Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/KPIGTz0WSENQCh6uJN7IdWjJ5oU.roa
File: KPIGTz0WSENQCh6uJN7IdWjJ5oU.roa (raw, json)
Hash identifier: q/4pfSZAG3LYOVTpAnJm7KSEFurpUhYTbRb7URc7zKI=
Subject key identifier: 28:F2:06:4F:3D:16:48:43:50:0A:1E:AE:24:DE:C8:75:68:C9:E6:85
Certificate issuer: /CN=a42000c4f4ec4a03cd4d3657e01b70034ec23b97
Certificate serial: 018CC6B84E5C95E251CA73D98F844ADDE6AE
Authority key identifier: A4:20:00:C4:F4:EC:4A:03:CD:4D:36:57:E0:1B:70:03:4E:C2:3B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCAAxPTsSgPNTTZX4BtwA07CO5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/KPIGTz0WSENQCh6uJN7IdWjJ5oU.roa
Signing time: Mon 01 Jan 2024 20:30:16 +0000
ROA not before: Mon 01 Jan 2024 20:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208507
IP address blocks: 178.218.240.0/23 maxlen: 23
178.218.240.0/24 maxlen: 24
178.218.242.0/24 maxlen: 24
178.218.242.0/23 maxlen: 23
178.218.243.0/24 maxlen: 24
178.218.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/pCAAxPTsSgPNTTZX4BtwA07CO5c.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/pCAAxPTsSgPNTTZX4BtwA07CO5c.mft
rsync://rpki.ripe.net/repository/DEFAULT/pCAAxPTsSgPNTTZX4BtwA07CO5c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:4e:5c:95:e2:51:ca:73:d9:8f:84:4a:dd:e6:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42000c4f4ec4a03cd4d3657e01b70034ec23b97
Validity
Not Before: Jan 1 20:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28f2064f3d164843500a1eae24dec87568c9e685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9a:e8:b9:b7:b9:bf:24:56:d3:ee:94:c9:27:
ed:41:1f:a6:67:ea:1a:c6:c7:33:cd:93:e4:f0:c4:
5a:3a:05:a8:5d:3e:d0:29:0a:6d:5a:14:cc:e6:ec:
d4:03:8f:bc:8a:e7:e3:a2:1b:40:aa:5f:c1:2f:ef:
a7:35:ce:bc:5a:61:ad:94:39:2c:4b:03:09:06:40:
c7:fa:cd:ca:28:21:52:26:16:d1:93:a4:a3:84:e3:
03:f3:e1:f5:84:04:33:85:bf:bc:23:ef:03:9d:19:
b6:0d:f2:9a:e1:50:fc:20:79:32:80:40:5b:c4:1a:
81:e5:e0:64:8f:2b:c8:37:b2:70:d1:60:01:76:cc:
bd:b0:3f:74:7b:b7:09:49:bc:1f:72:6a:13:89:a8:
f5:29:88:01:b5:b3:26:eb:49:6f:96:7f:fa:e0:64:
66:16:2d:d7:7b:bf:ce:00:dc:d8:62:86:a9:62:d1:
7b:17:b6:1a:2f:1c:81:e9:2a:3f:c6:f4:97:f0:5c:
7c:f2:6a:46:fa:24:49:6d:e6:eb:a2:25:18:a4:ad:
c7:63:c3:8e:49:15:b0:41:a1:e4:b7:6c:52:5e:79:
c8:02:d4:f1:29:51:f6:7f:94:8d:2b:e8:8a:dd:6a:
5a:d1:f2:c2:45:fb:21:35:8c:26:3e:d0:28:4c:29:
9f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F2:06:4F:3D:16:48:43:50:0A:1E:AE:24:DE:C8:75:68:C9:E6:85
X509v3 Authority Key Identifier:
keyid:A4:20:00:C4:F4:EC:4A:03:CD:4D:36:57:E0:1B:70:03:4E:C2:3B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCAAxPTsSgPNTTZX4BtwA07CO5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/KPIGTz0WSENQCh6uJN7IdWjJ5oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/pCAAxPTsSgPNTTZX4BtwA07CO5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.218.240.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:c2:79:0a:37:64:6b:95:31:0f:45:32:4e:1c:ed:51:82:63:
c5:df:f5:71:c8:84:8b:e3:e2:cf:56:ce:84:0d:1a:b7:18:65:
e6:5a:29:0d:f1:b8:ce:e6:9a:4e:39:02:d8:e0:f0:e0:0e:b1:
bf:02:ba:7b:43:70:3e:66:28:80:35:62:10:3f:c9:86:c5:ee:
9a:f8:31:6e:bf:2f:da:9c:5f:e2:14:c0:83:25:e7:7a:16:b9:
a9:ea:9c:fc:ca:47:90:97:c1:69:6a:3a:55:c8:96:11:95:56:
0d:2f:3f:57:0a:6c:9c:4c:37:f3:fc:33:8b:29:07:98:d8:c6:
11:ab:12:b7:54:d2:d2:f4:78:e6:8c:e6:1b:bb:8c:f8:a6:60:
7d:97:12:f2:da:9a:63:47:ed:e7:39:2d:43:ed:00:9e:85:88:
db:75:4f:b9:86:74:63:83:d4:2e:58:6f:04:25:f5:2d:50:fd:
f6:6d:73:5f:45:37:a9:c6:77:30:02:bb:d7:22:03:8b:cc:da:
5e:30:c6:33:7f:cf:85:dd:73:c9:50:60:e7:d0:57:08:3d:4d:
a9:03:b7:98:07:49:eb:cc:29:1e:2b:78:e6:8a:e1:17:dd:c0:
64:63:40:81:85:fd:19:53:34:23:a9:74:0b:c6:9d:c3:68:67:
18:9e:fc:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuE5cleJRynPZj4RK3eauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjAwMGM0ZjRlYzRhMDNjZDRkMzY1N2UwMWI3MDAzNGVj
MjNiOTcwHhcNMjQwMTAxMjAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGYyMDY0ZjNkMTY0ODQzNTAwYTFlYWUyNGRlYzg3NTY4YzllNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsproube5vyRW0+6UySftQR+mZ+oa
xsczzZPk8MRaOgWoXT7QKQptWhTM5uzUA4+8iufjohtAql/BL++nNc68WmGtlDks
SwMJBkDH+s3KKCFSJhbRk6SjhOMD8+H1hAQzhb+8I+8DnRm2DfKa4VD8IHkygEBb
xBqB5eBkjyvIN7Jw0WABdsy9sD90e7cJSbwfcmoTiaj1KYgBtbMm60lvln/64GRm
Fi3Xe7/OANzYYoapYtF7F7YaLxyB6So/xvSX8Fx88mpG+iRJbebroiUYpK3HY8OO
SRWwQaHkt2xSXnnIAtTxKVH2f5SNK+iK3Wpa0fLCRfshNYwmPtAoTCmfdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjyBk89FkhDUAoeriTeyHVoyeaFMB8GA1UdIwQY
MBaAFKQgAMT07EoDzU02V+AbcANOwjuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENBQXhQVHNTZ1BOVFRaWDRCdHdBMDdDTzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNjNkNzctNGZlYS00MTMxLWJlY2It
MGYyMmQ4OTY4OWEwLzEvS1BJR1R6MFdTRU5RQ2g2dUpON0lkV2pKNW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNjNkNzctNGZlYS00MTMxLWJlY2ItMGYyMmQ4OTY4OWEw
LzEvcENBQXhQVHNTZ1BOVFRaWDRCdHdBMDdDTzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCstrwMA0G
CSqGSIb3DQEBCwUAA4IBAQA6wnkKN2RrlTEPRTJOHO1RgmPF3/VxyISL4+LPVs6E
DRq3GGXmWikN8bjO5ppOOQLY4PDgDrG/Arp7Q3A+ZiiANWIQP8mGxe6a+DFuvy/a
nF/iFMCDJed6Frmp6pz8ykeQl8FpajpVyJYRlVYNLz9XCmycTDfz/DOLKQeY2MYR
qxK3VNLS9HjmjOYbu4z4pmB9lxLy2ppjR+3nOS1D7QCehYjbdU+5hnRjg9QuWG8E
JfUtUP32bXNfRTepxncwArvXIgOLzNpeMMYzf8+F3XPJUGDn0FcIPU2pA7eYB0nr
zCkeK3jmiuEX3cBkY0CBhf0ZUzQjqXQLxp3DaGcYnvyT
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:40:28 2024 by rpki-client on console-fra.rpki-client.org