Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/081a4c-d631-4311-9bd5-a6254df526c1/1/KWbrIW2VwJEguzU8MECA4od67fA.roa
File: KWbrIW2VwJEguzU8MECA4od67fA.roa (raw, json)
Hash identifier: tSn5WL1XPxVrergfY8pWlp0KKED6ktfPpSUKOMtgRqo=
Subject key identifier: 29:66:EB:21:6D:95:C0:91:20:BB:35:3C:30:40:80:E2:87:7A:ED:F0
Certificate issuer: /CN=78dedb8988bc8bb1a5f9e55f41726b65446c25ec
Certificate serial: 01907470A9BC6921E3FD313D2830AF0475EE
Authority key identifier: 78:DE:DB:89:88:BC:8B:B1:A5:F9:E5:5F:41:72:6B:65:44:6C:25:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eN7biYi8i7Gl-eVfQXJrZURsJew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/081a4c-d631-4311-9bd5-a6254df526c1/1/KWbrIW2VwJEguzU8MECA4od67fA.roa
Signing time: Tue 02 Jul 2024 17:14:18 +0000
ROA not before: Tue 02 Jul 2024 17:14:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208161
IP address blocks: 193.242.208.0/24 maxlen: 24
193.242.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/081a4c-d631-4311-9bd5-a6254df526c1/1/eN7biYi8i7Gl-eVfQXJrZURsJew.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/081a4c-d631-4311-9bd5-a6254df526c1/1/eN7biYi8i7Gl-eVfQXJrZURsJew.mft
rsync://rpki.ripe.net/repository/DEFAULT/eN7biYi8i7Gl-eVfQXJrZURsJew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:74:70:a9:bc:69:21:e3:fd:31:3d:28:30:af:04:75:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78dedb8988bc8bb1a5f9e55f41726b65446c25ec
Validity
Not Before: Jul 2 17:14:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2966eb216d95c09120bb353c304080e2877aedf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ae:0e:e3:6a:de:85:e0:c1:26:68:49:44:2e:
dd:1d:e4:5c:9d:3c:41:bb:e6:d8:91:46:b1:54:9c:
7f:8d:ed:b4:11:f4:87:1b:c3:c9:cc:53:bd:1f:18:
e2:f1:c1:a4:0f:19:3a:79:a8:8b:0c:d0:39:6e:7d:
81:6f:32:01:a5:a9:06:43:15:8f:e5:8d:f2:05:d4:
8d:e4:19:d8:f7:49:56:f4:cc:61:45:42:52:2f:dc:
93:5d:6f:fb:fe:6d:dd:d8:3d:f9:3f:27:df:25:70:
1f:b5:db:79:a0:29:ba:b3:c1:82:2e:4a:0e:2d:f9:
a8:4c:61:f4:be:7f:b8:ed:7e:d8:fc:ef:d6:ec:a4:
81:cd:aa:c2:0d:e9:07:e6:45:bc:9d:f2:6e:3a:7d:
b9:f5:70:87:09:a1:89:aa:4d:13:ad:f2:8c:9b:b7:
95:7c:ad:61:9f:fd:0f:c0:f3:d0:20:26:62:ab:f7:
c2:2e:cc:43:c6:c9:de:c5:be:1a:aa:3c:c6:aa:8a:
b1:43:52:90:08:92:74:32:22:0a:e7:de:61:f5:5c:
51:66:a7:eb:98:03:dc:dd:89:18:34:97:ee:fc:73:
61:5a:db:c9:57:9d:41:41:90:7d:bd:0a:4a:9c:68:
44:ea:58:f3:45:6a:96:f4:ec:da:ec:72:e4:8e:87:
2d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:66:EB:21:6D:95:C0:91:20:BB:35:3C:30:40:80:E2:87:7A:ED:F0
X509v3 Authority Key Identifier:
keyid:78:DE:DB:89:88:BC:8B:B1:A5:F9:E5:5F:41:72:6B:65:44:6C:25:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eN7biYi8i7Gl-eVfQXJrZURsJew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/081a4c-d631-4311-9bd5-a6254df526c1/1/KWbrIW2VwJEguzU8MECA4od67fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/081a4c-d631-4311-9bd5-a6254df526c1/1/eN7biYi8i7Gl-eVfQXJrZURsJew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.208.0/23
Signature Algorithm: sha256WithRSAEncryption
20:ed:5b:3a:07:45:ed:de:89:24:ce:74:c9:1e:c9:56:5a:df:
88:46:8f:f9:bd:60:69:db:00:a2:8c:34:b0:3c:55:07:ff:77:
4b:6b:93:49:c7:5e:9b:be:5f:82:77:86:03:f0:00:5d:b6:c5:
2c:1f:14:36:20:a4:53:9a:af:58:29:2a:35:db:2a:9f:71:31:
19:b8:df:57:20:19:fb:60:7d:d7:82:9a:ae:25:b4:e9:1c:96:
e1:61:12:53:c3:8b:00:15:2d:e3:9b:e7:7f:44:b9:5d:71:a9:
b3:6d:86:2d:1e:61:99:c4:92:1d:72:9c:8b:7e:7e:6e:51:fa:
06:d8:3c:55:cd:f4:0e:b6:cb:a2:4f:11:4e:12:27:93:1f:01:
0a:d3:68:c8:fd:c6:a7:16:35:a4:1f:ca:cf:fb:c6:59:5b:c5:
f0:58:89:70:82:b5:84:5d:b5:ce:23:cc:42:4a:8d:72:d2:1c:
bd:89:cc:9d:2f:74:71:ef:39:46:3a:e9:f5:5a:b4:bc:be:6e:
3f:36:6b:ad:eb:3f:15:53:e2:ee:e5:46:41:6b:37:11:fc:33:
6f:ad:44:67:22:8c:bd:56:d5:de:8b:69:19:20:51:ca:e9:8f:
40:29:b9:fd:bb:bc:18:2b:cd:cc:82:c3:29:7c:30:db:8b:42:
8d:34:63:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZB0cKm8aSHj/TE9KDCvBHXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZGVkYjg5ODhiYzhiYjFhNWY5ZTU1ZjQxNzI2YjY1NDQ2
YzI1ZWMwHhcNMjQwNzAyMTcxNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTY2ZWIyMTZkOTVjMDkxMjBiYjM1M2MzMDQwODBlMjg3N2FlZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr64O42reheDBJmhJRC7dHeRcnTxB
u+bYkUaxVJx/je20EfSHG8PJzFO9Hxji8cGkDxk6eaiLDNA5bn2BbzIBpakGQxWP
5Y3yBdSN5BnY90lW9MxhRUJSL9yTXW/7/m3d2D35PyffJXAftdt5oCm6s8GCLkoO
LfmoTGH0vn+47X7Y/O/W7KSBzarCDekH5kW8nfJuOn259XCHCaGJqk0TrfKMm7eV
fK1hn/0PwPPQICZiq/fCLsxDxsnexb4aqjzGqoqxQ1KQCJJ0MiIK595h9VxRZqfr
mAPc3YkYNJfu/HNhWtvJV51BQZB9vQpKnGhE6ljzRWqW9Oza7HLkjoctsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClm6yFtlcCRILs1PDBAgOKHeu3wMB8GA1UdIwQY
MBaAFHje24mIvIuxpfnlX0Fya2VEbCXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZU43YmlZaThpN0dsLWVWZlFYSnJaVVJzSmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8wODFhNGMtZDYzMS00MzExLTliZDUt
YTYyNTRkZjUyNmMxLzEvS1dicklXMlZ3SkVndXpVOE1FQ0E0b2Q2N2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8wODFhNGMtZDYzMS00MzExLTliZDUtYTYyNTRkZjUyNmMx
LzEvZU43YmlZaThpN0dsLWVWZlFYSnJaVVJzSmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwfLQMA0G
CSqGSIb3DQEBCwUAA4IBAQAg7Vs6B0Xt3okkznTJHslWWt+IRo/5vWBp2wCijDSw
PFUH/3dLa5NJx16bvl+Cd4YD8ABdtsUsHxQ2IKRTmq9YKSo12yqfcTEZuN9XIBn7
YH3XgpquJbTpHJbhYRJTw4sAFS3jm+d/RLldcamzbYYtHmGZxJIdcpyLfn5uUfoG
2DxVzfQOtsuiTxFOEieTHwEK02jI/canFjWkH8rP+8ZZW8XwWIlwgrWEXbXOI8xC
So1y0hy9icydL3Rx7zlGOun1WrS8vm4/Nmut6z8VU+Lu5UZBazcR/DNvrURnIoy9
VtXei2kZIFHK6Y9AKbn9u7wYK83MgsMpfDDbi0KNNGOh
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:12:11 2024 by rpki-client on console-fra.rpki-client.org