Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/ArRYKc_AH-verRe_ZiplTTclCzE.roa
File: ArRYKc_AH-verRe_ZiplTTclCzE.roa (raw, json)
Hash identifier: HbRzyUg4/XDOEeOh/sIms09Nj+efL9GPeBSC45Gn4uY=
Subject key identifier: 02:B4:58:29:CF:C0:1F:EB:DE:AD:17:BF:66:2A:65:4D:37:25:0B:31
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0192973CB89F6D1DF1C5DFF617FD8114FCFB
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/ArRYKc_AH-verRe_ZiplTTclCzE.roa
Signing time: Wed 16 Oct 2024 21:29:51 +0000
ROA not before: Wed 16 Oct 2024 21:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210574
IP address blocks: 213.142.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:97:3c:b8:9f:6d:1d:f1:c5:df:f6:17:fd:81:14:fc:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Oct 16 21:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02b45829cfc01febdead17bf662a654d37250b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:09:71:18:c1:37:01:79:5d:a4:74:d9:9e:9b:
d3:a7:9b:b0:d3:65:1c:8e:28:18:8f:f4:c2:ac:fd:
02:1a:47:ea:37:38:27:75:03:bb:57:4d:9d:db:1e:
e4:e7:1f:f4:e6:8a:83:50:f1:b9:23:44:b7:b2:6c:
3a:22:cc:ce:6d:29:c5:44:20:0f:c2:05:66:d2:32:
99:88:1c:e8:4b:7a:4f:1e:75:7b:e3:8d:84:d3:76:
7f:24:83:1d:5d:a6:47:a0:25:1d:c8:0f:72:e2:b7:
35:0b:65:d4:fd:13:3d:2c:09:2e:0d:c3:51:d4:23:
11:78:94:69:be:37:ef:cb:2f:3a:21:69:d0:b4:fa:
86:57:eb:ab:a2:83:da:68:ac:96:45:0e:35:d8:1b:
89:00:3f:85:54:db:6d:43:da:0b:5c:d6:4b:72:6a:
fc:00:b4:63:b1:25:c5:96:cf:28:07:ca:07:3a:6e:
57:38:9f:c2:11:e3:57:5e:62:c6:a9:d3:87:44:55:
c2:53:bc:c3:64:20:a9:9f:59:08:ce:73:6b:ef:b9:
31:10:2a:78:f2:f9:ac:17:07:81:94:33:95:46:a9:
76:2a:24:74:0f:1b:c4:b1:fe:9c:7c:ce:2c:72:e8:
68:12:de:a9:83:b3:61:a5:4c:33:86:dd:ba:54:a7:
9b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B4:58:29:CF:C0:1F:EB:DE:AD:17:BF:66:2A:65:4D:37:25:0B:31
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/ArRYKc_AH-verRe_ZiplTTclCzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.157.0/24
Signature Algorithm: sha256WithRSAEncryption
00:b4:2c:7d:d0:f3:3f:43:ff:ce:5e:61:51:40:a9:77:89:b2:
87:c8:01:ee:4d:5a:d2:8e:5e:ac:58:8e:5e:66:e9:6b:48:94:
80:c9:48:72:33:ac:df:f8:31:ac:5b:82:e9:3d:68:21:9a:d2:
53:15:00:6a:14:e3:b9:56:3e:e9:74:c7:01:e7:04:e5:e5:4e:
63:7f:38:b7:a6:df:47:5c:35:70:e0:e5:fc:8d:4a:e9:89:ce:
b5:25:ec:7f:2e:ad:a4:d1:73:60:0a:b9:d9:68:a3:3d:53:fc:
82:a4:30:67:4e:7f:01:dd:bd:cb:2f:0d:38:69:c0:24:bd:39:
89:57:54:90:cc:1f:20:05:60:73:ea:41:11:00:fd:ae:ed:2b:
b9:5e:b6:e6:18:d8:3d:54:40:12:fe:0f:a8:9e:54:39:45:81:
26:af:ab:3a:11:1a:74:d0:90:f6:12:a9:ee:6d:2b:6b:b5:e2:
42:90:c1:bd:c6:ac:6f:17:3f:5f:1d:77:97:44:d1:dc:f0:5e:
45:8d:fa:ee:ff:b4:5b:42:1a:68:73:41:45:8c:22:71:d6:9e:
8a:08:6d:1f:10:67:a8:68:fb:62:b7:a5:45:29:66:57:8d:b9:
65:bf:3e:e7:30:36:bc:61:9b:17:be:7b:8b:f3:a7:fc:07:66:
4d:3c:da:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKXPLifbR3xxd/2F/2BFPz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjQxMDE2MjEyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmI0NTgyOWNmYzAxZmViZGVhZDE3YmY2NjJhNjU0ZDM3MjUwYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAlxGME3AXldpHTZnpvTp5uw02Uc
jigYj/TCrP0CGkfqNzgndQO7V02d2x7k5x/05oqDUPG5I0S3smw6IszObSnFRCAP
wgVm0jKZiBzoS3pPHnV7442E03Z/JIMdXaZHoCUdyA9y4rc1C2XU/RM9LAkuDcNR
1CMReJRpvjfvyy86IWnQtPqGV+urooPaaKyWRQ412BuJAD+FVNttQ9oLXNZLcmr8
ALRjsSXFls8oB8oHOm5XOJ/CEeNXXmLGqdOHRFXCU7zDZCCpn1kIznNr77kxECp4
8vmsFweBlDOVRql2KiR0DxvEsf6cfM4scuhoEt6pg7NhpUwzht26VKebLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAK0WCnPwB/r3q0Xv2YqZU03JQsxMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvQXJSWUtjX0FILXZlclJlX1ppcGxUVGNsQ3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1Y6dMA0G
CSqGSIb3DQEBCwUAA4IBAQAAtCx90PM/Q//OXmFRQKl3ibKHyAHuTVrSjl6sWI5e
ZulrSJSAyUhyM6zf+DGsW4LpPWghmtJTFQBqFOO5Vj7pdMcB5wTl5U5jfzi3pt9H
XDVw4OX8jUrpic61Jex/Lq2k0XNgCrnZaKM9U/yCpDBnTn8B3b3LLw04acAkvTmJ
V1SQzB8gBWBz6kERAP2u7Su5XrbmGNg9VEAS/g+onlQ5RYEmr6s6ERp00JD2Eqnu
bStrteJCkMG9xqxvFz9fHXeXRNHc8F5Fjfru/7RbQhpoc0FFjCJx1p6KCG0fEGeo
aPtit6VFKWZXjbllvz7nMDa8YZsXvnuL86f8B2ZNPNpE
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:06:04 2024 by rpki-client on console-ams.rpki-client.org