Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/tkwQcA8HZb1dSVXwb62SermEjoc.roa
File: tkwQcA8HZb1dSVXwb62SermEjoc.roa (raw, json)
Hash identifier: aQyv+YUVzHDIYUVsp5APla9LuUy/BcxfYrqbP719tZM=
Subject key identifier: B6:4C:10:70:0F:07:65:BD:5D:49:55:F0:6F:AD:92:7A:B9:84:8E:87
Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial: 018F7B904EA75BA36648BFDC6F4E103153E2
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/tkwQcA8HZb1dSVXwb62SermEjoc.roa
Signing time: Wed 15 May 2024 09:23:25 +0000
ROA not before: Wed 15 May 2024 09:23:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209369
IP address blocks: 185.22.96.0/22 maxlen: 22
213.134.21.0/24 maxlen: 24
2a13:5280::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:90:4e:a7:5b:a3:66:48:bf:dc:6f:4e:10:31:53:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
Validity
Not Before: May 15 09:23:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b64c10700f0765bd5d4955f06fad927ab9848e87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:14:9b:f6:7e:32:44:0b:80:68:78:33:36:b1:
55:f2:50:ca:f1:6e:b8:05:75:0f:27:4e:b5:04:9f:
0b:67:88:68:3d:d1:b8:05:0f:d1:58:85:84:2a:85:
9e:ce:75:1c:29:0b:8d:db:7c:01:57:e8:4a:cb:c4:
cb:ec:c5:9a:a8:e2:c9:fa:95:8c:d3:1e:ae:27:1f:
a4:6f:d3:7c:67:71:6b:62:60:77:e0:bb:17:21:ed:
10:e2:58:37:1e:7f:0b:48:29:8c:9f:99:55:1b:f2:
bd:6e:9c:a7:32:c9:0e:67:46:5c:10:64:fd:cd:15:
05:8a:4d:2f:80:93:50:4b:a4:35:c7:63:42:9c:73:
0f:d1:c7:c2:5c:40:36:e2:6a:15:d8:38:86:11:76:
95:d3:b6:67:f6:bf:1c:16:52:8a:fb:08:38:88:79:
15:27:c4:7d:d8:4b:aa:01:df:a1:b2:61:bc:9e:94:
25:8a:1a:ae:de:e0:49:92:41:a9:bd:03:d4:a3:4b:
9b:6c:10:d0:7a:ec:e3:11:a6:75:9c:40:5a:7a:a6:
bb:8b:08:ef:88:be:7b:37:11:9a:8b:53:c6:1d:e2:
f4:c8:b4:17:14:5f:7f:df:f7:88:be:d7:88:10:da:
fa:f8:0c:c0:25:68:5f:15:28:5a:ed:29:04:58:1a:
7f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4C:10:70:0F:07:65:BD:5D:49:55:F0:6F:AD:92:7A:B9:84:8E:87
X509v3 Authority Key Identifier:
keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/tkwQcA8HZb1dSVXwb62SermEjoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.96.0/22
213.134.21.0/24
IPv6:
2a13:5280::/29
Signature Algorithm: sha256WithRSAEncryption
b5:51:00:39:ff:d5:2d:bb:76:03:2b:a7:75:a6:d9:3f:be:6a:
2a:5e:dd:82:05:a2:97:6a:24:c6:3d:0a:11:ab:c6:4f:dc:83:
a0:2f:e3:2f:88:b8:db:11:52:8b:50:a4:04:e0:5e:29:96:4b:
35:d3:f2:e2:18:0e:f9:ad:90:8f:d6:46:f0:11:05:cd:b3:0f:
7a:2c:91:25:27:1f:d1:a0:8e:b5:a6:bd:de:74:88:d1:83:1b:
23:d5:38:c4:60:03:14:26:21:f1:a6:fd:2a:03:60:e1:80:2b:
40:ad:82:c6:04:66:26:19:42:b0:70:e3:d2:a7:d5:2a:e5:f0:
4f:48:90:16:82:8c:7a:ef:52:6d:94:fd:7d:5e:c6:00:27:2d:
72:a2:7f:6b:11:a7:32:8f:e9:d6:f0:22:12:86:25:24:9a:e5:
42:45:1c:10:bc:26:8d:fb:49:8b:17:99:b1:53:04:14:6f:95:
40:04:f8:43:bd:0d:00:33:8b:1f:2f:64:b2:6e:dd:78:35:d7:
c1:c2:c5:24:a6:f3:dc:8a:7e:64:cc:2a:3d:75:1c:36:44:46:
ad:d6:2f:9a:2f:2e:b3:dc:fe:4a:07:cc:de:56:b8:58:88:11:
1e:1c:d6:dc:8c:cd:17:9e:df:bd:4b:00:9c:4a:c8:a5:92:55:
6e:56:27:8c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY97kE6nW6NmSL/cb04QMVPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjQwNTE1MDkyMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjRjMTA3MDBmMDc2NWJkNWQ0OTU1ZjA2ZmFkOTI3YWI5ODQ4ZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxSb9n4yRAuAaHgzNrFV8lDK8W64
BXUPJ061BJ8LZ4hoPdG4BQ/RWIWEKoWeznUcKQuN23wBV+hKy8TL7MWaqOLJ+pWM
0x6uJx+kb9N8Z3FrYmB34LsXIe0Q4lg3Hn8LSCmMn5lVG/K9bpynMskOZ0ZcEGT9
zRUFik0vgJNQS6Q1x2NCnHMP0cfCXEA24moV2DiGEXaV07Zn9r8cFlKK+wg4iHkV
J8R92EuqAd+hsmG8npQlihqu3uBJkkGpvQPUo0ubbBDQeuzjEaZ1nEBaeqa7iwjv
iL57NxGai1PGHeL0yLQXFF9/3/eIvteIENr6+AzAJWhfFSha7SkEWBp/+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLZMEHAPB2W9XUlV8G+tknq5hI6HMB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvdGt3UWNBOEhaYjFkU1ZYd2I2MlNlcm1Fam9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRZgAwQA
1YYVMA0EAgACMAcDBQMqE1KAMA0GCSqGSIb3DQEBCwUAA4IBAQC1UQA5/9Utu3YD
K6d1ptk/vmoqXt2CBaKXaiTGPQoRq8ZP3IOgL+MviLjbEVKLUKQE4F4plks10/Li
GA75rZCP1kbwEQXNsw96LJElJx/RoI61pr3edIjRgxsj1TjEYAMUJiHxpv0qA2Dh
gCtArYLGBGYmGUKwcOPSp9Uq5fBPSJAWgox671JtlP19XsYAJy1yon9rEacyj+nW
8CIShiUkmuVCRRwQvCaN+0mLF5mxUwQUb5VABPhDvQ0AM4sfL2Sybt14NdfBwsUk
pvPcin5kzCo9dRw2REat1i+aLy6z3P5KB8zeVrhYiBEeHNbcjM0Xnt+9SwCcSsil
klVuVieM
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:46:41 2024 by rpki-client on console-fra.rpki-client.org