Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/s2KKbpG4nh822E4iU_GB7VHGGwk.roa
File: s2KKbpG4nh822E4iU_GB7VHGGwk.roa (raw, json)
Hash identifier: RMVO7WMPM2u1H3nr2r3w8Tp9H6QMAintDheR/ArFhwk=
Subject key identifier: B3:62:8A:6E:91:B8:9E:1F:36:D8:4E:22:53:F1:81:ED:51:C6:1B:09
Certificate issuer: /CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Certificate serial: 018CC493159675F9FDFE32B6A07D177E9F43
Authority key identifier: 10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/s2KKbpG4nh822E4iU_GB7VHGGwk.roa
Signing time: Mon 01 Jan 2024 10:30:22 +0000
ROA not before: Mon 01 Jan 2024 10:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42811
IP address blocks: 95.176.0.0/17 maxlen: 17
185.147.220.0/22 maxlen: 22
81.14.0.0/17 maxlen: 17
2a00:be80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.mft
rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:15:96:75:f9:fd:fe:32:b6:a0:7d:17:7e:9f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Validity
Not Before: Jan 1 10:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3628a6e91b89e1f36d84e2253f181ed51c61b09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:78:61:d7:5c:9e:85:68:47:f2:52:0e:95:d7:
ce:6c:22:d7:30:16:88:00:2c:11:2e:c3:4b:df:90:
59:74:d4:44:d0:8f:ca:c4:44:b8:61:88:f2:7b:77:
cd:7b:86:7a:23:59:7c:b2:e4:04:6c:42:06:c1:b9:
1b:39:a9:a3:7b:2a:cb:f1:44:40:c5:64:1b:64:41:
9c:c8:1d:62:16:30:e3:ff:d8:0c:e3:2d:40:6a:0c:
6f:ad:71:fa:34:96:52:3a:e2:8b:3d:f2:b0:a2:c6:
e2:56:37:01:e1:c3:16:3f:1f:b1:21:0f:5a:14:4d:
0a:d1:90:af:ab:8d:8b:7c:b1:11:b7:88:70:27:e7:
09:b9:d4:3d:60:b7:31:9b:0d:ec:39:fd:3d:55:df:
04:c8:f9:ed:15:94:0a:26:13:e7:da:fe:62:26:8b:
91:a0:31:aa:e5:8f:c7:78:a3:83:76:92:62:0d:a2:
16:48:04:21:da:e4:c7:3a:04:3b:47:34:2f:70:73:
09:46:75:55:af:10:35:f2:39:07:71:2c:8e:35:0a:
eb:bc:ed:f8:6c:14:f8:f6:dd:5b:06:91:1e:6e:13:
77:4d:a7:49:b9:ec:35:32:1b:0c:0f:d5:73:6a:cd:
d0:1d:93:b0:31:0e:97:af:11:19:b1:4f:aa:e3:31:
04:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:62:8A:6E:91:B8:9E:1F:36:D8:4E:22:53:F1:81:ED:51:C6:1B:09
X509v3 Authority Key Identifier:
keyid:10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/s2KKbpG4nh822E4iU_GB7VHGGwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.14.0.0/17
95.176.0.0/17
185.147.220.0/22
IPv6:
2a00:be80::/32
Signature Algorithm: sha256WithRSAEncryption
72:9c:6a:41:7a:bb:46:98:14:03:44:30:e0:19:b8:2b:03:35:
0f:e1:74:a0:2a:1d:22:1d:6d:a5:ac:2f:68:0a:e3:16:1b:4f:
55:26:e2:1c:45:e6:26:99:1d:ba:66:9a:2b:c7:81:68:4b:b2:
55:4a:03:75:e9:82:e3:b7:47:7f:78:b7:28:cb:b0:cc:90:6d:
09:4b:9a:b2:06:25:bd:fb:7b:32:3c:f1:b0:91:40:b9:eb:41:
eb:7c:3e:2b:6e:c0:33:4f:60:3d:e0:0a:dc:3a:5e:72:6c:a8:
40:29:a9:83:96:64:88:de:28:d4:3d:ca:2c:41:e1:df:08:8b:
65:54:b9:b8:91:e0:f4:b3:4b:83:06:3f:55:ac:8e:28:25:74:
a9:f1:46:ab:d3:d0:67:6d:4f:c2:2b:aa:d9:28:8e:97:bb:55:
1d:a4:fe:cd:56:66:22:82:93:51:28:69:03:37:13:66:c4:42:
49:62:7a:9b:19:f3:e2:c3:29:31:03:f9:94:56:d3:ef:4e:8c:
f3:34:49:74:62:ab:ef:14:43:d4:3e:cf:6c:ef:4a:18:25:b2:
1b:b5:de:78:94:04:75:c1:4d:51:13:06:c2:a0:f0:7c:a8:0b:
70:3c:42:65:6e:ea:8f:7b:df:3f:78:1d:b2:1d:94:a5:99:d8:
d2:9a:fb:2a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEkxWWdfn9/jK2oH0Xfp9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMTI4NzkyN2FkN2IxZGI0NzlhZTVhYjkyYWI4N2M0YTRm
YWY0OTYwHhcNMjQwMTAxMTAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzYyOGE2ZTkxYjg5ZTFmMzZkODRlMjI1M2YxODFlZDUxYzYxYjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73hh11yehWhH8lIOldfObCLXMBaI
ACwRLsNL35BZdNRE0I/KxES4YYjye3fNe4Z6I1l8suQEbEIGwbkbOamjeyrL8URA
xWQbZEGcyB1iFjDj/9gM4y1AagxvrXH6NJZSOuKLPfKwosbiVjcB4cMWPx+xIQ9a
FE0K0ZCvq42LfLERt4hwJ+cJudQ9YLcxmw3sOf09Vd8EyPntFZQKJhPn2v5iJouR
oDGq5Y/HeKODdpJiDaIWSAQh2uTHOgQ7RzQvcHMJRnVVrxA18jkHcSyONQrrvO34
bBT49t1bBpEebhN3TadJuew1MhsMD9Vzas3QHZOwMQ6XrxEZsU+q4zEErwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLNiim6RuJ4fNthOIlPxge1RxhsJMB8GA1UdIwQY
MBaAFBASh5J617HbR5rlq5Krh8Sk+vSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUJLSGtuclhzZHRIbXVXcmtxdUh4S1Q2OUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xMjM5MWQtNWZiNi00ZGVhLWE3MTMt
NzNhNDUyYmFmYjQ2LzEvczJLS2JwRzRuaDgyMkU0aVVfR0I3VkhHR3drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xMjM5MWQtNWZiNi00ZGVhLWE3MTMtNzNhNDUyYmFmYjQ2
LzEvRUJLSGtuclhzZHRIbXVXcmtxdUh4S1Q2OUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHUQ4AAwQH
X7AAAwQCuZPcMA0EAgACMAcDBQAqAL6AMA0GCSqGSIb3DQEBCwUAA4IBAQBynGpB
ertGmBQDRDDgGbgrAzUP4XSgKh0iHW2lrC9oCuMWG09VJuIcReYmmR26Zporx4Fo
S7JVSgN16YLjt0d/eLcoy7DMkG0JS5qyBiW9+3syPPGwkUC560HrfD4rbsAzT2A9
4ArcOl5ybKhAKamDlmSI3ijUPcosQeHfCItlVLm4keD0s0uDBj9VrI4oJXSp8Uar
09BnbU/CK6rZKI6Xu1UdpP7NVmYigpNRKGkDNxNmxEJJYnqbGfPiwykxA/mUVtPv
TozzNEl0YqvvFEPUPs9s70oYJbIbtd54lAR1wU1REwbCoPB8qAtwPEJlbuqPe98/
eB2yHZSlmdjSmvsq
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:23:12 2024 by rpki-client on console-fra.rpki-client.org