Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ak2_KVOpHneN6Dtgh8nyE08u7L4.roa
File: ak2_KVOpHneN6Dtgh8nyE08u7L4.roa (raw, json)
Hash identifier: 320s2ZIwcGSQITFc8TxICvIoR/pHOU5aIRLKwz+nZKI=
Subject key identifier: 6A:4D:BF:29:53:A9:1E:77:8D:E8:3B:60:87:C9:F2:13:4F:2E:EC:BE
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018CC5012051FA506464AF7A976F9E6599AF
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ak2_KVOpHneN6Dtgh8nyE08u7L4.roa
Signing time: Mon 01 Jan 2024 12:30:34 +0000
ROA not before: Mon 01 Jan 2024 12:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212826
IP address blocks: 185.232.84.0/23 maxlen: 24
45.154.238.0/23 maxlen: 24
45.152.11.0/24 maxlen: 24
45.157.32.0/23 maxlen: 24
213.185.86.0/23 maxlen: 24
45.130.52.0/24 maxlen: 24
194.40.246.0/23 maxlen: 24
46.161.208.0/23 maxlen: 23
45.128.158.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:20:51:fa:50:64:64:af:7a:97:6f:9e:65:99:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 12:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a4dbf2953a91e778de83b6087c9f2134f2eecbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dc:7e:5b:1e:f1:c7:b8:1b:93:09:70:58:56:
34:b7:d4:bd:bd:7b:60:20:d0:33:2d:72:a7:77:94:
bc:6f:46:68:e4:68:94:54:c5:e1:54:bd:d0:05:e6:
16:d3:7e:5a:a9:90:84:32:89:c1:fa:c8:80:c2:4a:
0b:7d:45:22:50:90:b9:38:fe:c7:4c:be:75:98:4a:
78:d0:cd:cb:e3:9c:c4:a3:44:55:b7:51:fe:55:ee:
b0:ee:24:21:bd:7c:45:a7:20:5e:dc:38:20:79:c3:
c7:b1:dd:b9:ef:30:43:40:6f:0e:06:be:3d:80:80:
c8:4b:52:af:c3:d5:a5:ce:96:8a:b3:67:f2:63:d0:
bc:0a:ae:b0:6d:cf:1d:86:79:1c:20:d1:dd:85:22:
9b:81:31:b5:33:f8:0e:9d:98:55:dd:00:f9:cb:d8:
dc:23:80:f2:21:9c:ba:40:65:84:3b:f0:3e:b5:1e:
d7:2a:b8:b3:00:a7:13:62:0a:23:2d:e4:7d:e8:eb:
42:de:93:f5:6e:2b:ed:d0:34:61:95:c8:cb:d9:e7:
08:7c:87:22:b6:c8:87:5e:5f:e1:46:76:25:fd:45:
41:ba:b2:60:be:24:2e:5f:d5:1b:30:59:52:31:07:
0c:79:88:7b:ba:d5:e8:5e:ab:35:59:af:09:94:30:
66:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:4D:BF:29:53:A9:1E:77:8D:E8:3B:60:87:C9:F2:13:4F:2E:EC:BE
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ak2_KVOpHneN6Dtgh8nyE08u7L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.158.0/23
45.130.52.0/24
45.152.11.0/24
45.154.238.0/23
45.157.32.0/23
46.161.208.0/23
185.232.84.0/23
194.40.246.0/23
213.185.86.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:ef:7d:23:77:1a:62:ec:e4:14:cd:67:c1:d1:7b:2a:67:0b:
e4:bd:d0:f8:2a:f9:0e:79:1b:bf:d6:ae:f3:70:0b:21:aa:5c:
ae:5d:80:17:47:94:f6:91:6c:46:55:a3:51:b2:6c:bc:23:f3:
6c:9a:05:4a:69:14:d7:18:61:0f:b9:37:cf:89:44:69:34:b6:
bb:a0:b6:13:fa:ad:e6:9b:73:2b:6a:9d:4f:2d:a2:25:fd:18:
2f:1a:84:a0:f7:f6:18:63:34:a4:14:48:f6:f9:c3:66:6d:9b:
0f:55:f1:91:fa:5d:01:15:fd:7f:33:e8:b9:cf:29:9d:07:a2:
67:06:d8:1c:d4:12:64:f3:3d:6c:cb:02:0c:8f:19:19:9d:17:
d1:f3:6b:3d:6b:19:b7:3c:90:6c:0a:1d:66:38:62:ae:2f:83:
52:97:f3:7d:60:c3:2a:69:79:75:83:e2:75:0a:05:9f:c4:0f:
5c:f3:4a:7c:52:3a:26:3c:b0:f7:41:84:d8:cc:97:66:8c:14:
46:1f:23:8a:53:8f:62:7c:74:99:66:68:f5:6b:8e:44:ae:0e:
f4:4b:1d:bc:57:bf:ca:e8:e2:1b:2c:0b:30:37:c7:53:14:8c:
6c:4c:eb:7b:f3:bd:aa:fc:05:c4:a9:b5:a7:62:47:10:3c:26:
67:f8:5e:c0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzFASBR+lBkZK96l2+eZZmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwMTAxMTIzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTRkYmYyOTUzYTkxZTc3OGRlODNiNjA4N2M5ZjIxMzRmMmVlY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtx+Wx7xx7gbkwlwWFY0t9S9vXtg
INAzLXKnd5S8b0Zo5GiUVMXhVL3QBeYW035aqZCEMonB+siAwkoLfUUiUJC5OP7H
TL51mEp40M3L45zEo0RVt1H+Ve6w7iQhvXxFpyBe3DggecPHsd257zBDQG8OBr49
gIDIS1Kvw9WlzpaKs2fyY9C8Cq6wbc8dhnkcINHdhSKbgTG1M/gOnZhV3QD5y9jc
I4DyIZy6QGWEO/A+tR7XKrizAKcTYgojLeR96OtC3pP1bivt0DRhlcjL2ecIfIci
tsiHXl/hRnYl/UVBurJgviQuX9UbMFlSMQcMeYh7utXoXqs1Wa8JlDBmJwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGpNvylTqR53jeg7YIfJ8hNPLuy+MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvYWsyX0tWT3BIbmVONkR0Z2g4bnlFMDh1N0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLYCeAwQA
LYI0AwQALZgLAwQBLZruAwQBLZ0gAwQBLqHQAwQBuehUAwQBwij2AwQB1blWMA0G
CSqGSIb3DQEBCwUAA4IBAQCs730jdxpi7OQUzWfB0XsqZwvkvdD4KvkOeRu/1q7z
cAshqlyuXYAXR5T2kWxGVaNRsmy8I/NsmgVKaRTXGGEPuTfPiURpNLa7oLYT+q3m
m3Mrap1PLaIl/RgvGoSg9/YYYzSkFEj2+cNmbZsPVfGR+l0BFf1/M+i5zymdB6Jn
Btgc1BJk8z1sywIMjxkZnRfR82s9axm3PJBsCh1mOGKuL4NSl/N9YMMqaXl1g+J1
CgWfxA9c80p8UjomPLD3QYTYzJdmjBRGHyOKU49ifHSZZmj1a45Erg70Sx28V7/K
6OIbLAswN8dTFIxsTOt7872q/AXEqbWnYkcQPCZn+F7A
-----END CERTIFICATE-----
Generated at Thu May 2 15:03:53 2024 by rpki-client on console-ams.rpki-client.org