Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/kHEeKE6TgxrOJerD-_ZXw-D5vjg.roa
File: kHEeKE6TgxrOJerD-_ZXw-D5vjg.roa (raw, json)
Hash identifier: RWbQV5MQo5FT3Cm1pl/JMVADI60RB0vYV0kYhmIAzNw=
Subject key identifier: 90:71:1E:28:4E:93:83:1A:CE:25:EA:C3:FB:F6:57:C3:E0:F9:BE:38
Certificate issuer: /CN=6401adedbc9c8f1c6cf2389fc7f741edf4f19f2c
Certificate serial: 0194266B5C4BB390C508C49AC1BB7478BB1F
Authority key identifier: 64:01:AD:ED:BC:9C:8F:1C:6C:F2:38:9F:C7:F7:41:ED:F4:F1:9F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAGt7bycjxxs8jifx_dB7fTxnyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/kHEeKE6TgxrOJerD-_ZXw-D5vjg.roa
Signing time: Thu 02 Jan 2025 09:49:17 +0000
ROA not before: Thu 02 Jan 2025 09:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208666
IP address blocks: 31.193.185.0/24 maxlen: 24
83.229.2.0/24 maxlen: 24
147.236.164.0/24 maxlen: 24
147.236.165.0/24 maxlen: 24
213.255.192.0/24 maxlen: 24
2a09:b300::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/ZAGt7bycjxxs8jifx_dB7fTxnyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/ZAGt7bycjxxs8jifx_dB7fTxnyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZAGt7bycjxxs8jifx_dB7fTxnyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:5c:4b:b3:90:c5:08:c4:9a:c1:bb:74:78:bb:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6401adedbc9c8f1c6cf2389fc7f741edf4f19f2c
Validity
Not Before: Jan 2 09:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90711e284e93831ace25eac3fbf657c3e0f9be38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:93:30:1c:cc:0e:43:92:34:fa:07:dc:27:a0:
ee:69:82:4c:49:d6:bf:73:56:9a:96:ff:eb:e0:fa:
4f:a1:cb:ef:c7:fe:03:5e:f2:67:be:84:63:81:8e:
fb:0f:0b:f4:50:20:b4:8d:55:c0:4b:5a:3a:70:42:
88:57:f4:1d:88:e1:8f:59:93:d5:72:15:81:18:7a:
1f:c0:67:0b:24:6e:4d:2a:d0:eb:ff:14:11:7a:b9:
a2:81:2e:d0:fb:5d:8e:93:cf:c3:54:9c:36:2d:92:
46:e1:0d:b3:58:54:0b:21:fc:2e:bc:89:8a:89:cf:
7a:56:13:b9:bc:79:ad:45:72:2c:a5:5d:9d:13:ed:
e1:ba:a9:b1:f7:88:8d:26:ac:f7:29:63:a9:77:8a:
d1:29:cc:81:fc:52:e0:c7:d2:26:4b:56:c5:32:69:
c6:e5:ff:0a:45:17:a7:d8:0b:19:8d:51:c2:f4:f6:
32:47:b8:03:b0:b4:93:d1:f8:89:72:75:f0:50:45:
62:5f:7e:5e:9f:43:5b:cf:47:e0:65:10:25:cb:a2:
f1:18:4b:29:4b:2a:b8:e1:6c:83:1a:84:c9:f4:cb:
8b:67:69:59:05:15:76:33:13:d5:31:0f:8a:62:2c:
27:82:88:55:cc:28:3c:8c:e8:c5:bc:47:f3:f6:21:
c7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:71:1E:28:4E:93:83:1A:CE:25:EA:C3:FB:F6:57:C3:E0:F9:BE:38
X509v3 Authority Key Identifier:
keyid:64:01:AD:ED:BC:9C:8F:1C:6C:F2:38:9F:C7:F7:41:ED:F4:F1:9F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAGt7bycjxxs8jifx_dB7fTxnyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/kHEeKE6TgxrOJerD-_ZXw-D5vjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/ZAGt7bycjxxs8jifx_dB7fTxnyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.185.0/24
83.229.2.0/24
147.236.164.0/23
213.255.192.0/24
IPv6:
2a09:b300::/29
Signature Algorithm: sha256WithRSAEncryption
74:aa:7e:96:f7:1d:b1:eb:f2:7f:a3:1d:8e:b0:34:e6:00:8e:
3b:4d:a5:c6:d9:21:24:23:f4:9c:51:d3:8e:2b:28:59:9f:27:
e5:a3:b4:e5:c2:84:b3:4b:ee:91:34:ba:dc:ce:20:c7:6c:1f:
c6:5a:ce:e0:06:a1:30:51:e5:c9:0d:08:3f:3d:55:2a:e0:c5:
a1:62:54:06:0f:e8:f1:23:24:ea:07:0d:cf:86:1d:25:fa:d6:
5f:cb:24:6c:f1:04:9d:9a:50:4e:bb:e1:e3:2e:66:06:3a:fd:
20:63:65:b8:12:44:90:a7:6c:ab:4e:76:f5:20:3b:81:63:43:
f4:f9:7b:80:7d:8a:2d:85:a6:b2:0c:67:26:d1:3b:bd:35:b9:
7d:ef:93:d4:40:27:49:7c:cd:e4:95:0f:fb:e1:eb:e2:c8:f2:
a3:de:75:97:a6:e5:b9:40:0d:15:d1:97:cd:c6:52:42:ef:b8:
2b:17:2f:b5:3b:2d:c0:46:e0:b2:d0:3c:8d:8c:04:b1:9a:e8:
95:9c:c2:4c:1c:fd:df:07:da:4b:b6:f3:03:bd:34:85:4d:f0:
e1:20:7b:f6:98:6b:84:0e:12:f3:ce:01:c7:88:9b:90:a0:63:
40:00:bc:39:b5:68:31:67:b6:d9:b5:95:67:8b:47:fa:51:0a:
9e:1d:31:3b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQma1xLs5DFCMSawbt0eLsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MDFhZGVkYmM5YzhmMWM2Y2YyMzg5ZmM3Zjc0MWVkZjRm
MTlmMmMwHhcNMjUwMTAyMDk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDcxMWUyODRlOTM4MzFhY2UyNWVhYzNmYmY2NTdjM2UwZjliZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5MwHMwOQ5I0+gfcJ6DuaYJMSda/
c1aalv/r4PpPocvvx/4DXvJnvoRjgY77Dwv0UCC0jVXAS1o6cEKIV/QdiOGPWZPV
chWBGHofwGcLJG5NKtDr/xQRermigS7Q+12Ok8/DVJw2LZJG4Q2zWFQLIfwuvImK
ic96VhO5vHmtRXIspV2dE+3huqmx94iNJqz3KWOpd4rRKcyB/FLgx9ImS1bFMmnG
5f8KRRen2AsZjVHC9PYyR7gDsLST0fiJcnXwUEViX35en0Nbz0fgZRAly6LxGEsp
Syq44WyDGoTJ9MuLZ2lZBRV2MxPVMQ+KYiwngohVzCg8jOjFvEfz9iHH7wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJBxHihOk4MaziXqw/v2V8Pg+b44MB8GA1UdIwQY
MBaAFGQBre28nI8cbPI4n8f3Qe308Z8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkFHdDdieWNqeHhzOGppZnhfZEI3ZlR4bnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS85OGM4NjAtNTI5OC00ODQ2LWJlYWEt
MzU2YzA5NmJjNmY5LzEva0hFZUtFNlRneHJPSmVyRC1fWlh3LUQ1dmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS85OGM4NjAtNTI5OC00ODQ2LWJlYWEtMzU2YzA5NmJjNmY5
LzEvWkFHdDdieWNqeHhzOGppZnhfZEI3ZlR4bnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAH8G5AwQA
U+UCAwQBk+ykAwQA1f/AMA0EAgACMAcDBQMqCbMAMA0GCSqGSIb3DQEBCwUAA4IB
AQB0qn6W9x2x6/J/ox2OsDTmAI47TaXG2SEkI/ScUdOOKyhZnyflo7TlwoSzS+6R
NLrcziDHbB/GWs7gBqEwUeXJDQg/PVUq4MWhYlQGD+jxIyTqBw3Phh0l+tZfyyRs
8QSdmlBOu+HjLmYGOv0gY2W4EkSQp2yrTnb1IDuBY0P0+XuAfYothaayDGcm0Tu9
Nbl975PUQCdJfM3klQ/74eviyPKj3nWXpuW5QA0V0ZfNxlJC77grFy+1Oy3ARuCy
0DyNjASxmuiVnMJMHP3fB9pLtvMDvTSFTfDhIHv2mGuEDhLzzgHHiJuQoGNAALw5
tWgxZ7bZtZVni0f6UQqeHTE7
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:29 2025 by rpki-client