Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/kTN5uCN1kBVIV9ML4QW_okwLWRY.roa
File: kTN5uCN1kBVIV9ML4QW_okwLWRY.roa (raw, json)
Hash identifier: VU4ByTwJlQqqbN++NzQJIy+V8pIa/KVYoUbzEOum8W0=
Subject key identifier: 91:33:79:B8:23:75:90:15:48:57:D3:0B:E1:05:BF:A2:4C:0B:59:16
Certificate issuer: /CN=89e21a2b8a25b971bdb741a0aae325992304194e
Certificate serial: 018CC6B7FEEA5D25C4979E03FE4D43111A48
Authority key identifier: 89:E2:1A:2B:8A:25:B9:71:BD:B7:41:A0:AA:E3:25:99:23:04:19:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ieIaK4oluXG9t0GgquMlmSMEGU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/kTN5uCN1kBVIV9ML4QW_okwLWRY.roa
Signing time: Mon 01 Jan 2024 20:29:56 +0000
ROA not before: Mon 01 Jan 2024 20:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397966
IP address blocks: 193.25.215.0/24 maxlen: 24
193.25.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/ieIaK4oluXG9t0GgquMlmSMEGU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/ieIaK4oluXG9t0GgquMlmSMEGU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ieIaK4oluXG9t0GgquMlmSMEGU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:fe:ea:5d:25:c4:97:9e:03:fe:4d:43:11:1a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89e21a2b8a25b971bdb741a0aae325992304194e
Validity
Not Before: Jan 1 20:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=913379b8237590154857d30be105bfa24c0b5916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7e:9b:34:08:e6:2a:88:01:f0:d9:33:5a:75:
7e:3e:7d:52:e5:39:bb:b6:50:89:0f:4e:67:3b:0a:
2a:ad:7a:ee:1d:68:ad:7d:fe:a5:10:07:e3:9d:2a:
e3:7e:b1:26:73:4b:ab:b9:ae:1a:45:7a:48:73:c8:
ce:5f:6b:ad:fb:b2:29:58:2e:03:58:f2:28:09:d1:
a0:19:27:c6:35:14:26:18:38:eb:81:9f:33:69:3a:
18:b6:7c:86:69:c3:fc:e0:da:37:e0:f7:2c:e2:f2:
ac:c2:7a:6d:d0:2e:57:71:4e:e3:db:ce:45:81:44:
49:d1:2f:e1:05:8c:1d:f2:c3:a7:c6:6c:0e:76:85:
49:4f:f7:28:6d:76:3b:70:7e:b9:21:57:a3:81:84:
42:ee:d3:ec:b9:5c:9b:c3:f9:0e:86:8a:b8:ca:d0:
c7:37:41:f1:0f:20:87:e2:b9:28:f6:74:8b:da:c3:
d1:1f:a8:33:6b:c1:ab:50:ae:20:f8:0f:07:5f:ff:
38:e9:5f:e5:81:79:f1:15:fe:00:be:f3:75:f2:97:
33:c8:a0:90:b8:b3:68:62:8a:74:7f:58:2f:ee:5f:
26:d3:f8:0f:ce:14:99:44:3a:ae:05:02:3c:bd:39:
eb:b8:a0:ec:1e:9f:d0:34:0f:48:bd:63:dc:9b:8d:
79:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:33:79:B8:23:75:90:15:48:57:D3:0B:E1:05:BF:A2:4C:0B:59:16
X509v3 Authority Key Identifier:
keyid:89:E2:1A:2B:8A:25:B9:71:BD:B7:41:A0:AA:E3:25:99:23:04:19:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ieIaK4oluXG9t0GgquMlmSMEGU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/kTN5uCN1kBVIV9ML4QW_okwLWRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/406991-5be3-4a05-acb2-1ad47ccd2d9a/1/ieIaK4oluXG9t0GgquMlmSMEGU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.214.0/23
Signature Algorithm: sha256WithRSAEncryption
21:aa:da:94:25:19:db:54:0d:3c:61:37:0c:c3:4b:b8:1a:ee:
37:cc:d8:af:46:2f:a2:d4:15:67:52:18:de:80:2f:ef:ac:2a:
17:11:b3:b4:75:00:8e:bc:21:ad:4b:33:07:29:69:94:f0:57:
2f:29:11:ff:b6:2d:3e:44:db:8a:7e:2b:2d:bc:0d:3e:90:0e:
15:10:69:11:53:52:e4:f5:e5:b3:ff:42:6e:ad:11:52:13:85:
49:58:ae:38:31:6c:2a:8a:97:bc:39:79:94:2c:ef:5a:cc:c8:
9b:77:0c:a3:20:98:6e:b2:1c:de:52:2d:9b:46:25:52:d0:39:
7a:46:c9:bd:ac:81:b3:9d:15:ab:44:26:79:86:a0:94:68:ae:
90:c5:fc:23:8a:a2:6d:1b:21:83:ac:13:07:54:6a:05:52:c9:
0a:c0:25:ce:a7:9b:b5:69:a0:86:da:36:04:62:6b:a5:b6:73:
c2:0b:42:f1:3f:d7:2e:37:c9:0b:d7:3d:09:5b:73:8c:b2:1a:
45:3e:97:51:06:aa:5b:30:97:71:18:97:b9:4c:6b:70:cb:32:
5f:c9:7e:ec:2d:c3:7a:01:8f:bd:08:65:a9:84:4b:ba:3c:b4:
1e:1a:20:34:4a:e8:7c:0c:61:41:fc:49:ba:c2:66:46:fe:12:
a5:e2:91:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt/7qXSXEl54D/k1DERpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZTIxYTJiOGEyNWI5NzFiZGI3NDFhMGFhZTMyNTk5MjMw
NDE5NGUwHhcNMjQwMTAxMjAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTMzNzliODIzNzU5MDE1NDg1N2QzMGJlMTA1YmZhMjRjMGI1OTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjn6bNAjmKogB8NkzWnV+Pn1S5Tm7
tlCJD05nOwoqrXruHWitff6lEAfjnSrjfrEmc0urua4aRXpIc8jOX2ut+7IpWC4D
WPIoCdGgGSfGNRQmGDjrgZ8zaToYtnyGacP84No34Pcs4vKswnpt0C5XcU7j285F
gURJ0S/hBYwd8sOnxmwOdoVJT/cobXY7cH65IVejgYRC7tPsuVybw/kOhoq4ytDH
N0HxDyCH4rko9nSL2sPRH6gza8GrUK4g+A8HX/846V/lgXnxFf4AvvN18pczyKCQ
uLNoYop0f1gv7l8m0/gPzhSZRDquBQI8vTnruKDsHp/QNA9IvWPcm415mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEzebgjdZAVSFfTC+EFv6JMC1kWMB8GA1UdIwQY
MBaAFIniGiuKJblxvbdBoKrjJZkjBBlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWVJYUs0b2x1WEc5dDBHZ3F1TWxtU01FR1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80MDY5OTEtNWJlMy00YTA1LWFjYjIt
MWFkNDdjY2QyZDlhLzEva1RONXVDTjFrQlZJVjlNTDRRV19va3dMV1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80MDY5OTEtNWJlMy00YTA1LWFjYjItMWFkNDdjY2QyZDlh
LzEvaWVJYUs0b2x1WEc5dDBHZ3F1TWxtU01FR1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwRnWMA0G
CSqGSIb3DQEBCwUAA4IBAQAhqtqUJRnbVA08YTcMw0u4Gu43zNivRi+i1BVnUhje
gC/vrCoXEbO0dQCOvCGtSzMHKWmU8FcvKRH/ti0+RNuKfistvA0+kA4VEGkRU1Lk
9eWz/0JurRFSE4VJWK44MWwqipe8OXmULO9azMibdwyjIJhushzeUi2bRiVS0Dl6
Rsm9rIGznRWrRCZ5hqCUaK6QxfwjiqJtGyGDrBMHVGoFUskKwCXOp5u1aaCG2jYE
YmultnPCC0LxP9cuN8kL1z0JW3OMshpFPpdRBqpbMJdxGJe5TGtwyzJfyX7sLcN6
AY+9CGWphEu6PLQeGiA0Suh8DGFB/Em6wmZG/hKl4pEs
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:49:38 2024 by rpki-client on console-fra.rpki-client.org