Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/ksRq-P4M9p9IPLct8N0acQ6aq1A.roa
File: ksRq-P4M9p9IPLct8N0acQ6aq1A.roa (raw, json)
Hash identifier: xaJIHD5zvMEPrcUgSJiP2FkpV8MBMDsu/w5rOSKghLs=
Subject key identifier: 92:C4:6A:F8:FE:0C:F6:9F:48:3C:B7:2D:F0:DD:1A:71:0E:9A:AB:50
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018CC3B67F567B6CE971E785744EDCF1AA30
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/ksRq-P4M9p9IPLct8N0acQ6aq1A.roa
Signing time: Mon 01 Jan 2024 06:29:26 +0000
ROA not before: Mon 01 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397966
IP address blocks: 185.255.113.0/24 maxlen: 24
192.144.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7f:56:7b:6c:e9:71:e7:85:74:4e:dc:f1:aa:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92c46af8fe0cf69f483cb72df0dd1a710e9aab50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6f:d7:b4:8f:64:1e:c4:e2:7d:03:0c:b6:c8:
95:d5:28:31:a2:6a:c7:5a:00:25:96:de:e0:cb:0d:
3c:af:82:2e:2c:cc:f6:49:17:4e:83:b7:a5:b2:17:
92:08:63:bc:77:74:76:14:d2:2b:c3:f2:5f:05:e7:
65:9e:90:6f:04:42:06:10:1e:d0:7e:47:06:87:1a:
58:98:b4:56:65:19:e4:6b:aa:fd:3d:3e:3f:b7:b1:
30:1c:59:b0:20:59:9b:34:f1:2d:d9:45:f9:6d:c5:
5e:6e:46:3a:df:22:41:f8:f1:ef:41:69:b3:ad:3c:
eb:03:a2:4d:d0:f2:2a:17:07:6f:2c:65:1e:40:23:
9d:e8:2f:1a:8f:cc:30:83:40:11:f7:7b:09:70:2b:
60:22:1c:14:78:2c:79:72:e8:13:22:e1:c0:d0:f3:
ea:72:5f:7f:cd:d7:dd:aa:77:27:ad:ef:45:57:5e:
8a:22:e2:97:27:1a:ac:c8:f0:b2:d4:3e:bd:3e:51:
ef:f7:4c:17:2b:aa:88:5b:39:ad:b0:e4:06:5b:4b:
2c:4b:39:67:6c:dc:a3:3b:bc:a3:71:ee:de:2c:74:
e6:74:93:ad:9d:14:de:4d:41:19:c1:0f:bb:05:8b:
a4:bc:ba:d6:b0:26:79:4c:c6:82:e2:6e:38:18:10:
1b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C4:6A:F8:FE:0C:F6:9F:48:3C:B7:2D:F0:DD:1A:71:0E:9A:AB:50
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/ksRq-P4M9p9IPLct8N0acQ6aq1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.113.0/24
192.144.32.0/24
Signature Algorithm: sha256WithRSAEncryption
84:53:61:13:f6:bb:7f:aa:ae:b9:9d:fd:33:9c:5f:b1:10:db:
df:bb:08:ea:f2:3a:a3:ca:2a:ad:80:72:c2:50:8f:84:86:17:
74:44:65:df:fb:62:4d:4f:fb:6d:34:62:97:28:cb:9d:fd:5e:
23:65:4a:ce:a4:06:ac:62:0a:14:25:af:4e:0f:35:ca:f2:46:
e6:a5:35:ba:a1:96:b3:e3:23:d4:01:28:8a:dc:24:03:12:55:
5b:f1:1e:7e:e5:0e:c9:08:17:79:ab:f5:f4:6e:22:24:ef:bd:
10:de:ba:66:66:32:56:6b:19:61:67:ca:94:15:21:13:07:f6:
70:cd:b2:29:fe:69:e1:31:59:47:b7:a6:f9:2c:02:8b:45:90:
5a:47:99:76:44:0c:9e:8f:60:a8:b6:ed:15:25:3c:b0:a4:b3:
67:2e:7f:d9:0f:6b:e9:9d:8b:cb:1e:24:0f:fa:bf:da:09:17:
74:62:17:00:57:f7:12:20:45:59:41:a9:af:35:5d:04:90:0e:
90:dd:dc:e8:62:72:93:1b:3d:f5:36:f6:c7:4d:df:cb:89:48:
40:f6:b3:60:d6:71:e6:d7:72:68:75:98:c8:45:36:4c:f4:26:
bf:39:92:cd:95:45:bd:5a:b2:98:6f:d1:f8:49:e2:7b:af:51:
4a:49:46:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtn9We2zpceeFdE7c8aowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMTAxMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmM0NmFmOGZlMGNmNjlmNDgzY2I3MmRmMGRkMWE3MTBlOWFhYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuW/XtI9kHsTifQMMtsiV1SgxomrH
WgAllt7gyw08r4IuLMz2SRdOg7elsheSCGO8d3R2FNIrw/JfBedlnpBvBEIGEB7Q
fkcGhxpYmLRWZRnka6r9PT4/t7EwHFmwIFmbNPEt2UX5bcVebkY63yJB+PHvQWmz
rTzrA6JN0PIqFwdvLGUeQCOd6C8aj8wwg0AR93sJcCtgIhwUeCx5cugTIuHA0PPq
cl9/zdfdqncnre9FV16KIuKXJxqsyPCy1D69PlHv90wXK6qIWzmtsOQGW0ssSzln
bNyjO7yjce7eLHTmdJOtnRTeTUEZwQ+7BYukvLrWsCZ5TMaC4m44GBAbzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJLEavj+DPafSDy3LfDdGnEOmqtQMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEva3NScS1QNE05cDlJUExjdDhOMGFjUTZhcTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuf9xAwQA
wJAgMA0GCSqGSIb3DQEBCwUAA4IBAQCEU2ET9rt/qq65nf0znF+xENvfuwjq8jqj
yiqtgHLCUI+Ehhd0RGXf+2JNT/ttNGKXKMud/V4jZUrOpAasYgoUJa9ODzXK8kbm
pTW6oZaz4yPUASiK3CQDElVb8R5+5Q7JCBd5q/X0biIk770Q3rpmZjJWaxlhZ8qU
FSETB/ZwzbIp/mnhMVlHt6b5LAKLRZBaR5l2RAyej2Cotu0VJTywpLNnLn/ZD2vp
nYvLHiQP+r/aCRd0YhcAV/cSIEVZQamvNV0EkA6Q3dzoYnKTGz31NvbHTd/LiUhA
9rNg1nHm13JodZjIRTZM9Ca/OZLNlUW9WrKYb9H4SeJ7r1FKSUbY
-----END CERTIFICATE-----
Generated at Sat May 18 16:24:34 2024 by rpki-client on console-ams.rpki-client.org