Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/daaae4-ed24-4473-9ec5-ee29c9136e8b/1/k0e11oAJpMnSAe2RC2x-DQ-hTSY.roa
File: k0e11oAJpMnSAe2RC2x-DQ-hTSY.roa (raw, json)
Hash identifier: gHgkZ95Fmkoa60EShvCjkn39Lph0UxsT5l78GikEuB4=
Subject key identifier: 93:47:B5:D6:80:09:A4:C9:D2:01:ED:91:0B:6C:7E:0D:0F:A1:4D:26
Certificate issuer: /CN=8279ead835a8fcfae0d9ee2839cd16881ba11dd7
Certificate serial: 018CC4245557270BDC5DADC7ED3AA9DFD992
Authority key identifier: 82:79:EA:D8:35:A8:FC:FA:E0:D9:EE:28:39:CD:16:88:1B:A1:1D:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnnq2DWo_Prg2e4oOc0WiBuhHdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/daaae4-ed24-4473-9ec5-ee29c9136e8b/1/k0e11oAJpMnSAe2RC2x-DQ-hTSY.roa
Signing time: Mon 01 Jan 2024 08:29:24 +0000
ROA not before: Mon 01 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198024
IP address blocks: 185.191.192.0/22 maxlen: 22
2a0a:1c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/daaae4-ed24-4473-9ec5-ee29c9136e8b/1/gnnq2DWo_Prg2e4oOc0WiBuhHdc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/daaae4-ed24-4473-9ec5-ee29c9136e8b/1/gnnq2DWo_Prg2e4oOc0WiBuhHdc.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnnq2DWo_Prg2e4oOc0WiBuhHdc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:55:57:27:0b:dc:5d:ad:c7:ed:3a:a9:df:d9:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8279ead835a8fcfae0d9ee2839cd16881ba11dd7
Validity
Not Before: Jan 1 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9347b5d68009a4c9d201ed910b6c7e0d0fa14d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:09:3f:89:af:f6:ee:d3:81:d4:49:6f:2a:af:
1a:d2:f6:f1:17:e1:ab:88:70:33:8a:26:04:11:f3:
b8:1b:fd:7c:8f:78:60:fa:79:28:07:c6:00:37:49:
5c:fc:88:52:7c:eb:5d:a8:1b:5b:47:67:1b:59:3e:
42:5f:8a:5a:d3:38:57:c9:ac:a6:a4:e7:4a:52:05:
e4:de:6f:89:f7:dc:1a:9f:0a:9f:85:c0:1d:6e:fa:
10:c3:89:06:ed:4b:fe:c5:33:e2:25:34:92:3a:b6:
2f:dd:03:ae:ca:1b:d3:63:69:ea:6b:30:e5:99:68:
f5:79:c5:6e:fe:0e:8f:07:e4:09:15:3c:ba:84:cc:
6f:8f:91:ac:2e:c2:15:88:d1:4f:2f:17:e1:8c:bb:
c7:49:39:99:01:fe:4d:2f:6e:e7:fb:9d:7b:7d:33:
5f:5c:3f:35:bc:76:10:d6:f6:aa:7f:ad:58:1d:07:
11:b2:b7:80:0f:be:37:00:20:b9:ea:0f:2d:62:66:
a8:af:32:76:3b:84:4c:92:c6:34:a6:a8:b5:11:4b:
8a:03:f5:7c:8d:06:c4:44:fb:04:95:7d:b8:b8:e9:
15:80:ef:2b:41:66:82:45:33:cd:cf:cf:96:fd:d8:
8f:87:a6:5e:1c:5d:30:02:1c:62:0d:90:0d:6f:06:
60:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:47:B5:D6:80:09:A4:C9:D2:01:ED:91:0B:6C:7E:0D:0F:A1:4D:26
X509v3 Authority Key Identifier:
keyid:82:79:EA:D8:35:A8:FC:FA:E0:D9:EE:28:39:CD:16:88:1B:A1:1D:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnnq2DWo_Prg2e4oOc0WiBuhHdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/daaae4-ed24-4473-9ec5-ee29c9136e8b/1/k0e11oAJpMnSAe2RC2x-DQ-hTSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/daaae4-ed24-4473-9ec5-ee29c9136e8b/1/gnnq2DWo_Prg2e4oOc0WiBuhHdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.192.0/22
IPv6:
2a0a:1c40::/29
Signature Algorithm: sha256WithRSAEncryption
9d:18:7b:2f:3e:a1:3e:74:9f:23:24:75:0a:ff:c6:b0:97:f2:
b1:a4:f8:6c:f8:45:4a:47:99:c8:94:81:6f:9c:6b:e8:20:a4:
69:9a:0a:13:80:7b:be:2b:a6:1d:7f:88:8a:31:ce:5a:34:d6:
fa:d5:79:fe:b0:bf:8f:84:65:bf:6e:cd:0d:de:bd:15:ea:00:
fe:30:fc:2e:3b:e2:e0:70:dc:d3:51:f5:ab:58:a4:0a:de:97:
11:49:81:49:d7:f8:dc:67:07:75:70:4c:e7:4d:94:9f:1a:5c:
70:24:39:59:12:54:bf:aa:cb:a4:9f:56:76:16:a4:0c:04:e5:
0b:cc:38:27:ab:f4:94:c6:a4:5b:18:78:5a:ec:8f:d8:1f:b1:
7c:ea:56:0c:4f:94:14:3b:10:34:b1:c7:33:e0:61:2c:0c:de:
ae:17:e7:a3:a5:b7:9c:f8:12:85:59:52:fa:79:93:6a:c4:25:
e5:6b:1f:44:be:9d:e7:cc:a8:59:d1:fd:dc:67:93:a5:13:ab:
bc:87:03:0d:1b:fa:b2:f1:f0:eb:42:88:67:9f:08:07:52:ea:
58:fa:89:39:e9:93:70:8a:2e:64:3f:a8:7c:35:12:50:09:00:
5c:2b:8f:46:79:c8:99:f1:c0:a2:66:81:bb:4c:38:30:51:6e:
6e:f7:b5:4c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJFVXJwvcXa3H7Tqp39mSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzllYWQ4MzVhOGZjZmFlMGQ5ZWUyODM5Y2QxNjg4MWJh
MTFkZDcwHhcNMjQwMTAxMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzQ3YjVkNjgwMDlhNGM5ZDIwMWVkOTEwYjZjN2UwZDBmYTE0ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgk/ia/27tOB1ElvKq8a0vbxF+Gr
iHAziiYEEfO4G/18j3hg+nkoB8YAN0lc/IhSfOtdqBtbR2cbWT5CX4pa0zhXyaym
pOdKUgXk3m+J99wanwqfhcAdbvoQw4kG7Uv+xTPiJTSSOrYv3QOuyhvTY2nqazDl
mWj1ecVu/g6PB+QJFTy6hMxvj5GsLsIViNFPLxfhjLvHSTmZAf5NL27n+517fTNf
XD81vHYQ1vaqf61YHQcRsreAD743ACC56g8tYmaorzJ2O4RMksY0pqi1EUuKA/V8
jQbERPsElX24uOkVgO8rQWaCRTPNz8+W/diPh6ZeHF0wAhxiDZANbwZgTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJNHtdaACaTJ0gHtkQtsfg0PoU0mMB8GA1UdIwQY
MBaAFIJ56tg1qPz64NnuKDnNFogboR3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ucTJEV29fUHJnMmU0b09jMFdpQnVoSGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kYWFhZTQtZWQyNC00NDczLTllYzUt
ZWUyOWM5MTM2ZThiLzEvazBlMTFvQUpwTW5TQWUyUkMyeC1EUS1oVFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kYWFhZTQtZWQyNC00NDczLTllYzUtZWUyOWM5MTM2ZThi
LzEvZ25ucTJEV29fUHJnMmU0b09jMFdpQnVoSGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub/AMA0E
AgACMAcDBQMqChxAMA0GCSqGSIb3DQEBCwUAA4IBAQCdGHsvPqE+dJ8jJHUK/8aw
l/KxpPhs+EVKR5nIlIFvnGvoIKRpmgoTgHu+K6Ydf4iKMc5aNNb61Xn+sL+PhGW/
bs0N3r0V6gD+MPwuO+LgcNzTUfWrWKQK3pcRSYFJ1/jcZwd1cEznTZSfGlxwJDlZ
ElS/qsukn1Z2FqQMBOULzDgnq/SUxqRbGHha7I/YH7F86lYMT5QUOxA0sccz4GEs
DN6uF+ejpbec+BKFWVL6eZNqxCXlax9Evp3nzKhZ0f3cZ5OlE6u8hwMNG/qy8fDr
QohnnwgHUupY+ok56ZNwii5kP6h8NRJQCQBcK49GeciZ8cCiZoG7TDgwUW5u97VM
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:58:00 2024 by rpki-client on console-fra.rpki-client.org