Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/kVDiSpbUpdMaCHk8jyqOi27E_x0.roa
File: kVDiSpbUpdMaCHk8jyqOi27E_x0.roa (raw, json)
Hash identifier: Xnaz4ffOVQs+gDk3W4R024h6XDc3YXy53EwtwR0NYGM=
Subject key identifier: 91:50:E2:4A:96:D4:A5:D3:1A:08:79:3C:8F:2A:8E:8B:6E:C4:FF:1D
Certificate issuer: /CN=614f5665059abc7be3475ef9e77a9797b716fc87
Certificate serial: 018CC424DC6B68DC1B112FD3BCE0F29EC7FF
Authority key identifier: 61:4F:56:65:05:9A:BC:7B:E3:47:5E:F9:E7:7A:97:97:B7:16:FC:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YU9WZQWavHvjR17553qXl7cW_Ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/kVDiSpbUpdMaCHk8jyqOi27E_x0.roa
Signing time: Mon 01 Jan 2024 08:29:59 +0000
ROA not before: Mon 01 Jan 2024 08:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42493
IP address blocks: 77.73.40.0/21 maxlen: 24
5.35.216.0/21 maxlen: 24
185.40.148.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/YU9WZQWavHvjR17553qXl7cW_Ic.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/YU9WZQWavHvjR17553qXl7cW_Ic.mft
rsync://rpki.ripe.net/repository/DEFAULT/YU9WZQWavHvjR17553qXl7cW_Ic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:dc:6b:68:dc:1b:11:2f:d3:bc:e0:f2:9e:c7:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614f5665059abc7be3475ef9e77a9797b716fc87
Validity
Not Before: Jan 1 08:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9150e24a96d4a5d31a08793c8f2a8e8b6ec4ff1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:93:22:66:35:89:f3:30:4c:d5:8c:23:4a:43:
c2:9a:55:c1:5d:82:96:a1:7d:d6:38:b0:79:9f:0e:
c1:0c:08:48:3d:3c:11:9b:e3:91:44:c5:60:ba:6a:
ff:ea:b2:05:a5:d5:45:56:18:37:a7:43:70:51:a6:
76:6c:32:f9:5c:cb:0e:d1:65:19:aa:5b:97:ac:42:
a4:fd:e2:45:87:30:1a:21:8d:a8:bc:08:fb:f5:9d:
19:a3:a0:a8:75:9f:22:34:2b:b4:0b:58:ea:8f:08:
d8:9b:d4:f4:78:f6:d9:e2:c1:a5:37:d8:7e:ca:f6:
e9:51:6a:bb:a1:d7:fc:09:99:30:52:bd:d6:18:21:
75:ad:3f:39:41:e0:14:72:09:08:67:a0:69:84:7e:
0c:c1:70:40:42:7d:62:9e:a1:a6:e5:c4:65:fb:73:
92:af:1f:1a:9d:6f:94:90:ef:d6:0b:fb:22:49:2d:
e0:38:c1:30:21:a0:ff:84:42:28:3a:91:6b:24:15:
d7:a2:33:6c:b0:ee:77:5f:e8:7a:c8:f4:01:0f:0d:
9b:bd:cb:ba:47:36:76:0a:c0:4f:0b:4d:c2:a5:2a:
67:b9:f5:43:77:e1:31:b9:21:10:9a:bc:06:db:d0:
b0:f7:62:8a:1e:84:ca:f1:de:b2:7c:19:47:03:2f:
f2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:50:E2:4A:96:D4:A5:D3:1A:08:79:3C:8F:2A:8E:8B:6E:C4:FF:1D
X509v3 Authority Key Identifier:
keyid:61:4F:56:65:05:9A:BC:7B:E3:47:5E:F9:E7:7A:97:97:B7:16:FC:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YU9WZQWavHvjR17553qXl7cW_Ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/kVDiSpbUpdMaCHk8jyqOi27E_x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/888a04-77f4-4159-986c-3cef593d16b4/1/YU9WZQWavHvjR17553qXl7cW_Ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.216.0/21
77.73.40.0/21
185.40.148.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:c4:4a:2a:6b:ea:84:00:3c:6d:2f:2a:b9:66:81:a1:2d:86:
e3:0f:32:dd:c6:e4:3b:fc:87:23:17:2e:08:4b:e8:d0:03:21:
6d:14:c8:b5:e0:39:91:35:bd:90:75:3b:24:74:14:47:2a:6d:
28:b4:41:e4:43:2e:83:16:a2:09:d6:7e:3f:38:f9:c3:35:92:
e6:c4:1b:c8:55:b9:01:82:f1:60:a5:bf:f7:18:e2:2d:af:8b:
b6:61:38:a7:e1:05:30:d1:a1:72:e6:6c:54:fb:98:49:9e:00:
54:6b:99:b4:c5:11:8a:88:e5:3d:fa:fc:40:b4:ce:5f:aa:76:
62:e4:32:f1:b5:c9:0d:30:21:d1:1a:2f:49:3f:28:15:5c:44:
9d:12:66:6a:71:02:22:18:a8:ed:f0:a2:db:69:6a:3c:48:79:
d6:14:c7:e3:f9:c7:d9:bc:fe:95:0b:03:db:23:89:ce:ab:87:
f2:ee:ad:ba:ae:b5:be:c4:d2:f5:c8:b9:4f:c5:f5:3e:db:77:
c3:46:78:c2:fa:9f:59:e0:37:ee:6d:88:73:d2:35:18:9c:52:
a0:75:b7:32:ee:2d:b8:e4:1a:9e:8c:e1:05:e1:6e:08:59:1b:
e5:aa:f8:a3:0f:4d:a5:85:20:b2:81:46:d2:b9:ea:97:f3:7d:
ce:d8:cc:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJNxraNwbES/TvODynsf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGY1NjY1MDU5YWJjN2JlMzQ3NWVmOWU3N2E5Nzk3Yjcx
NmZjODcwHhcNMjQwMTAxMDgyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTUwZTI0YTk2ZDRhNWQzMWEwODc5M2M4ZjJhOGU4YjZlYzRmZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZMiZjWJ8zBM1YwjSkPCmlXBXYKW
oX3WOLB5nw7BDAhIPTwRm+ORRMVgumr/6rIFpdVFVhg3p0NwUaZ2bDL5XMsO0WUZ
qluXrEKk/eJFhzAaIY2ovAj79Z0Zo6CodZ8iNCu0C1jqjwjYm9T0ePbZ4sGlN9h+
yvbpUWq7odf8CZkwUr3WGCF1rT85QeAUcgkIZ6BphH4MwXBAQn1inqGm5cRl+3OS
rx8anW+UkO/WC/siSS3gOMEwIaD/hEIoOpFrJBXXojNssO53X+h6yPQBDw2bvcu6
RzZ2CsBPC03CpSpnufVDd+ExuSEQmrwG29Cw92KKHoTK8d6yfBlHAy/yLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJFQ4kqW1KXTGgh5PI8qjotuxP8dMB8GA1UdIwQY
MBaAFGFPVmUFmrx740de+ed6l5e3FvyHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVU5V1pRV2F2SHZqUjE3NTUzcVhsN2NXX0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS84ODhhMDQtNzdmNC00MTU5LTk4NmMt
M2NlZjU5M2QxNmI0LzEva1ZEaVNwYlVwZE1hQ0hrOGp5cU9pMjdFX3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS84ODhhMDQtNzdmNC00MTU5LTk4NmMtM2NlZjU5M2QxNmI0
LzEvWVU5V1pRV2F2SHZqUjE3NTUzcVhsN2NXX0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBSPYAwQD
TUkoAwQCuSiUMA0GCSqGSIb3DQEBCwUAA4IBAQAqxEoqa+qEADxtLyq5ZoGhLYbj
DzLdxuQ7/IcjFy4IS+jQAyFtFMi14DmRNb2QdTskdBRHKm0otEHkQy6DFqIJ1n4/
OPnDNZLmxBvIVbkBgvFgpb/3GOItr4u2YTin4QUw0aFy5mxU+5hJngBUa5m0xRGK
iOU9+vxAtM5fqnZi5DLxtckNMCHRGi9JPygVXESdEmZqcQIiGKjt8KLbaWo8SHnW
FMfj+cfZvP6VCwPbI4nOq4fy7q26rrW+xNL1yLlPxfU+23fDRnjC+p9Z4DfubYhz
0jUYnFKgdbcy7i245BqejOEF4W4IWRvlqvijD02lhSCygUbSueqX833O2Mwu
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:59:01 2024 by rpki-client on console-fra.rpki-client.org