Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/K_wpDlMHblzGKbLdK2Z8WcF_RRU.roa
File: K_wpDlMHblzGKbLdK2Z8WcF_RRU.roa (raw, json)
Hash identifier: 51DeQVMxKZ9gu8H6KYOY2pRADcIAND3jmCXZrfVimkM=
Subject key identifier: 2B:FC:29:0E:53:07:6E:5C:C6:29:B2:DD:2B:66:7C:59:C1:7F:45:15
Certificate issuer: /CN=8fb620a4838ef6e21bcc26ad351262d7566eb275
Certificate serial: 018F9FBE88BFED8174F4BEDB061EEB1BB2F2
Authority key identifier: 8F:B6:20:A4:83:8E:F6:E2:1B:CC:26:AD:35:12:62:D7:56:6E:B2:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j7YgpIOO9uIbzCatNRJi11ZusnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/K_wpDlMHblzGKbLdK2Z8WcF_RRU.roa
Signing time: Wed 22 May 2024 10:00:15 +0000
ROA not before: Wed 22 May 2024 10:00:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43708
IP address blocks: 31.41.200.0/21 maxlen: 21
78.110.208.0/20 maxlen: 20
185.24.20.0/22 maxlen: 22
2a01:510::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/j7YgpIOO9uIbzCatNRJi11ZusnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/j7YgpIOO9uIbzCatNRJi11ZusnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/j7YgpIOO9uIbzCatNRJi11ZusnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Sep 2024 10:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:be:88:bf:ed:81:74:f4:be:db:06:1e:eb:1b:b2:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fb620a4838ef6e21bcc26ad351262d7566eb275
Validity
Not Before: May 22 10:00:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bfc290e53076e5cc629b2dd2b667c59c17f4515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1b:d0:59:6f:bb:10:23:35:50:c4:96:31:e2:
0e:57:8a:ee:c7:e6:41:70:34:02:bb:e3:5f:da:4c:
ea:1c:76:ba:7d:1c:14:3f:de:e0:3d:46:27:7b:95:
63:82:d3:b9:f4:54:2e:17:77:e4:b7:af:79:2e:da:
3f:b1:a8:4d:d5:87:f7:6d:75:5e:cb:54:f7:69:85:
20:ff:1c:7f:01:77:bc:c4:96:76:34:64:69:7d:fe:
6e:0c:df:a2:93:5f:b2:59:9b:3a:62:88:35:e2:68:
2b:97:8c:c9:7b:54:84:82:31:b6:57:8c:57:bf:fb:
1f:66:a8:1f:89:3b:33:7f:62:5a:12:ad:61:7e:dd:
60:26:06:11:c5:96:4a:f3:ec:f2:78:f1:f8:95:d4:
fd:24:df:19:d0:ed:f7:1e:9a:1c:75:f3:bc:24:81:
bc:a2:b7:27:40:85:b3:fb:f5:0f:77:18:bd:8f:78:
c9:63:25:73:85:23:b0:ef:31:b4:67:7e:57:df:a1:
ed:e0:6a:66:6e:87:00:af:22:e2:57:63:7c:d9:b0:
eb:72:6a:bd:e8:8b:7a:66:b9:86:0e:54:99:f0:b1:
ef:e9:e6:94:8e:e7:9c:97:9b:bf:78:86:89:0a:7d:
35:83:eb:68:e3:99:3e:b3:5c:b2:1b:0e:a4:82:35:
8c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FC:29:0E:53:07:6E:5C:C6:29:B2:DD:2B:66:7C:59:C1:7F:45:15
X509v3 Authority Key Identifier:
keyid:8F:B6:20:A4:83:8E:F6:E2:1B:CC:26:AD:35:12:62:D7:56:6E:B2:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7YgpIOO9uIbzCatNRJi11ZusnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/K_wpDlMHblzGKbLdK2Z8WcF_RRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/j7YgpIOO9uIbzCatNRJi11ZusnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.200.0/21
78.110.208.0/20
185.24.20.0/22
IPv6:
2a01:510::/32
Signature Algorithm: sha256WithRSAEncryption
89:55:5b:93:e3:21:2a:8f:97:42:95:64:08:27:8f:90:5b:30:
99:ce:b2:35:8e:cd:de:11:d3:4f:73:83:f4:22:47:8f:1f:93:
a2:4a:d9:4e:bf:f1:ba:9d:b6:3c:99:ac:b6:36:d9:99:85:1e:
b7:b7:3d:4e:c7:2c:94:6b:6d:cb:bb:a1:b6:04:6d:f0:0f:94:
3c:5e:5e:7b:fe:e7:02:bb:35:0a:d7:c3:7d:9e:41:77:3f:da:
ff:20:44:da:aa:8e:09:a4:ad:e8:ef:13:dd:67:82:a7:1e:4b:
16:c9:43:62:73:39:24:6c:0a:8a:39:8e:66:c1:fc:d9:c6:08:
49:99:63:23:be:ac:ae:d1:bc:ed:75:b4:0f:b0:f2:60:6a:90:
d8:87:5f:db:c3:88:1e:ad:dc:a0:6c:5c:bc:10:f9:31:f5:88:
a2:63:7d:f4:07:9e:f1:57:9c:c3:ea:85:b5:6f:27:9b:2d:6b:
fd:87:12:8e:f8:86:7e:4d:09:68:24:b4:60:c8:ff:79:b2:09:
42:a3:db:1d:bd:12:b5:ef:1c:81:86:a0:e7:19:cc:08:ed:7c:
8c:34:52:cc:66:56:8b:46:09:07:e3:8b:e0:2c:c2:37:df:69:
f7:e2:43:de:bc:74:dc:85:07:67:d7:3a:0f:3b:2b:53:a4:d5:
9a:b1:66:b6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY+fvoi/7YF09L7bBh7rG7LyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYjYyMGE0ODM4ZWY2ZTIxYmNjMjZhZDM1MTI2MmQ3NTY2
ZWIyNzUwHhcNMjQwNTIyMTAwMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmZjMjkwZTUzMDc2ZTVjYzYyOWIyZGQyYjY2N2M1OWMxN2Y0NTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRvQWW+7ECM1UMSWMeIOV4rux+ZB
cDQCu+Nf2kzqHHa6fRwUP97gPUYne5VjgtO59FQuF3fkt695Lto/sahN1Yf3bXVe
y1T3aYUg/xx/AXe8xJZ2NGRpff5uDN+ik1+yWZs6Yog14mgrl4zJe1SEgjG2V4xX
v/sfZqgfiTszf2JaEq1hft1gJgYRxZZK8+zyePH4ldT9JN8Z0O33HpocdfO8JIG8
orcnQIWz+/UPdxi9j3jJYyVzhSOw7zG0Z35X36Ht4GpmbocAryLiV2N82bDrcmq9
6It6ZrmGDlSZ8LHv6eaUjuecl5u/eIaJCn01g+to45k+s1yyGw6kgjWMiwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCv8KQ5TB25cximy3StmfFnBf0UVMB8GA1UdIwQY
MBaAFI+2IKSDjvbiG8wmrTUSYtdWbrJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajdZZ3BJT085dUliekNhdE5SSmkxMVp1c25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lYzM1MTItNzFiYS00NDFlLWJmZTEt
ZGE3ZDQ1YjczMmZhLzEvS193cERsTUhibHpHS2JMZEsyWjhXY0ZfUlJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lYzM1MTItNzFiYS00NDFlLWJmZTEtZGE3ZDQ1YjczMmZh
LzEvajdZZ3BJT085dUliekNhdE5SSmkxMVp1c25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHynIAwQE
Tm7QAwQCuRgUMA0EAgACMAcDBQAqAQUQMA0GCSqGSIb3DQEBCwUAA4IBAQCJVVuT
4yEqj5dClWQIJ4+QWzCZzrI1js3eEdNPc4P0IkePH5OiStlOv/G6nbY8may2NtmZ
hR63tz1OxyyUa23Lu6G2BG3wD5Q8Xl57/ucCuzUK18N9nkF3P9r/IETaqo4JpK3o
7xPdZ4KnHksWyUNiczkkbAqKOY5mwfzZxghJmWMjvqyu0bztdbQPsPJgapDYh1/b
w4gerdygbFy8EPkx9YiiY330B57xV5zD6oW1byebLWv9hxKO+IZ+TQloJLRgyP95
sglCo9sdvRK17xyBhqDnGcwI7XyMNFLMZlaLRgkH44vgLMI332n34kPevHTchQdn
1zoPOytTpNWasWa2
-----END CERTIFICATE-----
Generated at Thu Sep 19 20:13:12 2024 by rpki-client on console-ams.rpki-client.org