Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/kYChh4QgJH5QTNckydJiTnGGIYw.roa
File: kYChh4QgJH5QTNckydJiTnGGIYw.roa (raw, json)
Hash identifier: 6j9KN530MvWCPbqroi0+2gudZbSmbdJ4Zwr8AbuOysA=
Subject key identifier: 91:80:A1:87:84:20:24:7E:50:4C:D7:24:C9:D2:62:4E:71:86:21:8C
Certificate issuer: /CN=15fedc1705576d97fe4ad20291de198473d8156f
Certificate serial: 018CC349171A7461CE28F4ED5EF48AF34367
Authority key identifier: 15:FE:DC:17:05:57:6D:97:FE:4A:D2:02:91:DE:19:84:73:D8:15:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff7cFwVXbZf-StICkd4ZhHPYFW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/kYChh4QgJH5QTNckydJiTnGGIYw.roa
Signing time: Mon 01 Jan 2024 04:29:56 +0000
ROA not before: Mon 01 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207992
IP address blocks: 194.9.172.0/23 maxlen: 23
194.9.172.0/24 maxlen: 24
194.9.173.0/24 maxlen: 24
194.11.21.0/24 maxlen: 24
194.11.20.0/24 maxlen: 24
194.11.20.0/23 maxlen: 23
2a04:ecc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Ff7cFwVXbZf-StICkd4ZhHPYFW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Ff7cFwVXbZf-StICkd4ZhHPYFW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ff7cFwVXbZf-StICkd4ZhHPYFW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:17:1a:74:61:ce:28:f4:ed:5e:f4:8a:f3:43:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fedc1705576d97fe4ad20291de198473d8156f
Validity
Not Before: Jan 1 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9180a1878420247e504cd724c9d2624e7186218c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6a:84:a8:c7:c9:44:83:46:e7:d7:67:1d:30:
98:b6:bb:8a:fc:f4:76:77:b2:5a:6b:7b:81:c1:ec:
7d:f2:1c:77:74:5b:69:03:2c:bd:c5:94:de:26:0d:
25:2c:2a:8e:92:f0:ba:08:49:84:2c:78:67:95:46:
ad:6a:e6:ca:f9:2f:84:62:99:e8:2e:5e:2e:00:23:
2c:17:f3:73:f4:d7:3b:78:2f:ae:59:b5:12:df:f2:
fb:de:0e:3f:a7:dc:20:58:de:07:4d:75:07:ec:fd:
17:23:07:e1:e0:3f:fa:88:8d:03:c6:07:4a:31:ba:
52:dd:f4:82:89:7e:c1:75:67:8e:39:ca:7a:de:71:
f8:71:35:8b:67:e7:34:aa:40:cf:8d:2b:56:70:6a:
23:b4:7e:8e:1b:84:47:d0:a8:dd:72:84:9e:9c:bd:
b0:fb:8e:c5:77:ff:19:21:30:0e:14:b2:1e:6d:ab:
50:7f:80:f6:22:ba:b9:db:32:2b:dd:3b:2b:5f:ed:
02:4d:f5:fd:ab:a6:72:3c:29:04:29:4f:39:1f:94:
8a:ad:1d:1a:26:4d:67:7a:c1:6a:ae:82:55:4c:62:
b9:df:10:d3:2f:b3:de:96:0f:48:51:6d:5d:9b:01:
a6:20:47:08:c2:37:28:23:10:34:c0:28:63:8d:f2:
48:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:80:A1:87:84:20:24:7E:50:4C:D7:24:C9:D2:62:4E:71:86:21:8C
X509v3 Authority Key Identifier:
keyid:15:FE:DC:17:05:57:6D:97:FE:4A:D2:02:91:DE:19:84:73:D8:15:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff7cFwVXbZf-StICkd4ZhHPYFW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/kYChh4QgJH5QTNckydJiTnGGIYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e27eb8-af64-446e-88ec-d472e49f591e/1/Ff7cFwVXbZf-StICkd4ZhHPYFW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.172.0/23
194.11.20.0/23
IPv6:
2a04:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
b1:9f:92:84:f9:8a:95:5d:46:34:79:56:24:b2:e3:6a:bd:77:
fe:95:c4:7d:d0:16:c8:fa:29:1a:c2:73:c8:26:34:f6:5d:56:
6a:7e:a4:2b:73:5f:b8:b5:6a:33:46:88:e4:bf:92:d3:9a:76:
b3:64:29:68:66:b3:80:a4:ae:f2:bb:86:ca:16:60:2e:98:ab:
29:39:ee:b3:43:8b:20:32:7b:72:c3:9b:53:0c:a1:ae:a5:9a:
89:67:3d:40:e4:77:e2:4f:09:8d:05:d4:51:4d:ae:0f:30:14:
06:c0:fb:13:40:14:a9:34:27:cb:6e:99:39:e9:e3:57:58:0c:
68:35:71:81:f2:20:e5:fb:32:de:4c:42:86:c5:f7:04:02:e0:
ae:6d:6b:eb:1c:f6:49:c5:50:4a:11:88:cf:b7:6c:a7:cc:c3:
8e:0d:03:a4:f0:e0:71:59:2f:dc:70:47:b6:dc:8c:a1:05:30:
ff:31:fb:7c:35:dc:cd:58:0e:f2:07:d0:41:f0:3d:3e:f1:ec:
73:3e:ca:59:56:75:85:29:b2:f1:45:f3:87:47:e5:7e:f4:15:
2e:97:85:cd:d9:03:7c:04:ff:7f:64:3c:af:06:49:bf:fd:cb:
72:00:76:9b:0e:72:7f:1a:26:c3:80:ef:02:30:ea:01:42:be:
f0:b4:86:88
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSRcadGHOKPTtXvSK80NnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmVkYzE3MDU1NzZkOTdmZTRhZDIwMjkxZGUxOTg0NzNk
ODE1NmYwHhcNMjQwMTAxMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTgwYTE4Nzg0MjAyNDdlNTA0Y2Q3MjRjOWQyNjI0ZTcxODYyMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomqEqMfJRING59dnHTCYtruK/PR2
d7Jaa3uBwex98hx3dFtpAyy9xZTeJg0lLCqOkvC6CEmELHhnlUataubK+S+EYpno
Ll4uACMsF/Nz9Nc7eC+uWbUS3/L73g4/p9wgWN4HTXUH7P0XIwfh4D/6iI0DxgdK
MbpS3fSCiX7BdWeOOcp63nH4cTWLZ+c0qkDPjStWcGojtH6OG4RH0KjdcoSenL2w
+47Fd/8ZITAOFLIebatQf4D2Irq52zIr3TsrX+0CTfX9q6ZyPCkEKU85H5SKrR0a
Jk1nesFqroJVTGK53xDTL7Pelg9IUW1dmwGmIEcIwjcoIxA0wChjjfJIlQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJGAoYeEICR+UEzXJMnSYk5xhiGMMB8GA1UdIwQY
MBaAFBX+3BcFV22X/krSApHeGYRz2BVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmY3Y0Z3VlhiWmYtU3RJQ2tkNFpoSFBZRlc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9lMjdlYjgtYWY2NC00NDZlLTg4ZWMt
ZDQ3MmU0OWY1OTFlLzEva1lDaGg0UWdKSDVRVE5ja3lkSmlUbkdHSVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9lMjdlYjgtYWY2NC00NDZlLTg4ZWMtZDQ3MmU0OWY1OTFl
LzEvRmY3Y0Z3VlhiWmYtU3RJQ2tkNFpoSFBZRlc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwgmsAwQB
wgsUMA0EAgACMAcDBQMqBOzAMA0GCSqGSIb3DQEBCwUAA4IBAQCxn5KE+YqVXUY0
eVYksuNqvXf+lcR90BbI+ikawnPIJjT2XVZqfqQrc1+4tWozRojkv5LTmnazZClo
ZrOApK7yu4bKFmAumKspOe6zQ4sgMntyw5tTDKGupZqJZz1A5HfiTwmNBdRRTa4P
MBQGwPsTQBSpNCfLbpk56eNXWAxoNXGB8iDl+zLeTEKGxfcEAuCubWvrHPZJxVBK
EYjPt2ynzMOODQOk8OBxWS/ccEe23IyhBTD/Mft8NdzNWA7yB9BB8D0+8exzPspZ
VnWFKbLxRfOHR+V+9BUul4XN2QN8BP9/ZDyvBkm//ctyAHabDnJ/GibDgO8CMOoB
Qr7wtIaI
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:23 2024 by rpki-client on console-ams.rpki-client.org