Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Kan0alVZ1ZkIRwcdmJRdK4z__wk.roa
File: Kan0alVZ1ZkIRwcdmJRdK4z__wk.roa (raw, json)
Hash identifier: pRoLb7wJvPPfgqGAAU8UtSx0oMz/BYxmw/bf66OI3Ck=
Subject key identifier: 29:A9:F4:6A:55:59:D5:99:08:47:07:1D:98:94:5D:2B:8C:FF:FF:09
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018CC649E23B9442538E9F22B73C97DE6D44
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Kan0alVZ1ZkIRwcdmJRdK4z__wk.roa
Signing time: Mon 01 Jan 2024 18:29:39 +0000
ROA not before: Mon 01 Jan 2024 18:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56661
IP address blocks: 92.247.100.0/23 maxlen: 23
217.79.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 06:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:e2:3b:94:42:53:8e:9f:22:b7:3c:97:de:6d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 1 18:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29a9f46a5559d5990847071d98945d2b8cffff09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1f:43:a0:b3:97:fc:54:c0:a7:91:51:eb:02:
3c:d0:6b:49:6a:40:0b:c2:54:b7:20:ce:77:e1:99:
34:d2:95:81:08:34:50:a6:24:e1:8f:2e:1b:74:20:
a2:78:f5:72:1c:3b:2b:45:79:aa:7e:06:ee:8e:74:
39:3c:3f:f9:03:75:e8:8e:3d:d8:5f:59:0c:c0:f3:
32:da:3d:33:4f:1a:89:a0:a7:ae:69:f7:4c:a5:10:
be:89:16:3a:46:7b:12:fe:03:ad:28:1a:66:70:bb:
65:0c:08:46:cc:04:da:f4:af:ae:6c:b5:70:c7:9d:
c4:82:35:85:78:c0:b7:b7:9c:04:23:60:4f:80:7e:
89:f1:51:e1:97:8e:bb:b7:54:3e:8f:85:70:7d:e5:
6d:f1:97:a9:ce:df:5f:f0:8c:e3:49:4f:6f:76:65:
10:29:9a:c9:80:d4:3f:48:46:92:36:ce:ff:cb:0b:
99:53:1d:e5:96:db:77:5d:dc:78:8f:12:04:c4:d7:
3f:bd:a0:da:f5:29:83:4c:f5:04:e7:cb:4b:6f:50:
63:2a:b2:8f:bb:f4:a0:1c:5c:0a:06:51:e5:1a:bb:
5c:29:43:d7:88:7f:62:f6:95:ba:5b:75:63:2f:4b:
b5:59:a7:3e:0a:96:5c:66:a6:e4:f0:3f:fc:ba:9d:
b2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A9:F4:6A:55:59:D5:99:08:47:07:1D:98:94:5D:2B:8C:FF:FF:09
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/Kan0alVZ1ZkIRwcdmJRdK4z__wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.247.100.0/23
217.79.40.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:1d:d3:28:a4:a3:f0:2a:58:c3:4e:f0:4b:8f:d3:82:8d:66:
00:3b:45:c5:32:65:27:0e:47:54:10:ac:14:83:8b:a3:ec:2d:
f9:90:aa:09:ed:17:5d:a3:80:50:07:60:17:28:a6:2d:4c:20:
91:32:33:04:ed:26:42:b4:d9:5a:9c:e0:80:89:ef:6b:a6:97:
1d:0c:62:fd:06:1b:ce:4c:84:99:e1:0b:7c:1b:ee:e4:65:97:
9a:af:03:9c:a0:66:19:6e:97:aa:0b:5b:0c:aa:7c:27:d0:a8:
e5:e5:53:9f:0e:06:41:33:be:3a:ba:ea:c9:22:90:95:5d:e6:
47:e7:72:56:60:66:15:47:cf:68:4b:24:11:dc:82:94:9f:f2:
9b:fb:28:11:6a:01:06:4d:a3:3a:b0:8d:61:b2:e2:0c:0b:f3:
a5:46:e4:ae:01:8a:dc:38:41:1e:2c:63:97:20:81:bc:18:9a:
a7:9c:f1:eb:5a:b1:f5:54:7e:f2:43:27:1a:72:ae:95:ee:70:
fb:7f:3d:8c:d1:21:18:fe:c4:aa:8e:0c:d3:1c:ab:64:91:20:
e1:eb:a9:a3:e1:44:be:3b:e3:4f:35:62:77:63:0b:03:40:50:
59:ee:22:76:8b:b4:5b:83:59:19:64:8a:04:8e:44:76:37:79:
8a:55:5c:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSeI7lEJTjp8itzyX3m1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE5ZjQ2YTU1NTlkNTk5MDg0NzA3MWQ5ODk0NWQyYjhjZmZmZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR9DoLOX/FTAp5FR6wI80GtJakAL
wlS3IM534Zk00pWBCDRQpiThjy4bdCCiePVyHDsrRXmqfgbujnQ5PD/5A3Xojj3Y
X1kMwPMy2j0zTxqJoKeuafdMpRC+iRY6RnsS/gOtKBpmcLtlDAhGzATa9K+ubLVw
x53EgjWFeMC3t5wEI2BPgH6J8VHhl467t1Q+j4VwfeVt8Zepzt9f8IzjSU9vdmUQ
KZrJgNQ/SEaSNs7/ywuZUx3lltt3Xdx4jxIExNc/vaDa9SmDTPUE58tLb1BjKrKP
u/SgHFwKBlHlGrtcKUPXiH9i9pW6W3VjL0u1Wac+CpZcZqbk8D/8up2y3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCmp9GpVWdWZCEcHHZiUXSuM//8JMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvS2FuMGFsVloxWmtJUndjZG1KUmRLNHpfX3drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXPdkAwQA
2U8oMA0GCSqGSIb3DQEBCwUAA4IBAQBqHdMopKPwKljDTvBLj9OCjWYAO0XFMmUn
DkdUEKwUg4uj7C35kKoJ7Rddo4BQB2AXKKYtTCCRMjME7SZCtNlanOCAie9rppcd
DGL9BhvOTISZ4Qt8G+7kZZearwOcoGYZbpeqC1sMqnwn0Kjl5VOfDgZBM746uurJ
IpCVXeZH53JWYGYVR89oSyQR3IKUn/Kb+ygRagEGTaM6sI1hsuIMC/OlRuSuAYrc
OEEeLGOXIIG8GJqnnPHrWrH1VH7yQycacq6V7nD7fz2M0SEY/sSqjgzTHKtkkSDh
66mj4US+O+NPNWJ3YwsDQFBZ7iJ2i7Rbg1kZZIoEjkR2N3mKVVwL
-----END CERTIFICATE-----
Generated at Mon May 6 12:05:03 2024 by rpki-client on console-fra.rpki-client.org