Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/kbVjWHUOhvK4ka2ezAqEHni7BbQ.roa
File: kbVjWHUOhvK4ka2ezAqEHni7BbQ.roa (raw, json)
Hash identifier: pm2azc3oPkqvFCGq1T9SqVLLjFfTRuHeKQFs9NBjmCE=
Subject key identifier: 91:B5:63:58:75:0E:86:F2:B8:91:AD:9E:CC:0A:84:1E:78:BB:05:B4
Certificate issuer: /CN=9da4e95d2f4cc34a7376b73c0f039b3e158f5152
Certificate serial: 018CC56E050B7CC81898C9BEE8662881E4D6
Authority key identifier: 9D:A4:E9:5D:2F:4C:C3:4A:73:76:B7:3C:0F:03:9B:3E:15:8F:51:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naTpXS9Mw0pzdrc8DwObPhWPUVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/kbVjWHUOhvK4ka2ezAqEHni7BbQ.roa
Signing time: Mon 01 Jan 2024 14:29:30 +0000
ROA not before: Mon 01 Jan 2024 14:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213245
IP address blocks: 185.19.82.0/24 maxlen: 24
185.215.44.0/24 maxlen: 24
185.215.46.0/24 maxlen: 24
185.215.45.0/24 maxlen: 24
185.215.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/naTpXS9Mw0pzdrc8DwObPhWPUVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/naTpXS9Mw0pzdrc8DwObPhWPUVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/naTpXS9Mw0pzdrc8DwObPhWPUVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:05:0b:7c:c8:18:98:c9:be:e8:66:28:81:e4:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9da4e95d2f4cc34a7376b73c0f039b3e158f5152
Validity
Not Before: Jan 1 14:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91b56358750e86f2b891ad9ecc0a841e78bb05b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fd:2e:4a:a3:9d:6e:80:da:9d:5b:b9:b7:11:
93:5c:5e:a6:37:c9:a3:90:02:1e:7a:b0:d1:94:fc:
50:45:9f:8d:3e:b0:98:5f:80:10:c3:04:65:12:a5:
56:4c:59:06:44:46:bf:cf:0b:14:a6:18:20:1d:5e:
fb:f3:0c:02:62:10:4b:e0:29:dd:37:60:04:87:04:
c3:47:9f:76:65:46:2f:40:69:fe:01:34:c6:af:7c:
1e:ed:cf:ab:bd:79:31:f3:20:ea:e9:f8:7a:29:fe:
35:65:73:d2:bd:63:81:bc:6f:e0:d3:2a:c8:6e:ef:
f1:87:ab:c3:f6:8e:8c:f8:4d:5c:d6:17:54:28:d1:
bc:64:9f:2f:6f:74:20:c0:84:f4:72:88:0d:5e:41:
00:7d:81:89:31:b4:80:84:b0:02:9a:af:d9:9e:e1:
9b:c2:8a:40:db:57:cf:ed:94:94:03:08:e1:01:4e:
db:98:c7:c2:6c:8b:17:3f:5e:52:e0:19:b0:4c:24:
19:76:54:7d:f3:34:6e:da:63:b2:d0:af:78:15:78:
9b:ac:9b:97:03:86:a8:45:66:c6:7a:78:a5:b6:21:
d8:19:34:4e:93:ae:63:dc:c2:1a:e3:d5:0b:9a:d1:
9d:c0:a8:82:bc:01:f7:7d:de:c1:77:71:cf:93:dd:
97:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B5:63:58:75:0E:86:F2:B8:91:AD:9E:CC:0A:84:1E:78:BB:05:B4
X509v3 Authority Key Identifier:
keyid:9D:A4:E9:5D:2F:4C:C3:4A:73:76:B7:3C:0F:03:9B:3E:15:8F:51:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naTpXS9Mw0pzdrc8DwObPhWPUVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/kbVjWHUOhvK4ka2ezAqEHni7BbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/acf2a2-4d52-40cd-a5f8-59591389e242/1/naTpXS9Mw0pzdrc8DwObPhWPUVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.82.0/24
185.215.44.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:c0:ed:e5:65:12:33:f6:d1:8f:20:07:e6:af:e4:36:a9:6d:
7e:cf:8d:8a:94:cc:b2:f4:49:ec:c2:dc:0b:65:86:50:15:71:
32:dc:06:a3:72:f7:8e:f5:0f:5c:3d:a6:2f:92:9e:f2:d4:9c:
80:0a:1b:2b:be:8e:2f:b5:55:3b:0d:f3:05:7e:f8:13:2a:01:
42:98:3b:e0:eb:c5:f9:cc:09:a2:cb:91:8a:db:1b:fa:41:16:
76:c9:59:f4:d4:87:f3:99:05:44:11:b0:b1:3c:e2:7a:8e:50:
b7:16:d0:3c:86:1a:36:55:cd:e6:34:6f:dc:45:2f:f7:98:a6:
9c:9f:bb:51:b5:8e:4f:ef:a4:53:03:3a:df:0a:cf:c8:81:d9:
62:f4:76:93:ea:fd:2a:83:8a:bd:58:5f:6e:2f:d4:f8:85:5e:
22:d8:ae:e6:c0:e2:ae:dc:b0:cf:c7:bd:ef:fc:62:8a:d9:bc:
d2:4e:5a:58:c3:b3:db:0c:02:44:78:e7:eb:28:d0:7f:b6:b6:
0d:c2:56:0b:b3:47:5e:bf:e5:9d:1c:b3:6f:72:2e:d2:56:8d:
5e:19:ea:14:aa:53:77:09:c7:0b:2a:69:32:09:fc:0b:e5:3b:
11:9d:05:15:d9:44:33:8e:d2:9c:71:21:7c:7b:e2:0f:fa:75:
58:53:1c:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbgULfMgYmMm+6GYogeTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYTRlOTVkMmY0Y2MzNGE3Mzc2YjczYzBmMDM5YjNlMTU4
ZjUxNTIwHhcNMjQwMTAxMTQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWI1NjM1ODc1MGU4NmYyYjg5MWFkOWVjYzBhODQxZTc4YmIwNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/0uSqOdboDanVu5txGTXF6mN8mj
kAIeerDRlPxQRZ+NPrCYX4AQwwRlEqVWTFkGREa/zwsUphggHV778wwCYhBL4Cnd
N2AEhwTDR592ZUYvQGn+ATTGr3we7c+rvXkx8yDq6fh6Kf41ZXPSvWOBvG/g0yrI
bu/xh6vD9o6M+E1c1hdUKNG8ZJ8vb3QgwIT0cogNXkEAfYGJMbSAhLACmq/ZnuGb
wopA21fP7ZSUAwjhAU7bmMfCbIsXP15S4BmwTCQZdlR98zRu2mOy0K94FXibrJuX
A4aoRWbGeniltiHYGTROk65j3MIa49ULmtGdwKiCvAH3fd7Bd3HPk92XewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJG1Y1h1DobyuJGtnswKhB54uwW0MB8GA1UdIwQY
MBaAFJ2k6V0vTMNKc3a3PA8Dmz4Vj1FSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFUcFhTOU13MHB6ZHJjOER3T2JQaFdQVVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9hY2YyYTItNGQ1Mi00MGNkLWE1Zjgt
NTk1OTEzODllMjQyLzEva2JWaldIVU9odks0a2EyZXpBcUVIbmk3QmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9hY2YyYTItNGQ1Mi00MGNkLWE1ZjgtNTk1OTEzODllMjQy
LzEvbmFUcFhTOU13MHB6ZHJjOER3T2JQaFdQVVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRNSAwQC
udcsMA0GCSqGSIb3DQEBCwUAA4IBAQANwO3lZRIz9tGPIAfmr+Q2qW1+z42KlMyy
9EnswtwLZYZQFXEy3AajcveO9Q9cPaYvkp7y1JyAChsrvo4vtVU7DfMFfvgTKgFC
mDvg68X5zAmiy5GK2xv6QRZ2yVn01IfzmQVEEbCxPOJ6jlC3FtA8hho2Vc3mNG/c
RS/3mKacn7tRtY5P76RTAzrfCs/Igdli9HaT6v0qg4q9WF9uL9T4hV4i2K7mwOKu
3LDPx73v/GKK2bzSTlpYw7PbDAJEeOfrKNB/trYNwlYLs0dev+WdHLNvci7SVo1e
GeoUqlN3CccLKmkyCfwL5TsRnQUV2UQzjtKccSF8e+IP+nVYUxyI
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:28:30 2024 by rpki-client on console-ams.rpki-client.org