Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b63517-3f1e-451e-8850-8db0efb5620a/1/KD-JQiQDMfVbklVHw95UF-j0wGE.roa
File: KD-JQiQDMfVbklVHw95UF-j0wGE.roa (raw, json)
Hash identifier: 1UNS4cwqClDzy4wQle4mv6143SihAgX5U7sZtAbRnyg=
Subject key identifier: 28:3F:89:42:24:03:31:F5:5B:92:55:47:C3:DE:54:17:E8:F4:C0:61
Certificate issuer: /CN=a800ba639e65dbdcc690f58a5a740641b4ff88d4
Certificate serial: 018CC49379388F13BFAF3DB3F8A0E6D21947
Authority key identifier: A8:00:BA:63:9E:65:DB:DC:C6:90:F5:8A:5A:74:06:41:B4:FF:88:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qAC6Y55l29zGkPWKWnQGQbT_iNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/b63517-3f1e-451e-8850-8db0efb5620a/1/KD-JQiQDMfVbklVHw95UF-j0wGE.roa
Signing time: Mon 01 Jan 2024 10:30:48 +0000
ROA not before: Mon 01 Jan 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207794
IP address blocks: 194.113.139.0/24 maxlen: 24
194.113.140.0/24 maxlen: 24
194.113.142.0/24 maxlen: 24
194.113.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/b63517-3f1e-451e-8850-8db0efb5620a/1/qAC6Y55l29zGkPWKWnQGQbT_iNQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/b63517-3f1e-451e-8850-8db0efb5620a/1/qAC6Y55l29zGkPWKWnQGQbT_iNQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/qAC6Y55l29zGkPWKWnQGQbT_iNQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 01:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:79:38:8f:13:bf:af:3d:b3:f8:a0:e6:d2:19:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a800ba639e65dbdcc690f58a5a740641b4ff88d4
Validity
Not Before: Jan 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=283f8942240331f55b925547c3de5417e8f4c061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:59:43:32:6e:8e:e5:6f:54:39:7a:71:16:2d:
c9:0e:f7:13:b8:77:1d:21:16:08:46:76:56:09:7b:
9d:6a:b0:53:26:12:f0:2d:72:34:ba:5d:15:82:f3:
48:3c:de:21:a1:04:39:4a:de:3a:75:72:9f:25:c8:
bc:82:76:81:8d:fd:e7:01:33:e6:c1:d4:4a:53:1d:
02:17:a1:76:67:c6:ac:c4:36:a2:95:06:ea:59:89:
31:ce:df:db:c7:f3:17:c9:aa:61:89:fd:ae:b2:70:
d8:63:9d:97:d6:c9:ef:b4:fa:21:8d:2f:77:4b:57:
6b:7f:76:e4:dd:48:b5:0a:10:1b:24:a3:17:1f:27:
8e:4e:ae:45:c5:d0:6b:7a:b6:fd:14:06:b5:8a:72:
67:e4:bf:59:a2:88:b7:43:4a:c1:be:bf:99:50:e2:
59:3d:62:45:7f:f9:a5:e8:af:ef:44:c4:f7:2c:da:
2e:2d:19:e6:e2:58:32:f4:e9:ad:bd:8a:e4:5a:ad:
4c:4a:67:78:08:43:a3:7b:88:f0:7c:cd:a5:41:63:
cf:80:94:65:11:e2:68:10:a2:6a:82:4d:4a:07:d8:
a2:ca:0e:89:df:c8:78:5b:53:e0:f2:2c:a6:48:56:
26:ee:e5:b7:f8:e2:da:0b:03:f2:dc:8a:de:25:2d:
56:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:3F:89:42:24:03:31:F5:5B:92:55:47:C3:DE:54:17:E8:F4:C0:61
X509v3 Authority Key Identifier:
keyid:A8:00:BA:63:9E:65:DB:DC:C6:90:F5:8A:5A:74:06:41:B4:FF:88:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qAC6Y55l29zGkPWKWnQGQbT_iNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b63517-3f1e-451e-8850-8db0efb5620a/1/KD-JQiQDMfVbklVHw95UF-j0wGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b63517-3f1e-451e-8850-8db0efb5620a/1/qAC6Y55l29zGkPWKWnQGQbT_iNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.139.0-194.113.140.255
194.113.142.0/24
194.113.155.0/24
Signature Algorithm: sha256WithRSAEncryption
84:78:ea:ac:f7:82:ef:25:40:28:c5:44:08:62:29:df:e4:be:
c0:fe:1c:9a:35:8f:6f:e8:05:57:7e:45:f4:de:25:0a:ee:0d:
f2:f3:dc:9d:1e:05:e0:72:a0:aa:77:4c:cb:72:4d:c4:03:44:
56:d9:29:de:9c:ab:07:15:cd:29:d1:a3:cf:de:29:b5:2b:73:
7f:6f:94:aa:25:65:69:1a:00:24:9a:34:a5:f8:29:c5:99:0a:
43:93:57:e5:5a:7e:34:bc:bb:e5:b3:02:12:fa:a5:e3:f2:7d:
96:88:c5:52:2c:1b:ac:a0:dd:ed:5c:30:6c:35:14:81:65:50:
5a:cc:12:75:a6:c5:f8:52:e9:ef:1d:f4:68:a5:c2:30:4d:99:
4e:cd:89:67:47:4a:a6:3f:e1:1b:08:6c:6c:2c:28:79:3a:aa:
83:46:3b:7b:5c:e8:39:55:8e:13:24:f1:ae:87:30:27:2b:1e:
9a:c3:6c:5f:dc:c7:ee:b9:35:e4:d2:8f:ee:f9:c5:86:8a:8f:
70:ed:69:bd:80:11:6a:63:63:c0:bd:25:cd:1e:7d:3b:0e:0b:
42:33:a6:09:83:6c:20:b7:c3:2e:c8:9c:57:8f:3d:1a:a5:cb:
93:d2:e7:21:b2:87:f6:57:d2:62:fe:3b:cd:fd:44:24:de:31:
04:56:f7:99
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEk3k4jxO/rz2z+KDm0hlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MDBiYTYzOWU2NWRiZGNjNjkwZjU4YTVhNzQwNjQxYjRm
Zjg4ZDQwHhcNMjQwMTAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODNmODk0MjI0MDMzMWY1NWI5MjU1NDdjM2RlNTQxN2U4ZjRjMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFlDMm6O5W9UOXpxFi3JDvcTuHcd
IRYIRnZWCXudarBTJhLwLXI0ul0VgvNIPN4hoQQ5St46dXKfJci8gnaBjf3nATPm
wdRKUx0CF6F2Z8asxDailQbqWYkxzt/bx/MXyaphif2usnDYY52X1snvtPohjS93
S1drf3bk3Ui1ChAbJKMXHyeOTq5FxdBrerb9FAa1inJn5L9Zooi3Q0rBvr+ZUOJZ
PWJFf/ml6K/vRMT3LNouLRnm4lgy9OmtvYrkWq1MSmd4CEOje4jwfM2lQWPPgJRl
EeJoEKJqgk1KB9iiyg6J38h4W1Pg8iymSFYm7uW3+OLaCwPy3IreJS1WSwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCg/iUIkAzH1W5JVR8PeVBfo9MBhMB8GA1UdIwQY
MBaAFKgAumOeZdvcxpD1ilp0BkG0/4jUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUFDNlk1NWwyOXpHa1BXS1duUUdRYlRfaU5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9iNjM1MTctM2YxZS00NTFlLTg4NTAt
OGRiMGVmYjU2MjBhLzEvS0QtSlFpUURNZlZia2xWSHc5NVVGLWowd0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9iNjM1MTctM2YxZS00NTFlLTg4NTAtOGRiMGVmYjU2MjBh
LzEvcUFDNlk1NWwyOXpHa1BXS1duUUdRYlRfaU5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADCcYsD
BADCcYwDBADCcY4DBADCcZswDQYJKoZIhvcNAQELBQADggEBAIR46qz3gu8lQCjF
RAhiKd/kvsD+HJo1j2/oBVd+RfTeJQruDfLz3J0eBeByoKp3TMtyTcQDRFbZKd6c
qwcVzSnRo8/eKbUrc39vlKolZWkaACSaNKX4KcWZCkOTV+VafjS8u+WzAhL6pePy
fZaIxVIsG6yg3e1cMGw1FIFlUFrMEnWmxfhS6e8d9GilwjBNmU7NiWdHSqY/4RsI
bGwsKHk6qoNGO3tc6DlVjhMk8a6HMCcrHprDbF/cx+65NeTSj+75xYaKj3Dtab2A
EWpjY8C9Jc0efTsOC0IzpgmDbCC3wy7InFePPRqly5PS5yGyh/ZX0mL+O839RCTe
MQRW95k=
-----END CERTIFICATE-----
Generated at Sat May 18 06:23:44 2024 by rpki-client on console-fra.rpki-client.org