fa:05:be:ee:af:de:31:
2e:2a:7b:51:ab:f0:60:27:40:88:e0:f6:44:7e:84:fc:b2:27:
b9:09:76:d7:79:1a:33:1d:2c:1a:9a:bb:20:48:4e:74:b4:b8:
72:06:8e:d7:ff:5e:35:66:62:39:d4:15:e6:80:5f:81:7b:04:
be:30:f2:9f:b1:1d:89:d7:0a:26:eb:be:e1:3f:72:43:2e:98:
88:34:85:0c:7e:cc:55:4b:fd:5f:01:48:06:c2:c6:fc:01:85:
37:7d:c8:bd:ab:10:96:c2:3d:28:1c:3d:5f:c0:66:4b:c3:2c:
26:8a:30:a4:51:85:70:41:3e:a5:14:6d:0b:4a:97:72:fa:3f:
bc:31:cc:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4iSnrsVYlQepA7ah3up7HaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMzA5MDgxODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGFhZWQwYzliMjg5ZGZmZGU0ZmU1ZmYyMTYwNmRiMTE3Yjc0YmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntyO04xKTi54OZJqoFqRVNTycZiO
VUXdWk0xECmoTIKsHQs3JtByWg+CGQ0ENBSBhfrQDIipMCWd94k0WddCrQJMEblS
GmAGNet8sdBduP6n5AwP2aDDgnNG0X1txi7Jn/UGAP/1MkdlM6iYDloerib67i75
ErX70Em8i6z/y3xRGJkxVEzSFmWeQw9q3hVk+/NtO0ovOn7mSqY+JB8mJ0LSpVMz
1fsEUNrw2CgvSznmL+NZP3djpfc/j62KtjV2qT/lJ9ZqUcwT521n5tOFpMjUq5PI
BgoZFWcSgWRfyLBlNCS0vD8kDjC3mUXIl4v35zslhTuMEZSkjry5nYIfQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFESq7QybKJ3/3k/l/yFgbbEXt0vgMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvUktydERKc29uZl9lVC1YX0lXQnRzUmUzUy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAURUDAwQA
sDkxAwQAsDk6MA0GCSqGSIb3DQEBCwUAA4IBAQAwTytE6+ZCZ9M21rnChilfRXkE
qwNo9xE0XteLR6vLLIjmVkIDlzLhT7h4qI+fHQwl6N/G44b5X4tclKBXD46EyYZV
axy9iISY2XbQ/6hYgIrMI6wHKAoP9CMS+Hw6RAuAaqmv6BYt8bJ1b/ZT60siSFgU
1f2UiPoFvu6v3jEuKntRq/BgJ0CI4PZEfoT8sie5CXbXeRozHSwamrsgSE50tLhy
Bo7X/141ZmI51BXmgF+BewS+MPKfsR2J1wom677hP3JDLpiINIUMfsxVS/1fAUgG
wsb8AYU3fci9qxCWwj0oHD1fwGZLwywmijCkUYVwQT6lFG0LSpdy+j+8MczF
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:22:04 2024 by rpki-client on console-ams.rpki-client.org