Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/fhZIz3r3qZ3lCNJaLr89krSkCPM.roa
File: fhZIz3r3qZ3lCNJaLr89krSkCPM.roa (raw, json)
Hash identifier: 3840z17VJ4i7RqWs3zH156qGu1E149n46k9rQcnJwKg=
Subject key identifier: 7E:16:48:CF:7A:F7:A9:9D:E5:08:D2:5A:2E:BF:3D:92:B4:A4:08:F3
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 018CC3B73FB4B9E7565989E70D46D10546C6
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/fhZIz3r3qZ3lCNJaLr89krSkCPM.roa
Signing time: Mon 01 Jan 2024 06:30:15 +0000
ROA not before: Mon 01 Jan 2024 06:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211025
IP address blocks: 213.155.169.0/24 maxlen: 24
212.14.48.0/24 maxlen: 24
213.155.172.0/24 maxlen: 24
213.155.170.0/23 maxlen: 23
212.14.54.0/24 maxlen: 24
213.155.177.0/24 maxlen: 24
213.155.181.0/24 maxlen: 24
213.155.186.0/23 maxlen: 23
212.14.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3f:b4:b9:e7:56:59:89:e7:0d:46:d1:05:46:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Jan 1 06:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e1648cf7af7a99de508d25a2ebf3d92b4a408f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1d:78:f1:6b:8f:e0:ca:f3:ee:e5:fd:41:0d:
8d:f7:f0:46:ca:25:dc:28:41:70:9f:68:91:7f:01:
f2:23:6f:48:e6:5f:48:4e:fc:3c:80:ca:a0:90:7d:
92:f9:ee:10:83:fe:5b:2c:f5:07:87:ea:80:2b:ef:
2a:c3:ad:81:80:65:2f:c5:16:0b:e4:8c:e2:25:69:
b7:6c:9f:77:67:81:ab:bc:d8:9b:2b:4f:bd:a7:64:
9b:4e:1d:f9:0e:b7:5d:91:6a:3e:5e:c9:8a:d2:f9:
e1:c0:1a:ef:73:92:eb:0f:9c:ba:34:14:b0:39:da:
58:95:7d:39:28:a2:59:9f:9d:63:09:39:18:81:40:
98:1a:7d:65:62:d0:a4:67:c1:e3:66:32:87:1a:2a:
2a:ff:dd:37:19:82:c4:90:84:c9:bc:85:a5:76:80:
0a:36:b7:b1:51:80:2e:64:d2:e4:00:04:95:19:37:
2a:f8:89:0a:fa:65:9d:57:98:47:71:44:8e:f8:b9:
68:64:c7:5a:4f:0a:4b:77:31:b3:70:aa:b1:87:b9:
de:1b:a2:98:a4:0e:fe:d6:88:fc:1e:fc:61:e4:cf:
a1:b7:64:b6:75:17:e7:21:bb:f2:63:6e:40:a5:86:
8e:3f:e3:d0:8d:ba:ef:32:bf:c4:47:68:38:f0:ea:
57:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:16:48:CF:7A:F7:A9:9D:E5:08:D2:5A:2E:BF:3D:92:B4:A4:08:F3
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/fhZIz3r3qZ3lCNJaLr89krSkCPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.14.48.0/24
212.14.54.0/24
212.14.59.0/24
213.155.169.0-213.155.172.255
213.155.177.0/24
213.155.181.0/24
213.155.186.0/23
Signature Algorithm: sha256WithRSAEncryption
32:a7:0e:dd:bd:60:62:25:78:90:e8:fb:de:92:21:86:ea:ac:
e5:1d:56:58:a6:7f:0e:c6:54:0f:9e:47:c7:b6:7a:0e:97:b8:
13:5f:41:8d:b6:9a:5f:bb:ba:48:7a:36:10:b1:aa:eb:2e:3f:
9c:c6:95:f0:46:ee:19:8a:b7:d2:d7:ea:21:d8:03:58:30:20:
65:26:f3:61:5e:cb:21:91:22:45:f5:ec:2d:2e:35:07:ca:7a:
b0:b4:00:1c:2a:9a:4b:b0:bd:94:92:64:7d:3f:44:52:6b:67:
79:f6:29:4c:53:11:df:4e:9b:26:5c:ee:44:3d:1d:46:db:a3:
fb:d1:4d:d9:63:90:64:c4:ef:30:25:28:92:c6:2d:26:40:6c:
e3:5d:a8:28:d7:2f:84:6a:58:31:b6:79:4d:82:a4:5a:38:cc:
cd:d0:fc:f1:0d:b4:16:cf:86:11:f2:18:5d:55:ea:98:bc:f0:
33:43:60:e5:8e:6c:89:09:48:4b:a4:02:f7:ec:10:62:73:12:
f9:39:6f:69:01:e9:a5:ca:64:f8:fc:b5:38:d0:a7:a8:25:61:
42:e5:11:96:4d:93:6f:01:4f:84:e7:b4:3c:e7:18:79:fc:59:
2b:a5:1b:9a:38:25:cd:39:9a:4d:34:08:f6:d9:98:44:13:30:
53:99:cb:38
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzDtz+0uedWWYnnDUbRBUbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjQwMTAxMDYzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTE2NDhjZjdhZjdhOTlkZTUwOGQyNWEyZWJmM2Q5MmI0YTQwOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh148WuP4Mrz7uX9QQ2N9/BGyiXc
KEFwn2iRfwHyI29I5l9ITvw8gMqgkH2S+e4Qg/5bLPUHh+qAK+8qw62BgGUvxRYL
5IziJWm3bJ93Z4GrvNibK0+9p2SbTh35DrddkWo+XsmK0vnhwBrvc5LrD5y6NBSw
OdpYlX05KKJZn51jCTkYgUCYGn1lYtCkZ8HjZjKHGioq/903GYLEkITJvIWldoAK
NrexUYAuZNLkAASVGTcq+IkK+mWdV5hHcUSO+LloZMdaTwpLdzGzcKqxh7neG6KY
pA7+1oj8Hvxh5M+ht2S2dRfnIbvyY25ApYaOP+PQjbrvMr/ER2g48OpXJwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFH4WSM9696md5QjSWi6/PZK0pAjzMB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEvZmhaSXozcjNxWjNsQ05KYUxyODlrclNrQ1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQA1A4wAwQA
1A42AwQA1A47MAwDBADVm6kDBADVm6wDBADVm7EDBADVm7UDBAHVm7owDQYJKoZI
hvcNAQELBQADggEBADKnDt29YGIleJDo+96SIYbqrOUdVlimfw7GVA+eR8e2eg6X
uBNfQY22ml+7ukh6NhCxqusuP5zGlfBG7hmKt9LX6iHYA1gwIGUm82FeyyGRIkX1
7C0uNQfKerC0ABwqmkuwvZSSZH0/RFJrZ3n2KUxTEd9OmyZc7kQ9HUbbo/vRTdlj
kGTE7zAlKJLGLSZAbONdqCjXL4RqWDG2eU2CpFo4zM3Q/PENtBbPhhHyGF1V6pi8
8DNDYOWObIkJSEukAvfsEGJzEvk5b2kB6aXKZPj8tTjQp6glYULlEZZNk28BT4Tn
tDznGHn8WSulG5o4Jc05mk00CPbZmEQTMFOZyzg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:54:06 2024 by rpki-client on console-fra.rpki-client.org