Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/KxPBk2oGNImy4UUCbBT0vOywXD4.roa
File: KxPBk2oGNImy4UUCbBT0vOywXD4.roa (raw, json)
Hash identifier: svjXk7tE4mo1bxuG/F/xjbyjZEmP3hTPqwoFfkNRVOM=
Subject key identifier: 2B:13:C1:93:6A:06:34:89:B2:E1:45:02:6C:14:F4:BC:EC:B0:5C:3E
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018D747DC7971658574C10B06A6B4A7632DD
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/KxPBk2oGNImy4UUCbBT0vOywXD4.roa
Signing time: Sun 04 Feb 2024 14:20:16 +0000
ROA not before: Sun 04 Feb 2024 14:20:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34872
IP address blocks: 45.154.97.0/24 maxlen: 24
62.3.50.0/24 maxlen: 24
194.28.98.0/23 maxlen: 24
2a0c:b640::/32 maxlen: 48
2a0c:b641::/44 maxlen: 48
2a0c:b641:10::/44 maxlen: 48
2a0c:b641:540::/44 maxlen: 48
2a0c:b641:70f::/48 maxlen: 48
2a0f:8400::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:74:7d:c7:97:16:58:57:4c:10:b0:6a:6b:4a:76:32:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Feb 4 14:20:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b13c1936a063489b2e145026c14f4bcecb05c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:69:6b:72:c6:93:0a:a9:c5:00:f2:ef:05:21:
7d:2f:45:92:c7:cb:97:11:90:53:e2:01:a3:ca:50:
4c:aa:bf:ca:bc:62:1d:12:2d:9f:01:31:78:13:16:
10:fe:2a:ee:c4:1e:30:6d:4c:1f:ca:ba:05:4c:1e:
fa:a1:26:45:fb:bc:33:a6:3c:80:cf:33:ef:0d:f1:
da:1d:58:e8:3e:d8:a2:73:78:29:cf:d8:2a:7b:78:
f5:16:82:18:08:d0:2c:8a:f6:c4:0e:f0:54:e8:62:
c0:50:a2:2e:ee:69:f3:33:45:61:7a:bd:ad:18:58:
ea:17:ba:21:16:55:47:aa:9e:88:3e:ad:58:bf:4a:
63:a2:62:54:9c:81:15:ea:1f:a8:d9:51:5b:68:aa:
ed:61:7e:96:77:33:fe:73:d3:8d:e1:78:8c:7a:36:
77:33:91:7b:db:18:ed:67:93:a5:78:e2:c6:0a:86:
e9:95:41:1a:f7:83:4d:5a:c0:34:7a:68:83:80:eb:
37:a8:28:1f:34:86:db:56:a1:e5:2a:5e:9e:09:e5:
1c:2a:4d:48:28:5b:c0:5b:e5:b6:a5:a8:38:5e:af:
a0:9f:e5:68:64:02:ad:34:a9:5c:56:8f:48:12:3f:
bb:b5:ae:d1:97:4d:24:c6:a6:85:30:bd:95:93:e3:
95:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:13:C1:93:6A:06:34:89:B2:E1:45:02:6C:14:F4:BC:EC:B0:5C:3E
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/KxPBk2oGNImy4UUCbBT0vOywXD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
62.3.50.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:540::/44
2a0c:b641:70f::/48
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
40:59:89:b1:f5:f9:8c:d7:c8:2f:66:fa:f4:c4:1b:cf:22:80:
2c:b1:0b:10:05:cf:3c:a7:71:23:e6:83:2a:d0:30:43:28:2a:
11:ae:1b:85:a1:53:33:47:8b:ac:da:e8:d2:25:6e:cd:70:c2:
79:f2:66:6d:51:9e:41:0b:b6:31:80:ce:86:fa:66:6f:a3:35:
8f:0b:95:0d:5a:6d:8c:27:cb:1f:95:cc:2f:10:0c:93:76:75:
15:bf:3b:98:32:ed:4b:f0:da:7a:be:c2:a9:13:aa:22:01:da:
12:bd:c0:b3:6f:45:d7:10:31:15:ec:af:45:3d:27:e1:b6:b8:
3c:70:16:bb:81:8c:4b:6e:c1:db:16:1c:f0:28:07:10:8d:21:
70:52:75:7a:35:1b:83:54:99:2f:97:c6:a1:15:d7:ea:51:f4:
6f:8c:fd:92:2b:a5:36:6c:6b:7a:6d:da:a0:97:5e:a8:6b:e7:
b9:b4:e2:9f:68:19:af:57:08:b0:d4:3f:3c:64:b1:bf:a5:de:
3a:74:1a:0e:76:4e:d2:63:ef:a3:b8:b7:65:11:b0:a7:ce:fc:
1a:53:a5:59:24:36:f5:94:7b:29:24:42:ca:fe:fe:12:66:58:
01:bb:f6:81:8d:4b:fb:21:04:90:a3:d4:61:16:a3:87:62:61:
64:5c:49:8f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY10fceXFlhXTBCwamtKdjLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMjA0MTQyMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjEzYzE5MzZhMDYzNDg5YjJlMTQ1MDI2YzE0ZjRiY2VjYjA1YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2lrcsaTCqnFAPLvBSF9L0WSx8uX
EZBT4gGjylBMqr/KvGIdEi2fATF4ExYQ/iruxB4wbUwfyroFTB76oSZF+7wzpjyA
zzPvDfHaHVjoPtiic3gpz9gqe3j1FoIYCNAsivbEDvBU6GLAUKIu7mnzM0Vher2t
GFjqF7ohFlVHqp6IPq1Yv0pjomJUnIEV6h+o2VFbaKrtYX6WdzP+c9ON4XiMejZ3
M5F72xjtZ5OleOLGCobplUEa94NNWsA0emiDgOs3qCgfNIbbVqHlKl6eCeUcKk1I
KFvAW+W2pag4Xq+gn+VoZAKtNKlcVo9IEj+7ta7Rl00kxqaFML2Vk+OV5wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCsTwZNqBjSJsuFFAmwU9LzssFw+MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvS3hQQmsyb0dOSW15NFVVQ2JCVDB2T3l3WEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQALZphAwQA
PgMyAwQBwhxiMDEEAgACMCswEAMFBioMtkADBwUqDLZBAAADBwQqDLZBBUADBwAq
DLZBBw8DBQAqD4QAMA0GCSqGSIb3DQEBCwUAA4IBAQBAWYmx9fmM18gvZvr0xBvP
IoAssQsQBc88p3Ej5oMq0DBDKCoRrhuFoVMzR4us2ujSJW7NcMJ58mZtUZ5BC7Yx
gM6G+mZvozWPC5UNWm2MJ8sflcwvEAyTdnUVvzuYMu1L8Np6vsKpE6oiAdoSvcCz
b0XXEDEV7K9FPSfhtrg8cBa7gYxLbsHbFhzwKAcQjSFwUnV6NRuDVJkvl8ahFdfq
UfRvjP2SK6U2bGt6bdqgl16oa+e5tOKfaBmvVwiw1D88ZLG/pd46dBoOdk7SY++j
uLdlEbCnzvwaU6VZJDb1lHspJELK/v4SZlgBu/aBjUv7IQSQo9RhFqOHYmFkXEmP
-----END CERTIFICATE-----
Generated at Sat May 4 08:45:26 2024 by rpki-client on console-fra.rpki-client.org