Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/k5fvAehHxnQNCfnsJaKKvT-9GZs.roa
File: k5fvAehHxnQNCfnsJaKKvT-9GZs.roa (raw, json)
Hash identifier: w01fkXKyMV08CBo2PRl70qccmW2SAEjJbrGa58rLDZE=
Subject key identifier: 93:97:EF:01:E8:47:C6:74:0D:09:F9:EC:25:A2:8A:BD:3F:BD:19:9B
Certificate issuer: /CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Certificate serial: 018CCA2A83E340F39D1789F7024FABD6BAE8
Authority key identifier: CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/k5fvAehHxnQNCfnsJaKKvT-9GZs.roa
Signing time: Tue 02 Jan 2024 12:33:53 +0000
ROA not before: Tue 02 Jan 2024 12:33:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51013
IP address blocks: 213.188.152.0/22 maxlen: 22
213.188.156.0/23 maxlen: 23
2a02:250:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:83:e3:40:f3:9d:17:89:f7:02:4f:ab:d6:ba:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Validity
Not Before: Jan 2 12:33:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9397ef01e847c6740d09f9ec25a28abd3fbd199b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c0:29:40:9a:e3:32:b1:2d:62:98:39:48:7d:
0b:7e:d8:c7:f0:8c:34:e4:ad:42:9e:32:0b:fb:2d:
42:eb:5c:ff:89:28:dd:3d:a5:86:92:c7:80:c9:b0:
ea:c0:e2:37:e4:be:d4:14:3d:f3:bf:43:26:f1:31:
64:16:1a:d8:5e:3e:e3:07:35:e8:a3:98:41:db:b7:
0d:10:79:c8:c5:ac:c5:14:44:20:69:f9:51:dc:cc:
81:2d:04:50:2c:6c:31:31:8d:c7:13:8f:81:02:40:
3a:00:d4:38:d1:91:b2:f5:63:8e:5d:0f:4d:fd:85:
1b:f1:6f:3a:fa:4d:0f:30:ea:94:d2:b9:f0:54:9a:
01:f6:b2:68:ad:e7:4e:62:e3:4e:e7:26:16:c7:c3:
ff:7d:dc:90:c8:d5:ac:48:1b:a7:52:f7:fc:f2:0f:
f6:40:c4:9f:fd:51:9e:ab:a5:cc:8c:81:92:61:00:
8f:7f:a3:29:02:d5:1f:21:1e:40:d1:fe:86:da:8d:
b2:6d:c5:1f:66:9b:0b:fc:fb:ba:69:f6:0c:64:33:
18:43:df:0e:0c:61:d0:af:83:5e:ad:77:83:71:a8:
2f:93:e0:7d:e8:84:64:84:c1:fc:74:0a:a8:b1:dd:
d7:6f:22:75:be:0e:47:e8:f7:a6:45:cf:b7:ee:d8:
a5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:97:EF:01:E8:47:C6:74:0D:09:F9:EC:25:A2:8A:BD:3F:BD:19:9B
X509v3 Authority Key Identifier:
keyid:CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/k5fvAehHxnQNCfnsJaKKvT-9GZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.188.152.0-213.188.157.255
IPv6:
2a02:250:2::/48
Signature Algorithm: sha256WithRSAEncryption
1d:84:22:ab:80:c0:22:b6:86:45:91:5f:6b:37:02:81:7c:02:
95:e6:4c:47:fb:2d:df:4a:3e:01:0a:3e:01:49:7b:12:e3:b7:
2e:52:f0:b1:1f:14:19:b5:96:46:d1:64:0b:8d:34:d6:bf:1e:
25:8f:14:0f:59:ff:96:73:ae:89:f6:28:b1:a7:47:ac:01:05:
b2:07:60:8d:73:c0:26:27:05:00:e1:f1:f3:5b:51:37:f8:c6:
58:07:ae:20:f7:1a:bb:3a:27:d1:e4:28:73:53:b1:cb:64:44:
9e:84:06:38:61:e1:34:a1:fc:3d:ca:34:7c:94:9b:69:5d:d9:
bf:76:55:6a:5b:61:11:11:21:df:e4:1e:aa:4c:85:60:12:c5:
ae:7c:4e:5f:34:82:83:5c:ad:9c:c4:ab:e4:10:ab:59:09:ef:
f2:d3:1c:4c:b1:28:73:a8:08:dd:43:6f:20:48:a8:9f:15:2d:
2a:f6:d5:eb:42:93:6f:2e:42:e5:4e:46:d0:8a:a0:44:28:26:
63:8d:9b:89:5b:8f:05:f3:ce:91:64:76:f0:6e:cf:b0:b6:9d:
8a:68:37:d7:5f:34:e6:cc:d3:94:a5:24:32:2c:cb:05:8b:6e:
da:9a:81:21:e6:db:8f:53:a3:d0:7b:b2:1d:d7:63:74:6c:cb:
3f:56:ba:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzKKoPjQPOdF4n3Ak+r1rroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjVlZTIzYmZmNDJjY2Y2NzlkNzM3N2ZlNGRhNjk1ZDM0
MWFlZjAwHhcNMjQwMTAyMTIzMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzk3ZWYwMWU4NDdjNjc0MGQwOWY5ZWMyNWEyOGFiZDNmYmQxOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysApQJrjMrEtYpg5SH0LftjH8Iw0
5K1CnjIL+y1C61z/iSjdPaWGkseAybDqwOI35L7UFD3zv0Mm8TFkFhrYXj7jBzXo
o5hB27cNEHnIxazFFEQgaflR3MyBLQRQLGwxMY3HE4+BAkA6ANQ40ZGy9WOOXQ9N
/YUb8W86+k0PMOqU0rnwVJoB9rJoredOYuNO5yYWx8P/fdyQyNWsSBunUvf88g/2
QMSf/VGeq6XMjIGSYQCPf6MpAtUfIR5A0f6G2o2ybcUfZpsL/Pu6afYMZDMYQ98O
DGHQr4NerXeDcagvk+B96IRkhMH8dAqosd3XbyJ1vg5H6PemRc+37tilFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOX7wHoR8Z0DQn57CWiir0/vRmbMB8GA1UdIwQY
MBaAFM1l7iO/9CzPZ51zd/5NppXTQa7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQt
NWRjMmZhNmEzNTAzLzEvazVmdkFlaEh4blFOQ2Zuc0phS0t2VC05R1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQtNWRjMmZhNmEzNTAz
LzEveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAPVvJgD
BAHVvJwwDwQCAAIwCQMHACoCAlAAAjANBgkqhkiG9w0BAQsFAAOCAQEAHYQiq4DA
IraGRZFfazcCgXwCleZMR/st30o+AQo+AUl7EuO3LlLwsR8UGbWWRtFkC4001r8e
JY8UD1n/lnOuifYosadHrAEFsgdgjXPAJicFAOHx81tRN/jGWAeuIPcauzon0eQo
c1Oxy2REnoQGOGHhNKH8Pco0fJSbaV3Zv3ZValthEREh3+QeqkyFYBLFrnxOXzSC
g1ytnMSr5BCrWQnv8tMcTLEoc6gI3UNvIEionxUtKvbV60KTby5C5U5G0IqgRCgm
Y42biVuPBfPOkWR28G7PsLadimg311805szTlKUkMizLBYtu2pqBIebbj1Oj0Huy
HddjdGzLP1a6HQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:47:09 2024 by rpki-client on console-ams.rpki-client.org