Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/KusfEABpmUJrIz1OBbusgvbVF0k.roa
File: KusfEABpmUJrIz1OBbusgvbVF0k.roa (raw, json)
Hash identifier: hyZi5E2iMl4//iT7Jyr9Z82QAiW76ixgVpJ/1yCar2k=
Subject key identifier: 2A:EB:1F:10:00:69:99:42:6B:23:3D:4E:05:BB:AC:82:F6:D5:17:49
Certificate issuer: /CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Certificate serial: 01932A3693C3629D074FDF1D33050D370189
Authority key identifier: D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/KusfEABpmUJrIz1OBbusgvbVF0k.roa
Signing time: Thu 14 Nov 2024 10:27:20 +0000
ROA not before: Thu 14 Nov 2024 10:27:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.103.5.0/24 maxlen: 24
185.103.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:36:93:c3:62:9d:07:4f:df:1d:33:05:0d:37:01:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Validity
Not Before: Nov 14 10:27:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2aeb1f10006999426b233d4e05bbac82f6d51749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:73:d6:0e:ab:78:68:71:1f:0b:b5:b8:b6:c0:
95:ca:27:ff:30:bb:4b:4f:0e:75:f2:4c:59:cc:11:
70:e7:59:d4:de:75:aa:49:79:41:ee:48:97:e8:12:
26:88:33:15:7a:a7:91:b8:5d:4d:56:7d:0c:a1:9d:
9d:91:a2:77:73:c6:17:8d:3f:94:51:c9:0f:e0:ff:
ad:bc:d8:3a:b6:f7:b5:f9:b7:86:dd:f8:4e:9a:a2:
da:d0:a7:90:44:69:d3:75:c9:01:d8:a4:d2:4e:82:
b6:e5:08:59:f9:69:cb:9a:08:ad:75:65:05:a5:85:
45:90:e7:35:da:fa:7c:16:4a:12:a0:30:ab:68:b4:
86:86:ec:d3:8e:04:5d:a4:a2:05:5b:58:95:de:b9:
4d:db:e9:1c:7f:1e:45:50:7b:41:52:b4:19:b1:23:
39:fd:d8:3d:70:58:fd:d9:99:6d:96:17:ab:61:8c:
31:aa:8b:53:cb:a5:fb:89:ba:ee:e5:16:52:12:81:
38:00:bc:b5:60:45:0f:63:0e:88:48:8b:ed:be:cc:
19:8d:63:f0:55:f9:0c:fa:5e:1c:6a:bb:f7:a6:b7:
de:0b:7b:aa:20:81:28:57:4d:48:00:de:7c:f3:c6:
f1:1e:ba:f3:6e:1b:df:54:6b:d6:21:5b:87:61:6e:
c8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:EB:1F:10:00:69:99:42:6B:23:3D:4E:05:BB:AC:82:F6:D5:17:49
X509v3 Authority Key Identifier:
keyid:D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/KusfEABpmUJrIz1OBbusgvbVF0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.5.0/24
185.103.7.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:37:c2:9d:88:4a:c3:50:6e:19:ba:a3:c9:5a:65:cc:30:6e:
95:98:1c:1d:e2:fb:0b:31:71:d2:ac:0e:e6:5b:54:c3:e8:4b:
dd:87:72:85:6d:ec:c9:60:6e:f2:84:b9:85:0e:e9:41:55:76:
a2:fb:94:4f:8c:cd:81:70:16:12:5f:c2:71:84:1b:2c:72:2e:
88:52:6d:32:2c:93:81:7b:c5:04:42:6c:ea:83:b9:5b:e3:b1:
ac:39:77:dc:20:58:80:84:a1:35:23:2c:31:71:c1:53:61:37:
bf:2e:17:1e:b8:7f:eb:84:9e:e8:68:8f:8e:ec:c8:fe:7c:d6:
e9:9f:f5:6f:30:4c:98:44:50:68:af:b3:65:b7:64:e9:32:21:
92:0a:87:26:4e:ac:c1:33:91:5e:86:fc:23:44:bd:bb:02:73:
62:4d:31:c4:17:62:2a:9e:f4:6f:f0:fa:bf:3f:be:80:bc:10:
73:5a:2d:e3:e5:c6:07:a1:dd:ab:cf:fb:11:64:94:bc:51:0e:
dd:30:19:88:07:35:a7:48:af:67:01:13:95:ec:72:9d:cf:a3:
5e:40:86:04:ed:25:31:ee:12:7b:a9:6e:ca:6f:1f:d4:54:d7:
08:5f:10:92:81:da:7a:99:49:12:5b:fc:13:62:7b:1b:a5:8b:
5f:f0:00:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMqNpPDYp0HT98dMwUNNwGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MjE5ZWM3MzgzZmEwNjEwNDgwZGRmYTYyYzNmODJjNDAw
Y2Q1NmYwHhcNMjQxMTE0MTAyNzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWViMWYxMDAwNjk5OTQyNmIyMzNkNGUwNWJiYWM4MmY2ZDUxNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnPWDqt4aHEfC7W4tsCVyif/MLtL
Tw518kxZzBFw51nU3nWqSXlB7kiX6BImiDMVeqeRuF1NVn0MoZ2dkaJ3c8YXjT+U
UckP4P+tvNg6tve1+beG3fhOmqLa0KeQRGnTdckB2KTSToK25QhZ+WnLmgitdWUF
pYVFkOc12vp8FkoSoDCraLSGhuzTjgRdpKIFW1iV3rlN2+kcfx5FUHtBUrQZsSM5
/dg9cFj92ZltlherYYwxqotTy6X7ibru5RZSEoE4ALy1YEUPYw6ISIvtvswZjWPw
VfkM+l4carv3prfeC3uqIIEoV01IAN5888bxHrrzbhvfVGvWIVuHYW7INwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCrrHxAAaZlCayM9TgW7rIL21RdJMB8GA1UdIwQY
MBaAFNchnsc4P6BhBIDd+mLD+CxADNVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4Yjct
ZDBjODJhM2NmNGI2LzEvS3VzZkVBQnBtVUpySXoxT0JidXNndmJWRjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4YjctZDBjODJhM2NmNGI2
LzEvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWcFAwQA
uWcHMA0GCSqGSIb3DQEBCwUAA4IBAQALN8KdiErDUG4ZuqPJWmXMMG6VmBwd4vsL
MXHSrA7mW1TD6Evdh3KFbezJYG7yhLmFDulBVXai+5RPjM2BcBYSX8JxhBssci6I
Um0yLJOBe8UEQmzqg7lb47GsOXfcIFiAhKE1IywxccFTYTe/LhceuH/rhJ7oaI+O
7Mj+fNbpn/VvMEyYRFBor7Nlt2TpMiGSCocmTqzBM5FehvwjRL27AnNiTTHEF2Iq
nvRv8Pq/P76AvBBzWi3j5cYHod2rz/sRZJS8UQ7dMBmIBzWnSK9nAROV7HKdz6Ne
QIYE7SUx7hJ7qW7Kbx/UVNcIXxCSgdp6mUkSW/wTYnsbpYtf8AAQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:06:28 2024 by rpki-client on console-ams.rpki-client.org