Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/4f5808-1c04-4255-9b84-a82836de05fc/1/kXHUW40RIuot8q8-DvmrS-VRl3Q.roa
File: kXHUW40RIuot8q8-DvmrS-VRl3Q.roa (raw, json)
Hash identifier: mX/OknLCQz6UVGlviDe/6BGA8LpNgyWA4U5DuF1dKww=
Subject key identifier: 91:71:D4:5B:8D:11:22:EA:2D:F2:AF:3E:0E:F9:AB:4B:E5:51:97:74
Certificate issuer: /CN=20f638107abb84ae6fb03cc1db2cfd1bc4487f8d
Certificate serial: 018F7B2C82EB0F7EAE1C00BE4EF544FDA042
Authority key identifier: 20:F6:38:10:7A:BB:84:AE:6F:B0:3C:C1:DB:2C:FD:1B:C4:48:7F:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPY4EHq7hK5vsDzB2yz9G8RIf40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/4f5808-1c04-4255-9b84-a82836de05fc/1/kXHUW40RIuot8q8-DvmrS-VRl3Q.roa
Signing time: Wed 15 May 2024 07:34:25 +0000
ROA not before: Wed 15 May 2024 07:34:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35199
IP address blocks: 178.219.16.0/22 maxlen: 22
185.214.67.0/24 maxlen: 24
185.226.98.0/24 maxlen: 24
193.19.164.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/4f5808-1c04-4255-9b84-a82836de05fc/1/IPY4EHq7hK5vsDzB2yz9G8RIf40.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/4f5808-1c04-4255-9b84-a82836de05fc/1/IPY4EHq7hK5vsDzB2yz9G8RIf40.mft
rsync://rpki.ripe.net/repository/DEFAULT/IPY4EHq7hK5vsDzB2yz9G8RIf40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:2c:82:eb:0f:7e:ae:1c:00:be:4e:f5:44:fd:a0:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f638107abb84ae6fb03cc1db2cfd1bc4487f8d
Validity
Not Before: May 15 07:34:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9171d45b8d1122ea2df2af3e0ef9ab4be5519774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a8:77:32:40:f7:ed:8f:25:3c:23:51:72:7e:
d7:ba:ef:7d:14:44:33:c0:12:2c:4c:24:1e:ca:90:
86:f6:f0:17:64:05:9f:1e:fe:6b:56:d8:2b:7d:66:
29:54:55:da:7f:b0:6e:7d:16:88:55:17:11:5c:af:
84:03:90:0b:98:b9:46:8d:29:18:c1:46:f0:8c:89:
d6:55:29:bd:d0:56:7f:f0:64:71:88:e4:a5:82:2f:
0b:74:11:65:68:2c:23:5c:b8:d2:2f:4c:6e:eb:e8:
0e:be:d0:9c:3f:9f:c4:ef:d5:b9:b4:c3:0d:03:40:
9a:80:d3:7b:b1:22:7b:d9:94:5e:4e:90:8d:9f:2e:
39:72:9c:2f:67:a9:46:a1:9f:29:09:93:3e:04:e8:
06:6e:e6:f1:9b:64:5f:c3:fc:1e:76:0f:4a:72:16:
54:31:cd:77:4b:37:ac:db:23:52:5e:95:12:93:74:
82:85:f4:78:37:26:36:1c:39:86:1e:7b:b0:9b:cb:
33:d1:aa:20:e9:fe:c2:bf:db:88:6d:98:11:fb:2c:
3b:72:ca:93:35:0b:05:e2:6b:80:7e:f6:1d:65:9e:
d3:76:ab:f8:b9:1a:89:08:cb:8f:b5:cc:28:8c:55:
d6:7d:0f:79:f4:16:13:ef:30:85:c5:b8:b2:e2:ea:
ea:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:71:D4:5B:8D:11:22:EA:2D:F2:AF:3E:0E:F9:AB:4B:E5:51:97:74
X509v3 Authority Key Identifier:
keyid:20:F6:38:10:7A:BB:84:AE:6F:B0:3C:C1:DB:2C:FD:1B:C4:48:7F:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPY4EHq7hK5vsDzB2yz9G8RIf40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4f5808-1c04-4255-9b84-a82836de05fc/1/kXHUW40RIuot8q8-DvmrS-VRl3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4f5808-1c04-4255-9b84-a82836de05fc/1/IPY4EHq7hK5vsDzB2yz9G8RIf40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.219.16.0/22
185.214.67.0/24
185.226.98.0/24
193.19.164.0/22
Signature Algorithm: sha256WithRSAEncryption
94:23:57:f3:ac:d7:aa:31:13:02:2d:32:1f:e8:35:6c:0a:48:
68:17:1d:c5:c5:4d:a8:8c:7a:a7:df:a9:3c:1b:d0:ac:41:3b:
96:6f:9e:ef:ed:e2:73:5c:22:3e:3d:e3:35:65:0a:b4:dc:ba:
b4:46:18:10:b1:39:86:09:f3:7b:71:d4:db:08:2c:e3:f5:07:
35:69:a1:0b:42:b0:e2:43:2b:54:34:40:7f:d1:82:9d:44:46:
cf:99:ca:fb:50:70:98:fa:5b:ac:05:9f:12:a5:ed:23:9c:b9:
5f:e2:6a:3a:1c:f4:ad:fd:fd:40:2f:ba:f3:5b:33:4a:bb:92:
90:f9:56:78:cf:87:aa:04:2f:ad:e7:c9:8c:3b:db:7b:7d:b0:
e8:7d:14:28:ac:2e:b1:a0:e5:5c:cd:04:72:4e:ad:4a:0b:03:
3c:9e:b8:89:56:bd:b6:e6:02:c2:47:91:5c:b6:ec:1c:40:d5:
f7:23:f4:d1:dc:35:f9:ce:f3:b9:39:66:25:d8:7a:6f:28:77:
43:36:19:c6:ac:48:c4:16:fd:e2:25:a2:56:bf:f3:67:66:9b:
c6:59:f7:86:ae:0c:5d:33:d1:e5:b2:65:5a:76:e9:c7:2b:89:
01:6a:0c:2d:34:7d:8a:96:10:ff:5c:8c:a6:3d:b0:85:43:9c:
db:9e:7a:d6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY97LILrD36uHAC+TvVE/aBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjYzODEwN2FiYjg0YWU2ZmIwM2NjMWRiMmNmZDFiYzQ0
ODdmOGQwHhcNMjQwNTE1MDczNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTcxZDQ1YjhkMTEyMmVhMmRmMmFmM2UwZWY5YWI0YmU1NTE5Nzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqh3MkD37Y8lPCNRcn7Xuu99FEQz
wBIsTCQeypCG9vAXZAWfHv5rVtgrfWYpVFXaf7BufRaIVRcRXK+EA5ALmLlGjSkY
wUbwjInWVSm90FZ/8GRxiOSlgi8LdBFlaCwjXLjSL0xu6+gOvtCcP5/E79W5tMMN
A0CagNN7sSJ72ZReTpCNny45cpwvZ6lGoZ8pCZM+BOgGbubxm2Rfw/wedg9KchZU
Mc13Szes2yNSXpUSk3SChfR4NyY2HDmGHnuwm8sz0aog6f7Cv9uIbZgR+yw7csqT
NQsF4muAfvYdZZ7Tdqv4uRqJCMuPtcwojFXWfQ959BYT7zCFxbiy4urq1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJFx1FuNESLqLfKvPg75q0vlUZd0MB8GA1UdIwQY
MBaAFCD2OBB6u4Sub7A8wdss/RvESH+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBZNEVIcTdoSzV2c0R6QjJ5ejlHOFJJZjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC80ZjU4MDgtMWMwNC00MjU1LTliODQt
YTgyODM2ZGUwNWZjLzEva1hIVVc0MFJJdW90OHE4LUR2bXJTLVZSbDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC80ZjU4MDgtMWMwNC00MjU1LTliODQtYTgyODM2ZGUwNWZj
LzEvSVBZNEVIcTdoSzV2c0R6QjJ5ejlHOFJJZjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCstsQAwQA
udZDAwQAueJiAwQCwROkMA0GCSqGSIb3DQEBCwUAA4IBAQCUI1fzrNeqMRMCLTIf
6DVsCkhoFx3FxU2ojHqn36k8G9CsQTuWb57v7eJzXCI+PeM1ZQq03Lq0RhgQsTmG
CfN7cdTbCCzj9Qc1aaELQrDiQytUNEB/0YKdREbPmcr7UHCY+lusBZ8Spe0jnLlf
4mo6HPSt/f1AL7rzWzNKu5KQ+VZ4z4eqBC+t58mMO9t7fbDofRQorC6xoOVczQRy
Tq1KCwM8nriJVr225gLCR5FctuwcQNX3I/TR3DX5zvO5OWYl2HpvKHdDNhnGrEjE
Fv3iJaJWv/NnZpvGWfeGrgxdM9HlsmVadunHK4kBagwtNH2KlhD/XIymPbCFQ5zb
nnrW
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:53 2024 by rpki-client on console-ams.rpki-client.org