Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/kEruSpH_Y-iayzvxXckOF_1kawA.roa
File: kEruSpH_Y-iayzvxXckOF_1kawA.roa (raw, json)
Hash identifier: g4njCuS7sLdgZoc/fR5UTCT8B+4c1uEATEPUNu/kyUc=
Subject key identifier: 90:4A:EE:4A:91:FF:63:E8:9A:CB:3B:F1:5D:C9:0E:17:FD:64:6B:00
Certificate issuer: /CN=82e39681c5aaefb35e54f4ad8afa428d4ffde06a
Certificate serial: 018CC8DE9C3E93D4096055C08F3138940158
Authority key identifier: 82:E3:96:81:C5:AA:EF:B3:5E:54:F4:AD:8A:FA:42:8D:4F:FD:E0:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/kEruSpH_Y-iayzvxXckOF_1kawA.roa
Signing time: Tue 02 Jan 2024 06:31:21 +0000
ROA not before: Tue 02 Jan 2024 06:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47576
IP address blocks: 89.207.144.0/22 maxlen: 22
185.251.96.0/22 maxlen: 22
2a0c:18c0::/32 maxlen: 32
2a02:2410::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/guOWgcWq77NeVPStivpCjU_94Go.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/guOWgcWq77NeVPStivpCjU_94Go.mft
rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:9c:3e:93:d4:09:60:55:c0:8f:31:38:94:01:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e39681c5aaefb35e54f4ad8afa428d4ffde06a
Validity
Not Before: Jan 2 06:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=904aee4a91ff63e89acb3bf15dc90e17fd646b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b3:db:1d:87:7f:58:c7:11:c2:6e:a7:dc:39:
9f:c9:0c:bb:26:83:23:b7:0b:0e:74:b1:63:7e:7e:
b6:1f:d3:45:ee:25:d9:48:bc:48:5e:ce:85:23:d9:
d4:31:c7:de:90:7f:d7:23:7f:e9:14:f2:2b:88:85:
61:e2:0d:3a:b8:7d:9b:1b:a5:9b:ea:cf:79:c8:36:
f2:39:f6:c9:45:a5:43:ab:fe:b1:e4:3e:ee:13:05:
f8:b2:55:93:1a:da:d8:e4:63:60:66:65:c2:41:f5:
45:e9:36:05:a7:2d:64:ba:ae:58:76:e7:78:ed:29:
89:ff:5d:b7:ee:f7:0d:ab:44:ce:1d:3c:29:f0:82:
1d:e9:08:2e:6b:c0:df:52:ab:b5:3b:6a:c4:a3:56:
a1:77:3c:c0:c5:13:cf:71:a6:9f:db:86:25:ef:47:
2e:31:ba:cc:06:96:64:ca:41:60:9f:c2:59:95:f6:
b3:be:cd:c9:5c:5d:75:cc:97:22:66:e5:f0:6e:fc:
72:25:58:4e:38:c6:62:d8:5d:e8:9d:98:81:e2:13:
c4:43:fb:ec:26:06:07:43:90:17:54:27:12:19:c7:
b7:94:b7:96:49:53:71:1e:88:0b:f5:73:32:aa:5e:
33:63:8a:15:cd:06:f8:c1:05:20:f0:7f:47:cc:99:
3a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4A:EE:4A:91:FF:63:E8:9A:CB:3B:F1:5D:C9:0E:17:FD:64:6B:00
X509v3 Authority Key Identifier:
keyid:82:E3:96:81:C5:AA:EF:B3:5E:54:F4:AD:8A:FA:42:8D:4F:FD:E0:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/kEruSpH_Y-iayzvxXckOF_1kawA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/guOWgcWq77NeVPStivpCjU_94Go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.144.0/22
185.251.96.0/22
IPv6:
2a02:2410::/32
2a0c:18c0::/32
Signature Algorithm: sha256WithRSAEncryption
0e:fc:db:c5:cc:60:b9:72:1d:1c:fb:45:1c:a5:44:31:f5:dc:
31:39:c6:81:6f:30:f8:12:63:2d:15:8c:5d:b9:5c:87:9f:33:
6f:06:a9:63:2c:49:77:04:00:3f:05:f8:6f:be:7f:12:40:29:
dc:08:a8:fb:3f:36:5d:39:45:2a:89:1f:22:28:33:88:8e:96:
e8:b5:c4:55:fa:ef:09:9e:59:b1:ad:03:d9:93:6b:f3:25:83:
5e:83:4a:0c:5a:79:96:9e:83:8a:a9:34:b3:68:c6:ef:a0:37:
5f:9f:a3:11:b3:41:31:68:f1:0c:09:dc:ae:cc:a6:11:bf:5f:
d3:29:d5:a4:55:ff:99:d8:bf:0b:38:17:68:bf:81:b3:0f:9a:
44:3e:f4:9c:bf:79:13:49:50:fe:8e:0a:55:49:2d:d1:24:1f:
ff:2b:6f:ba:dd:e0:b7:44:ac:46:a0:42:f9:6d:f9:c3:0c:f6:
9c:17:9d:a2:92:8d:ac:04:08:1c:79:9f:76:45:f8:cb:a5:35:
5d:fa:f3:80:be:24:bf:8c:dc:df:56:9f:ef:a4:58:f6:c0:a6:
06:47:ce:a3:49:ec:8e:52:62:5b:98:af:ee:17:06:ca:f4:bc:
73:72:9a:23:3e:30:7a:e5:ef:4a:4f:07:f6:14:c6:c8:5c:a7:
1c:07:bb:a6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzI3pw+k9QJYFXAjzE4lAFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTM5NjgxYzVhYWVmYjM1ZTU0ZjRhZDhhZmE0MjhkNGZm
ZGUwNmEwHhcNMjQwMTAyMDYzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRhZWU0YTkxZmY2M2U4OWFjYjNiZjE1ZGM5MGUxN2ZkNjQ2YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7PbHYd/WMcRwm6n3DmfyQy7JoMj
twsOdLFjfn62H9NF7iXZSLxIXs6FI9nUMcfekH/XI3/pFPIriIVh4g06uH2bG6Wb
6s95yDbyOfbJRaVDq/6x5D7uEwX4slWTGtrY5GNgZmXCQfVF6TYFpy1kuq5Ydud4
7SmJ/1237vcNq0TOHTwp8IId6Qgua8DfUqu1O2rEo1ahdzzAxRPPcaaf24Yl70cu
MbrMBpZkykFgn8JZlfazvs3JXF11zJciZuXwbvxyJVhOOMZi2F3onZiB4hPEQ/vs
JgYHQ5AXVCcSGce3lLeWSVNxHogL9XMyql4zY4oVzQb4wQUg8H9HzJk6GwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJBK7kqR/2Pomss78V3JDhf9ZGsAMB8GA1UdIwQY
MBaAFILjloHFqu+zXlT0rYr6Qo1P/eBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VPV2djV3E3N05lVlBTdGl2cENqVV85NEdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81N2I1M2UtMzAwMy00NmE2LTljZTgt
ZmFmZDE0OTZhZTU5LzEva0VydVNwSF9ZLWlheXp2eFhja09GXzFrYXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81N2I1M2UtMzAwMy00NmE2LTljZTgtZmFmZDE0OTZhZTU5
LzEvZ3VPV2djV3E3N05lVlBTdGl2cENqVV85NEdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCWc+QAwQC
uftgMBQEAgACMA4DBQAqAiQQAwUAKgwYwDANBgkqhkiG9w0BAQsFAAOCAQEADvzb
xcxguXIdHPtFHKVEMfXcMTnGgW8w+BJjLRWMXblch58zbwapYyxJdwQAPwX4b75/
EkAp3Aio+z82XTlFKokfIigziI6W6LXEVfrvCZ5Zsa0D2ZNr8yWDXoNKDFp5lp6D
iqk0s2jG76A3X5+jEbNBMWjxDAncrsymEb9f0ynVpFX/mdi/CzgXaL+Bsw+aRD70
nL95E0lQ/o4KVUkt0SQf/ytvut3gt0SsRqBC+W35wwz2nBedopKNrAQIHHmfdkX4
y6U1XfrzgL4kv4zc31af76RY9sCmBkfOo0nsjlJiW5iv7hcGyvS8c3KaIz4weuXv
Sk8H9hTGyFynHAe7pg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:46:34 2024 by rpki-client on console-ams.rpki-client.org