Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/701tZk2HGE4Sz8qVEZbJ0k-MKls.roa
File: 701tZk2HGE4Sz8qVEZbJ0k-MKls.roa (raw, json)
Hash identifier: zECqP17EX29rqrVoHpx5FsMRGI7F+8MHELi1g/7vy74=
Subject key identifier: EF:4D:6D:66:4D:87:18:4E:12:CF:CA:95:11:96:C9:D2:4F:8C:2A:5B
Certificate issuer: /CN=297ae7592ca52491dc166a30fe1477d712bd465d
Certificate serial: 0192A04C21BDB03021F093AAEA9363163142
Authority key identifier: 29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/701tZk2HGE4Sz8qVEZbJ0k-MKls.roa
Signing time: Fri 18 Oct 2024 15:43:16 +0000
ROA not before: Fri 18 Oct 2024 15:43:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216300
IP address blocks: 94.159.112.0/24 maxlen: 24
94.159.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a0:4c:21:bd:b0:30:21:f0:93:aa:ea:93:63:16:31:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ae7592ca52491dc166a30fe1477d712bd465d
Validity
Not Before: Oct 18 15:43:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef4d6d664d87184e12cfca951196c9d24f8c2a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:57:45:a0:5c:47:40:e1:03:f7:64:a9:99:cd:
fa:99:a1:de:c1:4b:0e:fa:4e:54:b6:91:d3:f9:3d:
df:80:f1:42:e2:65:7a:b9:8c:2d:fa:23:13:6e:f4:
49:1e:64:40:53:c5:24:30:4d:17:8b:7d:ef:b4:f9:
dc:3c:bf:c5:a0:09:67:a4:b7:52:eb:00:a3:c2:a3:
56:74:16:54:54:b9:28:b8:20:f3:df:22:fc:a2:df:
39:17:17:8b:98:f3:e4:06:bb:34:36:39:56:6d:9e:
23:da:30:21:0a:ac:ef:a1:72:5e:ce:d8:33:75:e8:
29:01:2a:fb:45:28:5d:af:e3:7f:7e:b1:76:84:6b:
bf:4f:58:12:fd:10:89:a3:52:97:fe:35:59:f3:3e:
60:64:3e:29:4b:e7:77:2e:71:31:bb:ee:87:6e:5b:
14:da:d6:f2:f0:28:88:2a:39:97:76:43:a1:9e:09:
74:f0:36:5f:6f:e6:90:9e:0c:d7:08:bb:82:a1:dc:
54:9d:80:14:9b:43:82:50:d6:ca:e8:3b:6c:d8:f7:
e5:04:ee:7f:69:04:11:66:4d:9e:8f:3e:2e:8d:c1:
78:22:86:05:ce:62:87:c8:69:21:00:f9:18:a4:b5:
40:9a:28:01:62:4c:63:a3:75:c6:d6:51:25:ca:4a:
8b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4D:6D:66:4D:87:18:4E:12:CF:CA:95:11:96:C9:D2:4F:8C:2A:5B
X509v3 Authority Key Identifier:
keyid:29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/701tZk2HGE4Sz8qVEZbJ0k-MKls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.159.112.0/24
94.159.114.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:83:50:0b:01:91:db:f0:5f:bd:9f:18:b5:a4:06:dd:03:b7:
79:99:19:5e:40:79:7a:cc:02:4a:93:a9:a7:9e:eb:3c:02:93:
5c:82:c9:00:e5:7e:7a:b9:85:76:39:03:f6:9a:f7:b2:4f:b6:
19:d4:3f:c9:36:f5:3a:7b:8d:0a:17:1f:51:fc:fc:88:b1:c0:
6a:53:e8:da:23:55:be:c2:5d:48:8a:b8:80:69:45:31:9e:a4:
c7:13:2d:31:41:33:c3:f2:b8:d3:a5:a3:d5:66:a3:ab:57:1b:
bd:18:ae:b3:d4:09:30:9c:4e:e3:51:76:13:e4:df:e6:84:2a:
ed:96:6c:c0:3a:81:9e:4d:2e:ca:de:56:2e:8f:eb:34:84:8b:
bb:2d:e9:e9:8f:5d:a9:5e:fd:a9:8a:2a:e2:75:ea:4e:02:12:
78:e5:88:01:4b:7d:83:f3:14:95:8f:39:82:d0:bc:fb:ea:21:
f1:2c:1f:27:59:22:99:ba:7c:19:01:52:53:4d:03:cc:69:af:
37:bb:49:9d:96:0f:85:de:78:70:32:ba:7b:9a:dc:b6:08:47:
38:f3:a9:55:89:b2:77:ac:e6:64:fb:fe:b8:32:3d:7d:0d:88:
34:cc:99:4b:d2:a8:f4:48:b4:ed:e7:3d:96:30:93:a8:00:49:
3c:26:d0:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKgTCG9sDAh8JOq6pNjFjFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2FlNzU5MmNhNTI0OTFkYzE2NmEzMGZlMTQ3N2Q3MTJi
ZDQ2NWQwHhcNMjQxMDE4MTU0MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjRkNmQ2NjRkODcxODRlMTJjZmNhOTUxMTk2YzlkMjRmOGMyYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1dFoFxHQOED92Spmc36maHewUsO
+k5UtpHT+T3fgPFC4mV6uYwt+iMTbvRJHmRAU8UkME0Xi33vtPncPL/FoAlnpLdS
6wCjwqNWdBZUVLkouCDz3yL8ot85FxeLmPPkBrs0NjlWbZ4j2jAhCqzvoXJeztgz
degpASr7RShdr+N/frF2hGu/T1gS/RCJo1KX/jVZ8z5gZD4pS+d3LnExu+6HblsU
2tby8CiIKjmXdkOhngl08DZfb+aQngzXCLuCodxUnYAUm0OCUNbK6Dts2PflBO5/
aQQRZk2ejz4ujcF4IoYFzmKHyGkhAPkYpLVAmigBYkxjo3XG1lElykqLNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO9NbWZNhxhOEs/KlRGWydJPjCpbMB8GA1UdIwQY
MBaAFCl651kspSSR3BZqMP4Ud9cSvUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgt
MzkxMGE1OWExMTIxLzEvNzAxdFprMkhHRTRTejhxVkVaYkoway1NS2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgtMzkxMGE1OWExMTIx
LzEvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXp9wAwQA
Xp9yMA0GCSqGSIb3DQEBCwUAA4IBAQCLg1ALAZHb8F+9nxi1pAbdA7d5mRleQHl6
zAJKk6mnnus8ApNcgskA5X56uYV2OQP2mveyT7YZ1D/JNvU6e40KFx9R/PyIscBq
U+jaI1W+wl1IiriAaUUxnqTHEy0xQTPD8rjTpaPVZqOrVxu9GK6z1AkwnE7jUXYT
5N/mhCrtlmzAOoGeTS7K3lYuj+s0hIu7Lenpj12pXv2piiridepOAhJ45YgBS32D
8xSVjzmC0Lz76iHxLB8nWSKZunwZAVJTTQPMaa83u0mdlg+F3nhwMrp7mty2CEc4
86lVibJ3rOZk+/64Mj19DYg0zJlL0qj0SLTt5z2WMJOoAEk8JtB8
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:27:24 2024 by rpki-client on console-ams.rpki-client.org