Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/kBqLhuQHXJVP4kkMrf6PkJBAhiA.roa
File: kBqLhuQHXJVP4kkMrf6PkJBAhiA.roa (raw, json)
Hash identifier: IVamx3Qk21Y5jrmwbuOFqSYDjLvc/tLLYlvXVgT1SmA=
Subject key identifier: 90:1A:8B:86:E4:07:5C:95:4F:E2:49:0C:AD:FE:8F:90:90:40:86:20
Certificate issuer: /CN=864b0e13cf27aff66be730bece98e04b00fdfb9e
Certificate serial: 018CC6B7BDA19AA30D9A99B8A961399ADD6E
Authority key identifier: 86:4B:0E:13:CF:27:AF:F6:6B:E7:30:BE:CE:98:E0:4B:00:FD:FB:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hksOE88nr_Zr5zC-zpjgSwD9-54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/kBqLhuQHXJVP4kkMrf6PkJBAhiA.roa
Signing time: Mon 01 Jan 2024 20:29:39 +0000
ROA not before: Mon 01 Jan 2024 20:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8312
IP address blocks: 77.74.48.0/21 maxlen: 21
77.74.48.0/22 maxlen: 22
193.189.149.0/24 maxlen: 24
185.58.56.0/22 maxlen: 22
77.74.52.0/22 maxlen: 22
195.210.56.0/23 maxlen: 23
185.58.59.0/24 maxlen: 24
193.16.154.0/24 maxlen: 24
2a01:310::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/hksOE88nr_Zr5zC-zpjgSwD9-54.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/hksOE88nr_Zr5zC-zpjgSwD9-54.mft
rsync://rpki.ripe.net/repository/DEFAULT/hksOE88nr_Zr5zC-zpjgSwD9-54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:bd:a1:9a:a3:0d:9a:99:b8:a9:61:39:9a:dd:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864b0e13cf27aff66be730bece98e04b00fdfb9e
Validity
Not Before: Jan 1 20:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=901a8b86e4075c954fe2490cadfe8f9090408620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bf:bc:b3:14:5f:90:9c:90:c4:66:45:94:b0:
01:b6:39:8e:e8:1d:f7:af:23:74:18:df:40:5e:2a:
15:c3:2c:3e:5b:17:8c:22:86:23:d4:ca:b7:ec:ee:
fa:f4:99:92:6c:20:1d:3c:a5:b5:54:b3:d5:c4:aa:
2b:1b:ff:d2:22:df:5d:0c:86:fb:28:36:ca:b9:ea:
cd:31:0a:78:7f:66:0c:99:98:ac:c1:d6:5f:45:5d:
5b:a1:70:84:1d:e6:2e:a8:c7:0a:1f:9b:ce:d0:e1:
46:f1:93:6d:af:f7:da:6a:ce:ee:d1:89:ca:49:e0:
56:bd:0f:fb:29:47:a4:1d:fc:31:52:43:85:62:43:
05:5e:ae:7d:f1:13:97:be:18:a5:af:87:1b:3c:c4:
7c:e1:90:be:9f:cd:0d:59:de:55:b1:a5:43:ac:42:
72:f0:21:89:3c:3d:03:01:9d:c5:e2:9e:c0:35:02:
0c:1b:c9:96:54:2d:20:bf:62:79:12:1d:93:15:fb:
f7:0c:57:9d:19:d6:d3:72:66:1d:6e:f4:a1:4e:fb:
bd:d2:b4:68:0a:d4:e9:b7:bb:05:e1:3c:d5:12:94:
57:45:2d:5c:3d:7d:a6:c1:c4:57:1c:32:0c:e5:90:
b0:9a:db:e2:1e:14:c3:80:00:ad:13:87:e6:b0:1b:
7f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:1A:8B:86:E4:07:5C:95:4F:E2:49:0C:AD:FE:8F:90:90:40:86:20
X509v3 Authority Key Identifier:
keyid:86:4B:0E:13:CF:27:AF:F6:6B:E7:30:BE:CE:98:E0:4B:00:FD:FB:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hksOE88nr_Zr5zC-zpjgSwD9-54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/kBqLhuQHXJVP4kkMrf6PkJBAhiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/hksOE88nr_Zr5zC-zpjgSwD9-54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.48.0/21
185.58.56.0/22
193.16.154.0/24
193.189.149.0/24
195.210.56.0/23
IPv6:
2a01:310::/32
Signature Algorithm: sha256WithRSAEncryption
78:b8:cd:0c:b5:06:81:ca:50:92:9e:01:b5:53:0a:2c:0c:bd:
7e:bb:de:12:45:93:39:8f:25:b5:9c:96:dc:cb:ab:90:8f:05:
34:56:9e:e0:66:49:af:5d:69:76:70:0a:40:5c:4a:31:6a:40:
6b:e7:15:25:d8:6f:12:2f:25:b8:c8:3b:b2:f8:0b:d7:c9:fb:
56:58:2a:f4:ea:bb:24:6f:46:fd:b0:38:d7:d7:44:19:da:bb:
d1:1d:4b:f6:60:d0:78:df:d5:fa:b8:58:8d:b7:81:c7:3b:3f:
27:7d:27:35:c3:35:2a:5e:62:42:2d:7a:dd:8d:a7:97:b2:b9:
46:b2:e0:15:61:2c:1f:9b:28:7d:2f:75:a4:15:88:01:28:92:
00:69:75:a5:d0:0f:bf:01:f7:54:9a:7e:7f:c0:24:c4:dd:08:
86:11:88:45:41:ff:a7:d1:66:e1:89:08:b8:14:60:cb:0f:c4:
6c:8f:d1:db:f3:41:9c:66:e3:e0:d9:5d:9b:08:9f:28:5c:4a:
b4:d2:fe:7c:5d:f9:73:63:67:3c:bd:65:38:29:a2:26:7c:11:
4d:24:9e:94:5c:96:6b:0d:09:1d:8e:36:76:5f:f4:fd:43:88:
f3:ae:59:b5:ad:f2:ae:e8:ff:f9:fb:41:92:09:f8:7a:6a:7e:
26:88:7c:1f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzGt72hmqMNmpm4qWE5mt1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGIwZTEzY2YyN2FmZjY2YmU3MzBiZWNlOThlMDRiMDBm
ZGZiOWUwHhcNMjQwMTAxMjAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDFhOGI4NmU0MDc1Yzk1NGZlMjQ5MGNhZGZlOGY5MDkwNDA4NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7+8sxRfkJyQxGZFlLABtjmO6B33
ryN0GN9AXioVwyw+WxeMIoYj1Mq37O769JmSbCAdPKW1VLPVxKorG//SIt9dDIb7
KDbKuerNMQp4f2YMmZiswdZfRV1boXCEHeYuqMcKH5vO0OFG8ZNtr/faas7u0YnK
SeBWvQ/7KUekHfwxUkOFYkMFXq598ROXvhilr4cbPMR84ZC+n80NWd5VsaVDrEJy
8CGJPD0DAZ3F4p7ANQIMG8mWVC0gv2J5Eh2TFfv3DFedGdbTcmYdbvShTvu90rRo
CtTpt7sF4TzVEpRXRS1cPX2mwcRXHDIM5ZCwmtviHhTDgACtE4fmsBt/2wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJAai4bkB1yVT+JJDK3+j5CQQIYgMB8GA1UdIwQY
MBaAFIZLDhPPJ6/2a+cwvs6Y4EsA/fueMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtzT0U4OG5yX1pyNXpDLXpwamdTd0Q5LTU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zMDI4NjMtNTY4OS00M2ZjLTg3MmYt
ZmM0NGE4YWNlMzcwLzEva0JxTGh1UUhYSlZQNGtrTXJmNlBrSkJBaGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zMDI4NjMtNTY4OS00M2ZjLTg3MmYtZmM0NGE4YWNlMzcw
LzEvaGtzT0U4OG5yX1pyNXpDLXpwamdTd0Q5LTU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTUowAwQC
uTo4AwQAwRCaAwQAwb2VAwQBw9I4MA0EAgACMAcDBQAqAQMQMA0GCSqGSIb3DQEB
CwUAA4IBAQB4uM0MtQaBylCSngG1UwosDL1+u94SRZM5jyW1nJbcy6uQjwU0Vp7g
ZkmvXWl2cApAXEoxakBr5xUl2G8SLyW4yDuy+AvXyftWWCr06rskb0b9sDjX10QZ
2rvRHUv2YNB439X6uFiNt4HHOz8nfSc1wzUqXmJCLXrdjaeXsrlGsuAVYSwfmyh9
L3WkFYgBKJIAaXWl0A+/AfdUmn5/wCTE3QiGEYhFQf+n0WbhiQi4FGDLD8Rsj9Hb
80GcZuPg2V2bCJ8oXEq00v58XflzY2c8vWU4KaImfBFNJJ6UXJZrDQkdjjZ2X/T9
Q4jzrlm1rfKu6P/5+0GSCfh6an4miHwf
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:44:44 2024 by rpki-client on console-fra.rpki-client.org