Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/kwKr4H1UAhfBzjKRP83xlaWQmHo.roa
File: kwKr4H1UAhfBzjKRP83xlaWQmHo.roa (raw, json)
Hash identifier: vKF9BtGybFEvya2dRktVqKVppEnBGSq0EZXKF5yViAM=
Subject key identifier: 93:02:AB:E0:7D:54:02:17:C1:CE:32:91:3F:CD:F1:95:A5:90:98:7A
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CC56E021E4224283B9556F98A47B3CD80
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/kwKr4H1UAhfBzjKRP83xlaWQmHo.roa
Signing time: Mon 01 Jan 2024 14:29:30 +0000
ROA not before: Mon 01 Jan 2024 14:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41909
IP address blocks: 5.8.88.0/22 maxlen: 24
5.8.0.0/21 maxlen: 22
5.188.68.0/23 maxlen: 24
5.188.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:02:1e:42:24:28:3b:95:56:f9:8a:47:b3:cd:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 14:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9302abe07d540217c1ce32913fcdf195a590987a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:07:a3:06:f6:52:01:05:04:e7:f2:a4:d0:cc:
12:53:c9:dc:37:73:57:7c:7e:8f:80:e6:de:b3:e1:
36:0b:9b:6b:46:4f:e3:e1:d0:f6:f1:85:ba:fd:4b:
c3:60:db:12:08:a2:19:a2:d5:51:75:6f:b6:75:a1:
65:99:54:7a:ad:75:b9:40:af:18:ed:aa:58:84:e0:
89:94:27:23:66:ea:10:16:96:fa:ce:97:cc:f5:ea:
3c:ba:a1:16:fe:82:9a:8c:26:ae:f7:ff:4c:89:20:
04:3a:2a:3f:d6:d7:a0:da:2b:91:18:2b:49:4e:7a:
12:8e:d6:e6:c0:f1:ae:55:17:63:b9:cf:45:31:c1:
19:8b:4b:79:b5:f5:6a:e3:4f:76:e3:10:ea:c5:1e:
a0:f4:02:9d:f7:a7:fa:d7:5c:35:41:60:c7:ea:ad:
99:87:b2:d1:b8:bd:14:33:1b:c6:2e:56:b4:52:38:
db:51:e9:6a:9c:44:d0:70:64:7f:06:f5:66:d2:31:
85:bb:c1:50:70:b1:bb:d7:70:c6:cb:7f:7c:ef:d1:
ae:4f:e3:7a:38:fe:9f:23:cc:d7:1f:d4:bd:bc:7c:
6b:3d:f4:6c:00:18:99:08:18:d5:c4:33:63:94:a4:
e2:9d:3a:63:45:90:b8:18:2d:13:dc:23:6e:46:46:
2a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:02:AB:E0:7D:54:02:17:C1:CE:32:91:3F:CD:F1:95:A5:90:98:7A
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/kwKr4H1UAhfBzjKRP83xlaWQmHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.0.0/21
5.8.88.0/22
5.188.68.0/23
5.188.88.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:7d:82:d2:bb:88:d8:a9:19:63:ff:d6:ca:1e:b6:eb:14:d3:
d1:9a:5a:02:84:2b:24:88:37:a9:18:0e:e7:1d:e7:fb:21:4e:
c3:b8:66:79:1f:da:ed:48:a7:c5:d7:c6:97:aa:6d:a3:81:28:
38:14:f5:2c:06:f4:fc:bc:db:97:f8:b6:cf:9c:cc:06:07:55:
09:f7:ff:2e:5e:e6:27:88:1b:16:75:d7:4e:fa:f1:8f:e8:df:
3a:60:1c:ed:de:38:48:70:a6:d5:42:56:77:37:ba:a1:32:e7:
fb:cd:b6:d7:fe:36:5d:0c:57:02:b4:c9:0a:5d:49:e9:3a:39:
27:dd:0f:7c:d3:61:38:ba:4d:a3:af:51:8c:50:e9:02:1b:da:
f6:bd:84:f6:47:c1:e5:1c:f5:e4:5d:01:09:9e:c7:07:00:41:
c4:5a:14:26:8e:e1:14:bd:f3:76:58:a6:0f:08:75:f1:7b:9c:
fe:e4:e8:81:b7:46:13:a0:2c:43:b9:ac:c4:b0:9c:ea:e0:3b:
1c:d5:22:f1:19:29:92:c6:8e:8d:5d:3b:53:7c:55:e6:3e:a7:
2a:a2:d3:5b:0a:ac:1d:7e:b8:6f:91:03:08:58:a7:8d:a5:a7:
c1:25:0f:04:2c:0c:18:d2:d7:86:21:d9:64:99:f7:22:f6:17:
ef:f2:30:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbgIeQiQoO5VW+YpHs82AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTAxMTQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzAyYWJlMDdkNTQwMjE3YzFjZTMyOTEzZmNkZjE5NWE1OTA5ODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwejBvZSAQUE5/Kk0MwSU8ncN3NX
fH6PgObes+E2C5trRk/j4dD28YW6/UvDYNsSCKIZotVRdW+2daFlmVR6rXW5QK8Y
7apYhOCJlCcjZuoQFpb6zpfM9eo8uqEW/oKajCau9/9MiSAEOio/1teg2iuRGCtJ
TnoSjtbmwPGuVRdjuc9FMcEZi0t5tfVq40924xDqxR6g9AKd96f611w1QWDH6q2Z
h7LRuL0UMxvGLla0UjjbUelqnETQcGR/BvVm0jGFu8FQcLG713DGy39879GuT+N6
OP6fI8zXH9S9vHxrPfRsABiZCBjVxDNjlKTinTpjRZC4GC0T3CNuRkYqyQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJMCq+B9VAIXwc4ykT/N8ZWlkJh6MB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEva3dLcjRIMVVBaGZCempLUlA4M3hsYVdRbUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBQgAAwQC
BQhYAwQBBbxEAwQCBbxYMA0GCSqGSIb3DQEBCwUAA4IBAQDOfYLSu4jYqRlj/9bK
HrbrFNPRmloChCskiDepGA7nHef7IU7DuGZ5H9rtSKfF18aXqm2jgSg4FPUsBvT8
vNuX+LbPnMwGB1UJ9/8uXuYniBsWdddO+vGP6N86YBzt3jhIcKbVQlZ3N7qhMuf7
zbbX/jZdDFcCtMkKXUnpOjkn3Q9802E4uk2jr1GMUOkCG9r2vYT2R8HlHPXkXQEJ
nscHAEHEWhQmjuEUvfN2WKYPCHXxe5z+5OiBt0YToCxDuazEsJzq4Dsc1SLxGSmS
xo6NXTtTfFXmPqcqotNbCqwdfrhvkQMIWKeNpafBJQ8ELAwY0teGIdlkmfci9hfv
8jBT
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:04 2024 by rpki-client on console-fra.rpki-client.org