Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KbLOFATxg1QcuUXbtYSzD7cZauY.roa
File: KbLOFATxg1QcuUXbtYSzD7cZauY.roa (raw, json)
Hash identifier: t83vcfAELFjJ1Paf7aLBMIAJTR2NRQmewRDgLeIxQQo=
Subject key identifier: 29:B2:CE:14:04:F1:83:54:1C:B9:45:DB:B5:84:B3:0F:B7:19:6A:E6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCDD15DEE57465BA61F28DCD24270B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KbLOFATxg1QcuUXbtYSzD7cZauY.roa
Signing time: Tue 02 Jan 2024 06:29:26 +0000
ROA not before: Tue 02 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35448
IP address blocks: 87.120.225.0/24 maxlen: 24
87.120.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:dd:15:de:e5:74:65:ba:61:f2:8d:cd:24:27:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29b2ce1404f183541cb945dbb584b30fb7196ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3e:0e:de:ef:1d:7d:b0:f8:e5:5b:c0:f5:0d:
39:5f:cb:8a:f5:f4:39:67:3f:4d:48:25:9e:3b:17:
ff:af:a4:84:c3:86:b3:9f:5c:4a:b8:e7:82:14:a9:
d6:76:82:9f:72:29:f6:a2:29:ea:0b:62:b5:c8:a0:
6c:d8:79:3d:44:89:6d:e0:f7:15:e5:da:0a:ab:7d:
a4:1d:29:44:80:83:5b:0a:79:15:c7:ba:a3:18:4a:
2b:be:ab:9e:24:e3:d6:79:39:84:04:b2:ad:34:90:
85:62:72:ed:2c:ba:4b:25:7b:d9:68:36:87:0d:07:
f7:af:65:a7:b7:08:bc:9a:0b:25:82:1c:5c:8c:58:
03:88:a3:d4:e4:9f:72:a1:b9:23:df:29:82:2e:ea:
24:7f:8f:ce:95:dd:17:32:8d:a1:02:9b:0e:39:3a:
c4:a8:10:51:d5:65:36:33:65:c0:74:62:7c:46:ce:
ac:ff:bb:15:18:ae:63:fa:a9:24:be:0d:13:05:c4:
29:95:eb:92:78:ba:5b:9d:32:ae:dd:8d:77:dc:22:
27:b7:a3:52:ba:46:58:94:a7:a2:19:59:67:f4:3f:
c0:5b:f1:a0:d5:73:41:1f:b9:dd:40:4d:0a:32:aa:
fd:4b:be:5b:05:a7:6f:b1:bd:ec:8f:96:6c:74:09:
94:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B2:CE:14:04:F1:83:54:1C:B9:45:DB:B5:84:B3:0F:B7:19:6A:E6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KbLOFATxg1QcuUXbtYSzD7cZauY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.225.0/24
87.120.227.0/24
Signature Algorithm: sha256WithRSAEncryption
53:da:8d:d2:f4:2c:b2:a7:40:d7:e1:57:6d:08:7a:d7:80:59:
c8:af:5b:98:c1:13:7f:32:f6:85:c9:4f:a5:f2:58:37:c2:64:
23:14:2d:c8:34:a7:d4:94:9b:fb:65:9a:4a:75:7a:5c:ad:40:
6e:15:0e:6f:b0:25:9a:c4:e7:3b:b5:c8:d9:18:57:e2:9f:ea:
de:39:aa:42:96:87:7b:aa:ab:99:94:43:9c:58:e4:a1:7c:ee:
9e:62:31:dc:94:5b:a9:be:b4:56:d0:90:99:46:02:11:8e:9b:
1f:7e:4c:3c:63:b4:1b:75:6e:75:57:59:d8:2f:28:06:7d:46:
b7:3e:6c:a5:9f:35:72:97:af:db:d5:46:b3:10:e4:2e:22:1b:
de:fe:49:8b:69:a5:ab:a8:67:65:69:d8:ab:5b:25:25:99:ee:
2d:f1:20:86:91:ff:e6:86:71:e6:70:16:64:8a:da:ef:00:da:
aa:6e:64:0e:e3:46:85:48:76:96:3d:d4:51:b2:05:aa:81:06:
32:69:cc:ee:36:f0:48:60:d5:17:83:15:9b:e2:71:96:e1:0b:
45:95:62:da:2c:23:ef:34:92:c3:e1:62:c5:74:c0:c9:f6:07:
20:51:f8:5c:22:d2:d4:d1:7c:19:37:3c:9f:8f:80:5c:0e:70:
ad:19:bc:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3N0V3uV0Zbph8o3NJCcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWIyY2UxNDA0ZjE4MzU0MWNiOTQ1ZGJiNTg0YjMwZmI3MTk2YWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxj4O3u8dfbD45VvA9Q05X8uK9fQ5
Zz9NSCWeOxf/r6SEw4azn1xKuOeCFKnWdoKfcin2oinqC2K1yKBs2Hk9RIlt4PcV
5doKq32kHSlEgINbCnkVx7qjGEorvqueJOPWeTmEBLKtNJCFYnLtLLpLJXvZaDaH
DQf3r2Wntwi8mgslghxcjFgDiKPU5J9yobkj3ymCLuokf4/Old0XMo2hApsOOTrE
qBBR1WU2M2XAdGJ8Rs6s/7sVGK5j+qkkvg0TBcQpleuSeLpbnTKu3Y133CInt6NS
ukZYlKeiGVln9D/AW/Gg1XNBH7ndQE0KMqr9S75bBadvsb3sj5ZsdAmUfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCmyzhQE8YNUHLlF27WEsw+3GWrmMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS2JMT0ZBVHhnMVFjdVVYYnRZU3pEN2NaYXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV3jhAwQA
V3jjMA0GCSqGSIb3DQEBCwUAA4IBAQBT2o3S9Cyyp0DX4VdtCHrXgFnIr1uYwRN/
MvaFyU+l8lg3wmQjFC3INKfUlJv7ZZpKdXpcrUBuFQ5vsCWaxOc7tcjZGFfin+re
OapClod7qquZlEOcWOShfO6eYjHclFupvrRW0JCZRgIRjpsffkw8Y7QbdW51V1nY
LygGfUa3PmylnzVyl6/b1UazEOQuIhve/kmLaaWrqGdladirWyUlme4t8SCGkf/m
hnHmcBZkitrvANqqbmQO40aFSHaWPdRRsgWqgQYyaczuNvBIYNUXgxWb4nGW4QtF
lWLaLCPvNJLD4WLFdMDJ9gcgUfhcItLU0XwZNzyfj4BcDnCtGbzC
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:04 2024 by rpki-client on console-fra.rpki-client.org