Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/a5188d-a0ad-453c-ba82-3879bd703946/1/KVjlbjIRaTJzpt0BQyqzRVNbd_U.roa
File: KVjlbjIRaTJzpt0BQyqzRVNbd_U.roa (raw, json)
Hash identifier: RFluGjO4jDQadc5niN0i4DxKoc6yN0YOskBwnaC8gJs=
Subject key identifier: 29:58:E5:6E:32:11:69:32:73:A6:DD:01:43:2A:B3:45:53:5B:77:F5
Certificate issuer: /CN=9a233bbddfe438646f586f085e5df0d79bdfb9fc
Certificate serial: 018F9F62D329DD44C1697C882423D6F899B4
Authority key identifier: 9A:23:3B:BD:DF:E4:38:64:6F:58:6F:08:5E:5D:F0:D7:9B:DF:B9:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miM7vd_kOGRvWG8IXl3w15vfufw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/a5188d-a0ad-453c-ba82-3879bd703946/1/KVjlbjIRaTJzpt0BQyqzRVNbd_U.roa
Signing time: Wed 22 May 2024 08:20:04 +0000
ROA not before: Wed 22 May 2024 08:20:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35130
IP address blocks: 80.91.48.0/21 maxlen: 24
80.91.56.0/24 maxlen: 24
80.91.57.0/24 maxlen: 24
185.196.160.0/22 maxlen: 24
2a02:6000::/33 maxlen: 33
2a02:6000:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/a5188d-a0ad-453c-ba82-3879bd703946/1/miM7vd_kOGRvWG8IXl3w15vfufw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/a5188d-a0ad-453c-ba82-3879bd703946/1/miM7vd_kOGRvWG8IXl3w15vfufw.mft
rsync://rpki.ripe.net/repository/DEFAULT/miM7vd_kOGRvWG8IXl3w15vfufw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:62:d3:29:dd:44:c1:69:7c:88:24:23:d6:f8:99:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a233bbddfe438646f586f085e5df0d79bdfb9fc
Validity
Not Before: May 22 08:20:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2958e56e3211693273a6dd01432ab345535b77f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:73:f3:f9:3c:61:bb:05:69:3e:15:8a:fb:10:
f0:d4:63:14:fd:0d:7f:b0:86:f3:cc:96:4b:f8:20:
e8:d0:37:9f:ef:5a:7f:00:8a:6a:ee:55:e0:ab:2b:
82:55:b6:68:e7:4b:41:ed:0d:d7:8d:6c:71:24:d4:
54:60:d0:20:0e:db:e2:86:a1:25:d7:e4:8d:14:db:
ff:82:27:4c:50:7e:93:1d:fd:5e:29:0e:6c:df:27:
a0:db:f2:b5:ca:47:58:83:17:f4:43:50:81:68:29:
0c:ef:e0:24:aa:dc:57:fc:66:1d:40:44:04:a1:fe:
dd:13:dd:b5:fb:73:39:d4:d8:ff:49:6e:bf:cd:15:
21:64:b1:f2:6b:24:05:e1:9c:08:9b:48:b1:b4:40:
a8:e5:13:3c:22:73:e3:b1:5f:9f:1e:60:d6:3c:d7:
25:4a:76:cc:f5:61:34:63:35:37:10:b2:89:38:83:
57:df:3f:7f:3e:35:9d:6d:16:3f:1f:4f:ab:ba:f6:
b4:4a:44:af:be:cc:e0:66:50:53:5e:ee:c9:5a:03:
1d:87:36:ca:e6:60:1c:c0:92:25:c1:e8:a5:ae:bb:
4b:5b:78:2d:df:6e:eb:af:99:51:03:29:70:4b:ce:
df:6f:37:b3:35:11:82:61:69:fd:f6:bb:b3:35:a9:
eb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:58:E5:6E:32:11:69:32:73:A6:DD:01:43:2A:B3:45:53:5B:77:F5
X509v3 Authority Key Identifier:
keyid:9A:23:3B:BD:DF:E4:38:64:6F:58:6F:08:5E:5D:F0:D7:9B:DF:B9:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miM7vd_kOGRvWG8IXl3w15vfufw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/a5188d-a0ad-453c-ba82-3879bd703946/1/KVjlbjIRaTJzpt0BQyqzRVNbd_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/a5188d-a0ad-453c-ba82-3879bd703946/1/miM7vd_kOGRvWG8IXl3w15vfufw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.48.0-80.91.57.255
185.196.160.0/22
IPv6:
2a02:6000::/33
2a02:6000:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
87:82:7b:e3:bd:cd:69:68:20:ee:b9:34:dc:a6:17:24:c0:1d:
f8:98:ff:a8:5c:fd:c7:15:33:79:6c:95:8a:1b:6a:21:c7:64:
c0:4d:e5:5b:5e:84:ff:e1:f6:a6:fb:c2:ec:95:c4:14:5b:27:
15:95:e1:4d:96:15:09:d7:76:fd:37:10:b6:04:1a:ca:d1:25:
46:5c:4b:a3:23:05:08:d7:87:69:6d:2d:b7:f4:f1:58:a2:78:
f8:09:77:af:00:16:4c:77:6c:93:a4:c5:73:8f:42:6b:e3:49:
55:58:86:51:67:29:69:b4:05:57:83:79:f0:d4:9a:4b:72:3e:
5f:82:67:18:4d:44:80:1a:30:0a:8f:e9:54:76:db:87:7e:2e:
5f:18:b0:fb:a7:b4:cb:05:4a:5e:9c:e6:75:da:0d:3c:ef:60:
c6:9e:fd:52:ec:9d:e1:61:44:4c:34:a4:cf:dc:03:a9:4d:75:
68:f1:80:29:5e:0a:b1:ac:f4:2a:db:71:be:f2:23:a1:fa:72:
e8:51:64:a2:42:df:32:58:38:e3:b4:b0:03:59:9b:fc:ef:3f:
3b:27:bb:6f:20:ca:70:0f:5c:b5:62:c8:bb:00:d7:de:1a:0a:
8f:a0:44:b8:cf:4d:a4:d1:36:0c:d3:67:bd:4a:bf:ef:05:8c:
0e:92:07:63
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY+fYtMp3UTBaXyIJCPW+Jm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjMzYmJkZGZlNDM4NjQ2ZjU4NmYwODVlNWRmMGQ3OWJk
ZmI5ZmMwHhcNMjQwNTIyMDgyMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU4ZTU2ZTMyMTE2OTMyNzNhNmRkMDE0MzJhYjM0NTUzNWI3N2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHPz+TxhuwVpPhWK+xDw1GMU/Q1/
sIbzzJZL+CDo0Def71p/AIpq7lXgqyuCVbZo50tB7Q3XjWxxJNRUYNAgDtvihqEl
1+SNFNv/gidMUH6THf1eKQ5s3yeg2/K1ykdYgxf0Q1CBaCkM7+AkqtxX/GYdQEQE
of7dE921+3M51Nj/SW6/zRUhZLHyayQF4ZwIm0ixtECo5RM8InPjsV+fHmDWPNcl
SnbM9WE0YzU3ELKJOINX3z9/PjWdbRY/H0+ruva0SkSvvszgZlBTXu7JWgMdhzbK
5mAcwJIlweilrrtLW3gt327rr5lRAylwS87fbzezNRGCYWn99ruzNanr5QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFClY5W4yEWkyc6bdAUMqs0VTW3f1MB8GA1UdIwQY
MBaAFJojO73f5Dhkb1hvCF5d8Neb37n8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlNN3ZkX2tPR1J2V0c4SVhsM3cxNXZmdWZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hNTE4OGQtYTBhZC00NTNjLWJhODIt
Mzg3OWJkNzAzOTQ2LzEvS1ZqbGJqSVJhVEp6cHQwQlF5cXpSVk5iZF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hNTE4OGQtYTBhZC00NTNjLWJhODItMzg3OWJkNzAzOTQ2
LzEvbWlNN3ZkX2tPR1J2V0c4SVhsM3cxNXZmdWZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAaBAIAATAUMAwDBARQWzAD
BAFQWzgDBAK5xKAwFwQCAAIwEQMGByoCYAAAAwcAKgJgAP//MA0GCSqGSIb3DQEB
CwUAA4IBAQCHgnvjvc1paCDuuTTcphckwB34mP+oXP3HFTN5bJWKG2ohx2TATeVb
XoT/4fam+8LslcQUWycVleFNlhUJ13b9NxC2BBrK0SVGXEujIwUI14dpbS239PFY
onj4CXevABZMd2yTpMVzj0Jr40lVWIZRZylptAVXg3nw1JpLcj5fgmcYTUSAGjAK
j+lUdtuHfi5fGLD7p7TLBUpenOZ12g0872DGnv1S7J3hYURMNKTP3AOpTXVo8YAp
XgqxrPQq23G+8iOh+nLoUWSiQt8yWDjjtLADWZv87z87J7tvIMpwD1y1Ysi7ANfe
GgqPoES4z02k0TYM02e9Sr/vBYwOkgdj
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:22:05 2024 by rpki-client on console-fra.rpki-client.org