Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/S18geD1YizjShFAvB3Ldtgc3a1U.roa
File: S18geD1YizjShFAvB3Ldtgc3a1U.roa (raw, json)
Hash identifier: ozHHCfE4L+RXF50C8Dq35sYt6rSgZcvIfr88JELsFyE=
Subject key identifier: 4B:5F:20:78:3D:58:8B:38:D2:84:50:2F:07:72:DD:B6:07:37:6B:55
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 018F803594E38C916473DE1C5CF5C371726D
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/S18geD1YizjShFAvB3Ldtgc3a1U.roa
Signing time: Thu 16 May 2024 07:02:26 +0000
ROA not before: Thu 16 May 2024 07:02:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13119
IP address blocks: 80.94.16.0/20 maxlen: 20
109.69.88.0/21 maxlen: 24
212.14.48.0/20 maxlen: 24
213.155.160.0/19 maxlen: 19
2001:4c5c::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:35:94:e3:8c:91:64:73:de:1c:5c:f5:c3:71:72:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: May 16 07:02:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b5f20783d588b38d284502f0772ddb607376b55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:84:6d:0b:b0:ba:ee:ae:c9:f2:08:61:8f:6f:
f2:d4:79:e1:2c:30:d3:fd:17:1c:d3:b5:87:5c:dd:
97:dd:ad:0c:e3:08:e8:12:af:ff:cd:c9:0f:d1:c8:
b2:78:6a:81:91:47:3d:f4:4c:da:ab:b4:de:10:c2:
03:91:98:51:92:04:bf:93:2e:7f:ae:b2:76:02:b7:
9b:99:ba:2b:59:67:4a:b3:16:ab:ce:43:34:91:26:
0e:5b:83:1e:a0:8e:a5:22:90:fa:2c:d5:e8:6a:a2:
21:0e:db:9e:7c:c1:b4:9e:0d:f6:99:8e:95:d4:31:
84:46:fc:5a:5a:00:25:50:7c:91:17:93:28:a6:d6:
6c:26:80:92:f2:42:d8:2f:0f:c8:b8:84:e6:f8:73:
24:fd:d8:06:bd:7d:19:ca:6e:90:b1:39:d0:59:12:
21:be:65:7e:15:04:dd:e1:d7:3e:ee:fd:a0:12:69:
0c:33:74:3b:4b:2e:cd:45:0f:cf:2e:67:19:d7:e7:
4f:44:bb:35:14:e4:1a:67:12:ab:f4:b1:9d:1a:11:
0b:b0:74:c1:72:06:e5:e9:86:37:cd:dc:1f:fa:a4:
69:07:9b:89:87:33:62:27:5d:4e:48:b6:74:6a:08:
5c:cb:98:0f:a6:d3:5d:da:b1:fd:ad:ae:c2:89:0f:
9e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5F:20:78:3D:58:8B:38:D2:84:50:2F:07:72:DD:B6:07:37:6B:55
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/S18geD1YizjShFAvB3Ldtgc3a1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.16.0/20
109.69.88.0/21
212.14.48.0/20
213.155.160.0/19
IPv6:
2001:4c5c::/30
Signature Algorithm: sha256WithRSAEncryption
22:f1:cd:c5:dd:f8:73:b1:65:b5:76:43:6f:e1:d6:fa:d0:23:
10:4c:48:db:87:ad:16:36:b2:ab:99:8d:c9:52:9f:2e:bd:4e:
ac:6c:3a:41:39:5a:25:94:70:85:12:09:e7:93:f0:18:81:10:
b0:89:f7:44:0e:43:6e:8a:00:af:65:89:03:28:75:a1:5e:66:
65:26:94:fa:5d:df:ee:5c:0b:d4:cf:fc:10:d9:62:78:22:fc:
dc:0e:4e:d7:72:ef:04:72:4c:7a:9c:52:3c:b0:80:3d:23:0b:
6f:cf:fd:45:cb:fa:f5:fd:3d:0e:ba:91:41:5a:4d:2e:e0:d1:
7d:2c:01:af:96:a9:92:f9:3a:be:6a:1a:b0:22:e3:16:6f:d5:
00:53:23:a7:06:7d:4b:c2:68:28:29:de:e5:51:1c:e6:e0:56:
9b:28:c0:e4:e0:fb:e5:c1:ee:62:d4:b7:34:e7:8b:17:75:71:
c3:c0:75:8b:c8:4b:e3:be:11:d5:e5:cd:ba:a6:2c:e6:e5:0e:
ec:dd:ba:05:9b:c2:c9:2c:9a:da:f4:6b:71:07:26:3a:b0:d2:
c4:f7:e3:40:0f:54:73:82:81:87:67:0c:ae:39:cb:77:45:42:
59:04:de:69:fc:8c:be:dc:18:9e:90:cb:96:24:ce:48:4a:90:
ab:87:1b:fa
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY+ANZTjjJFkc94cXPXDcXJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjQwNTE2MDcwMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjVmMjA3ODNkNTg4YjM4ZDI4NDUwMmYwNzcyZGRiNjA3Mzc2YjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YRtC7C67q7J8ghhj2/y1HnhLDDT
/Rcc07WHXN2X3a0M4wjoEq//zckP0ciyeGqBkUc99Ezaq7TeEMIDkZhRkgS/ky5/
rrJ2ArebmborWWdKsxarzkM0kSYOW4MeoI6lIpD6LNXoaqIhDtuefMG0ng32mY6V
1DGERvxaWgAlUHyRF5MoptZsJoCS8kLYLw/IuITm+HMk/dgGvX0Zym6QsTnQWRIh
vmV+FQTd4dc+7v2gEmkMM3Q7Sy7NRQ/PLmcZ1+dPRLs1FOQaZxKr9LGdGhELsHTB
cgbl6YY3zdwf+qRpB5uJhzNiJ11OSLZ0aghcy5gPptNd2rH9ra7CiQ+ejwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEtfIHg9WIs40oRQLwdy3bYHN2tVMB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEvUzE4Z2VEMVlpempTaEZBdkIzTGR0Z2MzYTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUF4QAwQD
bUVYAwQE1A4wAwQF1ZugMA0EAgACMAcDBQIgAUxcMA0GCSqGSIb3DQEBCwUAA4IB
AQAi8c3F3fhzsWW1dkNv4db60CMQTEjbh60WNrKrmY3JUp8uvU6sbDpBOVollHCF
Egnnk/AYgRCwifdEDkNuigCvZYkDKHWhXmZlJpT6Xd/uXAvUz/wQ2WJ4IvzcDk7X
cu8Eckx6nFI8sIA9Iwtvz/1Fy/r1/T0OupFBWk0u4NF9LAGvlqmS+Tq+ahqwIuMW
b9UAUyOnBn1LwmgoKd7lURzm4FabKMDk4Pvlwe5i1Lc054sXdXHDwHWLyEvjvhHV
5c26pizm5Q7s3boFm8LJLJra9GtxByY6sNLE9+NAD1RzgoGHZwyuOct3RUJZBN5p
/Iy+3BiekMuWJM5ISpCrhxv6
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:47 2024 by rpki-client on console-ams.rpki-client.org