Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/isGjn6X8-nPwbIuk48gKuialh5Y.roa
File: isGjn6X8-nPwbIuk48gKuialh5Y.roa (raw, json)
Hash identifier: SLWkC6stP0gqahDyhCTwnSZRJj4mMC42nKqAFv14EzQ=
Subject key identifier: 8A:C1:A3:9F:A5:FC:FA:73:F0:6C:8B:A4:E3:C8:0A:BA:26:A5:87:96
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018CC795907145325C62B319A70A7551A533
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/isGjn6X8-nPwbIuk48gKuialh5Y.roa
Signing time: Tue 02 Jan 2024 00:31:56 +0000
ROA not before: Tue 02 Jan 2024 00:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207508
IP address blocks: 213.142.133.0/24 maxlen: 24
213.142.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:90:71:45:32:5c:62:b3:19:a7:0a:75:51:a5:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 2 00:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ac1a39fa5fcfa73f06c8ba4e3c80aba26a58796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:20:9b:2a:6f:81:3c:9a:61:3c:8b:fa:e8:1b:
b5:2b:10:41:3d:bf:27:b4:1a:b1:cf:12:44:5b:ad:
11:c6:f1:aa:e3:27:35:a5:36:46:14:f3:ef:c2:6d:
b0:cb:cd:fc:5f:e5:aa:96:aa:eb:39:3e:09:2e:6e:
8c:9d:78:49:c9:11:fa:32:95:8c:a5:98:cf:53:4e:
e5:cf:c1:bb:68:31:ee:05:57:2e:38:9a:3e:ae:ba:
c7:68:d7:c8:36:42:44:cd:a5:03:37:48:14:3b:9d:
5d:c9:c9:7c:ce:63:1a:df:ec:02:71:b0:22:23:30:
08:7e:ce:b6:38:9d:cf:da:66:da:fc:16:f8:9d:9e:
c4:fa:05:cd:37:fa:f9:01:47:04:0b:52:6f:8e:2c:
d6:a0:c7:66:c1:1b:2f:cf:13:16:e0:24:ea:5f:ed:
30:d4:16:92:92:b3:30:c1:76:af:ef:c8:44:2b:1e:
9f:d1:c4:f0:97:aa:99:13:99:c4:d2:9d:33:19:b8:
4d:cf:e0:b3:d2:e5:68:42:48:3f:22:2c:53:d0:24:
e0:45:b3:80:ee:a8:34:2d:a3:45:47:c8:55:b5:d0:
21:26:da:2a:71:a6:34:7a:27:a0:4b:b4:e5:46:30:
38:a6:18:4d:96:e4:84:75:4f:b4:7b:9c:1e:ee:7e:
f3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C1:A3:9F:A5:FC:FA:73:F0:6C:8B:A4:E3:C8:0A:BA:26:A5:87:96
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/isGjn6X8-nPwbIuk48gKuialh5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.133.0-213.142.134.255
Signature Algorithm: sha256WithRSAEncryption
b2:f2:cc:da:04:01:e5:6d:ef:e9:8c:cc:45:19:45:2a:c2:b8:
ba:e9:3b:2a:a6:46:59:2c:c5:2e:82:56:96:35:ba:38:cc:06:
a8:5c:bf:80:cb:2c:43:8b:dc:12:a2:f8:99:ea:3d:d0:f3:b5:
4a:0f:66:3b:77:b5:55:2b:9a:3c:89:e2:f8:00:53:eb:f1:f3:
7f:7e:a4:db:23:ba:33:9f:37:b9:39:27:0f:1b:db:a9:2f:43:
d9:8c:df:35:2f:02:3e:f1:05:31:b6:84:5f:f1:b5:eb:d7:57:
e9:33:24:ee:60:e3:47:9d:8d:7a:4a:e5:71:d5:9a:3e:5e:f7:
14:ef:10:13:e7:d2:01:64:1e:02:f6:e1:aa:fe:ce:3b:ac:ce:
98:06:56:72:d7:55:0a:d0:12:e0:41:ae:58:e6:3f:f9:7a:3e:
eb:20:b6:f6:54:3b:77:71:0d:35:d6:c0:3c:79:12:8e:08:47:
1d:82:0b:2b:29:c8:44:35:36:ad:43:a4:ef:90:98:00:5e:58:
3f:48:d0:6a:46:e6:6f:1c:54:b3:59:81:17:7a:33:d9:26:f2:
9e:1f:19:c7:a7:9d:1e:1a:61:49:e5:73:39:fa:7d:2e:f9:ba:
dc:2f:5c:82:0c:30:d4:3b:24:80:e9:13:db:d3:20:57:c1:41:
fb:ed:65:b6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlZBxRTJcYrMZpwp1UaUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjQwMTAyMDAzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWMxYTM5ZmE1ZmNmYTczZjA2YzhiYTRlM2M4MGFiYTI2YTU4Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCCbKm+BPJphPIv66Bu1KxBBPb8n
tBqxzxJEW60RxvGq4yc1pTZGFPPvwm2wy838X+WqlqrrOT4JLm6MnXhJyRH6MpWM
pZjPU07lz8G7aDHuBVcuOJo+rrrHaNfINkJEzaUDN0gUO51dycl8zmMa3+wCcbAi
IzAIfs62OJ3P2mba/Bb4nZ7E+gXNN/r5AUcEC1JvjizWoMdmwRsvzxMW4CTqX+0w
1BaSkrMwwXav78hEKx6f0cTwl6qZE5nE0p0zGbhNz+Cz0uVoQkg/IixT0CTgRbOA
7qg0LaNFR8hVtdAhJtoqcaY0eiegS7TlRjA4phhNluSEdU+0e5we7n7zGQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIrBo5+l/Ppz8GyLpOPICrompYeWMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvaXNHam42WDgtblB3Ykl1azQ4Z0t1aWFsaDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADVjoUD
BADVjoYwDQYJKoZIhvcNAQELBQADggEBALLyzNoEAeVt7+mMzEUZRSrCuLrpOyqm
RlksxS6CVpY1ujjMBqhcv4DLLEOL3BKi+JnqPdDztUoPZjt3tVUrmjyJ4vgAU+vx
839+pNsjujOfN7k5Jw8b26kvQ9mM3zUvAj7xBTG2hF/xtevXV+kzJO5g40edjXpK
5XHVmj5e9xTvEBPn0gFkHgL24ar+zjuszpgGVnLXVQrQEuBBrljmP/l6PusgtvZU
O3dxDTXWwDx5Eo4IRx2CCyspyEQ1Nq1DpO+QmABeWD9I0GpG5m8cVLNZgRd6M9km
8p4fGcennR4aYUnlczn6fS75utwvXIIMMNQ7JIDpE9vTIFfBQfvtZbY=
-----END CERTIFICATE-----
Generated at Mon May 20 12:07:21 2024 by rpki-client on console-fra.rpki-client.org