Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/1-FktY-AVmAJH-Vs3F_4eDC6sB8w.roa
File: 1-FktY-AVmAJH-Vs3F_4eDC6sB8w.roa (raw, json)
Hash identifier: FaB39D1an7Ipv0q0CUv6HcQ7otyUC+oHb7d+RVwaMPM=
Subject key identifier: F8:59:2D:63:E0:15:98:02:47:F9:5B:37:17:FE:1E:0C:2E:AC:07:CC
Certificate issuer: /CN=8d3f356a02d9679ce890b5d51e0dec2f3f363361
Certificate serial: 018CC56EF9CA18CA976931065ACE577AB8EE
Authority key identifier: 8D:3F:35:6A:02:D9:67:9C:E8:90:B5:D5:1E:0D:EC:2F:3F:36:33:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jT81agLZZ5zokLXVHg3sLz82M2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/1-FktY-AVmAJH-Vs3F_4eDC6sB8w.roa
Signing time: Mon 01 Jan 2024 14:30:33 +0000
ROA not before: Mon 01 Jan 2024 14:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213042
IP address blocks: 193.163.70.0/24 maxlen: 24
2a11:4e00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/jT81agLZZ5zokLXVHg3sLz82M2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/jT81agLZZ5zokLXVHg3sLz82M2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/jT81agLZZ5zokLXVHg3sLz82M2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f9:ca:18:ca:97:69:31:06:5a:ce:57:7a:b8:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d3f356a02d9679ce890b5d51e0dec2f3f363361
Validity
Not Before: Jan 1 14:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8592d63e015980247f95b3717fe1e0c2eac07cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:51:2f:5a:54:bf:7a:2a:00:c3:8e:f5:ec:cd:
83:0e:6b:66:31:61:ae:be:8d:f4:b8:38:e7:8c:88:
d7:a1:a0:1f:74:2b:5c:35:df:c9:d6:7a:ad:e7:ee:
d3:6e:77:28:24:87:b0:13:6b:99:3a:1a:fd:c8:45:
2e:5f:21:80:fc:13:ed:4d:fc:59:8e:9c:03:71:7e:
bf:51:4b:bb:fc:18:31:94:e7:45:38:2c:13:99:5e:
6d:f5:fd:4f:9b:ab:8b:a7:1b:5f:62:8d:9e:d9:26:
aa:c1:71:f7:92:5d:7f:79:8c:90:a6:3a:4d:c7:01:
82:ef:7c:67:c6:8b:46:fd:32:70:4a:f8:cd:b1:a0:
6a:cd:07:be:30:f7:de:f1:a9:16:5d:eb:9c:84:67:
66:08:c6:50:73:10:d2:c6:53:07:4d:3f:df:dc:18:
32:63:dc:58:fc:15:c0:fd:89:d8:8d:97:a2:55:ac:
02:47:42:a3:9e:58:57:fa:c4:2a:df:6f:f5:a9:bc:
12:1f:24:c2:6a:9d:b0:da:e3:be:18:77:91:c7:b8:
56:5a:1c:57:9f:5a:6e:15:2c:f8:f3:5d:b4:fc:c3:
09:1e:8c:59:d6:1b:43:38:39:e6:53:45:40:46:a1:
73:2f:0a:d2:61:b4:fc:72:e0:5d:c7:5a:99:fc:e5:
5a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:59:2D:63:E0:15:98:02:47:F9:5B:37:17:FE:1E:0C:2E:AC:07:CC
X509v3 Authority Key Identifier:
keyid:8D:3F:35:6A:02:D9:67:9C:E8:90:B5:D5:1E:0D:EC:2F:3F:36:33:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jT81agLZZ5zokLXVHg3sLz82M2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/1-FktY-AVmAJH-Vs3F_4eDC6sB8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/jT81agLZZ5zokLXVHg3sLz82M2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.70.0/24
IPv6:
2a11:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
9b:77:07:f5:ef:42:0f:6d:62:fb:07:1b:55:50:a4:d8:4b:55:
4e:7c:70:7e:26:d5:69:52:4e:a6:37:1f:df:43:a0:c2:53:b5:
b4:35:bc:22:cc:e8:3a:63:0e:02:3b:cb:33:b2:35:e9:b6:07:
80:7d:8c:b5:a4:a6:2f:57:f4:09:7e:84:da:81:2b:49:b6:5d:
34:78:71:c0:0a:0a:49:31:39:30:af:20:8e:76:37:6a:5c:40:
0a:db:61:b9:ff:e5:e6:4e:37:ad:aa:8d:96:27:18:08:0b:ff:
ff:8e:51:8c:e5:d0:94:45:4f:7f:9e:24:6a:7b:29:71:5b:52:
d6:58:f1:de:a1:a6:e7:5b:2b:23:84:fe:0e:5e:41:e0:44:d1:
fc:0f:f1:18:2a:6c:d6:9b:65:03:56:39:66:26:c9:78:38:a7:
e4:2e:64:89:8f:50:65:78:dd:b3:ea:59:06:48:9f:a7:0c:0b:
6f:73:76:97:69:4d:c0:b2:65:0c:e9:08:15:18:14:a6:b7:ba:
74:67:46:e7:43:ab:fe:6b:6e:1b:83:6b:74:0c:b7:11:24:7e:
ad:7f:f6:72:8f:d6:48:1f:19:bb:48:6d:a8:6d:07:aa:a4:ba:
2a:96:3b:17:a1:0e:fc:d1:3f:73:28:c1:f8:0e:81:d8:0e:63:
23:36:2c:a3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzFbvnKGMqXaTEGWs5XerjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkM2YzNTZhMDJkOTY3OWNlODkwYjVkNTFlMGRlYzJmM2Yz
NjMzNjEwHhcNMjQwMTAxMTQzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODU5MmQ2M2UwMTU5ODAyNDdmOTViMzcxN2ZlMWUwYzJlYWMwN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlEvWlS/eioAw4717M2DDmtmMWGu
vo30uDjnjIjXoaAfdCtcNd/J1nqt5+7TbncoJIewE2uZOhr9yEUuXyGA/BPtTfxZ
jpwDcX6/UUu7/BgxlOdFOCwTmV5t9f1Pm6uLpxtfYo2e2SaqwXH3kl1/eYyQpjpN
xwGC73xnxotG/TJwSvjNsaBqzQe+MPfe8akWXeuchGdmCMZQcxDSxlMHTT/f3Bgy
Y9xY/BXA/YnYjZeiVawCR0KjnlhX+sQq32/1qbwSHyTCap2w2uO+GHeRx7hWWhxX
n1puFSz48120/MMJHoxZ1htDODnmU0VARqFzLwrSYbT8cuBdx1qZ/OVavQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPhZLWPgFZgCR/lbNxf+HgwurAfMMB8GA1UdIwQY
MBaAFI0/NWoC2Wec6JC11R4N7C8/NjNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalQ4MWFnTFpaNXpva0xYVkhnM3NMejgyTTJFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NjZjYjEtNzkxNS00ZmZkLTg1NzAt
NmI5M2FmNjEzZDdkLzEvMS1Ga3RZLUFWbUFKSC1WczNGXzRlREM2c0I4dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjcvNTY2Y2IxLTc5MTUtNGZmZC04NTcwLTZiOTNhZjYxM2Q3
ZC8xL2pUODFhZ0xaWjV6b2tMWFZIZzNzTHo4Mk0yRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAMGjRjAN
BAIAAjAHAwUDKhFOADANBgkqhkiG9w0BAQsFAAOCAQEAm3cH9e9CD21i+wcbVVCk
2EtVTnxwfibVaVJOpjcf30OgwlO1tDW8IszoOmMOAjvLM7I16bYHgH2MtaSmL1f0
CX6E2oErSbZdNHhxwAoKSTE5MK8gjnY3alxACtthuf/l5k43raqNlicYCAv//45R
jOXQlEVPf54kanspcVtS1ljx3qGm51srI4T+Dl5B4ETR/A/xGCps1ptlA1Y5ZibJ
eDin5C5kiY9QZXjds+pZBkifpwwLb3N2l2lNwLJlDOkIFRgUpre6dGdG50Or/mtu
G4NrdAy3ESR+rX/2co/WSB8Zu0htqG0HqqS6KpY7F6EO/NE/cyjB+A6B2A5jIzYs
ow==
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:08 2024 by rpki-client on console-fra.rpki-client.org