Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2c34e9-7559-41a6-9cac-3e6b751a55f4/1/R-kHkD064PoB3KTBX6pn9F04Y-Q.roa
File: R-kHkD064PoB3KTBX6pn9F04Y-Q.roa (raw, json)
Hash identifier: WA9dOs4LkD9u21OZUtxXCwpp5OYsQn6epzu2/cG3RUU=
Subject key identifier: 47:E9:07:90:3D:3A:E0:FA:01:DC:A4:C1:5F:AA:67:F4:5D:38:63:E4
Certificate issuer: /CN=22e48e161e4905923f6d4aa2ae0a21530f2de20b
Certificate serial: 018CC26D77AFC749CB986DB81D5E591BCABF
Authority key identifier: 22:E4:8E:16:1E:49:05:92:3F:6D:4A:A2:AE:0A:21:53:0F:2D:E2:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IuSOFh5JBZI_bUqirgohUw8t4gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2c34e9-7559-41a6-9cac-3e6b751a55f4/1/R-kHkD064PoB3KTBX6pn9F04Y-Q.roa
Signing time: Mon 01 Jan 2024 00:30:02 +0000
ROA not before: Mon 01 Jan 2024 00:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61244
IP address blocks: 185.14.12.0/22 maxlen: 22
2a02:f880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/2c34e9-7559-41a6-9cac-3e6b751a55f4/1/IuSOFh5JBZI_bUqirgohUw8t4gs.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/2c34e9-7559-41a6-9cac-3e6b751a55f4/1/IuSOFh5JBZI_bUqirgohUw8t4gs.mft
rsync://rpki.ripe.net/repository/DEFAULT/IuSOFh5JBZI_bUqirgohUw8t4gs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:77:af:c7:49:cb:98:6d:b8:1d:5e:59:1b:ca:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22e48e161e4905923f6d4aa2ae0a21530f2de20b
Validity
Not Before: Jan 1 00:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47e907903d3ae0fa01dca4c15faa67f45d3863e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cd:63:1f:15:5a:6a:50:05:b2:e3:6b:10:53:
34:d0:71:ba:93:81:ec:89:c5:23:65:0c:22:36:84:
b1:82:4e:ca:b3:37:a0:4e:1c:58:77:ab:47:3d:54:
01:96:8b:0e:89:51:e8:91:1b:bd:13:cf:e3:82:45:
dd:f3:1e:0f:3f:9e:f6:bd:11:05:ad:f8:4d:de:7c:
98:d7:59:72:d9:0d:4f:1d:f0:cb:8e:15:bc:2e:22:
b0:bf:fe:22:7a:38:a1:0f:dc:45:ee:12:2c:e0:c3:
9a:46:6b:17:53:50:34:88:37:96:79:bd:8e:06:ab:
b7:85:98:ad:58:8a:97:40:2a:32:8d:fb:16:0d:cf:
10:e0:43:47:5e:a9:cb:d6:45:d6:83:5a:e2:58:89:
2c:71:31:15:cf:cb:64:65:cd:a7:48:d7:fa:e7:fa:
d1:ff:c1:18:1a:e6:aa:76:01:ef:ae:12:fc:62:47:
b8:ec:b6:b2:83:c0:e5:06:7e:46:ae:be:b1:0c:57:
9f:89:60:1e:10:64:78:cf:1d:9b:eb:e9:d0:df:15:
cf:21:52:ab:1c:02:dd:e6:ca:81:5f:42:34:00:4d:
98:d6:9d:b4:f7:f3:0b:ae:72:04:58:76:79:fb:db:
6c:fe:00:9a:9c:62:ae:09:30:bf:33:15:39:65:56:
f3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E9:07:90:3D:3A:E0:FA:01:DC:A4:C1:5F:AA:67:F4:5D:38:63:E4
X509v3 Authority Key Identifier:
keyid:22:E4:8E:16:1E:49:05:92:3F:6D:4A:A2:AE:0A:21:53:0F:2D:E2:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IuSOFh5JBZI_bUqirgohUw8t4gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c34e9-7559-41a6-9cac-3e6b751a55f4/1/R-kHkD064PoB3KTBX6pn9F04Y-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c34e9-7559-41a6-9cac-3e6b751a55f4/1/IuSOFh5JBZI_bUqirgohUw8t4gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.12.0/22
IPv6:
2a02:f880::/29
Signature Algorithm: sha256WithRSAEncryption
3c:7d:c5:1f:bf:fe:b8:7a:ad:67:47:70:5f:c5:06:a8:c1:32:
3a:2e:58:f8:04:3f:e6:6f:e8:50:9e:bc:3f:ba:38:42:06:70:
00:61:34:fe:d3:5a:94:ae:58:ad:8b:44:06:d6:d4:d8:84:9e:
e7:23:c3:6e:16:5a:75:4c:48:71:c8:42:48:9e:d5:19:26:e5:
07:85:52:13:8a:eb:fd:3c:d8:10:f6:3f:19:01:84:51:a6:7d:
b2:e2:c7:0d:44:11:d1:cc:89:d5:f7:99:9e:d4:50:57:e2:0c:
86:4f:e6:cc:ee:76:3f:cf:2d:15:85:b0:84:da:91:d1:19:be:
46:b2:3c:1f:35:68:0a:ee:e6:46:18:c9:35:22:c1:71:10:6b:
9d:30:f5:19:f6:d1:8f:52:53:dc:aa:12:75:80:c6:e4:e7:df:
50:11:07:ae:82:6b:e3:37:26:cf:a3:84:48:99:8b:ff:45:50:
7b:0b:fa:ec:54:0e:d1:f3:86:81:53:02:16:27:b3:6f:8e:4c:
98:3f:a7:75:e4:d2:d1:10:b7:f2:88:1a:a1:c1:96:63:ae:f4:
3d:f1:e1:20:ab:d2:51:13:b8:9f:21:44:0b:62:3d:9b:21:20:
87:07:2d:2d:0c:7a:99:4f:a4:d0:9e:43:92:59:70:51:7f:d7:
4f:c4:a5:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbXevx0nLmG24HV5ZG8q/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZTQ4ZTE2MWU0OTA1OTIzZjZkNGFhMmFlMGEyMTUzMGYy
ZGUyMGIwHhcNMjQwMTAxMDAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2U5MDc5MDNkM2FlMGZhMDFkY2E0YzE1ZmFhNjdmNDVkMzg2M2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo81jHxVaalAFsuNrEFM00HG6k4Hs
icUjZQwiNoSxgk7KszegThxYd6tHPVQBlosOiVHokRu9E8/jgkXd8x4PP572vREF
rfhN3nyY11ly2Q1PHfDLjhW8LiKwv/4iejihD9xF7hIs4MOaRmsXU1A0iDeWeb2O
Bqu3hZitWIqXQCoyjfsWDc8Q4ENHXqnL1kXWg1riWIkscTEVz8tkZc2nSNf65/rR
/8EYGuaqdgHvrhL8Yke47Layg8DlBn5Grr6xDFefiWAeEGR4zx2b6+nQ3xXPIVKr
HALd5sqBX0I0AE2Y1p209/MLrnIEWHZ5+9ts/gCanGKuCTC/MxU5ZVbz2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEfpB5A9OuD6AdykwV+qZ/RdOGPkMB8GA1UdIwQY
MBaAFCLkjhYeSQWSP21Koq4KIVMPLeILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVTT0ZoNUpCWklfYlVxaXJnb2hVdzh0NGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yYzM0ZTktNzU1OS00MWE2LTljYWMt
M2U2Yjc1MWE1NWY0LzEvUi1rSGtEMDY0UG9CM0tUQlg2cG45RjA0WS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yYzM0ZTktNzU1OS00MWE2LTljYWMtM2U2Yjc1MWE1NWY0
LzEvSXVTT0ZoNUpCWklfYlVxaXJnb2hVdzh0NGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ4MMA0E
AgACMAcDBQMqAviAMA0GCSqGSIb3DQEBCwUAA4IBAQA8fcUfv/64eq1nR3BfxQao
wTI6Llj4BD/mb+hQnrw/ujhCBnAAYTT+01qUrliti0QG1tTYhJ7nI8NuFlp1TEhx
yEJIntUZJuUHhVITiuv9PNgQ9j8ZAYRRpn2y4scNRBHRzInV95me1FBX4gyGT+bM
7nY/zy0VhbCE2pHRGb5GsjwfNWgK7uZGGMk1IsFxEGudMPUZ9tGPUlPcqhJ1gMbk
599QEQeugmvjNybPo4RImYv/RVB7C/rsVA7R84aBUwIWJ7NvjkyYP6d15NLRELfy
iBqhwZZjrvQ98eEgq9JRE7ifIUQLYj2bISCHBy0tDHqZT6TQnkOSWXBRf9dPxKW6
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:50:33 2024 by rpki-client on console-fra.rpki-client.org