Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9de98e-17b4-47ff-a9c9-11c3009f44df/1/KXXr6pEJM0CFrN4VVjQp2VqBl_I.roa
File: KXXr6pEJM0CFrN4VVjQp2VqBl_I.roa (raw, json)
Hash identifier: fG/PHND7ol2Vg1nme0mnjjqFMG6SoqAZDPgrvR3nRs8=
Subject key identifier: 29:75:EB:EA:91:09:33:40:85:AC:DE:15:56:34:29:D9:5A:81:97:F2
Certificate issuer: /CN=117a04a927019c3ce2d0c9db3a314977a0a7b35c
Certificate serial: 0192E21C58A61A759A63ECDA4E0DF19E7BCF
Authority key identifier: 11:7A:04:A9:27:01:9C:3C:E2:D0:C9:DB:3A:31:49:77:A0:A7:B3:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EXoEqScBnDzi0MnbOjFJd6Cns1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/9de98e-17b4-47ff-a9c9-11c3009f44df/1/KXXr6pEJM0CFrN4VVjQp2VqBl_I.roa
Signing time: Thu 31 Oct 2024 10:26:01 +0000
ROA not before: Thu 31 Oct 2024 10:26:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211298
IP address blocks: 87.236.176.0/24 maxlen: 24
193.163.125.0/24 maxlen: 24
2a06:4880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/9de98e-17b4-47ff-a9c9-11c3009f44df/1/EXoEqScBnDzi0MnbOjFJd6Cns1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/9de98e-17b4-47ff-a9c9-11c3009f44df/1/EXoEqScBnDzi0MnbOjFJd6Cns1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/EXoEqScBnDzi0MnbOjFJd6Cns1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e2:1c:58:a6:1a:75:9a:63:ec:da:4e:0d:f1:9e:7b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117a04a927019c3ce2d0c9db3a314977a0a7b35c
Validity
Not Before: Oct 31 10:26:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2975ebea9109334085acde15563429d95a8197f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:97:97:48:4b:02:b5:7d:b5:98:6e:c8:c2:f7:
10:71:b6:7d:50:c6:6c:aa:bd:51:ad:55:64:df:6f:
4f:1b:cb:34:b5:59:ac:f1:b4:97:2a:24:bc:19:bc:
d1:53:3a:87:34:b2:49:c1:06:13:f8:77:ca:43:3c:
9b:79:5f:e3:de:9b:45:f3:e7:7a:aa:d2:96:94:30:
23:b7:95:ff:5b:3e:a4:8c:4a:7f:8b:8d:6c:54:52:
18:f5:6a:f4:81:5b:86:d2:a6:7b:10:ef:a4:49:11:
4b:a0:fa:c1:c2:f9:e7:c7:6a:6e:12:90:f9:88:28:
9f:b0:bb:15:35:be:d9:9b:71:8e:02:f6:20:3d:5e:
ec:d9:e1:1b:a1:4b:f8:2b:05:43:3c:e4:f0:8f:87:
71:af:99:0c:b2:77:67:65:26:12:81:0e:8d:0a:b6:
f5:81:f1:d3:cd:98:72:1b:f2:fc:36:d3:8d:82:2b:
9b:ae:5d:1e:32:d4:12:44:30:57:24:f8:d4:4f:31:
95:5d:19:dc:5f:d8:20:bd:b1:fa:f0:0d:ef:a0:71:
cc:bf:e7:1f:0e:94:15:8d:23:ed:46:71:be:88:b1:
fc:c8:03:9b:bc:0f:d1:dc:45:e9:74:96:a1:28:9f:
c5:34:68:90:d5:b4:69:8a:95:04:35:d0:a2:af:ce:
92:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:75:EB:EA:91:09:33:40:85:AC:DE:15:56:34:29:D9:5A:81:97:F2
X509v3 Authority Key Identifier:
keyid:11:7A:04:A9:27:01:9C:3C:E2:D0:C9:DB:3A:31:49:77:A0:A7:B3:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EXoEqScBnDzi0MnbOjFJd6Cns1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9de98e-17b4-47ff-a9c9-11c3009f44df/1/KXXr6pEJM0CFrN4VVjQp2VqBl_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9de98e-17b4-47ff-a9c9-11c3009f44df/1/EXoEqScBnDzi0MnbOjFJd6Cns1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.176.0/24
193.163.125.0/24
IPv6:
2a06:4880::/32
Signature Algorithm: sha256WithRSAEncryption
0c:75:40:b6:04:20:71:16:29:ee:57:d8:69:65:0a:6d:c1:71:
96:58:60:25:67:23:54:b5:36:e6:1a:6e:58:17:5d:c6:5b:13:
ee:22:33:a5:33:a3:a6:10:f8:8f:d8:4b:a7:45:b1:7e:e0:86:
96:19:e9:ec:9e:4e:10:76:79:8d:36:e8:6b:0a:5a:c1:07:36:
34:d4:f5:0a:35:c7:c3:c6:9e:ab:e4:65:f7:4b:06:34:b4:b2:
5d:ea:80:35:88:42:34:fc:3c:c9:92:2a:bc:f7:df:28:74:ac:
1c:ad:27:e6:3a:4f:e2:b5:07:80:a3:44:1f:78:4b:02:d7:76:
fe:9f:cd:f3:98:97:db:33:52:8d:52:5a:6d:d0:37:72:83:ac:
02:36:4e:e0:13:f7:90:72:38:aa:2b:a8:e4:ca:82:ed:4d:60:
aa:4c:56:b8:db:bd:30:21:50:fc:fd:83:49:84:b0:e0:5d:c4:
4e:da:9b:b3:de:00:ce:8d:ae:90:37:83:34:e4:ac:60:2d:09:
d7:c3:46:25:1a:91:09:70:b9:29:55:aa:bd:2b:45:d8:2f:69:
37:b5:f1:ee:23:97:cf:ac:db:c1:be:65:40:7b:ee:53:5e:c5:
43:11:7d:1d:1c:84:36:a4:7f:b3:88:12:e5:3f:a7:42:3b:e6:
ad:3f:46:28
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZLiHFimGnWaY+zaTg3xnnvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2EwNGE5MjcwMTljM2NlMmQwYzlkYjNhMzE0OTc3YTBh
N2IzNWMwHhcNMjQxMDMxMTAyNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTc1ZWJlYTkxMDkzMzQwODVhY2RlMTU1NjM0MjlkOTVhODE5N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpeXSEsCtX21mG7IwvcQcbZ9UMZs
qr1RrVVk329PG8s0tVms8bSXKiS8GbzRUzqHNLJJwQYT+HfKQzybeV/j3ptF8+d6
qtKWlDAjt5X/Wz6kjEp/i41sVFIY9Wr0gVuG0qZ7EO+kSRFLoPrBwvnnx2puEpD5
iCifsLsVNb7Zm3GOAvYgPV7s2eEboUv4KwVDPOTwj4dxr5kMsndnZSYSgQ6NCrb1
gfHTzZhyG/L8NtONgiubrl0eMtQSRDBXJPjUTzGVXRncX9ggvbH68A3voHHMv+cf
DpQVjSPtRnG+iLH8yAObvA/R3EXpdJahKJ/FNGiQ1bRpipUENdCir86S0wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCl16+qRCTNAhazeFVY0KdlagZfyMB8GA1UdIwQY
MBaAFBF6BKknAZw84tDJ2zoxSXegp7NcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVhvRXFTY0JuRHppME1uYk9qRkpkNkNuczF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85ZGU5OGUtMTdiNC00N2ZmLWE5Yzkt
MTFjMzAwOWY0NGRmLzEvS1hYcjZwRUpNMENGck40VlZqUXAyVnFCbF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85ZGU5OGUtMTdiNC00N2ZmLWE5YzktMTFjMzAwOWY0NGRm
LzEvRVhvRXFTY0JuRHppME1uYk9qRkpkNkNuczF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAV+ywAwQA
waN9MA0EAgACMAcDBQAqBkiAMA0GCSqGSIb3DQEBCwUAA4IBAQAMdUC2BCBxFinu
V9hpZQptwXGWWGAlZyNUtTbmGm5YF13GWxPuIjOlM6OmEPiP2EunRbF+4IaWGens
nk4QdnmNNuhrClrBBzY01PUKNcfDxp6r5GX3SwY0tLJd6oA1iEI0/DzJkiq8998o
dKwcrSfmOk/itQeAo0QfeEsC13b+n83zmJfbM1KNUlpt0Ddyg6wCNk7gE/eQcjiq
K6jkyoLtTWCqTFa4270wIVD8/YNJhLDgXcRO2puz3gDOja6QN4M05KxgLQnXw0Yl
GpEJcLkpVaq9K0XYL2k3tfHuI5fPrNvBvmVAe+5TXsVDEX0dHIQ2pH+ziBLlP6dC
O+atP0Yo
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:12:14 2024 by rpki-client on console-fra.rpki-client.org