Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/kdm3v2WXPWKh3cWBPWJatzd1HB4.roa
File: kdm3v2WXPWKh3cWBPWJatzd1HB4.roa (raw, json)
Hash identifier: 3JTfhtJ+PUMhb7bepHfNxmsdi6WhYgoTJTi9vxjnHy4=
Subject key identifier: 91:D9:B7:BF:65:97:3D:62:A1:DD:C5:81:3D:62:5A:B7:37:75:1C:1E
Certificate issuer: /CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02
Certificate serial: 018CC9BC2BC7136672ED5EAFB9A04C2B50EE
Authority key identifier: 6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/kdm3v2WXPWKh3cWBPWJatzd1HB4.roa
Signing time: Tue 02 Jan 2024 10:33:21 +0000
ROA not before: Tue 02 Jan 2024 10:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199246
IP address blocks: 185.4.132.0/22 maxlen: 22
185.138.40.0/22 maxlen: 24
2a02:c500::/29 maxlen: 32
2a07:8c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.mft
rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:2b:c7:13:66:72:ed:5e:af:b9:a0:4c:2b:50:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02
Validity
Not Before: Jan 2 10:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91d9b7bf65973d62a1ddc5813d625ab737751c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:24:3e:05:6f:a3:a1:31:97:49:5e:84:25:a0:
76:20:0e:f4:40:f0:7a:4e:30:08:a1:7f:4c:b1:40:
2d:47:64:d8:76:8a:12:67:fd:ac:13:38:51:02:b0:
fb:14:9a:9e:70:8a:9c:c2:d4:8b:52:bc:44:de:a4:
05:58:74:eb:d2:bb:e4:13:fc:d2:95:d8:dc:5d:7d:
27:92:b7:b5:db:79:75:73:26:57:0d:c4:70:58:5c:
b6:0b:2c:d8:55:80:0d:c5:ee:06:a5:ae:24:f6:ff:
7a:ce:4d:b0:4d:3b:27:d7:d0:84:a7:fe:b7:2e:f1:
85:a6:d8:f5:a4:67:88:8e:cf:b7:86:3f:85:ec:f2:
f3:d9:2c:f4:b9:54:3d:b4:02:6c:ec:a1:68:4d:24:
38:79:c2:c3:d1:a8:76:bd:77:b9:d3:00:0b:33:e1:
b3:ac:a8:33:23:55:47:13:a4:b1:38:6c:c8:0c:35:
96:4e:d5:35:00:6f:19:41:5e:9d:c9:15:9c:c7:1a:
00:30:24:b2:f2:15:64:34:b5:11:01:6e:12:00:34:
79:7d:5f:b8:22:1b:6c:f1:7a:12:0a:cf:a5:53:8e:
86:54:94:14:17:a5:d2:4b:bf:59:7b:0f:4c:c5:09:
b0:1b:aa:74:9e:a7:1d:91:f5:30:01:32:10:dd:9b:
a7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D9:B7:BF:65:97:3D:62:A1:DD:C5:81:3D:62:5A:B7:37:75:1C:1E
X509v3 Authority Key Identifier:
keyid:6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/kdm3v2WXPWKh3cWBPWJatzd1HB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.132.0/22
185.138.40.0/22
IPv6:
2a02:c500::/29
2a07:8c0::/29
Signature Algorithm: sha256WithRSAEncryption
da:22:bc:d0:7f:b5:e7:2a:62:05:d4:e0:79:42:fe:0e:81:04:
de:1a:09:2e:57:d4:c2:cf:62:c6:e4:53:48:70:54:23:30:e3:
a5:d9:d0:0e:ed:03:bc:46:a9:ff:d8:c4:58:5d:6c:e6:7b:d0:
28:f4:97:e9:67:4c:a4:17:9b:70:70:dc:b8:0f:7c:f7:78:64:
b3:87:a7:56:78:ce:7d:c6:ea:ec:a1:b0:32:fc:7b:58:b9:86:
cd:0a:cb:05:d2:3e:97:5d:63:e2:c1:3f:ae:22:11:30:72:90:
b0:8f:20:64:ef:56:07:7b:dc:49:6d:db:46:9f:f9:55:cb:9d:
66:4c:67:fe:9d:31:9b:fa:ec:e9:62:9f:61:fe:5e:3d:a1:2c:
fd:c2:40:1b:be:07:24:3f:ef:e8:d4:93:f4:5c:1d:78:16:a8:
03:dd:09:83:36:67:e3:4e:fa:8c:ce:ec:17:35:39:56:c8:f7:
aa:6c:25:fa:2a:21:26:eb:12:6a:e7:ce:d0:1c:7f:7f:84:5a:
ce:ed:e7:33:d1:87:6c:52:21:93:c3:ca:79:2b:30:90:58:92:
a7:d1:6d:fb:06:86:bf:35:fb:a3:36:e7:03:ba:ed:c7:77:30:
3b:4a:e9:6e:51:8a:a8:cc:5f:9f:7c:b3:99:ba:f7:51:0c:91:
bc:54:92:a2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzJvCvHE2Zy7V6vuaBMK1DuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNDYyM2Y3NmJkNWJiMmRmMGFmNjZmMzYwZmY3NGZmMWMw
MGRiMDIwHhcNMjQwMTAyMTAzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQ5YjdiZjY1OTczZDYyYTFkZGM1ODEzZDYyNWFiNzM3NzUxYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7CQ+BW+joTGXSV6EJaB2IA70QPB6
TjAIoX9MsUAtR2TYdooSZ/2sEzhRArD7FJqecIqcwtSLUrxE3qQFWHTr0rvkE/zS
ldjcXX0nkre123l1cyZXDcRwWFy2CyzYVYANxe4Gpa4k9v96zk2wTTsn19CEp/63
LvGFptj1pGeIjs+3hj+F7PLz2Sz0uVQ9tAJs7KFoTSQ4ecLD0ah2vXe50wALM+Gz
rKgzI1VHE6SxOGzIDDWWTtU1AG8ZQV6dyRWcxxoAMCSy8hVkNLURAW4SADR5fV+4
Ihts8XoSCs+lU46GVJQUF6XSS79Zew9MxQmwG6p0nqcdkfUwATIQ3ZunWwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJHZt79llz1iod3FgT1iWrc3dRweMB8GA1UdIwQY
MBaAFGpGI/dr1bst8K9m82D/dP8cANsCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgt
NmM4MzIwNTBlNzdhLzEva2RtM3YyV1hQV0toM2NXQlBXSmF0emQxSEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgtNmM4MzIwNTBlNzdh
LzEvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuQSEAwQC
uYooMBQEAgACMA4DBQMqAsUAAwUDKgcIwDANBgkqhkiG9w0BAQsFAAOCAQEA2iK8
0H+15ypiBdTgeUL+DoEE3hoJLlfUws9ixuRTSHBUIzDjpdnQDu0DvEap/9jEWF1s
5nvQKPSX6WdMpBebcHDcuA9893hks4enVnjOfcbq7KGwMvx7WLmGzQrLBdI+l11j
4sE/riIRMHKQsI8gZO9WB3vcSW3bRp/5VcudZkxn/p0xm/rs6WKfYf5ePaEs/cJA
G74HJD/v6NST9FwdeBaoA90JgzZn4076jM7sFzU5Vsj3qmwl+iohJusSaufO0Bx/
f4Razu3nM9GHbFIhk8PKeSswkFiSp9Ft+waGvzX7ozbnA7rtx3cwO0rpblGKqMxf
n3yzmbr3UQyRvFSSog==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:45:18 2024 by rpki-client on console-fra.rpki-client.org