Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/kkovp8tfvZYxjFbBxIdTANLpFZ0.roa
File: kkovp8tfvZYxjFbBxIdTANLpFZ0.roa (raw, json)
Hash identifier: nhqhDrpn7KV3qEc6fLPKJVqitRVZB+k4nfOCR8YaTSo=
Subject key identifier: 92:4A:2F:A7:CB:5F:BD:96:31:8C:56:C1:C4:87:53:00:D2:E9:15:9D
Certificate issuer: /CN=c3b0d535eebcf28e60ac98ae495b34981b5a93ec
Certificate serial: 018CC5DBF3C192731AA738B30857F4CF1A61
Authority key identifier: C3:B0:D5:35:EE:BC:F2:8E:60:AC:98:AE:49:5B:34:98:1B:5A:93:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/kkovp8tfvZYxjFbBxIdTANLpFZ0.roa
Signing time: Mon 01 Jan 2024 16:29:35 +0000
ROA not before: Mon 01 Jan 2024 16:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202125
IP address blocks: 188.119.104.0/22 maxlen: 24
185.50.204.0/23 maxlen: 23
185.50.206.0/23 maxlen: 24
193.43.74.0/24 maxlen: 24
45.13.10.0/24 maxlen: 24
45.13.9.0/24 maxlen: 24
185.247.166.0/24 maxlen: 24
185.247.165.0/24 maxlen: 24
185.247.164.0/24 maxlen: 24
185.247.164.0/22 maxlen: 24
185.247.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/w7DVNe688o5grJiuSVs0mBtak-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/w7DVNe688o5grJiuSVs0mBtak-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f3:c1:92:73:1a:a7:38:b3:08:57:f4:cf:1a:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3b0d535eebcf28e60ac98ae495b34981b5a93ec
Validity
Not Before: Jan 1 16:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=924a2fa7cb5fbd96318c56c1c4875300d2e9159d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:58:77:72:a1:e6:28:de:66:99:54:55:ae:b4:
10:1f:76:43:6c:62:69:19:d7:52:89:09:c2:0e:38:
7d:37:60:f7:e3:8b:22:59:43:3b:aa:6f:f8:a4:2f:
72:92:ff:db:13:5f:04:2e:2d:52:33:b5:f3:13:fd:
f1:7a:54:e8:e1:35:a6:cb:0d:4f:75:1f:69:18:bb:
5d:ec:f5:d8:8e:9f:99:31:5c:40:cc:67:be:a2:be:
93:b8:07:0c:35:3b:85:fb:57:68:b6:96:cd:5b:95:
66:86:2d:88:b2:93:37:d4:23:54:82:6d:a7:b1:d6:
f8:9d:da:44:87:2d:14:d9:fa:5a:fe:84:4c:8a:5a:
b5:eb:d4:83:f4:4b:90:a8:26:bb:03:86:ae:22:d1:
ca:58:31:02:36:e8:69:03:46:b7:d2:ad:9e:f4:a6:
94:bc:62:93:36:36:25:4f:12:21:5e:16:78:e4:1e:
1d:4d:e7:4c:41:d7:bc:6b:9c:27:75:86:8b:85:75:
8d:fb:a2:5c:7a:3e:62:db:8a:49:93:c9:f5:73:fc:
95:df:ad:e7:c4:31:10:db:09:f5:bf:90:07:a0:b6:
3e:1a:48:74:1a:25:da:c1:ce:c6:6f:a5:cb:47:c0:
c4:27:0e:ed:c6:a5:c8:55:39:0f:d8:90:e0:98:a0:
de:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:4A:2F:A7:CB:5F:BD:96:31:8C:56:C1:C4:87:53:00:D2:E9:15:9D
X509v3 Authority Key Identifier:
keyid:C3:B0:D5:35:EE:BC:F2:8E:60:AC:98:AE:49:5B:34:98:1B:5A:93:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/kkovp8tfvZYxjFbBxIdTANLpFZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/w7DVNe688o5grJiuSVs0mBtak-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.9.0-45.13.10.255
185.50.204.0/22
185.247.164.0/22
188.119.104.0/22
193.43.74.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:b0:86:22:0d:26:bc:58:1a:e8:31:c5:df:37:68:49:33:70:
e1:b1:6e:7f:3d:f7:15:f6:4d:00:55:7d:8b:55:df:69:e3:26:
d6:b3:7f:0c:42:3e:15:fd:70:78:75:19:81:ea:76:d8:70:23:
23:28:e5:7b:25:5e:e7:b2:a2:08:9a:fa:b2:32:39:e3:05:85:
b7:40:e9:f8:7d:db:08:7f:1a:48:22:25:ce:d5:3f:44:15:00:
c9:c4:5d:1d:bb:27:44:be:87:3a:d8:ef:fa:72:0d:83:f3:7d:
9f:79:ef:01:89:a7:d3:d6:64:b9:a8:d9:d1:3f:fa:d7:78:2c:
18:a9:99:55:b8:c0:ae:a5:ad:d3:76:e8:06:10:02:e0:61:80:
54:2f:60:d7:e0:f7:8d:e9:bc:64:53:23:dc:85:92:f8:b1:67:
48:a8:b7:61:e0:79:7b:b2:ee:a6:12:f5:05:af:3d:37:0c:a4:
ae:96:f7:14:c4:9e:23:d8:21:35:b6:21:38:c1:96:ca:34:39:
7b:39:1e:d2:eb:c1:06:83:bb:10:d4:8d:5b:2b:5f:8a:d6:e3:
6b:1a:2d:6a:ce:92:47:4f:b8:d4:2d:44:7f:66:fd:df:a4:d4:
b4:fa:c3:fe:99:85:10:ed:62:9c:cb:cf:8a:9c:2d:e5:0a:c0:
d7:72:7a:41
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzF2/PBknMapzizCFf0zxphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYjBkNTM1ZWViY2YyOGU2MGFjOThhZTQ5NWIzNDk4MWI1
YTkzZWMwHhcNMjQwMTAxMTYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjRhMmZhN2NiNWZiZDk2MzE4YzU2YzFjNDg3NTMwMGQyZTkxNTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslh3cqHmKN5mmVRVrrQQH3ZDbGJp
GddSiQnCDjh9N2D344siWUM7qm/4pC9ykv/bE18ELi1SM7XzE/3xelTo4TWmyw1P
dR9pGLtd7PXYjp+ZMVxAzGe+or6TuAcMNTuF+1dotpbNW5Vmhi2IspM31CNUgm2n
sdb4ndpEhy0U2fpa/oRMilq169SD9EuQqCa7A4auItHKWDECNuhpA0a30q2e9KaU
vGKTNjYlTxIhXhZ45B4dTedMQde8a5wndYaLhXWN+6Jcej5i24pJk8n1c/yV363n
xDEQ2wn1v5AHoLY+Gkh0GiXawc7Gb6XLR8DEJw7txqXIVTkP2JDgmKDeKwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJJKL6fLX72WMYxWwcSHUwDS6RWdMB8GA1UdIwQY
MBaAFMOw1TXuvPKOYKyYrklbNJgbWpPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzdEVk5lNjg4bzVnckppdVNWczBtQnRhay13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81NTFlOTItOTkyZC00MWRhLTk4NmIt
OTUxOTY5M2VhYTdiLzEva2tvdnA4dGZ2Wll4akZiQnhJZFRBTkxwRlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81NTFlOTItOTkyZC00MWRhLTk4NmItOTUxOTY5M2VhYTdi
LzEvdzdEVk5lNjg4bzVnckppdVNWczBtQnRhay13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAAtDQkD
BAAtDQoDBAK5MswDBAK596QDBAK8d2gDBADBK0owDQYJKoZIhvcNAQELBQADggEB
AHqwhiINJrxYGugxxd83aEkzcOGxbn899xX2TQBVfYtV32njJtazfwxCPhX9cHh1
GYHqdthwIyMo5XslXueyogia+rIyOeMFhbdA6fh92wh/GkgiJc7VP0QVAMnEXR27
J0S+hzrY7/pyDYPzfZ957wGJp9PWZLmo2dE/+td4LBipmVW4wK6lrdN26AYQAuBh
gFQvYNfg943pvGRTI9yFkvixZ0iot2HgeXuy7qYS9QWvPTcMpK6W9xTEniPYITW2
ITjBlso0OXs5HtLrwQaDuxDUjVsrX4rW42saLWrOkkdPuNQtRH9m/d+k1LT6w/6Z
hRDtYpzLz4qcLeUKwNdyekE=
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:46:40 2024 by rpki-client on console-fra.rpki-client.org