Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/kr0TjOxgcm_KhMjeicf8fW76Q0Y.roa
File: kr0TjOxgcm_KhMjeicf8fW76Q0Y.roa (raw, json)
Hash identifier: xOf8LT+D5nUC7HtSexyu/Xpg/836IXc/PjHz1TvdOjk=
Subject key identifier: 92:BD:13:8C:EC:60:72:6F:CA:84:C8:DE:89:C7:FC:7D:6E:FA:43:46
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018F1EBEBA258347863555AADDC30A4E4A76
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/kr0TjOxgcm_KhMjeicf8fW76Q0Y.roa
Signing time: Sat 27 Apr 2024 08:49:26 +0000
ROA not before: Sat 27 Apr 2024 08:49:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57186
IP address blocks: 85.8.184.0/24 maxlen: 24
85.202.164.0/24 maxlen: 24
91.191.180.0/24 maxlen: 24
185.147.36.0/24 maxlen: 24
185.189.252.0/24 maxlen: 24
185.189.253.0/24 maxlen: 24
185.193.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1e:be:ba:25:83:47:86:35:55:aa:dd:c3:0a:4e:4a:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Apr 27 08:49:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92bd138cec60726fca84c8de89c7fc7d6efa4346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:64:19:f3:73:07:d0:1e:16:23:91:87:86:3a:
13:04:2f:8f:4a:11:c4:4e:11:07:c6:04:1e:6e:3a:
0a:0d:20:7f:cb:5c:9f:88:ee:d5:4c:fc:f4:04:d5:
7d:cb:95:29:99:dc:30:54:0d:76:f5:05:88:08:69:
b5:ad:54:d1:50:19:67:55:11:3e:92:f3:72:8a:19:
43:aa:f4:aa:6f:24:2a:d2:84:96:75:1c:5a:53:b6:
19:df:15:2a:89:7c:65:d7:d2:eb:ed:f3:73:60:23:
6f:c0:ef:ff:7d:be:d9:62:4e:0b:ef:9d:04:3d:7c:
12:03:2b:25:d0:a4:e2:7d:a7:a5:18:bb:f7:c7:12:
00:90:44:48:7b:1a:9a:10:1e:0f:4a:be:4e:20:41:
c9:58:97:d7:02:09:69:e6:77:e6:29:7e:1f:f1:5f:
cc:68:26:35:5d:e1:5d:34:24:79:b7:f5:c6:e7:a9:
0b:bd:72:99:96:50:fe:b7:50:f5:76:63:59:96:85:
3f:1e:d6:15:60:a5:36:04:d8:f0:34:96:57:57:05:
6c:a1:79:e6:52:54:f8:f1:13:ba:9d:57:cc:21:48:
b6:b1:fa:df:e3:c3:95:7c:67:9c:d2:07:3b:13:4f:
d0:0a:0e:a9:57:4d:81:23:8c:5f:9e:2e:38:5f:d7:
63:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:BD:13:8C:EC:60:72:6F:CA:84:C8:DE:89:C7:FC:7D:6E:FA:43:46
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/kr0TjOxgcm_KhMjeicf8fW76Q0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.184.0/24
85.202.164.0/24
91.191.180.0/24
185.147.36.0/24
185.189.252.0/23
185.193.140.0/24
Signature Algorithm: sha256WithRSAEncryption
42:f9:54:62:99:7e:7b:01:2a:35:49:51:5f:66:52:18:15:e7:
d3:b5:5e:85:77:7d:75:bf:fd:d1:fe:fe:62:1b:d5:e7:b8:1d:
dc:7d:1b:9c:1f:d4:e1:b4:b6:e3:6a:0c:29:c2:a7:36:b2:b8:
69:b0:96:67:13:25:e4:91:fb:1b:b2:a3:84:31:39:40:34:4e:
cc:34:05:18:ab:c6:10:12:e6:1f:54:6a:c5:fe:d0:f3:e3:94:
0b:6e:ed:2e:ed:fc:b1:b1:6c:12:d2:bc:e5:8e:9b:f5:7f:9e:
e6:82:02:e7:1a:76:34:6b:e8:87:d0:23:af:3a:75:29:80:b2:
b8:a1:93:8b:ea:f4:d6:38:c7:fa:dd:04:d3:e0:bf:36:d4:59:
98:87:9d:64:06:5f:39:e8:1f:9a:ab:54:b0:1e:78:21:f3:7f:
26:77:65:15:4e:a5:59:42:69:e5:f3:89:ee:0d:9a:38:eb:48:
05:61:0b:9e:e6:7a:48:be:39:1b:0a:d8:56:f5:2b:ad:4d:f5:
c2:22:01:1a:77:3e:ce:26:a0:3f:6a:c3:74:f4:f7:c0:1a:6f:
40:ed:9c:d6:3e:eb:6e:7e:d8:51:be:2d:8a:b9:18:9b:d6:2b:
a0:d8:37:8e:2d:c2:da:5c:0a:cb:11:d6:08:6e:56:79:e7:4a:
ab:42:54:cc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY8evrolg0eGNVWq3cMKTkp2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNDI3MDg0OTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmJkMTM4Y2VjNjA3MjZmY2E4NGM4ZGU4OWM3ZmM3ZDZlZmE0MzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmQZ83MH0B4WI5GHhjoTBC+PShHE
ThEHxgQebjoKDSB/y1yfiO7VTPz0BNV9y5UpmdwwVA129QWICGm1rVTRUBlnVRE+
kvNyihlDqvSqbyQq0oSWdRxaU7YZ3xUqiXxl19Lr7fNzYCNvwO//fb7ZYk4L750E
PXwSAysl0KTifaelGLv3xxIAkERIexqaEB4PSr5OIEHJWJfXAglp5nfmKX4f8V/M
aCY1XeFdNCR5t/XG56kLvXKZllD+t1D1dmNZloU/HtYVYKU2BNjwNJZXVwVsoXnm
UlT48RO6nVfMIUi2sfrf48OVfGec0gc7E0/QCg6pV02BI4xfni44X9djbQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJK9E4zsYHJvyoTI3onH/H1u+kNGMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEva3IwVGpPeGdjbV9LaE1qZWljZjhmVzc2UTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVQi4AwQA
VcqkAwQAW7+0AwQAuZMkAwQBub38AwQAucGMMA0GCSqGSIb3DQEBCwUAA4IBAQBC
+VRimX57ASo1SVFfZlIYFefTtV6Fd311v/3R/v5iG9XnuB3cfRucH9ThtLbjagwp
wqc2srhpsJZnEyXkkfsbsqOEMTlANE7MNAUYq8YQEuYfVGrF/tDz45QLbu0u7fyx
sWwS0rzljpv1f57mggLnGnY0a+iH0COvOnUpgLK4oZOL6vTWOMf63QTT4L821FmY
h51kBl856B+aq1SwHngh838md2UVTqVZQmnl84nuDZo460gFYQue5npIvjkbCthW
9SutTfXCIgEadz7OJqA/asN09PfAGm9A7ZzWPutufthRvi2KuRib1iug2DeOLcLa
XArLEdYIblZ550qrQlTM
-----END CERTIFICATE-----
Generated at Sat Jun 15 21:16:36 2024 by rpki-client on console-ams.rpki-client.org