Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/_kEwtdTOGivmdoorfmmxgmx8Esw.roa
File: _kEwtdTOGivmdoorfmmxgmx8Esw.roa (raw, json)
Hash identifier: uvTj6Klz9rm1/NXY4UowO0yf2rrMKZkpHMMz84l39eA=
Subject key identifier: FE:41:30:B5:D4:CE:1A:2B:E6:76:8A:2B:7E:69:B1:82:6C:7C:12:CC
Certificate issuer: /CN=8901f673c6b0ff8835ea02faedba5b49cf14224e
Certificate serial: 018CC793EC3D972302431F9943EDBFCFF385
Authority key identifier: 89:01:F6:73:C6:B0:FF:88:35:EA:02:FA:ED:BA:5B:49:CF:14:22:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQH2c8aw_4g16gL67bpbSc8UIk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/_kEwtdTOGivmdoorfmmxgmx8Esw.roa
Signing time: Tue 02 Jan 2024 00:30:09 +0000
ROA not before: Tue 02 Jan 2024 00:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205094
IP address blocks: 213.142.154.0/23 maxlen: 23
195.128.143.0/24 maxlen: 24
2a12:f140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/iQH2c8aw_4g16gL67bpbSc8UIk4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/iQH2c8aw_4g16gL67bpbSc8UIk4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQH2c8aw_4g16gL67bpbSc8UIk4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 15:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:ec:3d:97:23:02:43:1f:99:43:ed:bf:cf:f3:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8901f673c6b0ff8835ea02faedba5b49cf14224e
Validity
Not Before: Jan 2 00:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe4130b5d4ce1a2be6768a2b7e69b1826c7c12cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:40:57:57:31:17:db:71:2e:9b:5b:0f:65:2a:
e5:51:bb:cd:4b:45:4e:63:92:24:be:e7:f3:04:73:
6a:27:66:0f:97:f5:28:d0:93:33:f6:29:73:bc:f3:
bc:6a:d7:b0:88:8c:4c:14:53:f8:df:66:0c:9c:96:
cd:4a:3d:be:d4:b8:ac:2d:50:fd:43:b5:ce:03:43:
1c:d9:09:73:ec:79:b1:be:70:35:25:0c:6a:46:4b:
7e:a7:eb:cb:d9:7c:e0:bc:09:a2:73:cb:f8:15:32:
4b:cf:9b:72:b9:ed:84:af:45:fa:7e:ac:c6:24:1b:
9e:08:26:86:a5:19:b3:53:99:5b:a6:6a:2c:82:ca:
95:7e:5b:6f:d7:6c:c3:7e:a9:fc:d4:71:be:22:90:
4c:36:8e:43:5b:9e:0d:bf:fa:80:25:04:24:30:c1:
b8:d4:d4:54:df:c1:f0:06:30:f3:57:e1:e9:1b:19:
fe:a1:4e:a1:35:fd:b6:57:40:46:dd:5b:8b:a1:d0:
d3:a3:77:0b:93:a9:b7:ff:84:61:cb:dd:bd:69:8f:
6e:62:9f:bb:4d:8f:92:7d:96:6b:94:c0:ac:90:98:
8f:e2:03:95:85:45:79:44:c5:8e:bb:4f:56:0a:f5:
12:9f:6a:3e:4d:5c:5f:61:6e:1a:9a:7b:40:37:78:
a8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:41:30:B5:D4:CE:1A:2B:E6:76:8A:2B:7E:69:B1:82:6C:7C:12:CC
X509v3 Authority Key Identifier:
keyid:89:01:F6:73:C6:B0:FF:88:35:EA:02:FA:ED:BA:5B:49:CF:14:22:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQH2c8aw_4g16gL67bpbSc8UIk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/_kEwtdTOGivmdoorfmmxgmx8Esw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/c2ba10-20ed-4e8c-b76c-53c4d5762d1a/1/iQH2c8aw_4g16gL67bpbSc8UIk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.143.0/24
213.142.154.0/23
IPv6:
2a12:f140::/29
Signature Algorithm: sha256WithRSAEncryption
1b:ab:da:69:ee:2e:51:c0:28:07:34:b6:cd:66:d1:ce:1a:41:
4d:02:f8:5c:69:d7:01:3e:db:0c:64:a7:a1:b9:aa:47:ce:81:
87:89:01:d9:d0:56:be:89:2e:56:f5:43:9d:27:c2:2e:de:61:
e7:90:44:5a:2a:02:1c:42:ef:f4:63:a0:5f:70:77:0b:d3:e9:
d8:28:d3:47:22:59:89:25:64:4b:69:2f:a6:d2:6e:3c:45:88:
cb:f9:8a:8a:56:48:3f:e6:06:3a:26:e4:fe:23:c4:4d:ad:77:
36:da:2e:7f:1b:19:4b:9b:b9:9e:57:bf:e0:fe:48:2d:46:d5:
6c:29:c9:fc:7a:5e:43:1d:2d:85:7e:a9:18:b7:fd:00:ff:33:
48:40:36:7c:ff:1f:38:68:a5:33:6e:72:fe:6a:50:0a:03:6a:
73:4a:fa:18:c2:bb:ad:0e:02:bd:63:3e:7d:10:2f:dc:cf:ab:
fb:42:b1:da:e5:be:ec:45:2a:67:0f:12:f2:cc:0d:c4:56:68:
c9:22:53:38:b1:7f:40:9e:0b:35:74:7e:a4:82:ba:64:d6:f8:
fa:99:7d:38:21:88:74:96:c1:66:6f:2f:a0:cb:4d:66:2a:66:
40:40:27:89:e5:fd:ca:33:9b:4e:23:72:df:6b:86:bd:c5:76:
7d:95:d6:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHk+w9lyMCQx+ZQ+2/z/OFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDFmNjczYzZiMGZmODgzNWVhMDJmYWVkYmE1YjQ5Y2Yx
NDIyNGUwHhcNMjQwMTAyMDAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQxMzBiNWQ0Y2UxYTJiZTY3NjhhMmI3ZTY5YjE4MjZjN2MxMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEBXVzEX23Eum1sPZSrlUbvNS0VO
Y5IkvufzBHNqJ2YPl/Uo0JMz9ilzvPO8atewiIxMFFP432YMnJbNSj2+1LisLVD9
Q7XOA0Mc2Qlz7HmxvnA1JQxqRkt+p+vL2XzgvAmic8v4FTJLz5tyue2Er0X6fqzG
JBueCCaGpRmzU5lbpmosgsqVfltv12zDfqn81HG+IpBMNo5DW54Nv/qAJQQkMMG4
1NRU38HwBjDzV+HpGxn+oU6hNf22V0BG3VuLodDTo3cLk6m3/4Rhy929aY9uYp+7
TY+SfZZrlMCskJiP4gOVhUV5RMWOu09WCvUSn2o+TVxfYW4amntAN3ioVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP5BMLXUzhor5naKK35psYJsfBLMMB8GA1UdIwQY
MBaAFIkB9nPGsP+INeoC+u26W0nPFCJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFIMmM4YXdfNGcxNmdMNjdicGJTYzhVSWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9jMmJhMTAtMjBlZC00ZThjLWI3NmMt
NTNjNGQ1NzYyZDFhLzEvX2tFd3RkVE9HaXZtZG9vcmZtbXhnbXg4RXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9jMmJhMTAtMjBlZC00ZThjLWI3NmMtNTNjNGQ1NzYyZDFh
LzEvaVFIMmM4YXdfNGcxNmdMNjdicGJTYzhVSWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAw4CPAwQB
1Y6aMA0EAgACMAcDBQMqEvFAMA0GCSqGSIb3DQEBCwUAA4IBAQAbq9pp7i5RwCgH
NLbNZtHOGkFNAvhcadcBPtsMZKehuapHzoGHiQHZ0Fa+iS5W9UOdJ8Iu3mHnkERa
KgIcQu/0Y6BfcHcL0+nYKNNHIlmJJWRLaS+m0m48RYjL+YqKVkg/5gY6JuT+I8RN
rXc22i5/GxlLm7meV7/g/kgtRtVsKcn8el5DHS2FfqkYt/0A/zNIQDZ8/x84aKUz
bnL+alAKA2pzSvoYwrutDgK9Yz59EC/cz6v7QrHa5b7sRSpnDxLyzA3EVmjJIlM4
sX9Angs1dH6kgrpk1vj6mX04IYh0lsFmby+gy01mKmZAQCeJ5f3KM5tOI3Lfa4a9
xXZ9ldYf
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:03:18 2024 by rpki-client on console-fra.rpki-client.org