Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/584a46-3fdc-425b-b2b6-f03aae13032f/1/p2sOEHosnVnkobIUeBon0_v-Iwo.roa
File: p2sOEHosnVnkobIUeBon0_v-Iwo.roa (raw, json)
Hash identifier: 0t5Y8upr2rIkikJQ7N81jY9spVhtJPAo7knzlxKKdoE=
Subject key identifier: A7:6B:0E:10:7A:2C:9D:59:E4:A1:B2:14:78:1A:27:D3:FB:FE:23:0A
Certificate issuer: /CN=0c10137944e887ad07569ed4d412846732d0af70
Certificate serial: 018CC56ED79902C91653439C17888A893C8B
Authority key identifier: 0C:10:13:79:44:E8:87:AD:07:56:9E:D4:D4:12:84:67:32:D0:AF:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DBATeUToh60HVp7U1BKEZzLQr3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/584a46-3fdc-425b-b2b6-f03aae13032f/1/p2sOEHosnVnkobIUeBon0_v-Iwo.roa
Signing time: Mon 01 Jan 2024 14:30:24 +0000
ROA not before: Mon 01 Jan 2024 14:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9163
IP address blocks: 213.208.54.0/24 maxlen: 24
213.208.57.0/24 maxlen: 24
213.208.55.0/24 maxlen: 24
213.208.58.0/24 maxlen: 24
213.208.56.0/24 maxlen: 24
213.208.52.0/24 maxlen: 24
213.208.53.0/24 maxlen: 24
213.208.61.0/24 maxlen: 24
213.208.62.0/24 maxlen: 24
213.208.63.0/24 maxlen: 24
213.208.59.0/24 maxlen: 24
213.208.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/584a46-3fdc-425b-b2b6-f03aae13032f/1/DBATeUToh60HVp7U1BKEZzLQr3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/584a46-3fdc-425b-b2b6-f03aae13032f/1/DBATeUToh60HVp7U1BKEZzLQr3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DBATeUToh60HVp7U1BKEZzLQr3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d7:99:02:c9:16:53:43:9c:17:88:8a:89:3c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c10137944e887ad07569ed4d412846732d0af70
Validity
Not Before: Jan 1 14:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a76b0e107a2c9d59e4a1b214781a27d3fbfe230a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6b:a0:74:6e:a4:06:d0:62:0e:d0:7a:2e:d9:
de:4f:2b:68:4d:64:75:66:8d:c2:02:3c:33:b7:c9:
93:f9:73:0d:72:d8:0b:3b:4b:af:00:12:96:38:15:
b4:e9:7d:a4:63:b7:04:c8:c6:27:ca:c5:99:7a:c7:
59:14:08:95:b8:da:17:c3:50:f6:a5:20:cb:73:54:
6d:5f:5d:86:2c:53:80:cc:ff:22:63:7a:d2:f4:5d:
a5:b0:ae:48:76:b0:57:d1:e1:9d:84:29:12:a1:7e:
32:af:02:59:46:68:77:48:56:77:45:dd:ff:6a:14:
ff:5e:cd:f1:e1:4c:03:4d:dc:51:c8:d4:62:b7:a0:
ae:34:d7:c9:55:b4:74:5d:82:35:3a:c1:81:33:d3:
12:03:3f:15:d2:ca:c9:99:07:b7:f5:f1:c8:ac:32:
03:11:be:79:60:6e:2e:18:f8:ee:35:84:eb:80:39:
67:ef:35:b9:58:b5:7a:2a:20:6f:9f:24:4a:33:d5:
4b:00:49:fe:5f:39:ec:9c:3b:e8:b3:cf:da:d8:7a:
8a:bf:5f:08:c9:bb:d2:b4:4f:e8:31:92:50:22:f8:
02:71:3d:6b:ac:e6:71:8d:a0:6f:c3:5d:0b:de:3e:
b9:7f:4c:51:51:e1:2a:d8:b9:fa:54:94:a0:ec:6c:
68:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:6B:0E:10:7A:2C:9D:59:E4:A1:B2:14:78:1A:27:D3:FB:FE:23:0A
X509v3 Authority Key Identifier:
keyid:0C:10:13:79:44:E8:87:AD:07:56:9E:D4:D4:12:84:67:32:D0:AF:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DBATeUToh60HVp7U1BKEZzLQr3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/584a46-3fdc-425b-b2b6-f03aae13032f/1/p2sOEHosnVnkobIUeBon0_v-Iwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/584a46-3fdc-425b-b2b6-f03aae13032f/1/DBATeUToh60HVp7U1BKEZzLQr3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.208.52.0-213.208.63.255
Signature Algorithm: sha256WithRSAEncryption
4b:c7:e5:75:89:00:c5:ae:fe:d3:53:bc:4f:6f:c9:36:5b:fa:
17:13:17:b9:b3:0c:7a:4d:5a:f8:6a:7e:b5:d5:16:e8:93:3d:
fd:e8:59:e7:bf:f9:73:7b:1e:cf:62:f9:09:e5:74:7c:ba:51:
e1:30:e6:27:ce:4a:c2:df:1e:d3:73:b9:64:47:95:1b:12:b6:
ac:10:e5:3f:2b:48:04:5a:89:af:16:b4:75:2a:0f:d6:2a:c6:
2d:2c:7e:dc:93:95:22:40:50:81:81:ec:d5:97:7a:4c:e2:9f:
4d:9e:94:d1:22:71:d9:a4:be:90:57:d7:32:ca:91:dd:1c:95:
f5:27:16:f7:f1:2a:1f:d7:85:8c:33:1b:4a:c1:af:f9:77:97:
48:d1:6a:e6:3e:1a:6a:ec:db:dd:d6:9f:04:d1:22:a9:b2:4d:
71:b4:2e:44:20:c2:29:ee:0b:90:7a:e4:3d:c2:30:3b:21:9a:
6a:f7:f0:e9:d8:4c:ed:37:9c:10:89:50:24:38:58:ba:3c:ea:
52:64:a7:77:d5:e9:e7:3d:92:9f:92:52:bc:ac:20:dc:6b:00:
67:e6:9a:75:6d:9c:2a:73:10:81:62:55:01:7d:d3:6c:7b:be:
47:d6:c0:1f:a3:5e:ac:89:42:cb:b7:cf:73:a7:a1:32:38:23:
26:de:e5:a6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFbteZAskWU0OcF4iKiTyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMTAxMzc5NDRlODg3YWQwNzU2OWVkNGQ0MTI4NDY3MzJk
MGFmNzAwHhcNMjQwMTAxMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzZiMGUxMDdhMmM5ZDU5ZTRhMWIyMTQ3ODFhMjdkM2ZiZmUyMzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmugdG6kBtBiDtB6LtneTytoTWR1
Zo3CAjwzt8mT+XMNctgLO0uvABKWOBW06X2kY7cEyMYnysWZesdZFAiVuNoXw1D2
pSDLc1RtX12GLFOAzP8iY3rS9F2lsK5IdrBX0eGdhCkSoX4yrwJZRmh3SFZ3Rd3/
ahT/Xs3x4UwDTdxRyNRit6CuNNfJVbR0XYI1OsGBM9MSAz8V0srJmQe39fHIrDID
Eb55YG4uGPjuNYTrgDln7zW5WLV6KiBvnyRKM9VLAEn+XznsnDvos8/a2HqKv18I
ybvStE/oMZJQIvgCcT1rrOZxjaBvw10L3j65f0xRUeEq2Ln6VJSg7GxohQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKdrDhB6LJ1Z5KGyFHgaJ9P7/iMKMB8GA1UdIwQY
MBaAFAwQE3lE6IetB1ae1NQShGcy0K9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREJBVGVVVG9oNjBIVnA3VTFCS0VaekxRcjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81ODRhNDYtM2ZkYy00MjViLWIyYjYt
ZjAzYWFlMTMwMzJmLzEvcDJzT0VIb3NuVm5rb2JJVWVCb24wX3YtSXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81ODRhNDYtM2ZkYy00MjViLWIyYjYtZjAzYWFlMTMwMzJm
LzEvREJBVGVVVG9oNjBIVnA3VTFCS0VaekxRcjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALV0DQD
BAbV0AAwDQYJKoZIhvcNAQELBQADggEBAEvH5XWJAMWu/tNTvE9vyTZb+hcTF7mz
DHpNWvhqfrXVFuiTPf3oWee/+XN7Hs9i+QnldHy6UeEw5ifOSsLfHtNzuWRHlRsS
tqwQ5T8rSARaia8WtHUqD9Yqxi0sftyTlSJAUIGB7NWXekzin02elNEicdmkvpBX
1zLKkd0clfUnFvfxKh/XhYwzG0rBr/l3l0jRauY+Gmrs293WnwTRIqmyTXG0LkQg
winuC5B65D3CMDshmmr38OnYTO03nBCJUCQ4WLo86lJkp3fV6ec9kp+SUrysINxr
AGfmmnVtnCpzEIFiVQF902x7vkfWwB+jXqyJQsu3z3OnoTI4Iybe5aY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:01:28 2024 by rpki-client on console-fra.rpki-client.org