Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/KR9uzDZWMSFMmHpV5pdZC-NXjcA.roa
File: KR9uzDZWMSFMmHpV5pdZC-NXjcA.roa (raw, json)
Hash identifier: dbov7HMxo440g/aizrB3ZgoiQYVvCVjULboJAdvyWIM=
Subject key identifier: 29:1F:6E:CC:36:56:31:21:4C:98:7A:55:E6:97:59:0B:E3:57:8D:C0
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CC795509BA8A28CF75F971B74B8451A6F
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/KR9uzDZWMSFMmHpV5pdZC-NXjcA.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49023
IP address blocks: 93.114.80.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:50:9b:a8:a2:8c:f7:5f:97:1b:74:b8:45:1a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=291f6ecc365631214c987a55e697590be3578dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2b:2d:6d:90:c9:ec:80:e4:dc:81:65:21:91:
55:7a:bc:58:28:5f:df:a4:aa:61:90:ba:ee:98:90:
35:88:c6:2b:2d:d1:9c:3f:b9:4e:be:9c:39:11:a0:
0c:b9:72:c1:0e:09:38:61:8e:27:ce:5e:5a:65:f2:
a0:9f:56:92:e8:62:0f:40:b2:43:d1:de:f5:b4:28:
0f:a7:73:8c:27:7a:bb:71:13:a3:d8:20:f0:e2:85:
9d:21:d9:83:f4:9e:f4:c5:57:95:64:28:2b:b1:c6:
ed:85:7a:6a:e1:a5:6f:79:7e:61:7f:2e:ef:32:90:
4a:2d:fe:a3:78:d4:a5:78:11:1f:88:11:14:54:5b:
65:2e:d4:4b:34:61:1f:54:2d:25:09:8c:f0:19:52:
68:8e:57:1b:a1:33:34:5a:29:86:85:d8:1a:29:ad:
bb:ac:28:c5:94:12:3f:de:88:7d:f5:36:08:83:2d:
14:4d:33:87:28:cf:78:b5:21:33:f6:13:05:f0:6c:
24:db:72:3e:7b:c9:76:b0:76:74:df:bf:c8:ea:19:
67:d2:4d:d1:ba:a2:8a:86:ea:59:94:ce:68:40:ec:
33:07:ca:d1:8b:73:46:19:65:d9:3d:90:17:8a:ab:
d3:f7:1a:a4:41:f7:b2:0d:b4:10:d4:e8:d5:a6:1c:
91:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1F:6E:CC:36:56:31:21:4C:98:7A:55:E6:97:59:0B:E3:57:8D:C0
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/KR9uzDZWMSFMmHpV5pdZC-NXjcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.80.0/23
Signature Algorithm: sha256WithRSAEncryption
40:b7:0b:4a:ac:f4:6d:b0:6f:fe:53:8c:69:36:cd:19:ce:56:
4b:51:c9:c4:b5:d2:c7:4d:69:29:1e:30:28:50:f3:5f:d5:df:
a9:9e:3d:8e:b6:fe:9c:79:9c:ff:5f:4a:83:e3:a7:4d:aa:ad:
8f:24:2f:a6:a5:f3:5a:d0:18:66:e5:68:5f:20:bf:f6:16:22:
0c:1e:a2:ab:81:bb:74:9f:b2:0a:b6:5b:c1:c4:bb:1c:62:cb:
90:5c:17:64:cb:47:3b:12:91:c2:0b:33:f2:83:35:24:73:d8:
02:d5:fe:be:bb:0f:ae:d5:f2:60:e7:47:f7:9c:1e:a4:0f:f7:
44:db:25:70:0a:26:2f:5b:a8:44:29:d2:d4:85:bc:1b:5a:85:
6a:93:4e:77:9d:1a:ad:e2:e7:d8:1f:ba:24:02:70:7f:23:28:
f7:79:ec:e3:46:6a:26:91:23:a5:4a:97:84:5e:f8:e3:65:4d:
1d:86:53:b8:9d:75:4e:ff:d3:09:62:ac:36:49:8e:94:c6:df:
0d:37:91:c1:b5:01:f9:71:99:93:ca:f6:49:d2:4c:ad:22:d0:
31:3a:c8:8d:39:3f:ff:3b:5e:96:7b:9a:91:1c:f4:b4:9e:0f:
6a:9e:00:96:06:ff:35:c9:49:21:ab:9a:67:57:88:ad:1a:50:
10:49:e3:e6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlVCbqKKM91+XG3S4RRpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTFmNmVjYzM2NTYzMTIxNGM5ODdhNTVlNjk3NTkwYmUzNTc4ZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsystbZDJ7IDk3IFlIZFVerxYKF/f
pKphkLrumJA1iMYrLdGcP7lOvpw5EaAMuXLBDgk4YY4nzl5aZfKgn1aS6GIPQLJD
0d71tCgPp3OMJ3q7cROj2CDw4oWdIdmD9J70xVeVZCgrscbthXpq4aVveX5hfy7v
MpBKLf6jeNSleBEfiBEUVFtlLtRLNGEfVC0lCYzwGVJojlcboTM0WimGhdgaKa27
rCjFlBI/3oh99TYIgy0UTTOHKM94tSEz9hMF8Gwk23I+e8l2sHZ037/I6hln0k3R
uqKKhupZlM5oQOwzB8rRi3NGGWXZPZAXiqvT9xqkQfeyDbQQ1OjVphyRAQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCkfbsw2VjEhTJh6VeaXWQvjV43AMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0tSOXV6RFpXTVNGTW1IcFY1cGRaQy1OWGpjQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFdclAw
DQYJKoZIhvcNAQELBQADggEBAEC3C0qs9G2wb/5TjGk2zRnOVktRycS10sdNaSke
MChQ81/V36mePY62/px5nP9fSoPjp02qrY8kL6al81rQGGblaF8gv/YWIgweoquB
u3Sfsgq2W8HEuxxiy5BcF2TLRzsSkcILM/KDNSRz2ALV/r67D67V8mDnR/ecHqQP
90TbJXAKJi9bqEQp0tSFvBtahWqTTnedGq3i59gfuiQCcH8jKPd57ONGaiaRI6VK
l4Re+ONlTR2GU7iddU7/0wlirDZJjpTG3w03kcG1AflxmZPK9knSTK0i0DE6yI05
P/87XpZ7mpEc9LSeD2qeAJYG/zXJSSGrmmdXiK0aUBBJ4+Y=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:40:52 2024 by rpki-client on console-fra.rpki-client.org