Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kgVbx6Patx1ikgdz2razbP9xDME.roa
File: kgVbx6Patx1ikgdz2razbP9xDME.roa (raw, json)
Hash identifier: 4PK9/dC293Ny1ugslmAK+orWxiGre+5xA1pLvULqlLc=
Subject key identifier: 92:05:5B:C7:A3:DA:B7:1D:62:92:07:73:DA:B6:B3:6C:FF:71:0C:C1
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018F61D0110D003BD53CEEA46701502A73AA
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kgVbx6Patx1ikgdz2razbP9xDME.roa
Signing time: Fri 10 May 2024 09:22:56 +0000
ROA not before: Fri 10 May 2024 09:22:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39486
IP address blocks: 45.134.79.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
193.161.128.0/22 maxlen: 24
194.104.104.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:d0:11:0d:00:3b:d5:3c:ee:a4:67:01:50:2a:73:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: May 10 09:22:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92055bc7a3dab71d62920773dab6b36cff710cc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:72:57:30:f4:3d:8e:c3:de:dc:95:ae:f9:47:
eb:fd:18:e4:da:0a:4f:5d:bb:0e:d5:6f:e3:fb:de:
73:fe:e2:25:6f:0b:00:49:d9:74:01:f4:3b:c0:fe:
08:4a:d1:f1:7f:a4:49:bb:35:89:96:62:87:d1:92:
7d:34:a7:59:6e:20:aa:72:71:eb:fc:1f:a2:ff:e5:
c0:cc:42:3f:84:70:de:3a:90:e9:46:0e:8c:5f:50:
c3:b0:65:02:73:ce:14:fe:ab:6f:cf:16:78:e0:48:
0a:f4:62:6e:f3:3b:10:e3:1e:b1:76:4f:ca:21:4c:
87:fc:f3:e6:c2:b1:d4:44:87:90:f0:82:7b:f4:34:
32:cf:6a:1a:f4:b8:2e:39:d2:d4:92:3f:a6:0a:4f:
9b:8a:ca:79:29:cf:a3:75:3a:04:ab:49:2a:11:9d:
7a:ae:6e:7d:70:26:36:8d:d6:95:fa:21:1f:01:b1:
44:73:ec:b9:b2:e6:eb:a9:33:30:5d:f1:18:b6:6d:
0e:87:b9:df:70:0a:c3:56:00:71:76:6f:89:e6:f1:
93:41:aa:13:15:11:93:ec:7e:e4:08:71:3a:22:f9:
c0:43:ad:63:2c:1e:e5:14:e4:9e:f4:7a:c8:83:01:
6a:65:38:76:40:af:a4:4f:08:0b:b2:b5:48:9b:c9:
c8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:05:5B:C7:A3:DA:B7:1D:62:92:07:73:DA:B6:B3:6C:FF:71:0C:C1
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kgVbx6Patx1ikgdz2razbP9xDME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.79.0/24
185.184.228.0/24
193.161.128.0/22
194.104.104.0/22
Signature Algorithm: sha256WithRSAEncryption
02:68:80:41:84:9e:78:5b:8f:c0:ca:34:b7:0f:73:2f:94:b7:
9d:6e:70:0e:90:48:15:7b:b9:0c:18:6a:91:77:ee:5e:2d:a7:
db:ff:69:43:a4:7c:92:f7:1a:2d:fe:15:c8:e5:15:cb:be:76:
d3:d3:c0:73:8c:fa:24:6e:b9:a1:0f:f1:70:12:0d:b0:d7:ff:
34:15:30:3d:53:9c:c4:55:2d:9a:8f:97:ae:f1:10:73:5f:e3:
97:6f:e6:51:72:a8:0d:8f:8d:1d:47:b9:56:14:08:51:9b:1f:
88:93:b7:66:b5:79:b6:9a:e1:a0:15:7e:4a:25:d1:4a:59:f2:
5c:46:4f:18:c5:e9:a1:e6:94:1a:e9:9f:f0:d7:20:96:31:93:
c4:c8:4e:74:fe:8b:50:08:5a:f0:2b:cc:10:31:a3:db:46:7a:
bc:7e:91:2e:85:f0:14:97:bb:88:36:a3:87:f6:8a:fa:1c:81:
00:f9:94:e6:59:f2:2e:57:33:7e:23:87:fe:c1:46:19:32:0c:
d6:f5:2e:ff:fc:00:92:1d:ab:06:8b:4c:75:1c:92:1d:71:c2:
b7:16:ac:65:a8:69:6b:2d:9d:f1:67:ad:8f:fb:4b:d7:83:6b:
2a:4e:62:0b:9c:39:dc:dc:a7:d8:5c:4f:2e:30:2a:e6:ad:de:
dd:90:cc:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY9h0BENADvVPO6kZwFQKnOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwNTEwMDkyMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjA1NWJjN2EzZGFiNzFkNjI5MjA3NzNkYWI2YjM2Y2ZmNzEwY2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHJXMPQ9jsPe3JWu+Ufr/Rjk2gpP
XbsO1W/j+95z/uIlbwsASdl0AfQ7wP4IStHxf6RJuzWJlmKH0ZJ9NKdZbiCqcnHr
/B+i/+XAzEI/hHDeOpDpRg6MX1DDsGUCc84U/qtvzxZ44EgK9GJu8zsQ4x6xdk/K
IUyH/PPmwrHURIeQ8IJ79DQyz2oa9LguOdLUkj+mCk+bisp5Kc+jdToEq0kqEZ16
rm59cCY2jdaV+iEfAbFEc+y5subrqTMwXfEYtm0Oh7nfcArDVgBxdm+J5vGTQaoT
FRGT7H7kCHE6IvnAQ61jLB7lFOSe9HrIgwFqZTh2QK+kTwgLsrVIm8nI1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJIFW8ej2rcdYpIHc9q2s2z/cQzBMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEva2dWYng2UGF0eDFpa2dkejJyYXpiUDl4RE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYZPAwQA
ubjkAwQCwaGAAwQCwmhoMA0GCSqGSIb3DQEBCwUAA4IBAQACaIBBhJ54W4/AyjS3
D3MvlLedbnAOkEgVe7kMGGqRd+5eLafb/2lDpHyS9xot/hXI5RXLvnbT08BzjPok
brmhD/FwEg2w1/80FTA9U5zEVS2aj5eu8RBzX+OXb+ZRcqgNj40dR7lWFAhRmx+I
k7dmtXm2muGgFX5KJdFKWfJcRk8Yxemh5pQa6Z/w1yCWMZPEyE50/otQCFrwK8wQ
MaPbRnq8fpEuhfAUl7uINqOH9or6HIEA+ZTmWfIuVzN+I4f+wUYZMgzW9S7//ACS
HasGi0x1HJIdccK3FqxlqGlrLZ3xZ62P+0vXg2sqTmILnDnc3KfYXE8uMCrmrd7d
kMyY
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:59:44 2024 by rpki-client on console-ams.rpki-client.org