Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/18103b-b279-4de7-bc3c-ec05d0195036/1/koksl5Wu0AuPCnRu02seBup4nlc.roa
File: koksl5Wu0AuPCnRu02seBup4nlc.roa (raw, json)
Hash identifier: JnBCAAfjFAjzNHyMvaUDJ0z3qZ5KMYGb7vs18cqxHIQ=
Subject key identifier: 92:89:2C:97:95:AE:D0:0B:8F:0A:74:6E:D3:6B:1E:06:EA:78:9E:57
Certificate issuer: /CN=8b613794927050b22525ab70091835408eee4c79
Certificate serial: 018CCA2BE9116BB6B161EE0E78AB7E022346
Authority key identifier: 8B:61:37:94:92:70:50:B2:25:25:AB:70:09:18:35:40:8E:EE:4C:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2E3lJJwULIlJatwCRg1QI7uTHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/18103b-b279-4de7-bc3c-ec05d0195036/1/koksl5Wu0AuPCnRu02seBup4nlc.roa
Signing time: Tue 02 Jan 2024 12:35:24 +0000
ROA not before: Tue 02 Jan 2024 12:35:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202574
IP address blocks: 193.57.17.0/24 maxlen: 24
193.57.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/18103b-b279-4de7-bc3c-ec05d0195036/1/i2E3lJJwULIlJatwCRg1QI7uTHk.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/18103b-b279-4de7-bc3c-ec05d0195036/1/i2E3lJJwULIlJatwCRg1QI7uTHk.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2E3lJJwULIlJatwCRg1QI7uTHk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:e9:11:6b:b6:b1:61:ee:0e:78:ab:7e:02:23:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b613794927050b22525ab70091835408eee4c79
Validity
Not Before: Jan 2 12:35:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92892c9795aed00b8f0a746ed36b1e06ea789e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0b:4f:00:7b:58:c9:12:56:28:12:6e:cb:ec:
c3:8a:a4:0f:4c:f5:20:d5:3c:a0:4a:3b:98:ec:5f:
b3:03:6c:d5:3e:18:6d:af:aa:c9:83:06:b3:c9:35:
17:f4:a8:54:05:78:da:70:6e:47:e8:3e:62:3c:94:
43:44:91:48:64:d6:2f:d4:59:8c:31:52:c5:da:14:
f7:d7:d3:08:b6:bb:f3:0b:08:36:c8:bc:10:cd:c2:
1c:4b:fc:95:2e:ec:7b:15:6b:4d:fe:d1:8a:c0:98:
90:3a:1f:c0:58:ca:7a:38:3b:35:3b:10:81:e5:97:
24:bf:84:6d:01:77:2d:5a:97:5e:fb:d7:ee:3e:e9:
e9:1c:ec:a9:db:0a:a0:64:0a:73:fb:4b:26:5d:bc:
1b:69:bb:00:b4:0e:a6:cb:91:5e:f3:76:8b:de:c0:
52:64:a6:db:19:42:05:6e:b3:3f:75:ad:f5:17:b2:
c2:5d:82:d9:67:0a:ab:44:04:59:aa:52:ba:0a:6b:
2f:e1:15:4e:4a:84:18:36:1f:83:fc:17:cb:bb:68:
59:51:1c:fc:33:3f:07:2b:b0:0b:e9:b1:14:15:f9:
b1:3f:26:89:c2:42:13:6b:db:f5:a6:dd:60:52:d9:
5c:e6:57:35:a4:48:b4:5f:e3:58:55:04:1a:fc:07:
0e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:89:2C:97:95:AE:D0:0B:8F:0A:74:6E:D3:6B:1E:06:EA:78:9E:57
X509v3 Authority Key Identifier:
keyid:8B:61:37:94:92:70:50:B2:25:25:AB:70:09:18:35:40:8E:EE:4C:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2E3lJJwULIlJatwCRg1QI7uTHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/18103b-b279-4de7-bc3c-ec05d0195036/1/koksl5Wu0AuPCnRu02seBup4nlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/18103b-b279-4de7-bc3c-ec05d0195036/1/i2E3lJJwULIlJatwCRg1QI7uTHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.17.0-193.57.18.255
Signature Algorithm: sha256WithRSAEncryption
6e:95:21:64:c2:a7:ff:5c:5d:88:d5:31:f0:ac:29:e1:f1:a0:
d3:39:e3:19:77:c1:e8:0e:d2:91:3d:e6:67:44:97:58:a3:06:
f5:fd:09:82:7c:84:b4:7c:af:a2:1a:36:3f:55:48:f2:0a:37:
af:f8:30:d5:a3:54:9f:c1:41:49:04:19:c0:69:62:37:c8:ac:
3d:12:55:d4:88:2a:02:9b:10:4b:8a:6e:7c:16:4c:27:7d:81:
c0:50:ea:78:51:88:39:00:d0:fb:e9:64:1a:b7:d6:b7:c1:0b:
cd:2c:e8:ad:3c:ed:46:8a:77:33:5a:66:2f:d2:e4:3f:60:e9:
85:29:34:e5:10:d1:c8:72:7a:24:de:8f:e8:76:f8:3c:6c:e1:
47:74:a8:dc:cf:95:4e:c8:21:b3:00:28:20:c7:08:4d:71:c3:
51:8d:d9:8e:e7:b5:02:ec:fd:1c:15:3d:36:2f:6d:c6:09:5f:
7e:e1:9d:41:c3:6d:46:1e:94:0b:e3:d2:5d:2a:c3:a6:e8:7f:
66:11:ca:77:18:20:c9:4f:83:69:26:d8:66:6f:c6:95:40:47:
48:c2:eb:2c:89:01:e6:2a:d6:ab:1c:13:37:43:05:c2:cf:f9:
ef:66:0e:fc:95:25:0a:6f:5f:a7:c7:6e:ee:98:41:3b:cf:73:
0d:5a:71:1f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKK+kRa7axYe4OeKt+AiNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjEzNzk0OTI3MDUwYjIyNTI1YWI3MDA5MTgzNTQwOGVl
ZTRjNzkwHhcNMjQwMTAyMTIzNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjg5MmM5Nzk1YWVkMDBiOGYwYTc0NmVkMzZiMWUwNmVhNzg5ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gtPAHtYyRJWKBJuy+zDiqQPTPUg
1TygSjuY7F+zA2zVPhhtr6rJgwazyTUX9KhUBXjacG5H6D5iPJRDRJFIZNYv1FmM
MVLF2hT319MItrvzCwg2yLwQzcIcS/yVLux7FWtN/tGKwJiQOh/AWMp6ODs1OxCB
5Zckv4RtAXctWpde+9fuPunpHOyp2wqgZApz+0smXbwbabsAtA6my5Fe83aL3sBS
ZKbbGUIFbrM/da31F7LCXYLZZwqrRARZqlK6Cmsv4RVOSoQYNh+D/BfLu2hZURz8
Mz8HK7AL6bEUFfmxPyaJwkITa9v1pt1gUtlc5lc1pEi0X+NYVQQa/AcOXQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJKJLJeVrtALjwp0btNrHgbqeJ5XMB8GA1UdIwQY
MBaAFIthN5SScFCyJSWrcAkYNUCO7kx5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJFM2xKSndVTElsSmF0d0NSZzFRSTd1VEhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xODEwM2ItYjI3OS00ZGU3LWJjM2Mt
ZWMwNWQwMTk1MDM2LzEva29rc2w1V3UwQXVQQ25SdTAyc2VCdXA0bmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xODEwM2ItYjI3OS00ZGU3LWJjM2MtZWMwNWQwMTk1MDM2
LzEvaTJFM2xKSndVTElsSmF0d0NSZzFRSTd1VEhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBORED
BADBORIwDQYJKoZIhvcNAQELBQADggEBAG6VIWTCp/9cXYjVMfCsKeHxoNM54xl3
wegO0pE95mdEl1ijBvX9CYJ8hLR8r6IaNj9VSPIKN6/4MNWjVJ/BQUkEGcBpYjfI
rD0SVdSIKgKbEEuKbnwWTCd9gcBQ6nhRiDkA0PvpZBq31rfBC80s6K087UaKdzNa
Zi/S5D9g6YUpNOUQ0chyeiTej+h2+Dxs4Ud0qNzPlU7IIbMAKCDHCE1xw1GN2Y7n
tQLs/RwVPTYvbcYJX37hnUHDbUYelAvj0l0qw6bof2YRyncYIMlPg2km2GZvxpVA
R0jC6yyJAeYq1qscEzdDBcLP+e9mDvyVJQpvX6fHbu6YQTvPcw1acR8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:09:52 2024 by rpki-client on console-ams.rpki-client.org