Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/kNT-gdH-NL1WlbdV8SSwHuFT8rs.roa
File: kNT-gdH-NL1WlbdV8SSwHuFT8rs.roa (raw, json)
Hash identifier: FilJh/aZzet4uaN1Dx6GtsxinwaiYVT4vDxdk1kZE3Q=
Subject key identifier: 90:D4:FE:81:D1:FE:34:BD:56:95:B7:55:F1:24:B0:1E:E1:53:F2:BB
Certificate issuer: /CN=eed5b3af0064981e96bb5e27d8f04d86e6306cfa
Certificate serial: 018CC94E44C6AE02A0AA79F26878DC20AB79
Authority key identifier: EE:D5:B3:AF:00:64:98:1E:96:BB:5E:27:D8:F0:4D:86:E6:30:6C:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7tWzrwBkmB6Wu14n2PBNhuYwbPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/kNT-gdH-NL1WlbdV8SSwHuFT8rs.roa
Signing time: Tue 02 Jan 2024 08:33:18 +0000
ROA not before: Tue 02 Jan 2024 08:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12561
IP address blocks: 46.31.8.0/22 maxlen: 22
46.31.8.0/21 maxlen: 21
46.31.12.0/22 maxlen: 22
2a02:4980::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/7tWzrwBkmB6Wu14n2PBNhuYwbPo.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/7tWzrwBkmB6Wu14n2PBNhuYwbPo.mft
rsync://rpki.ripe.net/repository/DEFAULT/7tWzrwBkmB6Wu14n2PBNhuYwbPo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:44:c6:ae:02:a0:aa:79:f2:68:78:dc:20:ab:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eed5b3af0064981e96bb5e27d8f04d86e6306cfa
Validity
Not Before: Jan 2 08:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90d4fe81d1fe34bd5695b755f124b01ee153f2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:cb:66:01:5d:3a:8d:81:33:5f:e6:72:f4:51:
0d:78:a0:89:60:5a:50:c7:36:a0:d1:37:35:d2:7c:
4a:18:58:90:f0:99:20:fc:25:a7:c3:be:86:30:67:
bf:f6:41:49:39:22:64:49:a5:44:ea:32:5f:6d:ac:
5c:b8:87:43:ef:98:a1:bd:a1:f7:d4:17:2e:ea:40:
d5:c5:5b:b5:54:63:0b:8c:f8:66:54:d3:4f:bc:23:
f9:b1:53:e8:45:c0:cb:8b:29:70:1c:bd:6f:04:de:
a1:4a:62:67:25:63:8e:bd:01:ac:fd:9e:8a:87:17:
08:be:ec:ea:6a:1d:fc:45:14:64:e0:da:c4:d5:41:
86:96:74:cc:d9:57:59:97:de:87:af:b2:67:a7:a5:
72:0e:6a:fe:c1:02:69:43:25:86:3c:50:32:48:f3:
79:16:60:ea:74:0f:69:7b:b8:8f:c6:23:5d:31:43:
8f:46:cd:12:ca:c4:c8:9a:3c:7f:c8:9a:70:9b:32:
00:42:19:bd:f5:82:4c:54:26:1d:d1:43:01:a5:26:
03:d9:ed:77:24:65:f1:e4:cd:70:25:e9:d5:66:c8:
e9:23:cc:65:0d:18:6e:78:ef:be:a8:80:95:27:f7:
19:a4:1d:c3:01:bd:b9:1a:31:ce:ca:3d:54:6a:2d:
9c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D4:FE:81:D1:FE:34:BD:56:95:B7:55:F1:24:B0:1E:E1:53:F2:BB
X509v3 Authority Key Identifier:
keyid:EE:D5:B3:AF:00:64:98:1E:96:BB:5E:27:D8:F0:4D:86:E6:30:6C:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7tWzrwBkmB6Wu14n2PBNhuYwbPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/kNT-gdH-NL1WlbdV8SSwHuFT8rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3aabe0-9e5f-498d-b550-030acd3ae336/1/7tWzrwBkmB6Wu14n2PBNhuYwbPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.8.0/21
IPv6:
2a02:4980::/32
Signature Algorithm: sha256WithRSAEncryption
46:00:0b:ff:35:d4:e7:da:a6:ba:0a:1d:b4:45:f3:e6:48:38:
62:7c:af:23:95:5f:31:c5:e3:06:e2:6e:1c:25:b4:d9:ea:bc:
d5:5c:eb:98:82:b2:78:f8:65:52:72:bd:dc:2b:34:24:9d:c5:
74:69:94:e7:08:b9:a4:4f:b2:52:9e:54:f5:b5:7b:bd:a3:1f:
da:33:37:f6:51:a3:54:0b:d8:93:ad:77:03:0f:d6:52:7b:28:
f2:1d:77:56:46:d4:46:78:8b:58:87:71:4e:a9:3a:43:a9:dd:
e2:c1:0b:57:e3:c6:3a:e7:eb:e7:d7:79:56:12:3e:2a:bb:b9:
d3:6c:ff:81:02:75:72:4a:23:77:7f:9a:13:48:04:5e:1e:aa:
52:4e:a5:6b:1a:c0:d7:20:6a:bb:d2:23:aa:e4:9d:8f:a0:0f:
61:79:f2:6b:56:ab:ee:5a:5e:ab:ea:2f:62:ea:73:1c:a8:53:
36:5b:55:4a:02:25:49:c0:cc:a5:6d:66:c8:6d:13:b0:5b:3f:
b5:4a:41:c9:c3:bd:24:98:fc:88:8e:9a:4d:bb:42:58:9f:1e:
33:39:5d:9a:24:bb:bf:d7:79:d4:be:67:85:bd:48:f9:da:a4:
57:af:07:fd:10:11:45:de:8a:c6:f1:b9:06:c4:1c:94:18:c2:
12:8c:f6:21
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTkTGrgKgqnnyaHjcIKt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZDViM2FmMDA2NDk4MWU5NmJiNWUyN2Q4ZjA0ZDg2ZTYz
MDZjZmEwHhcNMjQwMTAyMDgzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQ0ZmU4MWQxZmUzNGJkNTY5NWI3NTVmMTI0YjAxZWUxNTNmMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7stmAV06jYEzX+Zy9FENeKCJYFpQ
xzag0Tc10nxKGFiQ8Jkg/CWnw76GMGe/9kFJOSJkSaVE6jJfbaxcuIdD75ihvaH3
1Bcu6kDVxVu1VGMLjPhmVNNPvCP5sVPoRcDLiylwHL1vBN6hSmJnJWOOvQGs/Z6K
hxcIvuzqah38RRRk4NrE1UGGlnTM2VdZl96Hr7Jnp6VyDmr+wQJpQyWGPFAySPN5
FmDqdA9pe7iPxiNdMUOPRs0SysTImjx/yJpwmzIAQhm99YJMVCYd0UMBpSYD2e13
JGXx5M1wJenVZsjpI8xlDRhueO++qICVJ/cZpB3DAb25GjHOyj1Uai2cDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJDU/oHR/jS9VpW3VfEksB7hU/K7MB8GA1UdIwQY
MBaAFO7Vs68AZJgelrteJ9jwTYbmMGz6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3RXenJ3QmttQjZXdTE0bjJQQk5odVl3YlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zYWFiZTAtOWU1Zi00OThkLWI1NTAt
MDMwYWNkM2FlMzM2LzEva05ULWdkSC1OTDFXbGJkVjhTU3dIdUZUOHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zYWFiZTAtOWU1Zi00OThkLWI1NTAtMDMwYWNkM2FlMzM2
LzEvN3RXenJ3QmttQjZXdTE0bjJQQk5odVl3YlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLh8IMA0E
AgACMAcDBQAqAkmAMA0GCSqGSIb3DQEBCwUAA4IBAQBGAAv/NdTn2qa6Ch20RfPm
SDhifK8jlV8xxeMG4m4cJbTZ6rzVXOuYgrJ4+GVScr3cKzQkncV0aZTnCLmkT7JS
nlT1tXu9ox/aMzf2UaNUC9iTrXcDD9ZSeyjyHXdWRtRGeItYh3FOqTpDqd3iwQtX
48Y65+vn13lWEj4qu7nTbP+BAnVySiN3f5oTSAReHqpSTqVrGsDXIGq70iOq5J2P
oA9hefJrVqvuWl6r6i9i6nMcqFM2W1VKAiVJwMylbWbIbROwWz+1SkHJw70kmPyI
jppNu0JYnx4zOV2aJLu/13nUvmeFvUj52qRXrwf9EBFF3orG8bkGxByUGMISjPYh
-----END CERTIFICATE-----
Generated at Sun May 19 09:32:42 2024 by rpki-client on console-ams.rpki-client.org