Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Kiqz4-Y9G4Th_PHMV-4Strc8yXg.roa
File: Kiqz4-Y9G4Th_PHMV-4Strc8yXg.roa (raw, json)
Hash identifier: p/DNgcJABlaa9QJhgprLzxGDqCJRbZ0Kpse/GFZW4yU=
Subject key identifier: 2A:2A:B3:E3:E6:3D:1B:84:E1:FC:F1:CC:57:EE:12:B6:B7:3C:C9:78
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018ED305F5C2C4E7C94B710BD47C1C319E93
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Kiqz4-Y9G4Th_PHMV-4Strc8yXg.roa
Signing time: Fri 12 Apr 2024 15:56:06 +0000
ROA not before: Fri 12 Apr 2024 15:56:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8342
IP address blocks: 147.45.38.0/24 maxlen: 24
147.45.39.0/24 maxlen: 24
147.45.61.0/24 maxlen: 24
147.45.62.0/24 maxlen: 24
147.45.63.0/24 maxlen: 24
147.45.88.0/21 maxlen: 21
147.45.117.0/24 maxlen: 24
147.45.118.0/24 maxlen: 24
147.45.119.0/24 maxlen: 24
147.45.120.0/22 maxlen: 22
147.45.127.0/24 maxlen: 24
147.45.205.0/24 maxlen: 24
193.233.60.0/24 maxlen: 24
193.233.62.0/24 maxlen: 24
193.233.124.0/22 maxlen: 22
193.233.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:05:f5:c2:c4:e7:c9:4b:71:0b:d4:7c:1c:31:9e:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 12 15:56:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a2ab3e3e63d1b84e1fcf1cc57ee12b6b73cc978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:98:67:49:45:9e:b0:14:46:46:d9:43:9c:0e:
cb:2e:b8:76:0c:14:59:fd:3f:e9:4c:f7:45:30:b4:
e8:85:b3:4a:fe:c5:8a:34:f0:85:52:74:ea:73:d8:
eb:61:ac:b8:ea:01:51:b9:c5:fb:1e:e0:de:94:9f:
89:65:6e:1f:84:ff:68:63:7b:90:ba:12:dd:4a:d6:
41:28:9b:29:fe:38:d2:bb:2b:f8:c7:ea:00:4e:ed:
ac:ff:0a:01:6b:c2:d0:44:1f:2c:35:f5:e9:a4:23:
82:c2:cc:67:73:3f:da:a1:fe:bb:cb:06:e6:7c:f3:
f6:ac:5a:ec:e5:92:b0:2b:73:e3:33:7d:c1:94:74:
41:51:a4:2c:25:11:e9:da:80:c1:30:6c:b5:c0:ae:
b7:b9:d7:86:78:2f:c6:36:37:5a:b5:f2:b4:f4:ba:
9e:bc:55:93:de:fa:b4:79:c9:1f:b2:08:bd:33:ab:
6f:c6:c6:18:33:b0:ed:5c:da:7f:09:a4:57:f1:00:
ea:e4:03:ad:70:de:62:60:04:0b:13:62:e9:9c:11:
1b:42:98:13:aa:ee:44:29:ab:c5:af:e2:81:b3:78:
1d:3d:fe:25:8d:75:aa:1f:0e:2f:f1:74:5f:24:95:
74:08:52:e2:08:25:1e:99:6c:37:f2:31:20:f4:0f:
6c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2A:B3:E3:E6:3D:1B:84:E1:FC:F1:CC:57:EE:12:B6:B7:3C:C9:78
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Kiqz4-Y9G4Th_PHMV-4Strc8yXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.38.0/23
147.45.61.0-147.45.63.255
147.45.88.0/21
147.45.117.0-147.45.123.255
147.45.127.0/24
147.45.205.0/24
193.233.60.0/24
193.233.62.0/24
193.233.124.0/22
193.233.170.0/24
Signature Algorithm: sha256WithRSAEncryption
55:a3:93:c7:44:16:f7:f4:7c:85:10:9c:5d:c7:26:c9:52:a7:
bd:de:5b:f8:43:d9:da:25:9c:a9:21:04:bb:67:b0:41:47:ae:
3b:47:db:3c:5e:d0:64:d8:72:a6:64:a2:fd:d0:6c:04:ed:ba:
54:6a:a6:66:ea:91:cf:9c:32:4e:ae:b0:f7:02:83:fb:fe:c6:
7b:04:81:ee:c5:b2:ff:7c:99:09:31:5c:4d:fa:7e:39:a6:aa:
6a:75:18:4e:e3:e3:c6:19:ad:85:5e:40:93:84:cb:f7:17:07:
50:72:77:c2:4c:1c:2e:b7:62:ba:71:d0:13:bc:65:b2:c1:fb:
e4:94:44:98:34:a1:92:7e:5d:8d:31:2b:44:b1:61:70:fa:73:
aa:2e:c0:57:b1:7c:05:9c:0f:43:31:3c:1b:3e:b8:cd:4a:ce:
2b:95:2b:19:ca:65:a8:4e:8d:ca:e8:28:1d:82:ff:06:2f:e3:
da:d6:6e:f1:cd:7b:34:85:26:82:d7:99:ab:17:ce:6e:bb:62:
79:1a:b8:fa:02:51:fc:af:47:2f:6a:4d:2a:c0:4b:9a:62:d1:
d0:ba:d3:df:6f:42:b1:41:6a:b9:19:08:8d:bb:75:5f:5f:98:
8f:73:95:86:00:66:23:88:5d:87:7e:1f:d4:49:a6:d5:03:fe:
f6:70:ff:b8
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY7TBfXCxOfJS3EL1HwcMZ6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNDEyMTU1NjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJhYjNlM2U2M2QxYjg0ZTFmY2YxY2M1N2VlMTJiNmI3M2NjOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhphnSUWesBRGRtlDnA7LLrh2DBRZ
/T/pTPdFMLTohbNK/sWKNPCFUnTqc9jrYay46gFRucX7HuDelJ+JZW4fhP9oY3uQ
uhLdStZBKJsp/jjSuyv4x+oATu2s/woBa8LQRB8sNfXppCOCwsxncz/aof67ywbm
fPP2rFrs5ZKwK3PjM33BlHRBUaQsJRHp2oDBMGy1wK63udeGeC/GNjdatfK09Lqe
vFWT3vq0eckfsgi9M6tvxsYYM7DtXNp/CaRX8QDq5AOtcN5iYAQLE2LpnBEbQpgT
qu5EKavFr+KBs3gdPf4ljXWqHw4v8XRfJJV0CFLiCCUemWw38jEg9A9snwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFCoqs+PmPRuE4fzxzFfuEra3PMl4MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvS2lxejQtWTlHNFRoX1BITVYtNFN0cmM4eVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQBky0mMAwD
BACTLT0DBAaTLQADBAOTLVgwDAMEAJMtdQMEApMteAMEAJMtfwMEAJMtzQMEAMHp
PAMEAMHpPgMEAsHpfAMEAMHpqjANBgkqhkiG9w0BAQsFAAOCAQEAVaOTx0QW9/R8
hRCcXccmyVKnvd5b+EPZ2iWcqSEEu2ewQUeuO0fbPF7QZNhypmSi/dBsBO26VGqm
ZuqRz5wyTq6w9wKD+/7GewSB7sWy/3yZCTFcTfp+OaaqanUYTuPjxhmthV5Ak4TL
9xcHUHJ3wkwcLrdiunHQE7xlssH75JREmDShkn5djTErRLFhcPpzqi7AV7F8BZwP
QzE8Gz64zUrOK5UrGcplqE6NyugoHYL/Bi/j2tZu8c17NIUmgteZqxfObrtieRq4
+gJR/K9HL2pNKsBLmmLR0LrT329CsUFquRkIjbt1X1+Yj3OVhgBmI4hdh34f1Emm
1QP+9nD/uA==
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:22:59 2024 by rpki-client on console-ams.rpki-client.org