Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/kxNCd7mUhM3Wn-EIVXcmqjX1Tps.roa
File: kxNCd7mUhM3Wn-EIVXcmqjX1Tps.roa (raw, json)
Hash identifier: saee1qlhcO5yVhjiah5FxsKABbzrucdwOir+Nlxa0Ko=
Subject key identifier: 93:13:42:77:B9:94:84:CD:D6:9F:E1:08:55:77:26:AA:35:F5:4E:9B
Certificate issuer: /CN=fd2af9060c1f42c628fcfb8f0781d7a5bc21fc02
Certificate serial: 018CC4930928406EAD670799FA0715F03478
Authority key identifier: FD:2A:F9:06:0C:1F:42:C6:28:FC:FB:8F:07:81:D7:A5:BC:21:FC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/kxNCd7mUhM3Wn-EIVXcmqjX1Tps.roa
Signing time: Mon 01 Jan 2024 10:30:19 +0000
ROA not before: Mon 01 Jan 2024 10:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28725
IP address blocks: 85.162.0.0/15 maxlen: 24
80.74.32.0/20 maxlen: 24
194.147.12.0/22 maxlen: 24
2a07:1f40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 01:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:09:28:40:6e:ad:67:07:99:fa:07:15:f0:34:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd2af9060c1f42c628fcfb8f0781d7a5bc21fc02
Validity
Not Before: Jan 1 10:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93134277b99484cdd69fe108557726aa35f54e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:50:7f:09:77:07:80:2b:3d:73:8e:76:c1:61:
fc:bf:ff:8c:d8:a1:b8:46:b6:4c:dd:8c:a8:02:c9:
ca:82:a1:bb:ca:62:23:38:b5:96:dc:e3:b6:98:70:
13:d7:1c:66:70:75:19:f8:6e:a6:dc:c9:f1:c6:8e:
bb:b2:a6:8f:77:d8:62:93:75:98:5d:f3:cc:93:27:
ef:74:92:65:8d:f0:81:af:2e:10:e5:f2:5b:4d:a7:
0a:7b:a5:a7:e7:01:88:26:d4:ab:20:9c:34:2b:b7:
2f:08:97:77:eb:6f:42:b0:5a:79:d6:b2:b1:f9:61:
e4:37:a7:56:26:59:82:a3:68:80:c4:f9:17:98:59:
b3:65:92:00:e1:53:cf:28:4d:75:ad:13:5b:c7:e8:
af:f4:5e:67:97:fd:ba:b5:12:83:81:93:9e:a4:38:
f0:72:64:30:6a:9b:f5:65:8c:9e:7c:31:c5:56:bc:
b8:9b:46:c3:4a:7a:47:58:73:2b:ce:b0:93:57:30:
95:af:88:e3:f8:bd:2b:0a:d7:ec:c0:82:f4:ec:e5:
a5:60:33:0e:ca:7a:d4:69:ea:3b:86:ef:3a:5f:de:
e1:b2:25:00:c3:f3:81:3f:d5:7d:2b:83:4e:24:1d:
0b:5c:0a:18:99:31:bb:3c:0a:a1:b7:cd:58:23:09:
c1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:13:42:77:B9:94:84:CD:D6:9F:E1:08:55:77:26:AA:35:F5:4E:9B
X509v3 Authority Key Identifier:
keyid:FD:2A:F9:06:0C:1F:42:C6:28:FC:FB:8F:07:81:D7:A5:BC:21:FC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/kxNCd7mUhM3Wn-EIVXcmqjX1Tps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/a98e4a-45aa-408c-b807-bfcf9a922a8b/1/_Sr5BgwfQsYo_PuPB4HXpbwh_AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.32.0/20
85.162.0.0/15
194.147.12.0/22
IPv6:
2a07:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
d2:a1:ed:79:20:54:d9:bd:80:39:93:27:82:93:01:a2:08:e1:
75:91:5e:48:3a:af:fe:bf:3a:a5:4a:01:0c:4c:0e:e4:75:50:
39:56:35:63:29:25:f5:80:ee:cd:5e:9b:5e:68:76:bb:a8:f8:
54:05:e6:61:69:6b:17:ba:c5:5b:f6:6a:d1:53:57:29:be:73:
ea:97:cd:9a:10:79:91:31:4c:d9:20:aa:bd:0b:f6:a0:06:a3:
94:ad:16:ef:e1:3c:f6:54:41:b3:56:63:8b:a0:57:61:1c:c1:
65:a1:53:c6:d1:15:cf:32:b3:46:c0:18:57:9b:eb:36:9f:af:
53:70:0c:2e:3e:d0:1d:eb:01:80:7b:44:ff:d0:8b:9b:b4:e7:
99:ae:c6:54:1c:bb:45:c3:af:0a:b5:eb:33:48:cf:28:f2:09:
99:07:78:0a:1d:b5:74:24:a0:e0:82:40:44:3c:58:5d:c6:b0:
51:27:34:3d:0b:ff:c6:70:2d:35:8e:69:2d:76:2c:f4:96:06:
0a:03:00:ec:2e:97:b8:e3:b3:78:47:cd:84:a3:58:b7:79:38:
30:0c:40:50:32:ed:56:5f:0c:07:f8:7f:cd:83:2c:e1:2e:8a:
5a:5d:65:2a:07:b7:56:cc:ba:f2:d2:79:52:5e:a7:1a:93:8d:
53:c5:66:9a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEkwkoQG6tZweZ+gcV8DR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMmFmOTA2MGMxZjQyYzYyOGZjZmI4ZjA3ODFkN2E1YmMy
MWZjMDIwHhcNMjQwMTAxMTAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzEzNDI3N2I5OTQ4NGNkZDY5ZmUxMDg1NTc3MjZhYTM1ZjU0ZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVB/CXcHgCs9c452wWH8v/+M2KG4
RrZM3YyoAsnKgqG7ymIjOLWW3OO2mHAT1xxmcHUZ+G6m3Mnxxo67sqaPd9hik3WY
XfPMkyfvdJJljfCBry4Q5fJbTacKe6Wn5wGIJtSrIJw0K7cvCJd3629CsFp51rKx
+WHkN6dWJlmCo2iAxPkXmFmzZZIA4VPPKE11rRNbx+iv9F5nl/26tRKDgZOepDjw
cmQwapv1ZYyefDHFVry4m0bDSnpHWHMrzrCTVzCVr4jj+L0rCtfswIL07OWlYDMO
ynrUaeo7hu86X97hsiUAw/OBP9V9K4NOJB0LXAoYmTG7PAqht81YIwnBNwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJMTQne5lITN1p/hCFV3Jqo19U6bMB8GA1UdIwQY
MBaAFP0q+QYMH0LGKPz7jweB16W8IfwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NyNUJnd2ZRc1lvX1B1UEI0SFhwYndoX0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hOThlNGEtNDVhYS00MDhjLWI4MDct
YmZjZjlhOTIyYThiLzEva3hOQ2Q3bVVoTTNXbi1FSVZYY21xalgxVHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hOThlNGEtNDVhYS00MDhjLWI4MDctYmZjZjlhOTIyYThi
LzEvX1NyNUJnd2ZRc1lvX1B1UEI0SFhwYndoX0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQEUEogAwMB
VaIDBALCkwwwDQQCAAIwBwMFAyoHH0AwDQYJKoZIhvcNAQELBQADggEBANKh7Xkg
VNm9gDmTJ4KTAaII4XWRXkg6r/6/OqVKAQxMDuR1UDlWNWMpJfWA7s1em15odruo
+FQF5mFpaxe6xVv2atFTVym+c+qXzZoQeZExTNkgqr0L9qAGo5StFu/hPPZUQbNW
Y4ugV2EcwWWhU8bRFc8ys0bAGFeb6zafr1NwDC4+0B3rAYB7RP/Qi5u055muxlQc
u0XDrwq16zNIzyjyCZkHeAodtXQkoOCCQEQ8WF3GsFEnND0L/8ZwLTWOaS12LPSW
BgoDAOwul7jjs3hHzYSjWLd5ODAMQFAy7VZfDAf4f82DLOEuilpdZSoHt1bMuvLS
eVJepxqTjVPFZpo=
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:30:06 2024 by rpki-client on console-ams.rpki-client.org