Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/kinZNaw5TfeDCJOlRl8hPqbpnyY.roa
File: kinZNaw5TfeDCJOlRl8hPqbpnyY.roa (raw, json)
Hash identifier: VTN+ILF9dzwvGDzgdTEAKeN/gwpJIZajtmFL7VAbcWc=
Subject key identifier: 92:29:D9:35:AC:39:4D:F7:83:08:93:A5:46:5F:21:3E:A6:E9:9F:26
Certificate issuer: /CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Certificate serial: 018CC7273CDD528B80588A582D53D4BDE9A9
Authority key identifier: BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/kinZNaw5TfeDCJOlRl8hPqbpnyY.roa
Signing time: Mon 01 Jan 2024 22:31:26 +0000
ROA not before: Mon 01 Jan 2024 22:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34219
IP address blocks: 178.255.16.0/22 maxlen: 22
178.255.22.0/24 maxlen: 24
178.255.20.0/23 maxlen: 23
159.253.112.0/22 maxlen: 22
159.253.118.0/24 maxlen: 24
159.253.116.0/23 maxlen: 23
159.253.119.0/24 maxlen: 24
93.94.4.0/23 maxlen: 23
185.2.56.0/22 maxlen: 22
2a03:1e00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/v7STRXsvAuabhfcY3MFqmp7w_NE.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/v7STRXsvAuabhfcY3MFqmp7w_NE.mft
rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 04:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:3c:dd:52:8b:80:58:8a:58:2d:53:d4:bd:e9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Validity
Not Before: Jan 1 22:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9229d935ac394df7830893a5465f213ea6e99f26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0a:4c:73:74:32:9d:f0:48:ab:18:9b:68:bc:
ea:7b:de:26:92:e5:c1:25:cf:40:33:b9:4e:4f:f3:
dd:64:76:1a:b0:55:4c:a2:66:d8:f4:89:dd:f9:17:
be:88:74:d6:e7:2e:80:b8:e7:74:ae:e2:b8:ec:be:
29:85:1c:fc:c7:0d:a6:73:04:9c:18:c5:49:41:f7:
bd:74:82:ab:20:37:fb:3a:7c:78:d5:f7:b6:35:c6:
f7:27:e0:6c:8f:f4:9c:a1:af:ed:b9:83:97:c9:d0:
7c:94:69:3b:68:93:e8:09:c4:02:18:65:14:2a:74:
ff:d1:5b:3c:97:a4:1e:ac:d4:7b:6d:8e:5f:80:a8:
4e:05:61:f2:cf:cb:fb:02:78:4f:93:b7:52:93:ab:
0f:be:7b:ad:5b:63:21:57:e7:df:d6:fe:68:30:35:
b0:96:ed:61:fe:1b:99:e5:02:f5:f8:cd:34:2a:63:
ad:90:71:76:19:d9:63:0e:5f:7a:62:c9:29:0c:92:
f4:9b:2d:fb:c7:ab:94:3c:df:0d:f8:2f:79:0b:41:
5b:e5:34:34:54:d6:3a:e2:1d:8f:b9:b4:81:21:b7:
ee:d8:7f:e7:4e:cb:e4:f6:f6:b1:22:7c:13:90:c9:
25:37:a4:ac:6e:c5:45:1d:f9:cc:0b:de:c6:89:f6:
0b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:29:D9:35:AC:39:4D:F7:83:08:93:A5:46:5F:21:3E:A6:E9:9F:26
X509v3 Authority Key Identifier:
keyid:BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/kinZNaw5TfeDCJOlRl8hPqbpnyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/v7STRXsvAuabhfcY3MFqmp7w_NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.4.0/23
159.253.112.0/21
178.255.16.0-178.255.22.255
185.2.56.0/22
IPv6:
2a03:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
73:c5:79:02:8a:0e:24:8d:45:d4:76:de:ba:43:82:a7:10:5c:
b3:90:e6:61:3a:ae:e9:23:ec:bc:10:e7:6e:50:1c:a1:81:7d:
e1:f8:84:c9:d7:b7:66:1e:25:10:04:15:f0:c3:e3:6b:07:22:
67:39:3c:b6:0c:87:83:1c:47:4a:fe:ce:ae:ce:b2:cc:8e:53:
89:6a:b8:1c:83:7b:a2:fe:9f:65:97:76:93:1e:55:81:0f:42:
f7:c3:59:a3:bd:b6:16:8f:3a:18:1e:d3:dc:ee:84:f2:6f:39:
85:4a:38:f3:55:4f:a9:ce:2a:a4:a4:c2:3b:3e:10:80:b3:63:
0c:6f:09:2f:22:ab:6c:c0:2b:81:1b:15:3a:33:fc:e7:99:1b:
db:bb:9f:ea:ed:ed:fa:48:10:f8:6e:d9:2a:4e:21:ee:a6:80:
8b:60:c2:20:ca:57:c8:32:14:57:b1:28:14:0d:36:63:f7:33:
ca:bf:19:3e:52:0b:0d:a5:23:f5:a2:5f:51:59:2c:41:1d:45:
e8:be:07:2d:b0:ae:b9:83:2e:41:62:43:a4:a8:12:c6:f7:ad:
c3:8b:68:ec:b1:98:25:dc:44:75:c1:eb:b1:0c:5b:c3:b5:56:
61:88:11:db:47:e8:9c:ff:e9:d5:21:91:2c:56:9a:68:3b:85:
94:39:61:f8
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzHJzzdUouAWIpYLVPUvempMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjQ5MzQ1N2IyZjAyZTY5Yjg1ZjcxOGRjYzE2YTlhOWVm
MGZjZDEwHhcNMjQwMTAxMjIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjI5ZDkzNWFjMzk0ZGY3ODMwODkzYTU0NjVmMjEzZWE2ZTk5ZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsApMc3QynfBIqxibaLzqe94mkuXB
Jc9AM7lOT/PdZHYasFVMombY9Ind+Re+iHTW5y6AuOd0ruK47L4phRz8xw2mcwSc
GMVJQfe9dIKrIDf7Onx41fe2Ncb3J+Bsj/Scoa/tuYOXydB8lGk7aJPoCcQCGGUU
KnT/0Vs8l6QerNR7bY5fgKhOBWHyz8v7AnhPk7dSk6sPvnutW2MhV+ff1v5oMDWw
lu1h/huZ5QL1+M00KmOtkHF2GdljDl96YskpDJL0my37x6uUPN8N+C95C0Fb5TQ0
VNY64h2PubSBIbfu2H/nTsvk9vaxInwTkMklN6SsbsVFHfnMC97GifYL7wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJIp2TWsOU33gwiTpUZfIT6m6Z8mMB8GA1UdIwQY
MBaAFL+0k0V7LwLmm4X3GNzBapqe8PzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMt
MWY2NDA5ODQ4MTUwLzEva2luWk5hdzVUZmVEQ0pPbFJsOGhQcWJwbnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMtMWY2NDA5ODQ4MTUw
LzEvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQBXV4EAwQD
n/1wMAwDBASy/xADBACy/xYDBAK5AjgwDQQCAAIwBwMFACoDHgAwDQYJKoZIhvcN
AQELBQADggEBAHPFeQKKDiSNRdR23rpDgqcQXLOQ5mE6rukj7LwQ525QHKGBfeH4
hMnXt2YeJRAEFfDD42sHImc5PLYMh4McR0r+zq7OssyOU4lquByDe6L+n2WXdpMe
VYEPQvfDWaO9thaPOhge09zuhPJvOYVKOPNVT6nOKqSkwjs+EICzYwxvCS8iq2zA
K4EbFToz/OeZG9u7n+rt7fpIEPhu2SpOIe6mgItgwiDKV8gyFFexKBQNNmP3M8q/
GT5SCw2lI/WiX1FZLEEdRei+By2wrrmDLkFiQ6SoEsb3rcOLaOyxmCXcRHXB67EM
W8O1VmGIEdtH6Jz/6dUhkSxWmmg7hZQ5Yfg=
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:21:35 2024 by rpki-client on console-fra.rpki-client.org