Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/v3KhN5CBv4Agky3bmPOTO6uP0nU.roa
File: v3KhN5CBv4Agky3bmPOTO6uP0nU.roa (raw, json)
Hash identifier: ddWhFFOpMWQrIi/pK16DM/qWxqYWghK6OrcAtGG6vmI=
Subject key identifier: BF:72:A1:37:90:81:BF:80:20:93:2D:DB:98:F3:93:3B:AB:8F:D2:75
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EA7DB36965190F177693D6A41D4BF7759
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/v3KhN5CBv4Agky3bmPOTO6uP0nU.roa
Signing time: Thu 04 Apr 2024 06:45:45 +0000
ROA not before: Thu 04 Apr 2024 06:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31496
IP address blocks: 213.158.16.0/24 maxlen: 24
213.158.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:db:36:96:51:90:f1:77:69:3d:6a:41:d4:bf:77:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 4 06:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf72a1379081bf8020932ddb98f3933bab8fd275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4f:6e:09:6a:6d:02:1c:78:f5:ab:77:b1:86:
13:5e:4a:61:84:34:a7:b5:49:47:0a:f2:94:cb:0c:
0b:52:02:98:c3:1c:96:89:bd:cb:bb:be:3d:8a:80:
68:62:24:f4:65:5c:3a:38:2d:1e:a9:6e:d7:a7:80:
05:f9:87:83:fb:a6:fd:ad:00:db:c3:75:19:68:38:
de:24:66:66:83:bf:1f:dd:73:44:27:ef:93:2c:00:
30:b3:02:c5:76:19:c5:2d:09:25:c8:88:6a:24:05:
b3:61:5c:23:99:50:db:c1:66:ef:32:f5:51:02:de:
f8:b1:9f:5d:9e:d6:81:e2:ed:cd:34:97:a6:b5:eb:
45:48:32:51:31:5a:52:72:57:8e:82:15:f5:9d:5c:
8f:bf:45:94:6e:70:a0:e5:98:0c:23:44:65:52:87:
ae:57:56:3f:d4:6a:a9:96:73:0b:c2:1d:4a:76:64:
1d:1a:26:e1:f4:5e:4f:5e:aa:2b:13:e1:7a:f8:20:
6a:7b:1c:d1:17:4c:04:6f:a8:47:5e:86:3b:b5:82:
7a:0c:aa:08:e3:09:ea:0d:e5:ce:47:7d:e9:e0:9a:
df:eb:59:d7:1e:48:f8:c3:c2:2e:75:9d:f7:0f:f2:
88:81:d8:78:17:6d:73:5f:32:84:5c:dd:08:0f:15:
63:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:72:A1:37:90:81:BF:80:20:93:2D:DB:98:F3:93:3B:AB:8F:D2:75
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/v3KhN5CBv4Agky3bmPOTO6uP0nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.158.16.0/23
Signature Algorithm: sha256WithRSAEncryption
49:72:14:59:f6:51:ad:5c:b7:bc:46:20:8f:04:28:d2:4c:d9:
73:d2:32:47:2d:51:02:e2:f4:84:77:12:0c:c8:94:ff:6b:ec:
52:44:67:70:a3:ec:8b:34:9c:04:58:16:76:10:e6:5f:2d:ab:
73:6d:1a:15:45:54:13:66:68:07:ff:b1:5e:71:7b:d5:01:01:
98:61:ba:65:be:51:58:7a:ae:a0:76:f7:47:6f:d8:1c:42:9a:
e2:3f:34:0a:ec:50:a3:30:1d:80:c7:b5:5a:63:df:85:ee:09:
07:33:1b:99:24:9a:2d:5c:ca:fc:22:6c:50:d9:08:eb:41:48:
f0:c3:98:fb:61:53:ba:07:c0:81:9a:20:bf:3a:c9:87:e9:a8:
c8:b4:ef:d3:04:7a:e4:bb:30:ee:0f:33:06:b9:d2:db:1a:e1:
88:e5:4a:36:cd:f3:d1:86:5c:07:c8:49:68:24:dd:43:01:3d:
8e:91:b2:bd:f7:4e:06:ef:a2:9a:68:7f:c0:19:bc:0c:14:6e:
fb:49:09:8d:24:e6:07:8d:3e:60:d3:df:ca:5f:d3:b3:f3:d2:
ea:54:bf:21:fa:3b:c5:19:7e:f5:14:9f:53:24:0e:42:9c:78:
35:67:85:b2:b9:08:6c:0e:9d:be:d5:da:11:02:5a:db:50:c9:
3b:51:53:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6n2zaWUZDxd2k9akHUv3dZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDA0MDY0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjcyYTEzNzkwODFiZjgwMjA5MzJkZGI5OGYzOTMzYmFiOGZkMjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl09uCWptAhx49at3sYYTXkphhDSn
tUlHCvKUywwLUgKYwxyWib3Lu749ioBoYiT0ZVw6OC0eqW7Xp4AF+YeD+6b9rQDb
w3UZaDjeJGZmg78f3XNEJ++TLAAwswLFdhnFLQklyIhqJAWzYVwjmVDbwWbvMvVR
At74sZ9dntaB4u3NNJemtetFSDJRMVpScleOghX1nVyPv0WUbnCg5ZgMI0RlUoeu
V1Y/1GqplnMLwh1KdmQdGibh9F5PXqorE+F6+CBqexzRF0wEb6hHXoY7tYJ6DKoI
4wnqDeXOR33p4Jrf61nXHkj4w8IudZ33D/KIgdh4F21zXzKEXN0IDxVjXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9yoTeQgb+AIJMt25jzkzurj9J1MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvdjNLaE41Q0J2NEFna3kzYm1QT1RPNnVQMG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1Z4QMA0G
CSqGSIb3DQEBCwUAA4IBAQBJchRZ9lGtXLe8RiCPBCjSTNlz0jJHLVEC4vSEdxIM
yJT/a+xSRGdwo+yLNJwEWBZ2EOZfLatzbRoVRVQTZmgH/7FecXvVAQGYYbplvlFY
eq6gdvdHb9gcQpriPzQK7FCjMB2Ax7VaY9+F7gkHMxuZJJotXMr8ImxQ2QjrQUjw
w5j7YVO6B8CBmiC/OsmH6ajItO/TBHrkuzDuDzMGudLbGuGI5Uo2zfPRhlwHyElo
JN1DAT2OkbK9904G76KaaH/AGbwMFG77SQmNJOYHjT5g09/KX9Oz89LqVL8h+jvF
GX71FJ9TJA5CnHg1Z4WyuQhsDp2+1doRAlrbUMk7UVOS
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:08:53 2024 by rpki-client on console-ams.rpki-client.org