Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/kIyVzC_M6waKyAPTdc5b_LA0LgM.roa
File: kIyVzC_M6waKyAPTdc5b_LA0LgM.roa (raw, json)
Hash identifier: fSsIVr0nWgYyRG1KgFnG77n+MdhkPiAeTDfl7SfrE1Q=
Subject key identifier: 90:8C:95:CC:2F:CC:EB:06:8A:C8:03:D3:75:CE:5B:FC:B0:34:2E:03
Certificate issuer: /CN=7d645e584f1ef9a881f1fbbc4d27a3423de3dff1
Certificate serial: 018CC3B7012CA17FDAAD697B8249E2A7E615
Authority key identifier: 7D:64:5E:58:4F:1E:F9:A8:81:F1:FB:BC:4D:27:A3:42:3D:E3:DF:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWReWE8e-aiB8fu8TSejQj3j3_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/kIyVzC_M6waKyAPTdc5b_LA0LgM.roa
Signing time: Mon 01 Jan 2024 06:29:59 +0000
ROA not before: Mon 01 Jan 2024 06:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35369
IP address blocks: 83.164.128.0/17 maxlen: 32
185.121.40.0/22 maxlen: 24
2a00:1860::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/fWReWE8e-aiB8fu8TSejQj3j3_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/fWReWE8e-aiB8fu8TSejQj3j3_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fWReWE8e-aiB8fu8TSejQj3j3_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:01:2c:a1:7f:da:ad:69:7b:82:49:e2:a7:e6:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d645e584f1ef9a881f1fbbc4d27a3423de3dff1
Validity
Not Before: Jan 1 06:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=908c95cc2fcceb068ac803d375ce5bfcb0342e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:25:8f:eb:50:64:8b:be:80:d4:55:6f:47:34:
f7:b9:df:5f:4b:2a:18:c8:c7:9b:7b:0a:ad:89:5e:
9a:c8:b8:d3:2f:24:5a:db:6d:0a:4a:f3:c3:aa:da:
a8:ec:96:c2:78:ee:c2:5f:46:9a:12:65:cf:47:50:
08:8e:0f:32:3d:a8:01:0f:35:f9:15:57:cc:bf:3f:
bf:2a:e5:11:ca:27:bf:72:74:63:be:56:d2:91:58:
1a:b5:36:40:28:8c:ea:ae:11:6b:8e:6a:82:02:d4:
21:b8:fb:84:be:38:a5:10:dd:e6:b3:bc:bf:a7:39:
b5:1e:fa:a2:8c:4b:7e:96:5f:e6:ca:b7:79:33:46:
18:99:bd:e9:f9:97:86:22:af:3c:a3:27:0d:ec:ef:
19:41:9f:0e:4e:9d:39:cb:f2:9e:17:35:9b:99:8c:
d9:db:4f:c8:10:e9:c9:ab:d2:d7:de:cd:38:97:92:
b5:ca:23:1b:25:db:2f:64:1c:53:f5:13:f7:20:f8:
04:29:5c:64:94:8b:57:1d:16:dc:8e:00:d0:50:d2:
fd:6b:f1:8e:3e:e1:6b:b7:79:ee:e4:26:81:5f:6c:
3b:81:8f:c1:15:2f:60:28:f6:51:f9:79:a7:a5:ef:
76:ca:49:90:c4:49:d2:f4:43:be:e6:14:c8:f4:4f:
f2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:8C:95:CC:2F:CC:EB:06:8A:C8:03:D3:75:CE:5B:FC:B0:34:2E:03
X509v3 Authority Key Identifier:
keyid:7D:64:5E:58:4F:1E:F9:A8:81:F1:FB:BC:4D:27:A3:42:3D:E3:DF:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWReWE8e-aiB8fu8TSejQj3j3_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/kIyVzC_M6waKyAPTdc5b_LA0LgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0d1c33-9117-4a11-bbfe-db81a18e242e/1/fWReWE8e-aiB8fu8TSejQj3j3_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.164.128.0/17
185.121.40.0/22
IPv6:
2a00:1860::/32
Signature Algorithm: sha256WithRSAEncryption
18:cb:06:7e:50:e5:1d:bd:7b:9a:f9:33:b7:cf:02:09:bc:7f:
cd:39:dd:26:26:5f:75:de:01:a0:a5:06:37:c8:f5:54:e6:9d:
08:a7:a7:e7:7f:a3:67:a4:54:c8:53:76:3f:9a:db:9c:68:e1:
d8:84:91:06:45:fd:1a:1d:78:e5:45:30:5a:db:ee:8d:17:f9:
ba:87:d7:07:e4:28:93:4a:41:45:bc:db:86:8b:16:1a:9c:b2:
51:0c:1a:7f:a5:17:2e:c1:06:cf:d2:fd:27:af:8c:ba:55:a1:
f0:ff:8e:cb:98:76:28:47:dc:38:f8:a9:e1:90:da:a2:4c:44:
ec:19:02:8d:2e:ea:83:58:38:71:f9:98:e1:9d:cb:91:66:e8:
61:dd:38:09:52:51:2a:0a:68:1d:c1:17:c8:18:c6:cc:df:95:
4e:8b:20:99:3b:c5:9f:c8:6d:09:90:37:55:db:95:50:8e:7e:
46:83:ee:be:54:70:ad:db:8e:29:39:b7:9d:cf:d2:ac:4e:a2:
a9:78:0b:42:0e:c4:c4:d5:8b:04:76:58:af:10:fa:f9:6c:f2:
f3:2e:54:cb:1b:14:59:80:f4:92:4a:24:99:77:22:6d:cc:42:
37:a7:37:5e:a9:9f:93:1c:98:c1:dd:43:7f:d5:7f:ba:75:e5:
f0:ae:0c:1a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtwEsoX/arWl7gknip+YVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjQ1ZTU4NGYxZWY5YTg4MWYxZmJiYzRkMjdhMzQyM2Rl
M2RmZjEwHhcNMjQwMTAxMDYyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDhjOTVjYzJmY2NlYjA2OGFjODAzZDM3NWNlNWJmY2IwMzQyZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCWP61Bki76A1FVvRzT3ud9fSyoY
yMebewqtiV6ayLjTLyRa220KSvPDqtqo7JbCeO7CX0aaEmXPR1AIjg8yPagBDzX5
FVfMvz+/KuURyie/cnRjvlbSkVgatTZAKIzqrhFrjmqCAtQhuPuEvjilEN3ms7y/
pzm1HvqijEt+ll/myrd5M0YYmb3p+ZeGIq88oycN7O8ZQZ8OTp05y/KeFzWbmYzZ
20/IEOnJq9LX3s04l5K1yiMbJdsvZBxT9RP3IPgEKVxklItXHRbcjgDQUNL9a/GO
PuFrt3nu5CaBX2w7gY/BFS9gKPZR+Xmnpe92ykmQxEnS9EO+5hTI9E/yQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJCMlcwvzOsGisgD03XOW/ywNC4DMB8GA1UdIwQY
MBaAFH1kXlhPHvmogfH7vE0no0I949/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldSZVdFOGUtYWlCOGZ1OFRTZWpRajNqM19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wZDFjMzMtOTExNy00YTExLWJiZmUt
ZGI4MWExOGUyNDJlLzEva0l5VnpDX002d2FLeUFQVGRjNWJfTEEwTGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wZDFjMzMtOTExNy00YTExLWJiZmUtZGI4MWExOGUyNDJl
LzEvZldSZVdFOGUtYWlCOGZ1OFRTZWpRajNqM19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHU6SAAwQC
uXkoMA0EAgACMAcDBQAqABhgMA0GCSqGSIb3DQEBCwUAA4IBAQAYywZ+UOUdvXua
+TO3zwIJvH/NOd0mJl913gGgpQY3yPVU5p0Ip6fnf6NnpFTIU3Y/mtucaOHYhJEG
Rf0aHXjlRTBa2+6NF/m6h9cH5CiTSkFFvNuGixYanLJRDBp/pRcuwQbP0v0nr4y6
VaHw/47LmHYoR9w4+KnhkNqiTETsGQKNLuqDWDhx+ZjhncuRZuhh3TgJUlEqCmgd
wRfIGMbM35VOiyCZO8WfyG0JkDdV25VQjn5Gg+6+VHCt244pObedz9KsTqKpeAtC
DsTE1YsEdlivEPr5bPLzLlTLGxRZgPSSSiSZdyJtzEI3pzdeqZ+THJjB3UN/1X+6
deXwrgwa
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:50:28 2024 by rpki-client on console-ams.rpki-client.org