Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9ksTn62uoy_MspFxfLnbbZpbObs.roa
File: 9ksTn62uoy_MspFxfLnbbZpbObs.roa (raw, json)
Hash identifier: Xvji370Inigkti1wCBPvK3rwB44h79s0jYEpWrDvcng=
Subject key identifier: F6:4B:13:9F:AD:AE:A3:2F:CC:B2:91:71:7C:B9:DB:6D:9A:5B:39:BB
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 018CC86FEAFEC5BFA2A299352413F2683AC7
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9ksTn62uoy_MspFxfLnbbZpbObs.roa
Signing time: Tue 02 Jan 2024 04:30:26 +0000
ROA not before: Tue 02 Jan 2024 04:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33830
IP address blocks: 213.14.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:ea:fe:c5:bf:a2:a2:99:35:24:13:f2:68:3a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 2 04:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f64b139fadaea32fccb291717cb9db6d9a5b39bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:01:aa:b6:03:f7:23:90:09:04:f1:b8:c1:ae:
57:8f:ba:b2:06:26:b9:3f:98:94:bf:91:2f:9a:bc:
37:b9:4a:ad:dd:dc:69:98:f8:09:6f:b3:92:14:6c:
77:63:95:e8:6f:f0:77:d1:a6:42:a8:cf:ab:37:52:
73:0a:a2:c3:0a:ee:5b:ef:b7:a3:dd:96:b0:db:eb:
6b:b9:13:df:74:46:a0:a5:07:98:23:c0:5d:a1:9e:
03:2c:72:3f:41:0a:0d:92:f1:37:d3:c1:06:85:44:
a2:6d:34:ac:91:44:48:bf:68:0a:87:c5:e9:5f:0d:
47:7a:df:b1:3c:b6:d0:c9:73:7c:ab:d4:86:f8:42:
f7:8f:7a:fb:33:79:ae:5a:67:c6:b6:18:f7:5b:13:
1b:21:44:49:3d:93:6d:9b:b1:26:9c:2e:ad:b1:ea:
f9:d5:98:92:3c:a7:36:4e:1f:a6:2e:17:69:76:80:
44:e7:35:f2:56:11:f8:c2:89:62:7f:a4:7c:e7:63:
57:d7:68:5c:ee:10:70:23:cb:eb:89:fe:7e:df:a3:
d6:4f:eb:3b:6b:d5:01:18:c4:8f:6e:95:77:f8:28:
36:f5:9c:06:a9:79:7b:bc:39:e2:56:da:db:af:22:
7c:23:39:9c:54:bf:51:48:c0:13:9d:76:49:e5:1b:
03:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:4B:13:9F:AD:AE:A3:2F:CC:B2:91:71:7C:B9:DB:6D:9A:5B:39:BB
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9ksTn62uoy_MspFxfLnbbZpbObs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.14.215.0/24
Signature Algorithm: sha256WithRSAEncryption
40:c5:77:8f:cf:30:60:5a:7e:22:68:99:8e:f8:0e:66:c5:a2:
32:3b:1b:e0:7c:9f:bc:26:13:2e:5d:9d:1d:2b:9d:2e:3b:c3:
dc:86:71:06:59:e7:bd:d3:f5:be:da:d5:3f:63:08:5a:b1:59:
03:9d:e0:9a:bb:68:08:1b:33:86:4f:30:e1:0d:35:00:6b:8a:
5f:a8:9f:2c:38:27:de:6f:34:ec:11:e4:fd:67:f6:24:0c:3f:
27:05:53:d3:d7:b2:5d:b5:4e:b5:8e:20:a9:ba:08:3b:3f:c6:
df:88:e5:1c:bd:b9:1b:3e:3c:01:94:e3:49:f9:9c:67:17:c1:
a8:46:8a:ad:71:df:e8:4a:3f:45:fc:ff:29:0c:01:43:56:3d:
90:85:4d:10:5b:b8:15:ae:24:0b:75:9e:3f:fe:5c:2f:33:ba:
12:a8:f7:33:97:c7:c3:04:e4:0c:87:cd:06:42:99:a3:b4:ee:
cc:83:47:8e:5c:12:b5:50:67:9d:f8:91:ac:b3:c9:e8:bd:56:
a4:f2:0a:bd:94:e1:7c:38:9c:69:92:48:ea:b9:f4:9a:d3:dc:
a5:33:1b:44:c3:54:22:73:da:38:51:ee:9b:03:c7:40:da:23:
69:ec:d9:7c:3e:43:6f:12:26:c4:75:dc:94:78:19:e2:81:2f:
55:71:8e:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb+r+xb+iopk1JBPyaDrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwMTAyMDQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjRiMTM5ZmFkYWVhMzJmY2NiMjkxNzE3Y2I5ZGI2ZDlhNWIzOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwGqtgP3I5AJBPG4wa5Xj7qyBia5
P5iUv5Evmrw3uUqt3dxpmPgJb7OSFGx3Y5Xob/B30aZCqM+rN1JzCqLDCu5b77ej
3Zaw2+truRPfdEagpQeYI8BdoZ4DLHI/QQoNkvE308EGhUSibTSskURIv2gKh8Xp
Xw1Het+xPLbQyXN8q9SG+EL3j3r7M3muWmfGthj3WxMbIURJPZNtm7EmnC6tser5
1ZiSPKc2Th+mLhdpdoBE5zXyVhH4wolif6R852NX12hc7hBwI8vrif5+36PWT+s7
a9UBGMSPbpV3+Cg29ZwGqXl7vDniVtrbryJ8IzmcVL9RSMATnXZJ5RsDNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZLE5+trqMvzLKRcXy5222aWzm7MB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvOWtzVG42MnVveV9Nc3BGeGZMbmJiWnBiT2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Q7XMA0G
CSqGSIb3DQEBCwUAA4IBAQBAxXePzzBgWn4iaJmO+A5mxaIyOxvgfJ+8JhMuXZ0d
K50uO8PchnEGWee90/W+2tU/YwhasVkDneCau2gIGzOGTzDhDTUAa4pfqJ8sOCfe
bzTsEeT9Z/YkDD8nBVPT17JdtU61jiCpugg7P8bfiOUcvbkbPjwBlONJ+ZxnF8Go
Roqtcd/oSj9F/P8pDAFDVj2QhU0QW7gVriQLdZ4//lwvM7oSqPczl8fDBOQMh80G
QpmjtO7Mg0eOXBK1UGed+JGss8novVak8gq9lOF8OJxpkkjqufSa09ylMxtEw1Qi
c9o4Ue6bA8dA2iNp7Nl8PkNvEibEddyUeBnigS9VcY42
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:03:55 2024 by rpki-client on console-fra.rpki-client.org