Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/1-KvYMWJATPxtEC1Zj6bjDZBBxF4.roa
File: 1-KvYMWJATPxtEC1Zj6bjDZBBxF4.roa (raw, json)
Hash identifier: iMoZy60HRf6GWQ8zG2gcgKS9jslpq/esHb9BexHjLdc=
Subject key identifier: F8:AB:D8:31:62:40:4C:FC:6D:10:2D:59:8F:A6:E3:0D:90:41:C4:5E
Certificate issuer: /CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Certificate serial: 018ECD87B5A1BAE411B4248DBE64B748169C
Authority key identifier: 2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/1-KvYMWJATPxtEC1Zj6bjDZBBxF4.roa
Signing time: Thu 11 Apr 2024 14:20:06 +0000
ROA not before: Thu 11 Apr 2024 14:20:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12859
IP address blocks: 5.61.248.0/21 maxlen: 21
5.61.248.0/24 maxlen: 24
5.61.249.0/24 maxlen: 24
5.61.250.0/24 maxlen: 24
5.61.251.0/24 maxlen: 24
5.61.252.0/24 maxlen: 24
5.61.253.0/24 maxlen: 24
5.61.254.0/24 maxlen: 24
2a01:7860::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/K3xCZNrN-ss7ejru7VZZdapSQ0w.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/K3xCZNrN-ss7ejru7VZZdapSQ0w.mft
rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cd:87:b5:a1:ba:e4:11:b4:24:8d:be:64:b7:48:16:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Validity
Not Before: Apr 11 14:20:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8abd83162404cfc6d102d598fa6e30d9041c45e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:68:a7:9b:5d:ed:bc:2c:7d:a3:e4:80:ea:fe:
06:a6:fd:ba:08:4d:16:41:7c:be:76:bf:c7:27:68:
9b:03:5a:c5:ca:23:4e:b3:f0:6f:ce:93:bc:2b:e2:
5f:52:a1:64:1f:af:bd:5f:e8:7d:99:40:46:be:19:
fd:e0:ae:dc:5a:d3:f2:d1:e9:f4:d4:ec:ed:ce:e8:
3c:07:00:9f:93:db:50:af:b9:f4:b0:df:2c:65:bc:
13:b1:ae:6f:94:40:ff:2e:5c:08:a8:48:88:eb:76:
9b:09:d1:73:7b:74:b5:34:bf:b1:20:52:d5:e2:86:
9b:8e:25:19:42:08:1f:a3:15:5b:59:84:a3:4e:2f:
fe:b9:4a:f1:72:36:35:a4:95:9b:dd:25:95:19:22:
9c:98:87:4b:64:65:51:b3:7b:15:4d:19:b7:8a:0c:
57:7c:9c:a8:c4:39:1f:ea:e7:37:ba:27:da:d5:37:
98:a1:27:3d:f3:f2:17:f1:c4:ca:1b:db:58:bf:05:
c1:12:3b:d9:8a:35:6e:c2:c6:02:30:88:c2:d3:87:
57:e1:5f:3d:64:7f:ac:bb:f4:e1:5d:5b:ad:77:08:
0d:7e:b7:94:46:85:5b:ef:f7:7f:74:25:33:f1:21:
42:d0:2a:bf:b9:d9:cd:ab:45:fe:e0:f5:db:cf:41:
0d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AB:D8:31:62:40:4C:FC:6D:10:2D:59:8F:A6:E3:0D:90:41:C4:5E
X509v3 Authority Key Identifier:
keyid:2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/1-KvYMWJATPxtEC1Zj6bjDZBBxF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/K3xCZNrN-ss7ejru7VZZdapSQ0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.248.0/21
IPv6:
2a01:7860::/32
Signature Algorithm: sha256WithRSAEncryption
a9:19:27:b9:37:cb:65:ef:e2:51:ca:cc:5d:0a:f5:16:4d:23:
d0:e6:22:2c:23:a3:aa:e0:f7:7e:2e:9c:69:c3:75:32:a7:f4:
21:08:4f:89:1b:c9:08:11:29:4d:86:42:f8:b4:66:9b:ec:24:
1e:73:85:5b:39:d6:31:70:28:9d:f5:48:a4:ed:a7:4c:b1:9f:
8e:dc:dc:c5:1e:1b:8a:24:c1:c3:73:a9:6a:32:86:de:d1:05:
90:4f:80:cf:14:3f:50:02:ba:53:bb:18:8a:bb:1b:8d:0d:dc:
b6:00:b4:aa:5e:41:b6:65:b4:e5:5c:bf:05:3e:aa:d0:86:8f:
48:ba:11:07:c2:f7:39:88:21:87:87:9a:8c:e3:63:38:f1:4f:
08:1f:95:e7:4a:19:fa:92:f3:03:d0:e0:92:dc:8e:aa:28:51:
6f:b6:bf:c9:65:48:fa:8e:9a:ee:41:fe:d9:a9:cf:48:96:65:
f7:cd:b1:72:a5:18:2e:97:7b:58:ad:d8:18:ad:79:b8:0d:ee:
de:3c:9e:00:d1:26:e3:08:d7:ea:d3:99:1d:1e:40:1f:c3:9f:
1c:aa:0c:5b:de:a2:55:49:7e:db:c4:f1:58:ce:25:80:83:06:
6e:a9:72:79:c2:a9:4b:86:5d:53:e9:c2:31:c9:82:b9:52:ec:
0f:bb:78:50
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY7Nh7WhuuQRtCSNvmS3SBacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2M0MjY0ZGFjZGZhY2IzYjdhM2FlZWVkNTY1OTc1YWE1
MjQzNGMwHhcNMjQwNDExMTQyMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGFiZDgzMTYyNDA0Y2ZjNmQxMDJkNTk4ZmE2ZTMwZDkwNDFjNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGinm13tvCx9o+SA6v4Gpv26CE0W
QXy+dr/HJ2ibA1rFyiNOs/BvzpO8K+JfUqFkH6+9X+h9mUBGvhn94K7cWtPy0en0
1Oztzug8BwCfk9tQr7n0sN8sZbwTsa5vlED/LlwIqEiI63abCdFze3S1NL+xIFLV
4oabjiUZQggfoxVbWYSjTi/+uUrxcjY1pJWb3SWVGSKcmIdLZGVRs3sVTRm3igxX
fJyoxDkf6uc3uifa1TeYoSc98/IX8cTKG9tYvwXBEjvZijVuwsYCMIjC04dX4V89
ZH+su/ThXVutdwgNfreURoVb7/d/dCUz8SFC0Cq/udnNq0X+4PXbz0ENiwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPir2DFiQEz8bRAtWY+m4w2QQcReMB8GA1UdIwQY
MBaAFCt8QmTazfrLO3o67u1WWXWqUkNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzN4Q1pOck4tc3M3ZWpydTdWWlpkYXBTUTB3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iYmVkNDAtNjI4MS00OGJmLTllOWQt
MzFkNWFjM2FjOWI1LzEvMS1LdllNV0pBVFB4dEVDMVpqNmJqRFpCQnhGNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWMvYmJlZDQwLTYyODEtNDhiZi05ZTlkLTMxZDVhYzNhYzli
NS8xL0szeENaTnJOLXNzN2VqcnU3VlpaZGFwU1Ewdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAwU9+DAN
BAIAAjAHAwUAKgF4YDANBgkqhkiG9w0BAQsFAAOCAQEAqRknuTfLZe/iUcrMXQr1
Fk0j0OYiLCOjquD3fi6cacN1Mqf0IQhPiRvJCBEpTYZC+LRmm+wkHnOFWznWMXAo
nfVIpO2nTLGfjtzcxR4biiTBw3OpajKG3tEFkE+AzxQ/UAK6U7sYirsbjQ3ctgC0
ql5BtmW05Vy/BT6q0IaPSLoRB8L3OYghh4eajONjOPFPCB+V50oZ+pLzA9DgktyO
qihRb7a/yWVI+o6a7kH+2anPSJZl982xcqUYLpd7WK3YGK15uA3u3jyeANEm4wjX
6tOZHR5AH8OfHKoMW96iVUl+28TxWM4lgIMGbqlyecKpS4ZdU+nCMcmCuVLsD7t4
UA==
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:14:58 2024 by rpki-client on console-fra.rpki-client.org