Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/KaCegasFgxT8bYX47Z3-ckVY4lI.roa
File: KaCegasFgxT8bYX47Z3-ckVY4lI.roa (raw, json)
Hash identifier: xxhtHhB4NHtt9HiM6rxn3MaBwQpaB6IwAEf02HAzSqs=
Subject key identifier: 29:A0:9E:81:AB:05:83:14:FC:6D:85:F8:ED:9D:FE:72:45:58:E2:52
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018F76E00C655B1595FC93CEF07DA99A12B5
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/KaCegasFgxT8bYX47Z3-ckVY4lI.roa
Signing time: Tue 14 May 2024 11:32:25 +0000
ROA not before: Tue 14 May 2024 11:32:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 212.5.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:e0:0c:65:5b:15:95:fc:93:ce:f0:7d:a9:9a:12:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: May 14 11:32:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29a09e81ab058314fc6d85f8ed9dfe724558e252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:42:a9:19:8d:72:83:c6:42:d7:5d:6e:d7:cb:
24:6a:b9:92:4e:23:82:e0:c6:95:0e:d5:4d:4e:3b:
98:2f:66:8b:9c:77:f3:36:22:4b:5a:b4:45:87:61:
81:b4:2f:8f:b6:59:3f:0e:1f:40:b2:41:f2:d8:48:
09:be:c2:02:e6:88:0a:30:b9:f3:e5:ce:6e:f5:17:
42:dc:a9:69:a3:54:d6:9e:c9:1c:66:5a:90:6c:b2:
35:51:ec:85:3c:14:61:9e:d9:1c:f0:c9:ea:04:e4:
df:9b:51:aa:19:15:3a:a6:02:ba:99:ba:c1:95:45:
7a:26:5e:0b:51:5a:df:de:eb:d3:f8:29:9c:af:e8:
c0:da:ca:64:c9:4b:e4:c5:60:24:57:5d:6c:87:c3:
cc:0f:b9:dd:9f:81:1c:41:ba:61:9c:cf:9e:12:11:
f5:36:f1:47:3f:97:e1:13:12:c0:c8:17:31:67:ce:
97:0b:a7:aa:d3:ac:43:32:d4:8a:b1:98:68:0b:27:
60:be:27:71:d3:16:d8:a2:64:cd:2d:0a:75:1f:fd:
fb:83:62:84:5d:d7:c7:85:0b:61:ca:6a:7e:ce:a1:
58:a1:f2:87:fd:fe:b2:80:c3:2c:c5:b8:a2:50:ce:
19:aa:46:48:73:00:c9:30:e9:41:b1:62:a7:cd:d0:
c4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A0:9E:81:AB:05:83:14:FC:6D:85:F8:ED:9D:FE:72:45:58:E2:52
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/KaCegasFgxT8bYX47Z3-ckVY4lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.5.156.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:99:3a:00:8a:f5:cf:01:d1:23:44:1d:da:fe:a6:a0:7c:85:
47:76:3e:ec:00:8c:8a:b0:32:96:7f:93:13:27:fc:2c:2d:54:
c5:39:a2:6a:4b:bc:53:df:c5:ca:a9:31:c1:f6:ed:2d:70:fd:
e4:20:af:a5:4f:b7:99:f4:51:01:23:c2:bd:a6:99:53:c8:76:
18:f7:d2:ba:42:dc:70:23:05:16:49:98:3e:df:7e:cc:ac:5f:
77:af:62:90:30:9c:f4:e1:a7:e3:1d:5b:45:be:53:6a:4b:fa:
c5:e4:82:4c:28:0c:65:66:3d:06:aa:5a:88:07:c1:45:4f:7b:
a9:7e:de:8f:fa:58:0a:09:b0:28:a1:52:21:2b:f5:35:3e:d2:
0a:e3:9f:17:ea:97:c4:11:3b:68:97:76:76:17:c0:da:cf:bf:
fb:cb:0e:fd:e1:f8:32:4a:7c:a9:7e:1e:25:42:96:05:98:00:
59:6e:2d:d6:2a:d6:5a:9b:ff:3c:d1:63:34:c7:20:d5:c6:5c:
80:df:8c:bf:0a:c1:68:f2:c4:da:c6:83:94:80:06:fb:13:64:
a3:64:fb:68:10:e0:f3:79:07:24:6a:70:9d:ff:38:90:00:e7:
dd:7e:3a:06:1d:0e:e9:5b:66:96:c3:b3:c5:00:19:0a:fe:e8:
c8:da:98:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY924AxlWxWV/JPO8H2pmhK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwNTE0MTEzMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWEwOWU4MWFiMDU4MzE0ZmM2ZDg1ZjhlZDlkZmU3MjQ1NThlMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0KpGY1yg8ZC111u18skarmSTiOC
4MaVDtVNTjuYL2aLnHfzNiJLWrRFh2GBtC+Ptlk/Dh9AskHy2EgJvsIC5ogKMLnz
5c5u9RdC3Klpo1TWnskcZlqQbLI1UeyFPBRhntkc8MnqBOTfm1GqGRU6pgK6mbrB
lUV6Jl4LUVrf3uvT+Cmcr+jA2spkyUvkxWAkV11sh8PMD7ndn4EcQbphnM+eEhH1
NvFHP5fhExLAyBcxZ86XC6eq06xDMtSKsZhoCydgvidx0xbYomTNLQp1H/37g2KE
XdfHhQthymp+zqFYofKH/f6ygMMsxbiiUM4ZqkZIcwDJMOlBsWKnzdDEQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmgnoGrBYMU/G2F+O2d/nJFWOJSMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvS2FDZWdhc0ZneFQ4YllYNDdaMy1ja1ZZNGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1AWcMA0G
CSqGSIb3DQEBCwUAA4IBAQCdmToAivXPAdEjRB3a/qagfIVHdj7sAIyKsDKWf5MT
J/wsLVTFOaJqS7xT38XKqTHB9u0tcP3kIK+lT7eZ9FEBI8K9pplTyHYY99K6Qtxw
IwUWSZg+337MrF93r2KQMJz04afjHVtFvlNqS/rF5IJMKAxlZj0GqlqIB8FFT3up
ft6P+lgKCbAooVIhK/U1PtIK458X6pfEETtol3Z2F8Daz7/7yw794fgySnypfh4l
QpYFmABZbi3WKtZam/880WM0xyDVxlyA34y/CsFo8sTaxoOUgAb7E2SjZPtoEODz
eQckanCd/ziQAOfdfjoGHQ7pW2aWw7PFABkK/ujI2ph6
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:55:43 2024 by rpki-client on console-ams.rpki-client.org