Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/t9hFjlx6qa_STI4mpDZG3X0DBFo.roa
File: t9hFjlx6qa_STI4mpDZG3X0DBFo.roa (raw, json)
Hash identifier: fTBO5ZV9W+Woxni6iWh6UuhanqoprrEHma3LGKMPbQE=
Subject key identifier: B7:D8:45:8E:5C:7A:A9:AF:D2:4C:8E:26:A4:36:46:DD:7D:03:04:5A
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 018CC3B73E34427D45B9AC72F5DE9E667622
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/t9hFjlx6qa_STI4mpDZG3X0DBFo.roa
Signing time: Mon 01 Jan 2024 06:30:15 +0000
ROA not before: Mon 01 Jan 2024 06:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13119
IP address blocks: 213.155.160.0/19 maxlen: 19
212.14.48.0/20 maxlen: 20
80.94.16.0/20 maxlen: 20
2001:4c5c::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 19:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3e:34:42:7d:45:b9:ac:72:f5:de:9e:66:76:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Jan 1 06:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7d8458e5c7aa9afd24c8e26a43646dd7d03045a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2c:c7:7a:83:d5:7e:59:af:c7:8e:25:9e:7f:
8a:d3:fc:b9:ee:14:85:b2:f2:ad:5b:f0:9a:fe:d0:
4e:56:8d:80:06:f9:36:f2:cf:26:07:f6:0b:bf:bf:
7e:64:61:ab:26:a6:eb:0d:17:65:96:cd:85:a2:2b:
c6:f4:4c:0f:76:f2:db:fd:62:ca:67:b9:d1:de:d9:
c2:c7:72:9f:02:1e:2a:21:34:3b:7f:79:05:44:31:
89:7b:2c:54:75:24:74:c2:63:9e:84:8d:06:6d:a4:
95:56:ad:d8:66:1c:17:3f:cc:8f:10:de:df:d2:3e:
79:1d:bd:b4:b5:3f:5b:5e:2a:dc:7e:48:61:c2:b1:
03:a0:9f:0e:fa:e3:83:b8:d9:96:c1:a7:34:4b:35:
bb:ec:c5:01:ae:a4:60:b0:2f:01:5f:56:54:88:3f:
d3:03:cb:6f:c4:ed:0b:7f:e2:9a:35:b5:15:42:4d:
f1:cc:28:e7:2d:8d:b5:75:d3:35:34:95:6b:78:5c:
63:ad:d5:68:5c:a9:84:93:95:29:9f:e5:10:51:d9:
02:2d:99:80:e8:14:21:07:61:c5:88:f4:a0:6c:15:
e7:f7:e5:9a:ef:0a:07:56:36:56:ad:50:1f:4d:ef:
d8:29:0c:6f:8c:3e:00:68:2b:e0:3a:3e:14:21:5d:
31:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D8:45:8E:5C:7A:A9:AF:D2:4C:8E:26:A4:36:46:DD:7D:03:04:5A
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/t9hFjlx6qa_STI4mpDZG3X0DBFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.16.0/20
212.14.48.0/20
213.155.160.0/19
IPv6:
2001:4c5c::/30
Signature Algorithm: sha256WithRSAEncryption
1c:8b:d9:84:77:6c:41:09:fb:49:07:77:04:ab:9f:c5:d6:3a:
79:ca:91:80:b6:21:99:24:96:80:7d:d9:3a:d7:5e:e1:88:a0:
e0:d7:22:94:a8:9a:84:65:4d:6b:0e:3f:cf:d8:84:3c:0e:8e:
09:af:9e:09:78:e8:3b:4f:51:30:4f:f7:e1:9f:3d:de:43:d2:
c9:b6:0b:df:7e:cc:c9:9c:bb:c6:1d:60:95:90:7c:03:67:4b:
ea:ee:ba:d2:06:23:32:8a:2b:a1:04:82:9e:55:33:d6:94:1b:
84:b2:cc:37:40:44:7f:4f:68:9c:b6:ac:3a:91:b7:99:fd:b2:
7a:05:01:aa:1e:50:1d:58:4e:c4:d8:6a:39:f7:41:d8:63:26:
0a:54:14:2c:79:2d:94:20:ca:87:c6:97:6a:ac:11:85:9a:ee:
10:d6:0e:0f:e3:71:24:2e:a8:ff:57:8b:e5:54:6e:4c:c9:60:
e6:bb:ff:14:09:30:c8:5c:ca:44:7e:8d:68:88:31:03:a2:81:
b7:dc:7a:a3:06:c9:e1:fb:92:76:31:60:ef:2b:d0:b2:17:ed:
fd:f8:76:e2:99:dd:c5:1e:ee:98:45:4e:46:61:87:2d:69:c0:
cc:e2:a4:75:c6:c8:56:2b:cd:36:09:24:c1:14:96:a8:9e:c4:
25:54:e9:78
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtz40Qn1Fuaxy9d6eZnYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjQwMTAxMDYzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Q4NDU4ZTVjN2FhOWFmZDI0YzhlMjZhNDM2NDZkZDdkMDMwNDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0izHeoPVflmvx44lnn+K0/y57hSF
svKtW/Ca/tBOVo2ABvk28s8mB/YLv79+ZGGrJqbrDRdlls2FoivG9EwPdvLb/WLK
Z7nR3tnCx3KfAh4qITQ7f3kFRDGJeyxUdSR0wmOehI0GbaSVVq3YZhwXP8yPEN7f
0j55Hb20tT9bXircfkhhwrEDoJ8O+uODuNmWwac0SzW77MUBrqRgsC8BX1ZUiD/T
A8tvxO0Lf+KaNbUVQk3xzCjnLY21ddM1NJVreFxjrdVoXKmEk5Upn+UQUdkCLZmA
6BQhB2HFiPSgbBXn9+Wa7woHVjZWrVAfTe/YKQxvjD4AaCvgOj4UIV0xqQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLfYRY5ceqmv0kyOJqQ2Rt19AwRaMB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEvdDloRmpseDZxYV9TVEk0bXBEWkczWDBEQkZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUF4QAwQE
1A4wAwQF1ZugMA0EAgACMAcDBQIgAUxcMA0GCSqGSIb3DQEBCwUAA4IBAQAci9mE
d2xBCftJB3cEq5/F1jp5ypGAtiGZJJaAfdk6117hiKDg1yKUqJqEZU1rDj/P2IQ8
Do4Jr54JeOg7T1EwT/fhnz3eQ9LJtgvffszJnLvGHWCVkHwDZ0vq7rrSBiMyiiuh
BIKeVTPWlBuEssw3QER/T2ictqw6kbeZ/bJ6BQGqHlAdWE7E2Go590HYYyYKVBQs
eS2UIMqHxpdqrBGFmu4Q1g4P43EkLqj/V4vlVG5MyWDmu/8UCTDIXMpEfo1oiDED
ooG33HqjBsnh+5J2MWDvK9CyF+39+Hbimd3FHu6YRU5GYYctacDM4qR1xshWK802
CSTBFJaonsQlVOl4
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:42:29 2024 by rpki-client on console-fra.rpki-client.org