Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/0df808-7473-47b1-817f-be770e1e6c13/1/kR-1AWy3FNudaLmR5qOOJJOsZ7w.roa
File: kR-1AWy3FNudaLmR5qOOJJOsZ7w.roa (raw, json)
Hash identifier: /3MyiXxQZoxL4tNcc2+5+5S8H91oH4++qy5LyCHEl/E=
Subject key identifier: 91:1F:B5:01:6C:B7:14:DB:9D:68:B9:91:E6:A3:8E:24:93:AC:67:BC
Certificate issuer: /CN=348fd977ccbe7bb96d3c0f3174c9951bf870feb0
Certificate serial: 018CC56E2A971CAE9AB868F6F73E31A24016
Authority key identifier: 34:8F:D9:77:CC:BE:7B:B9:6D:3C:0F:31:74:C9:95:1B:F8:70:FE:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NI_Zd8y-e7ltPA8xdMmVG_hw_rA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/0df808-7473-47b1-817f-be770e1e6c13/1/kR-1AWy3FNudaLmR5qOOJJOsZ7w.roa
Signing time: Mon 01 Jan 2024 14:29:40 +0000
ROA not before: Mon 01 Jan 2024 14:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204609
IP address blocks: 185.231.88.0/23 maxlen: 23
185.231.90.0/24 maxlen: 24
185.231.91.0/24 maxlen: 24
185.231.88.0/22 maxlen: 24
2a0d:a680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/0df808-7473-47b1-817f-be770e1e6c13/1/NI_Zd8y-e7ltPA8xdMmVG_hw_rA.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/0df808-7473-47b1-817f-be770e1e6c13/1/NI_Zd8y-e7ltPA8xdMmVG_hw_rA.mft
rsync://rpki.ripe.net/repository/DEFAULT/NI_Zd8y-e7ltPA8xdMmVG_hw_rA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:2a:97:1c:ae:9a:b8:68:f6:f7:3e:31:a2:40:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=348fd977ccbe7bb96d3c0f3174c9951bf870feb0
Validity
Not Before: Jan 1 14:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=911fb5016cb714db9d68b991e6a38e2493ac67bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f1:df:c0:ed:c0:32:db:87:f6:e8:3b:fd:d3:
79:d2:91:07:a2:c2:71:14:81:cc:ad:f0:3d:70:2f:
04:36:cb:59:07:9a:6d:ac:62:57:c3:fd:b6:71:77:
9e:52:5f:0e:cf:bf:93:9c:ec:e4:bf:5e:4a:70:43:
d2:2e:42:1d:35:b5:d5:e7:0b:5a:81:5a:d4:97:83:
c5:97:30:aa:2c:49:86:6b:30:6c:d9:8c:63:05:f9:
16:23:f8:4e:46:7f:f0:67:86:97:9f:64:67:0b:d8:
5d:bb:56:86:c7:a1:8d:a1:71:8a:fc:07:9c:12:d4:
91:be:13:55:43:14:ae:94:1f:4a:11:8f:6d:92:90:
2e:48:7b:60:c8:d8:68:8c:01:1b:c4:c3:4c:cc:69:
61:b1:2f:50:a5:d5:fb:9a:36:32:88:93:e3:4f:c1:
93:41:f8:29:2a:c6:ab:8d:f7:9a:7c:e8:37:c4:31:
1c:35:07:f7:6b:f4:ea:ea:ba:70:68:f8:41:ec:5f:
20:ca:9f:28:fc:6d:17:25:10:81:b1:b3:12:c6:df:
7e:33:16:4f:13:b5:ec:c7:2b:0c:e0:5a:75:57:1d:
25:14:91:cc:79:a6:19:66:73:1a:3e:58:2b:a5:63:
85:ee:98:45:25:95:57:a9:85:f7:b0:6a:58:0b:23:
9d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1F:B5:01:6C:B7:14:DB:9D:68:B9:91:E6:A3:8E:24:93:AC:67:BC
X509v3 Authority Key Identifier:
keyid:34:8F:D9:77:CC:BE:7B:B9:6D:3C:0F:31:74:C9:95:1B:F8:70:FE:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NI_Zd8y-e7ltPA8xdMmVG_hw_rA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0df808-7473-47b1-817f-be770e1e6c13/1/kR-1AWy3FNudaLmR5qOOJJOsZ7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0df808-7473-47b1-817f-be770e1e6c13/1/NI_Zd8y-e7ltPA8xdMmVG_hw_rA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.88.0/22
IPv6:
2a0d:a680::/32
Signature Algorithm: sha256WithRSAEncryption
7e:f5:3e:11:df:53:7d:73:07:85:dd:a7:c0:4b:f9:76:d2:ae:
5d:6b:1f:57:ea:41:29:60:c5:80:2f:18:19:b9:14:50:ae:d4:
27:44:9f:e2:91:56:79:a5:4f:6e:6e:c9:6c:a4:1d:59:fe:5d:
b8:d9:da:63:a8:91:14:11:ea:27:2e:d8:f9:79:44:81:5a:d5:
1e:98:df:c4:b6:d1:92:9c:e4:0a:e1:59:d7:30:18:78:43:97:
ed:2a:7a:b7:ee:51:5c:8b:3d:1f:d7:18:63:01:8e:bb:58:60:
28:84:e1:b3:2a:89:bb:e0:a7:07:aa:af:80:e3:e5:dd:2e:d9:
05:49:fc:90:44:57:27:35:28:82:d0:9b:76:73:82:cf:ae:cf:
c3:ee:c2:b7:80:fd:01:81:02:98:a8:0e:6a:2f:f7:0b:cc:b6:
7e:a3:d4:c4:07:af:b5:08:de:29:57:0b:b2:35:61:b8:18:76:
10:35:5e:75:8d:c4:a3:4f:26:24:90:92:eb:c3:eb:81:f2:88:
ed:04:3a:ee:02:65:88:89:90:e5:1b:fa:d2:1c:8c:c5:a4:bf:
4c:8b:4e:af:9e:4c:81:8d:63:62:f4:7b:8d:3a:90:d2:5d:d2:
74:f2:63:59:c4:bf:25:54:27:28:d4:73:b1:62:41:83:00:55:
4c:81:85:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbiqXHK6auGj29z4xokAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OGZkOTc3Y2NiZTdiYjk2ZDNjMGYzMTc0Yzk5NTFiZjg3
MGZlYjAwHhcNMjQwMTAxMTQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFmYjUwMTZjYjcxNGRiOWQ2OGI5OTFlNmEzOGUyNDkzYWM2N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvHfwO3AMtuH9ug7/dN50pEHosJx
FIHMrfA9cC8ENstZB5ptrGJXw/22cXeeUl8Oz7+TnOzkv15KcEPSLkIdNbXV5wta
gVrUl4PFlzCqLEmGazBs2YxjBfkWI/hORn/wZ4aXn2RnC9hdu1aGx6GNoXGK/Aec
EtSRvhNVQxSulB9KEY9tkpAuSHtgyNhojAEbxMNMzGlhsS9QpdX7mjYyiJPjT8GT
QfgpKsarjfeafOg3xDEcNQf3a/Tq6rpwaPhB7F8gyp8o/G0XJRCBsbMSxt9+MxZP
E7XsxysM4Fp1Vx0lFJHMeaYZZnMaPlgrpWOF7phFJZVXqYX3sGpYCyOd4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJEftQFstxTbnWi5keajjiSTrGe8MB8GA1UdIwQY
MBaAFDSP2XfMvnu5bTwPMXTJlRv4cP6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTklfWmQ4eS1lN2x0UEE4eGRNbVZHX2h3X3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8wZGY4MDgtNzQ3My00N2IxLTgxN2Yt
YmU3NzBlMWU2YzEzLzEva1ItMUFXeTNGTnVkYUxtUjVxT09KSk9zWjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8wZGY4MDgtNzQ3My00N2IxLTgxN2YtYmU3NzBlMWU2YzEz
LzEvTklfWmQ4eS1lN2x0UEE4eGRNbVZHX2h3X3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuedYMA0E
AgACMAcDBQAqDaaAMA0GCSqGSIb3DQEBCwUAA4IBAQB+9T4R31N9cweF3afAS/l2
0q5dax9X6kEpYMWALxgZuRRQrtQnRJ/ikVZ5pU9ubslspB1Z/l242dpjqJEUEeon
Ltj5eUSBWtUemN/EttGSnOQK4VnXMBh4Q5ftKnq37lFciz0f1xhjAY67WGAohOGz
Kom74KcHqq+A4+XdLtkFSfyQRFcnNSiC0Jt2c4LPrs/D7sK3gP0BgQKYqA5qL/cL
zLZ+o9TEB6+1CN4pVwuyNWG4GHYQNV51jcSjTyYkkJLrw+uB8ojtBDruAmWIiZDl
G/rSHIzFpL9Mi06vnkyBjWNi9HuNOpDSXdJ08mNZxL8lVCco1HOxYkGDAFVMgYV3
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:14:28 2024 by rpki-client on console-ams.rpki-client.org