Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/kFi5O3GWcS_qsqCi-fKokbI9Jdw.roa
File: kFi5O3GWcS_qsqCi-fKokbI9Jdw.roa (raw, json)
Hash identifier: 8RI4kDieA2UHJkWWS78+WwE0uZDUoIk4Spnyx+8ciek=
Subject key identifier: 90:58:B9:3B:71:96:71:2F:EA:B2:A0:A2:F9:F2:A8:91:B2:3D:25:DC
Certificate issuer: /CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Certificate serial: 019256DB59F25CA10FCC14AEA6CF565C9ED7
Authority key identifier: EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/kFi5O3GWcS_qsqCi-fKokbI9Jdw.roa
Signing time: Fri 04 Oct 2024 09:27:48 +0000
ROA not before: Fri 04 Oct 2024 09:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42656
IP address blocks: 5.134.208.0/21 maxlen: 24
91.194.188.0/23 maxlen: 24
91.207.14.0/23 maxlen: 24
193.203.222.0/23 maxlen: 24
2a02:dc8::/30 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:db:59:f2:5c:a1:0f:cc:14:ae:a6:cf:56:5c:9e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Validity
Not Before: Oct 4 09:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9058b93b7196712feab2a0a2f9f2a891b23d25dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5c:cc:95:03:39:fc:a2:02:ff:19:32:e7:94:
af:89:a2:17:fa:d1:6b:67:4a:30:35:f7:6f:4d:65:
3d:88:98:87:bc:fe:cd:68:1c:04:f0:7c:68:db:11:
7e:80:ff:8e:a8:f6:6d:56:38:cc:63:aa:4f:ee:5a:
bd:62:43:3e:93:ad:5a:de:57:64:b0:03:a2:f5:f5:
88:9c:4c:ab:c9:c7:78:69:d8:b7:a3:46:8b:22:f9:
ff:dc:d8:6d:b4:39:0f:d1:6e:53:f8:e7:d5:1d:e2:
86:4e:ad:52:41:d9:04:43:14:c7:d4:d2:3b:24:00:
f7:be:ed:39:e9:6f:00:2b:26:3d:e4:1b:84:ee:c8:
40:d9:dc:74:91:21:42:91:90:83:f9:ea:1c:21:31:
78:03:29:67:c3:1a:87:4c:36:37:ef:b6:db:12:7a:
b5:9b:5c:07:d0:6a:13:44:37:35:55:5a:eb:3d:19:
da:50:be:c1:7d:00:9b:a6:54:c2:72:b0:ef:12:89:
94:f8:85:be:bd:ff:3d:54:79:c2:c5:1c:91:40:40:
25:e1:2b:9b:e1:b9:9a:14:28:56:4b:79:ee:7a:e3:
3b:6d:25:b4:a6:d5:a9:fd:60:33:23:91:10:97:29:
3d:b9:0c:7e:8b:f0:a6:9d:7c:bb:37:56:bc:6e:95:
59:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:58:B9:3B:71:96:71:2F:EA:B2:A0:A2:F9:F2:A8:91:B2:3D:25:DC
X509v3 Authority Key Identifier:
keyid:EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/kFi5O3GWcS_qsqCi-fKokbI9Jdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.208.0/21
91.194.188.0/23
91.207.14.0/23
193.203.222.0/23
IPv6:
2a02:dc8::/30
Signature Algorithm: sha256WithRSAEncryption
1e:ed:e9:de:9b:0d:52:48:a3:84:b3:33:5a:8a:03:0b:bf:2c:
26:d2:58:8c:9c:7b:41:fc:59:da:ee:87:14:a5:7e:42:7f:48:
ea:6d:07:48:5a:ea:e1:85:d7:99:8d:9f:22:44:8c:5c:e3:f4:
19:3c:b4:5a:74:ab:86:81:48:de:f4:53:eb:48:d9:59:57:a9:
ae:a9:7e:8b:72:59:33:16:90:91:71:be:fe:55:18:21:ed:a4:
f3:9a:ba:0b:01:52:80:fc:d6:7a:9d:88:2a:11:84:17:eb:30:
53:b2:10:40:fe:60:b8:ab:94:81:59:77:c0:3b:38:a5:cb:bf:
a8:a0:46:6a:7a:5f:a5:14:c7:93:25:17:df:e7:5f:21:db:38:
50:b2:9b:ff:46:10:66:5f:58:fd:8d:ad:ec:28:a8:f5:db:62:
3c:01:98:99:43:e7:64:84:6c:fb:03:7c:ec:fc:c7:34:38:0e:
5d:7a:40:93:20:b6:92:2f:5b:51:ba:ac:fe:2a:98:a1:6d:cc:
24:54:d8:9d:00:31:6b:0c:b7:34:38:96:14:1c:82:fd:80:11:
c9:dc:75:33:c5:fd:79:1f:8a:10:95:6f:f7:df:32:1f:59:4d:
be:2e:1d:30:63:bf:09:8a:34:7d:74:42:29:e5:15:3a:ed:3e:
c3:5c:3c:cc
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZJW21nyXKEPzBSups9WXJ7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjOWIwOTMxMTE4ZjA4YmY0YTM0YjNlMDUyZmQ4ZjhhNWMx
ZWNhYjAwHhcNMjQxMDA0MDkyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDU4YjkzYjcxOTY3MTJmZWFiMmEwYTJmOWYyYTg5MWIyM2QyNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFzMlQM5/KIC/xky55SviaIX+tFr
Z0owNfdvTWU9iJiHvP7NaBwE8Hxo2xF+gP+OqPZtVjjMY6pP7lq9YkM+k61a3ldk
sAOi9fWInEyrycd4adi3o0aLIvn/3NhttDkP0W5T+OfVHeKGTq1SQdkEQxTH1NI7
JAD3vu056W8AKyY95BuE7shA2dx0kSFCkZCD+eocITF4AylnwxqHTDY377bbEnq1
m1wH0GoTRDc1VVrrPRnaUL7BfQCbplTCcrDvEomU+IW+vf89VHnCxRyRQEAl4Sub
4bmaFChWS3nueuM7bSW0ptWp/WAzI5EQlyk9uQx+i/CmnXy7N1a8bpVZwQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJBYuTtxlnEv6rKgovnyqJGyPSXcMB8GA1UdIwQY
MBaAFOybCTERjwi/SjSz4FL9j4pcHsqwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0pzSk1SR1BDTDlLTkxQZ1V2MlBpbHdleXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8wNzc2YTItNWU4OS00ZTJjLTkzNzAt
NWIzMDRlZWMwMDI1LzEva0ZpNU8zR1djU19xc3FDaS1mS29rYkk5SmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8wNzc2YTItNWU4OS00ZTJjLTkzNzAtNWIzMDRlZWMwMDI1
LzEvN0pzSk1SR1BDTDlLTkxQZ1V2MlBpbHdleXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBYbQAwQB
W8K8AwQBW88OAwQBwcveMA0EAgACMAcDBQIqAg3IMA0GCSqGSIb3DQEBCwUAA4IB
AQAe7enemw1SSKOEszNaigMLvywm0liMnHtB/Fna7ocUpX5Cf0jqbQdIWurhhdeZ
jZ8iRIxc4/QZPLRadKuGgUje9FPrSNlZV6muqX6LclkzFpCRcb7+VRgh7aTzmroL
AVKA/NZ6nYgqEYQX6zBTshBA/mC4q5SBWXfAOzily7+ooEZqel+lFMeTJRff518h
2zhQspv/RhBmX1j9ja3sKKj122I8AZiZQ+dkhGz7A3zs/Mc0OA5dekCTILaSL1tR
uqz+KpihbcwkVNidADFrDLc0OJYUHIL9gBHJ3HUzxf15H4oQlW/33zIfWU2+Lh0w
Y78JijR9dEIp5RU67T7DXDzM
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:02:12 2024 by rpki-client on console-fra.rpki-client.org