Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/KWyhHXZXhHyi_-yry-IIMkO12Ao.roa
File: KWyhHXZXhHyi_-yry-IIMkO12Ao.roa (raw, json)
Hash identifier: pl72D5DODw4173c5V2ugBGS3R7tDyLJ4Qw/5lr3IWs4=
Subject key identifier: 29:6C:A1:1D:76:57:84:7C:A2:FF:EC:AB:CB:E2:08:32:43:B5:D8:0A
Certificate issuer: /CN=c950d7b1975a3703ae27b31ad2f932ae46a4cc94
Certificate serial: 018CC8DF16644BA52BC432BBDC95CF59D11C
Authority key identifier: C9:50:D7:B1:97:5A:37:03:AE:27:B3:1A:D2:F9:32:AE:46:A4:CC:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/KWyhHXZXhHyi_-yry-IIMkO12Ao.roa
Signing time: Tue 02 Jan 2024 06:31:52 +0000
ROA not before: Tue 02 Jan 2024 06:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2119
IP address blocks: 185.136.128.0/22 maxlen: 24
2a03:a4e0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:16:64:4b:a5:2b:c4:32:bb:dc:95:cf:59:d1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c950d7b1975a3703ae27b31ad2f932ae46a4cc94
Validity
Not Before: Jan 2 06:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=296ca11d7657847ca2ffecabcbe2083243b5d80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:96:e2:b9:a5:07:72:8b:ce:97:ca:7b:d4:59:
c7:ad:9a:3b:6c:10:57:98:9e:1e:96:c4:3c:7d:e1:
63:d9:8e:16:5c:e5:bf:79:1a:e1:a6:e0:5c:9a:f8:
4e:48:79:3f:b3:0d:fe:47:01:f6:86:60:bf:a0:70:
ac:a3:5d:d0:9b:78:6d:8e:70:34:6b:56:2a:5e:bc:
a3:8f:f2:0b:77:1d:d1:6b:e2:8a:35:3c:f4:71:15:
b4:c2:8d:b3:7e:1c:f0:83:6a:53:19:17:16:b3:33:
36:cc:f4:7d:8f:1a:cd:ca:c3:43:99:d7:4e:85:0b:
54:30:a5:53:e3:fd:c7:d8:be:f3:9e:aa:c4:41:56:
bc:c3:4b:3f:42:88:4c:9e:d1:be:e7:94:99:45:55:
21:6c:23:0f:60:d6:2c:d1:06:3b:e0:b1:b3:03:93:
1c:86:a2:88:a7:b6:13:58:70:86:a1:d5:e1:96:b9:
30:77:2c:c4:fb:d4:fd:02:66:62:0d:6a:66:66:74:
b5:d3:11:33:94:05:eb:4b:da:ba:9d:cd:76:79:63:
14:ef:9a:72:f3:ac:a3:a9:43:9f:f1:2a:b7:2c:16:
93:0b:80:b3:d1:46:f7:b4:6e:a1:f9:28:0d:8d:85:
70:de:83:16:3f:6e:55:a1:ff:60:73:52:e7:4a:09:
5e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:6C:A1:1D:76:57:84:7C:A2:FF:EC:AB:CB:E2:08:32:43:B5:D8:0A
X509v3 Authority Key Identifier:
keyid:C9:50:D7:B1:97:5A:37:03:AE:27:B3:1A:D2:F9:32:AE:46:A4:CC:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/KWyhHXZXhHyi_-yry-IIMkO12Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.128.0/22
IPv6:
2a03:a4e0::/32
Signature Algorithm: sha256WithRSAEncryption
4b:47:b8:6f:70:f2:41:80:81:3d:50:fc:81:ea:9f:ff:ff:0d:
6c:82:2b:a7:22:bf:42:8a:44:a7:80:be:61:63:26:92:79:f8:
40:7e:b8:59:4a:c9:59:b6:65:2e:24:e5:68:f4:82:be:b1:97:
25:d6:96:2a:11:08:b3:e0:48:54:da:cb:c2:94:96:11:ac:96:
2b:4a:53:01:44:14:5e:9d:7d:d2:74:b1:47:58:a8:f1:90:a9:
90:f1:75:b8:c1:dc:7e:67:77:7f:49:79:72:e0:e0:61:07:4e:
a0:9a:52:98:d0:ac:b6:e9:a1:2a:0d:b7:7f:b3:74:2d:19:88:
ca:95:c1:9e:8b:28:c1:df:fb:e8:57:29:48:cd:0b:0e:9a:dd:
77:98:eb:98:31:59:62:bf:cb:c4:e3:42:64:cd:3e:c9:f8:5a:
85:d9:bf:16:70:06:a6:88:15:1b:77:b8:39:c7:e7:4b:d6:b1:
45:15:c3:07:6f:09:26:42:24:f4:0a:e2:db:0b:1a:7a:8a:64:
b4:03:71:49:24:c7:7c:57:e5:69:98:2c:73:f5:f7:c6:52:a7:
76:37:7b:ea:fc:53:ba:c0:60:fb:22:02:a6:64:a2:4f:b7:f0:
cc:b0:49:58:ba:60:6c:d3:7f:b5:50:ed:43:b4:de:7a:b9:20:
44:16:38:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3xZkS6UrxDK73JXPWdEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NTBkN2IxOTc1YTM3MDNhZTI3YjMxYWQyZjkzMmFlNDZh
NGNjOTQwHhcNMjQwMTAyMDYzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTZjYTExZDc2NTc4NDdjYTJmZmVjYWJjYmUyMDgzMjQzYjVkODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJbiuaUHcovOl8p71FnHrZo7bBBX
mJ4elsQ8feFj2Y4WXOW/eRrhpuBcmvhOSHk/sw3+RwH2hmC/oHCso13Qm3htjnA0
a1YqXryjj/ILdx3Ra+KKNTz0cRW0wo2zfhzwg2pTGRcWszM2zPR9jxrNysNDmddO
hQtUMKVT4/3H2L7znqrEQVa8w0s/QohMntG+55SZRVUhbCMPYNYs0QY74LGzA5Mc
hqKIp7YTWHCGodXhlrkwdyzE+9T9AmZiDWpmZnS10xEzlAXrS9q6nc12eWMU75py
86yjqUOf8Sq3LBaTC4Cz0Ub3tG6h+SgNjYVw3oMWP25Vof9gc1LnSgle9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFClsoR12V4R8ov/sq8viCDJDtdgKMB8GA1UdIwQY
MBaAFMlQ17GXWjcDriezGtL5Mq5GpMyUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVZEWHNaZGFOd091SjdNYTB2a3lya2FrekpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wYzczMTgtYjM0OC00YjI0LWI5ZTUt
YzZhODgyMWFkZWE5LzEvS1d5aEhYWlhoSHlpXy15cnktSUlNa08xMkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wYzczMTgtYjM0OC00YjI0LWI5ZTUtYzZhODgyMWFkZWE5
LzEveVZEWHNaZGFOd091SjdNYTB2a3lya2FrekpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYiAMA0E
AgACMAcDBQAqA6TgMA0GCSqGSIb3DQEBCwUAA4IBAQBLR7hvcPJBgIE9UPyB6p//
/w1sgiunIr9CikSngL5hYyaSefhAfrhZSslZtmUuJOVo9IK+sZcl1pYqEQiz4EhU
2svClJYRrJYrSlMBRBRenX3SdLFHWKjxkKmQ8XW4wdx+Z3d/SXly4OBhB06gmlKY
0Ky26aEqDbd/s3QtGYjKlcGeiyjB3/voVylIzQsOmt13mOuYMVliv8vE40JkzT7J
+FqF2b8WcAamiBUbd7g5x+dL1rFFFcMHbwkmQiT0CuLbCxp6imS0A3FJJMd8V+Vp
mCxz9ffGUqd2N3vq/FO6wGD7IgKmZKJPt/DMsElYumBs03+1UO1DtN56uSBEFji2
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:45:59 2024 by rpki-client on console-fra.rpki-client.org