Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/KfM4cZuaqKPM_aLCyTRU27gzc1I.roa
File: KfM4cZuaqKPM_aLCyTRU27gzc1I.roa (raw, json)
Hash identifier: A7XwVk9/fxy3KeKkpEJZZTbQEVqQQ7Jhr/fQTzkJUW4=
Subject key identifier: 29:F3:38:71:9B:9A:A8:A3:CC:FD:A2:C2:C9:34:54:DB:B8:33:73:52
Certificate issuer: /CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Certificate serial: 018CC9BC02AF8F43C2D8547971BA3C5A9897
Authority key identifier: 93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/KfM4cZuaqKPM_aLCyTRU27gzc1I.roa
Signing time: Tue 02 Jan 2024 10:33:10 +0000
ROA not before: Tue 02 Jan 2024 10:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56410
IP address blocks: 93.119.24.0/22 maxlen: 22
159.253.224.0/22 maxlen: 22
185.122.132.0/22 maxlen: 22
185.156.196.0/22 maxlen: 22
185.57.102.0/24 maxlen: 24
185.57.100.0/22 maxlen: 22
144.2.240.0/21 maxlen: 21
81.173.12.0/22 maxlen: 22
45.137.184.0/22 maxlen: 22
91.216.236.0/24 maxlen: 24
91.216.241.0/24 maxlen: 24
185.32.152.0/22 maxlen: 22
5.149.168.0/21 maxlen: 21
2a04:b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:02:af:8f:43:c2:d8:54:79:71:ba:3c:5a:98:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Validity
Not Before: Jan 2 10:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29f338719b9aa8a3ccfda2c2c93454dbb8337352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2f:de:36:46:5d:0b:99:d1:d2:70:7f:2b:7c:
0e:e7:b0:5a:6b:38:18:19:71:8a:9a:9a:88:30:df:
f8:0d:ee:e5:87:af:06:b4:b5:70:41:31:50:7e:ab:
f4:65:69:58:f0:53:10:9d:9c:fa:97:5d:32:7a:a6:
05:6d:bc:c2:62:9e:9e:9d:04:db:a2:75:20:6c:6f:
51:ac:22:5f:d3:bf:08:98:a4:e0:7e:cb:a1:80:e3:
cb:dc:83:1a:56:85:7b:61:7e:eb:19:e4:9b:3b:28:
ea:67:1a:1f:26:50:dd:95:eb:49:4d:b5:5e:e4:0d:
c3:6e:27:cb:0c:d0:cf:14:d2:95:51:b4:eb:3d:e1:
61:fe:3c:c7:1c:ff:87:35:93:40:2f:75:3b:34:5c:
d5:c5:3e:62:08:4a:ba:11:ef:6b:2a:73:2b:82:cc:
b6:b0:ef:8a:83:c9:d1:65:bd:94:46:16:af:20:9f:
9c:69:e0:5d:62:da:15:37:1b:b6:9c:00:a8:ef:37:
3f:a9:1c:bf:57:da:b3:79:e0:a4:36:8b:a4:19:08:
de:a1:5e:b8:80:a0:5f:2f:b8:8c:93:6f:9c:3a:68:
0e:da:4a:86:7b:b0:38:b0:9c:56:c4:a7:14:dd:d6:
af:56:62:e2:06:41:3a:28:8a:e2:bc:e8:00:20:a4:
f2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F3:38:71:9B:9A:A8:A3:CC:FD:A2:C2:C9:34:54:DB:B8:33:73:52
X509v3 Authority Key Identifier:
keyid:93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/KfM4cZuaqKPM_aLCyTRU27gzc1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.168.0/21
45.137.184.0/22
81.173.12.0/22
91.216.236.0/24
91.216.241.0/24
93.119.24.0/22
144.2.240.0/21
159.253.224.0/22
185.32.152.0/22
185.57.100.0/22
185.122.132.0/22
185.156.196.0/22
IPv6:
2a04:b00::/29
Signature Algorithm: sha256WithRSAEncryption
07:3d:94:78:f8:e7:90:34:d0:16:df:8a:76:b5:08:ac:ab:21:
01:d5:88:08:80:3d:ea:fb:71:5a:eb:02:12:7b:33:29:a6:9a:
48:37:4d:fd:ec:d1:be:6d:00:44:23:ea:0c:5a:fb:ed:10:fa:
48:1f:bd:a9:80:77:9b:d4:8e:51:f4:f9:96:a0:05:4c:26:34:
23:62:3b:c8:e4:7c:22:75:2b:8e:4d:2a:72:6b:b7:22:09:61:
35:8d:a5:ef:3f:8a:49:66:06:52:9c:d2:03:c8:ba:b9:45:d7:
7c:87:d5:82:d4:cb:c1:25:0b:79:3a:97:61:f4:45:66:ec:56:
07:57:66:82:87:b2:6d:f1:04:6b:6e:2b:06:57:10:ad:74:70:
6f:8c:90:1f:91:91:d4:f6:8f:9e:a2:f5:1b:60:0c:7e:c9:bd:
af:9a:e1:51:4a:9b:84:3b:53:f8:fc:24:9f:e5:85:d3:3a:05:
61:dc:41:64:c2:99:1a:88:4f:aa:ab:eb:88:74:26:01:37:b8:
12:9e:e3:3b:1f:7f:1f:a3:89:de:ae:d7:e6:50:f3:ba:14:e7:
e5:a2:cc:34:d3:6d:7e:5d:92:b9:32:37:36:ad:a2:37:55:c1:
30:62:46:e9:67:33:32:80:51:8d:9d:48:a0:a3:59:2e:46:55:
07:df:52:49
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzJvAKvj0PC2FR5cbo8WpiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjI5ODE5Nzg4ODU2OTZjZTFjMmJiZjRhZjk5ZGFkYzJj
NjE4ZWIwHhcNMjQwMTAyMTAzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWYzMzg3MTliOWFhOGEzY2NmZGEyYzJjOTM0NTRkYmI4MzM3MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi/eNkZdC5nR0nB/K3wO57BaazgY
GXGKmpqIMN/4De7lh68GtLVwQTFQfqv0ZWlY8FMQnZz6l10yeqYFbbzCYp6enQTb
onUgbG9RrCJf078ImKTgfsuhgOPL3IMaVoV7YX7rGeSbOyjqZxofJlDdletJTbVe
5A3DbifLDNDPFNKVUbTrPeFh/jzHHP+HNZNAL3U7NFzVxT5iCEq6Ee9rKnMrgsy2
sO+Kg8nRZb2URhavIJ+caeBdYtoVNxu2nACo7zc/qRy/V9qzeeCkNoukGQjeoV64
gKBfL7iMk2+cOmgO2kqGe7A4sJxWxKcU3davVmLiBkE6KIrivOgAIKTyAQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFCnzOHGbmqijzP2iwsk0VNu4M3NSMB8GA1UdIwQY
MBaAFJOymBl4iFaWzhwrv0r5na3CxhjrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzkt
MzFjOTVlMmExZDZmLzEvS2ZNNGNadWFxS1BNX2FMQ3lUUlUyN2d6YzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzktMzFjOTVlMmExZDZm
LzEvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDBZWoAwQC
LYm4AwQCUa0MAwQAW9jsAwQAW9jxAwQCXXcYAwQDkALwAwQCn/3gAwQCuSCYAwQC
uTlkAwQCuXqEAwQCuZzEMA0EAgACMAcDBQMqBAsAMA0GCSqGSIb3DQEBCwUAA4IB
AQAHPZR4+OeQNNAW34p2tQisqyEB1YgIgD3q+3Fa6wISezMppppIN0397NG+bQBE
I+oMWvvtEPpIH72pgHeb1I5R9PmWoAVMJjQjYjvI5HwidSuOTSpya7ciCWE1jaXv
P4pJZgZSnNIDyLq5Rdd8h9WC1MvBJQt5Opdh9EVm7FYHV2aCh7Jt8QRrbisGVxCt
dHBvjJAfkZHU9o+eovUbYAx+yb2vmuFRSpuEO1P4/CSf5YXTOgVh3EFkwpkaiE+q
q+uIdCYBN7gSnuM7H38fo4nertfmUPO6FOflosw0021+XZK5Mjc2raI3VcEwYkbp
ZzMygFGNnUigo1kuRlUH31JJ
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:31:01 2024 by rpki-client on console-ams.rpki-client.org