Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kYoJmpnZXz8ov6RXvfOKPTjohyY.roa
File: kYoJmpnZXz8ov6RXvfOKPTjohyY.roa (raw, json)
Hash identifier: M2LbDqA2iccT7cgr8/vtifAL3E+3h52Oqs1ykefEVbw=
Subject key identifier: 91:8A:09:9A:99:D9:5F:3F:28:BF:A4:57:BD:F3:8A:3D:38:E8:87:26
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019297606DB57A4E0A5E238FF068E69AC104
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kYoJmpnZXz8ov6RXvfOKPTjohyY.roa
Signing time: Wed 16 Oct 2024 22:08:52 +0000
ROA not before: Wed 16 Oct 2024 22:08:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142594
IP address blocks: 2.56.166.0/24 maxlen: 24
45.90.145.0/24 maxlen: 24
45.140.220.0/24 maxlen: 24
45.140.221.0/24 maxlen: 24
77.83.241.0/24 maxlen: 24
185.234.74.0/24 maxlen: 24
194.31.140.0/24 maxlen: 24
194.56.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:97:60:6d:b5:7a:4e:0a:5e:23:8f:f0:68:e6:9a:c1:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Oct 16 22:08:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=918a099a99d95f3f28bfa457bdf38a3d38e88726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:02:aa:d4:66:7f:db:c5:ac:9d:66:82:42:d4:
e5:d6:25:e8:74:82:f1:45:64:6a:e6:74:b2:06:ea:
f8:fc:67:6f:6b:7f:ef:4b:65:66:af:1f:95:8d:d9:
cb:25:f9:d2:54:3c:87:5b:61:b9:55:0a:df:b5:44:
76:1f:b2:6d:cc:ec:77:5c:d4:2b:16:b2:f6:11:85:
8d:4c:49:19:c6:0f:20:0e:b2:16:0b:6b:21:85:03:
4d:e1:07:1f:53:83:ed:da:00:fb:2c:52:d6:dc:74:
c6:c1:4a:b8:b3:65:f9:5f:e6:3a:4a:0b:95:dd:06:
f2:15:c3:44:22:ea:ea:41:d0:6c:8f:b5:6f:78:fc:
42:32:d3:dc:38:65:30:8d:7f:34:19:05:40:fa:18:
d1:69:b4:1f:8d:e7:46:4c:ca:1a:7c:0e:a4:77:d1:
5b:03:e1:b3:b2:76:96:67:4c:9f:df:ec:db:ba:d3:
8f:4a:4e:35:39:f3:33:49:ac:6f:cb:1a:c0:77:af:
b6:ae:3d:2b:13:fc:80:70:60:82:6e:3a:e3:c0:6b:
91:47:2b:d7:ca:9d:18:92:ae:b7:cf:ad:41:1b:b6:
38:05:89:1c:40:e5:72:f0:7c:4b:38:79:5f:ee:fa:
89:02:5c:1b:5e:05:16:67:1a:77:dc:63:0b:c4:95:
e1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:8A:09:9A:99:D9:5F:3F:28:BF:A4:57:BD:F3:8A:3D:38:E8:87:26
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kYoJmpnZXz8ov6RXvfOKPTjohyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.166.0/24
45.90.145.0/24
45.140.220.0/23
77.83.241.0/24
185.234.74.0/24
194.31.140.0/24
194.56.225.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:3f:48:91:5c:62:de:57:3a:5b:77:81:e4:f0:ee:c7:83:f2:
bb:e2:74:00:23:7d:cb:6c:62:d0:0f:2e:bf:37:4e:8b:06:ba:
10:fe:47:bf:19:0b:19:8c:40:66:f7:f4:f2:50:27:eb:df:85:
7e:3a:19:47:16:1e:c1:3e:d9:4b:7a:1e:78:2c:ba:cf:27:b2:
c6:34:4d:34:cf:3c:8c:97:73:25:0c:64:8d:5e:03:c6:9b:e0:
a9:5f:18:38:3a:d5:d1:0c:a9:28:02:bf:99:0a:e3:65:04:8d:
b9:e7:44:99:31:39:33:34:e9:cb:f5:46:36:05:b8:dc:46:cb:
9d:e5:69:f9:21:83:58:3b:1d:44:0b:61:1e:38:e5:8e:cc:91:
c3:de:58:94:ff:f9:37:91:40:e9:06:ad:4f:f7:38:24:c7:c7:
63:9f:0e:0c:1b:df:72:b1:97:43:41:3e:7d:df:70:2b:15:09:
f4:a9:39:47:fe:df:0c:c4:48:94:19:50:65:1a:55:01:3e:17:
64:18:68:10:b0:ff:e3:49:bc:4c:2f:8b:b7:3b:3f:34:f8:27:
15:95:6c:4a:96:ea:1a:f9:ee:e0:b4:9e:10:65:17:fa:13:9e:
b8:25:e3:86:fb:55:fe:2d:9a:e5:3c:8a:ee:40:da:d1:0a:be:
76:50:30:12
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZKXYG21ek4KXiOP8GjmmsEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQxMDE2MjIwODUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MThhMDk5YTk5ZDk1ZjNmMjhiZmE0NTdiZGYzOGEzZDM4ZTg4NzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQKq1GZ/28WsnWaCQtTl1iXodILx
RWRq5nSyBur4/Gdva3/vS2Vmrx+VjdnLJfnSVDyHW2G5VQrftUR2H7JtzOx3XNQr
FrL2EYWNTEkZxg8gDrIWC2shhQNN4QcfU4Pt2gD7LFLW3HTGwUq4s2X5X+Y6SguV
3QbyFcNEIurqQdBsj7VvePxCMtPcOGUwjX80GQVA+hjRabQfjedGTMoafA6kd9Fb
A+GzsnaWZ0yf3+zbutOPSk41OfMzSaxvyxrAd6+2rj0rE/yAcGCCbjrjwGuRRyvX
yp0Ykq63z61BG7Y4BYkcQOVy8HxLOHlf7vqJAlwbXgUWZxp33GMLxJXh8QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJGKCZqZ2V8/KL+kV73zij046IcmMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEva1lvSm1wblpYejhvdjZSWHZmT0tQVGpvaHlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjimAwQA
LVqRAwQBLYzcAwQATVPxAwQAuepKAwQAwh+MAwQAwjjhMA0GCSqGSIb3DQEBCwUA
A4IBAQCmP0iRXGLeVzpbd4Hk8O7Hg/K74nQAI33LbGLQDy6/N06LBroQ/ke/GQsZ
jEBm9/TyUCfr34V+OhlHFh7BPtlLeh54LLrPJ7LGNE00zzyMl3MlDGSNXgPGm+Cp
Xxg4OtXRDKkoAr+ZCuNlBI2550SZMTkzNOnL9UY2BbjcRsud5Wn5IYNYOx1EC2Ee
OOWOzJHD3liU//k3kUDpBq1P9zgkx8djnw4MG99ysZdDQT5933ArFQn0qTlH/t8M
xEiUGVBlGlUBPhdkGGgQsP/jSbxML4u3Oz80+CcVlWxKluoa+e7gtJ4QZRf6E564
JeOG+1X+LZrlPIruQNrRCr52UDAS
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:18:58 2024 by rpki-client on console-ams.rpki-client.org