Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/KApj5gc18BmuCrJNK0dYYI1j3zM.roa
File: KApj5gc18BmuCrJNK0dYYI1j3zM.roa (raw, json)
Hash identifier: iHx/Rs+l0xh0ZcxEOkrqkHr9Rz7eNB9RV5RGJEfya0g=
Subject key identifier: 28:0A:63:E6:07:35:F0:19:AE:0A:B2:4D:2B:47:58:60:8D:63:DF:33
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 018EA0313C19D22560CA998B9AE783C3440F
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/KApj5gc18BmuCrJNK0dYYI1j3zM.roa
Signing time: Tue 02 Apr 2024 19:02:44 +0000
ROA not before: Tue 02 Apr 2024 19:02:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11325
IP address blocks: 2.57.248.0/22 maxlen: 22
45.80.96.0/22 maxlen: 22
45.85.128.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a0:31:3c:19:d2:25:60:ca:99:8b:9a:e7:83:c3:44:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Apr 2 19:02:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=280a63e60735f019ae0ab24d2b4758608d63df33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2b:2d:87:77:55:86:d0:df:46:05:7c:1c:80:
77:a2:bd:73:2f:af:92:d2:3e:48:87:21:16:e3:ea:
a8:12:02:52:db:9f:02:d1:ee:96:9a:88:1f:41:39:
f7:1a:c8:c2:73:dd:b1:7b:25:c6:0d:e0:4e:1e:95:
92:06:34:6d:38:dc:d4:19:45:c5:cc:31:33:83:f8:
7a:74:00:ed:41:9e:f2:e9:c0:cc:c2:db:05:ce:fa:
91:ac:b3:ce:1b:f5:c0:a6:d2:d2:17:75:57:2d:c3:
dc:78:f0:55:97:45:d9:70:42:2b:23:e5:4b:30:6b:
b6:94:54:3b:02:cb:72:b3:b4:b3:7a:54:93:35:51:
d8:5e:4a:91:94:24:d2:8c:dd:d0:10:52:4b:6c:f6:
23:2e:92:f1:2d:3e:c2:e6:ef:9b:b7:5b:b6:10:5e:
f8:f8:9a:b1:97:28:ad:9f:a1:ef:2c:30:6e:55:c9:
73:90:60:b2:a4:1f:05:0a:fd:ae:69:99:21:28:5a:
23:1c:bf:ac:b9:b4:8e:a5:ba:20:84:ce:bd:05:a6:
29:11:c4:7d:6f:20:6b:39:44:01:d1:14:1a:35:e5:
63:ae:e4:23:86:80:16:0e:25:02:ba:88:4a:8b:0c:
95:67:2c:b1:80:f0:ea:b6:d0:18:d8:2b:04:38:38:
ac:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0A:63:E6:07:35:F0:19:AE:0A:B2:4D:2B:47:58:60:8D:63:DF:33
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/KApj5gc18BmuCrJNK0dYYI1j3zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.248.0/22
45.80.96.0/22
45.85.128.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:26:82:9b:6f:e4:db:1a:af:c7:67:2e:72:0e:f5:ea:3c:f2:
0c:26:42:3c:59:9d:72:ad:50:ba:a7:49:5c:f4:2c:5b:06:c9:
da:df:ae:26:bc:09:00:0b:2d:09:53:bc:a1:a4:c5:6c:9d:4c:
f5:dd:f8:7a:b2:d0:8e:dd:59:80:05:e0:f1:ed:98:7c:4c:14:
d2:53:84:f1:e5:bd:50:82:e6:8c:6e:8f:ff:8b:10:59:f8:dc:
36:e9:7a:13:df:72:3a:e4:79:67:f0:48:c2:5a:6c:b6:a3:96:
cc:35:4c:ba:cf:d3:21:53:52:dd:34:95:08:03:60:ca:93:73:
e9:3b:d1:be:ad:d2:66:65:0c:0c:e9:5a:a8:07:4f:a4:82:44:
bb:f7:77:f6:60:ba:82:f3:e7:d5:f1:02:5f:a8:65:70:d0:b4:
3e:9d:89:4e:5f:71:b7:16:6f:05:7b:4f:c5:4f:15:20:9d:82:
43:b1:92:21:7b:84:f1:76:59:73:4c:70:0e:92:e9:04:35:14:
74:e5:cb:65:b3:2e:cb:e7:48:44:a9:33:8e:52:b4:80:65:20:
39:0b:b2:ac:5f:cc:b7:95:02:f6:65:3d:81:b5:e2:d1:8a:9d:
51:8b:fa:a7:4d:61:c7:dd:d6:43:78:75:dc:eb:23:94:85:68:
8e:2a:53:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6gMTwZ0iVgypmLmueDw0QPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjQwNDAyMTkwMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODBhNjNlNjA3MzVmMDE5YWUwYWIyNGQyYjQ3NTg2MDhkNjNkZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSsth3dVhtDfRgV8HIB3or1zL6+S
0j5IhyEW4+qoEgJS258C0e6WmogfQTn3GsjCc92xeyXGDeBOHpWSBjRtONzUGUXF
zDEzg/h6dADtQZ7y6cDMwtsFzvqRrLPOG/XAptLSF3VXLcPcePBVl0XZcEIrI+VL
MGu2lFQ7Astys7SzelSTNVHYXkqRlCTSjN3QEFJLbPYjLpLxLT7C5u+bt1u2EF74
+Jqxlyitn6HvLDBuVclzkGCypB8FCv2uaZkhKFojHL+subSOpboghM69BaYpEcR9
byBrOUQB0RQaNeVjruQjhoAWDiUCuohKiwyVZyyxgPDqttAY2CsEODisdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCgKY+YHNfAZrgqyTStHWGCNY98zMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvS0FwajVnYzE4Qm11Q3JKTkswZFlZSTFqM3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjn4AwQC
LVBgAwQBLVWAMA0GCSqGSIb3DQEBCwUAA4IBAQAKJoKbb+TbGq/HZy5yDvXqPPIM
JkI8WZ1yrVC6p0lc9CxbBsna364mvAkACy0JU7yhpMVsnUz13fh6stCO3VmABeDx
7Zh8TBTSU4Tx5b1QguaMbo//ixBZ+Nw26XoT33I65Hln8EjCWmy2o5bMNUy6z9Mh
U1LdNJUIA2DKk3PpO9G+rdJmZQwM6VqoB0+kgkS793f2YLqC8+fV8QJfqGVw0LQ+
nYlOX3G3Fm8Fe0/FTxUgnYJDsZIhe4TxdllzTHAOkukENRR05ctlsy7L50hEqTOO
UrSAZSA5C7KsX8y3lQL2ZT2BteLRip1Ri/qnTWHH3dZDeHXc6yOUhWiOKlOQ
-----END CERTIFICATE-----
Generated at Tue May 7 18:14:27 2024 by rpki-client on console-fra.rpki-client.org