Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/KhRlXkEPWtMVlkOrXZtMHM1FM8w.roa
File: KhRlXkEPWtMVlkOrXZtMHM1FM8w.roa (raw, json)
Hash identifier: 2cwLhbmDVK30CjOqvaVZ0F/GF2KQfn+ei3qAOmr2NBI=
Subject key identifier: 2A:14:65:5E:41:0F:5A:D3:15:96:43:AB:5D:9B:4C:1C:CD:45:33:CC
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018CC86F923799C89ABFA8C50F3F45392700
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/KhRlXkEPWtMVlkOrXZtMHM1FM8w.roa
Signing time: Tue 02 Jan 2024 04:30:04 +0000
ROA not before: Tue 02 Jan 2024 04:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47570
IP address blocks: 94.100.0.0/20 maxlen: 24
94.100.2.0/24 maxlen: 24
80.232.163.0/24 maxlen: 24
94.100.6.0/24 maxlen: 24
94.100.7.0/24 maxlen: 24
94.100.8.0/24 maxlen: 24
94.100.9.0/24 maxlen: 24
94.100.11.0/24 maxlen: 24
94.100.12.0/24 maxlen: 24
94.100.13.0/24 maxlen: 24
94.100.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:92:37:99:c8:9a:bf:a8:c5:0f:3f:45:39:27:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Jan 2 04:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a14655e410f5ad3159643ab5d9b4c1ccd4533cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b9:1e:38:ae:ea:eb:5e:40:e4:8c:88:87:15:
6f:7c:b1:df:ad:51:a4:0a:8c:75:87:55:47:99:c7:
38:91:a5:a3:c6:9d:1f:3d:fc:5c:8b:af:b2:3f:bc:
eb:07:0d:e2:78:8a:82:f8:e1:1a:d6:84:76:e2:a2:
89:d3:fa:f3:f8:b4:bf:83:68:43:2f:54:7a:e0:46:
97:16:36:cc:b5:08:3d:f4:42:2f:56:c3:29:5a:03:
99:a3:da:ef:b7:f1:4c:2c:16:66:3c:60:7a:c0:06:
60:6c:68:28:74:77:2c:e5:ec:de:1d:e0:f0:75:ae:
52:e5:7e:c3:c3:97:32:8f:ac:ee:a5:1f:da:a3:f7:
08:04:dc:bd:5d:44:02:31:ea:1d:57:0a:38:0d:7b:
29:8e:63:8d:dc:e9:b9:74:aa:8c:7a:0e:3b:4d:7c:
2c:f8:82:92:84:7a:dd:aa:97:00:ef:96:59:fd:33:
ab:ba:c2:19:bf:1e:77:ed:af:48:80:90:1d:13:36:
e2:3e:76:2b:54:59:5f:75:c5:51:1e:94:bb:fb:de:
70:97:89:66:e2:b9:45:c2:3e:8e:de:61:82:d8:e8:
f8:80:93:08:81:91:af:2f:d1:02:dd:69:ea:54:f5:
a1:5b:6d:d9:ed:71:84:ff:11:04:e4:4f:11:f1:87:
55:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:14:65:5E:41:0F:5A:D3:15:96:43:AB:5D:9B:4C:1C:CD:45:33:CC
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/KhRlXkEPWtMVlkOrXZtMHM1FM8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.232.163.0/24
94.100.0.0/20
Signature Algorithm: sha256WithRSAEncryption
22:dd:4a:57:05:6f:4e:90:60:9f:4b:b4:e6:7f:0e:aa:41:c6:
9b:94:18:03:cc:38:c5:22:95:e4:a6:cb:02:13:76:53:16:29:
a3:60:02:c3:2d:4d:5f:68:5f:e7:b0:1d:58:e1:e1:5c:22:82:
64:0c:83:4c:6b:63:b3:e7:56:40:b3:c3:a2:cf:c1:17:52:19:
7f:bd:fe:b9:f1:5a:37:07:9f:41:d9:d8:64:91:1e:59:90:15:
7f:e2:96:aa:83:7f:70:bb:d9:a0:da:cc:95:86:69:c7:94:c1:
8f:19:de:7c:2b:45:b9:2e:6b:68:3a:6f:c2:11:16:88:79:48:
01:14:cf:0a:84:6c:73:17:bb:d3:97:8d:f9:ed:9d:2c:fd:12:
82:3f:88:f6:e1:4c:4a:63:b9:14:cf:3d:9c:32:a1:b9:6b:90:
25:5e:d6:77:11:99:81:ed:90:b0:0e:9e:c0:25:bd:ae:e1:6c:
c4:ce:fd:0f:6b:9f:06:fd:2d:ec:21:c4:bd:6f:fe:26:25:5a:
91:85:36:d0:d1:cf:60:07:9e:9f:6d:e7:12:6a:99:46:2d:69:
4c:53:f0:28:5c:61:16:ca:7a:20:56:46:65:e4:ed:b3:3e:d2:
e1:f6:5c:38:70:1d:42:02:5c:33:8f:7d:93:39:92:77:b4:6a:
29:ea:16:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb5I3mciav6jFDz9FOScAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjQwMTAyMDQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE0NjU1ZTQxMGY1YWQzMTU5NjQzYWI1ZDliNGMxY2NkNDUzM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybkeOK7q615A5IyIhxVvfLHfrVGk
Cox1h1VHmcc4kaWjxp0fPfxci6+yP7zrBw3ieIqC+OEa1oR24qKJ0/rz+LS/g2hD
L1R64EaXFjbMtQg99EIvVsMpWgOZo9rvt/FMLBZmPGB6wAZgbGgodHcs5ezeHeDw
da5S5X7Dw5cyj6zupR/ao/cIBNy9XUQCMeodVwo4DXspjmON3Om5dKqMeg47TXws
+IKShHrdqpcA75ZZ/TOrusIZvx537a9IgJAdEzbiPnYrVFlfdcVRHpS7+95wl4lm
4rlFwj6O3mGC2Oj4gJMIgZGvL9EC3WnqVPWhW23Z7XGE/xEE5E8R8YdVHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCoUZV5BD1rTFZZDq12bTBzNRTPMMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvS2hSbFhrRVBXdE1WbGtPclhadE1ITTFGTTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUOijAwQE
XmQAMA0GCSqGSIb3DQEBCwUAA4IBAQAi3UpXBW9OkGCfS7Tmfw6qQcablBgDzDjF
IpXkpssCE3ZTFimjYALDLU1faF/nsB1Y4eFcIoJkDINMa2Oz51ZAs8Oiz8EXUhl/
vf658Vo3B59B2dhkkR5ZkBV/4paqg39wu9mg2syVhmnHlMGPGd58K0W5LmtoOm/C
ERaIeUgBFM8KhGxzF7vTl4357Z0s/RKCP4j24UxKY7kUzz2cMqG5a5AlXtZ3EZmB
7ZCwDp7AJb2u4WzEzv0Pa58G/S3sIcS9b/4mJVqRhTbQ0c9gB56fbecSaplGLWlM
U/AoXGEWynogVkZl5O2zPtLh9lw4cB1CAlwzj32TOZJ3tGop6hYc
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:24:49 2024 by rpki-client on console-ams.rpki-client.org