Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/ksmr9XcQYTChg1tow_fB1UhgnwQ.roa
File: ksmr9XcQYTChg1tow_fB1UhgnwQ.roa (raw, json)
Hash identifier: CzsRXJ//ITu8APFy1Gf0X43idXjOtUT3v8VL2zBCih8=
Subject key identifier: 92:C9:AB:F5:77:10:61:30:A1:83:5B:68:C3:F7:C1:D5:48:60:9F:04
Certificate issuer: /CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Certificate serial: 0190D4B26313BE74DD0A9DBF5CD01882B086
Authority key identifier: 11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/ksmr9XcQYTChg1tow_fB1UhgnwQ.roa
Signing time: Sun 21 Jul 2024 09:49:38 +0000
ROA not before: Sun 21 Jul 2024 09:49:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202391
IP address blocks: 185.227.64.0/22 maxlen: 22
185.235.136.0/24 maxlen: 24
185.235.139.0/24 maxlen: 24
185.255.208.0/22 maxlen: 22
185.255.208.0/24 maxlen: 24
2a0a:4b80::/30 maxlen: 30
2a0a:4b84::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.mft
rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 15:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d4:b2:63:13:be:74:dd:0a:9d:bf:5c:d0:18:82:b0:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Validity
Not Before: Jul 21 09:49:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92c9abf577106130a1835b68c3f7c1d548609f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:25:9c:39:83:81:69:4f:09:12:34:40:14:fe:
1d:cd:df:72:aa:95:0e:aa:da:ed:88:0c:62:75:03:
42:07:7b:2a:2d:85:56:00:7d:83:54:e6:a3:20:e6:
0b:36:59:55:3f:2f:11:bd:05:99:05:d4:88:7d:01:
f1:1a:47:eb:53:0f:ab:2b:11:c3:20:21:03:8f:2a:
c6:96:dc:4a:a2:d4:15:e3:58:aa:35:4d:59:31:2c:
02:30:6d:8b:b8:da:c2:ef:dc:c7:b0:e7:44:53:73:
75:d4:e6:aa:f0:0d:2e:44:55:de:6f:65:0e:b1:5f:
06:6b:eb:1c:f0:f1:bb:9e:98:f6:78:8c:0a:14:b6:
34:ee:33:27:82:f0:f6:3c:da:2f:c0:3d:a3:22:30:
ae:f2:d9:5b:68:a0:06:0d:1f:2b:39:1b:93:d3:52:
91:3d:d2:cf:99:27:f5:30:4e:26:eb:a8:81:74:75:
59:cd:ce:ac:29:34:54:ed:58:14:e5:6e:d1:ea:df:
e0:b8:54:4c:63:39:87:8d:cf:23:73:20:73:27:c2:
fc:29:be:7b:6d:84:9f:c1:bb:97:76:1d:d4:40:70:
1d:97:b1:5a:ac:34:4b:ba:24:de:c1:a6:5a:92:a4:
d5:96:f5:87:67:27:c8:ce:3d:7c:36:ce:6f:76:92:
cb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C9:AB:F5:77:10:61:30:A1:83:5B:68:C3:F7:C1:D5:48:60:9F:04
X509v3 Authority Key Identifier:
keyid:11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/ksmr9XcQYTChg1tow_fB1UhgnwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.64.0/22
185.235.136.0/24
185.235.139.0/24
185.255.208.0/22
IPv6:
2a0a:4b80::/29
Signature Algorithm: sha256WithRSAEncryption
64:c2:a8:22:03:77:d1:a3:10:e9:de:1f:08:69:bb:6c:1b:2e:
01:87:42:b3:50:ac:89:31:22:b3:f0:77:57:5f:fc:52:3c:9a:
3a:43:92:83:53:0c:34:1a:d4:86:cb:6a:75:b2:12:cc:85:c1:
3d:44:50:62:f2:80:b6:b0:4e:a9:a6:18:ec:09:79:40:bd:b8:
b1:34:af:4a:73:68:78:39:4d:b8:d2:4b:8a:74:ac:9c:fc:45:
fe:47:65:f2:7b:ee:6d:f8:a3:d4:33:06:40:1c:71:ff:0e:ae:
76:e1:28:7c:bb:58:7b:41:3c:7e:12:bf:06:a8:4c:52:84:ed:
89:1f:b8:bc:d7:77:cb:54:68:28:3f:15:b7:6d:9e:cd:16:53:
5b:1a:eb:78:86:7a:ee:de:04:64:a7:cf:1c:be:eb:9b:0a:e1:
36:a2:62:09:85:6e:8b:44:d1:41:23:36:7b:ad:ef:fb:1d:5a:
00:4a:b0:71:a5:81:9b:f6:c3:b8:c9:df:f8:99:32:f4:57:76:
06:a1:f5:ee:f0:87:30:aa:db:03:ff:ea:34:96:84:3f:bb:cf:
2f:a4:e0:cf:ec:6a:b7:ff:8e:b9:e6:a8:94:b3:f4:d3:5c:54:
d8:29:f6:e9:1c:58:8c:c0:94:b8:59:ff:e8:0e:a6:2b:d4:ad:
9a:1b:e1:fd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZDUsmMTvnTdCp2/XNAYgrCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYmM0MGJjYWI1ZTkwNTNhYjZkYjdkMTllMmEzOGRmMWI2
ZjlhNGIwHhcNMjQwNzIxMDk0OTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmM5YWJmNTc3MTA2MTMwYTE4MzViNjhjM2Y3YzFkNTQ4NjA5ZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSWcOYOBaU8JEjRAFP4dzd9yqpUO
qtrtiAxidQNCB3sqLYVWAH2DVOajIOYLNllVPy8RvQWZBdSIfQHxGkfrUw+rKxHD
ICEDjyrGltxKotQV41iqNU1ZMSwCMG2LuNrC79zHsOdEU3N11Oaq8A0uRFXeb2UO
sV8Ga+sc8PG7npj2eIwKFLY07jMngvD2PNovwD2jIjCu8tlbaKAGDR8rORuT01KR
PdLPmSf1ME4m66iBdHVZzc6sKTRU7VgU5W7R6t/guFRMYzmHjc8jcyBzJ8L8Kb57
bYSfwbuXdh3UQHAdl7FarDRLuiTewaZakqTVlvWHZyfIzj18Ns5vdpLLkQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJLJq/V3EGEwoYNbaMP3wdVIYJ8EMB8GA1UdIwQY
MBaAFBG8QLyrXpBTq2230Z4qON8bb5pLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQt
YWU0Zjg0ZTE2Y2ExLzEva3NtcjlYY1FZVENoZzF0b3dfZkIxVWhnbndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQtYWU0Zjg0ZTE2Y2Ex
LzEvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCueNAAwQA
ueuIAwQAueuLAwQCuf/QMA0EAgACMAcDBQMqCkuAMA0GCSqGSIb3DQEBCwUAA4IB
AQBkwqgiA3fRoxDp3h8IabtsGy4Bh0KzUKyJMSKz8HdXX/xSPJo6Q5KDUww0GtSG
y2p1shLMhcE9RFBi8oC2sE6pphjsCXlAvbixNK9Kc2h4OU240kuKdKyc/EX+R2Xy
e+5t+KPUMwZAHHH/Dq524Sh8u1h7QTx+Er8GqExShO2JH7i813fLVGgoPxW3bZ7N
FlNbGut4hnru3gRkp88cvuubCuE2omIJhW6LRNFBIzZ7re/7HVoASrBxpYGb9sO4
yd/4mTL0V3YGofXu8IcwqtsD/+o0loQ/u88vpODP7Gq3/4655qiUs/TTXFTYKfbp
HFiMwJS4Wf/oDqYr1K2aG+H9
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:19:52 2024 by rpki-client on console-ams.rpki-client.org