Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/k6AR0tgJXr6UUQSYOZAG_5l6sro.roa
File: k6AR0tgJXr6UUQSYOZAG_5l6sro.roa (raw, json)
Hash identifier: AdO3mqaWGEBHrFIooa9X+GmK7MTPyzGjpJet3BHjccM=
Subject key identifier: 93:A0:11:D2:D8:09:5E:BE:94:51:04:98:39:90:06:FF:99:7A:B2:BA
Certificate issuer: /CN=123c3de61011de07101e14dc0727395171cb03ab
Certificate serial: 01935E69758785A3F905C638EBD732400DF3
Authority key identifier: 12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/k6AR0tgJXr6UUQSYOZAG_5l6sro.roa
Signing time: Sun 24 Nov 2024 13:43:09 +0000
ROA not before: Sun 24 Nov 2024 13:43:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203811
IP address blocks: 185.122.252.0/24 maxlen: 24
185.122.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 23:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:5e:69:75:87:85:a3:f9:05:c6:38:eb:d7:32:40:0d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123c3de61011de07101e14dc0727395171cb03ab
Validity
Not Before: Nov 24 13:43:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93a011d2d8095ebe94510498399006ff997ab2ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4e:a4:f2:01:96:10:ff:13:91:e4:a6:0f:30:
92:cd:d4:53:94:31:bd:2f:cb:96:c5:56:ef:69:ac:
e9:9d:53:42:64:26:ce:c6:32:2a:a1:35:db:6f:9c:
bd:59:1b:98:0f:a4:5e:dd:7b:2e:1c:a5:32:b8:9d:
58:9b:62:32:15:61:52:0e:27:a8:03:45:9d:0e:c5:
c1:0b:11:76:71:da:32:7e:59:d0:e4:91:a5:b7:7c:
d8:ae:8a:90:7e:14:41:1c:c9:32:25:5c:3c:29:a2:
c9:30:eb:02:e5:12:7d:54:19:49:c8:53:ab:2a:12:
9d:66:38:3c:dc:d3:62:b6:c7:6d:d6:6c:bb:f8:da:
38:3d:41:ab:fb:10:b8:0f:e7:16:db:a6:85:ea:74:
32:5f:ee:18:c4:cf:76:90:cd:c3:93:bb:51:6c:d8:
1c:fe:b1:a6:d2:9e:48:81:97:ad:1f:06:a4:94:8f:
4a:97:bd:a2:24:b5:ef:d0:13:ab:d0:9a:08:b2:83:
c7:f2:84:a8:87:50:6c:1e:bc:0a:ea:63:69:a0:1b:
96:ea:b5:09:bb:16:05:14:59:a8:40:2b:53:4b:f3:
7a:33:33:14:c9:d8:26:8a:88:a8:7d:2b:14:b1:70:
73:9e:81:a5:b8:af:be:8f:29:eb:e1:57:85:22:79:
ff:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A0:11:D2:D8:09:5E:BE:94:51:04:98:39:90:06:FF:99:7A:B2:BA
X509v3 Authority Key Identifier:
keyid:12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/k6AR0tgJXr6UUQSYOZAG_5l6sro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.252.0/24
185.122.255.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:22:f9:23:14:19:bf:20:8b:e3:50:6a:8c:c4:80:07:43:f9:
1a:0c:2e:c5:ce:e7:b8:f0:0a:c1:68:91:f6:2c:0c:5e:96:d5:
0b:a5:6f:22:21:1a:d0:17:a7:a1:bb:3b:07:97:fd:37:3a:46:
e9:ed:55:f1:97:55:2d:ee:4a:94:af:12:e2:c6:33:2b:5f:ca:
bc:aa:5e:25:25:1b:f9:d0:b0:91:8a:5f:f6:2a:5b:16:d9:3d:
e8:89:30:2d:ef:d1:6d:ce:17:25:31:30:ce:46:12:4d:45:75:
ce:41:98:48:a6:a2:36:bd:a3:73:69:1a:d2:d9:b4:4b:4e:be:
fd:62:13:0f:59:92:79:e0:b7:fc:3d:11:63:13:b1:de:9b:c5:
88:0d:15:21:eb:ce:07:8e:6d:0d:ee:63:88:98:51:d9:02:4c:
e3:c9:77:ab:0a:07:55:99:7a:5c:18:2c:8c:3d:ad:9c:44:44:
29:a1:7a:41:b6:83:f0:b6:e5:f6:4a:6a:6d:cf:c1:26:d4:f5:
74:92:9b:71:4f:b9:84:fe:0b:c5:21:4d:62:3f:e0:f2:ce:90:
b8:bf:3d:83:b7:25:07:0f:dd:6b:91:f7:a3:a2:f4:34:97:54:
52:99:7c:e6:8b:89:35:c8:ae:49:39:25:bb:c0:2c:2c:24:93:
e1:c4:5b:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNeaXWHhaP5BcY469cyQA3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2MzZGU2MTAxMWRlMDcxMDFlMTRkYzA3MjczOTUxNzFj
YjAzYWIwHhcNMjQxMTI0MTM0MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2EwMTFkMmQ4MDk1ZWJlOTQ1MTA0OTgzOTkwMDZmZjk5N2FiMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt06k8gGWEP8TkeSmDzCSzdRTlDG9
L8uWxVbvaazpnVNCZCbOxjIqoTXbb5y9WRuYD6Re3XsuHKUyuJ1Ym2IyFWFSDieo
A0WdDsXBCxF2cdoyflnQ5JGlt3zYroqQfhRBHMkyJVw8KaLJMOsC5RJ9VBlJyFOr
KhKdZjg83NNitsdt1my7+No4PUGr+xC4D+cW26aF6nQyX+4YxM92kM3Dk7tRbNgc
/rGm0p5IgZetHwaklI9Kl72iJLXv0BOr0JoIsoPH8oSoh1BsHrwK6mNpoBuW6rUJ
uxYFFFmoQCtTS/N6MzMUydgmioiofSsUsXBznoGluK++jynr4VeFInn/UQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJOgEdLYCV6+lFEEmDmQBv+ZerK6MB8GA1UdIwQY
MBaAFBI8PeYQEd4HEB4U3AcnOVFxywOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUt
YjUwNGM5YWU5YmJjLzEvazZBUjB0Z0pYcjZVVVFTWU9aQUdfNWw2c3JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUtYjUwNGM5YWU5YmJj
LzEvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXr8AwQA
uXr/MA0GCSqGSIb3DQEBCwUAA4IBAQB6IvkjFBm/IIvjUGqMxIAHQ/kaDC7Fzue4
8ArBaJH2LAxeltULpW8iIRrQF6ehuzsHl/03Okbp7VXxl1Ut7kqUrxLixjMrX8q8
ql4lJRv50LCRil/2KlsW2T3oiTAt79FtzhclMTDORhJNRXXOQZhIpqI2vaNzaRrS
2bRLTr79YhMPWZJ54Lf8PRFjE7Hem8WIDRUh684Hjm0N7mOImFHZAkzjyXerCgdV
mXpcGCyMPa2cREQpoXpBtoPwtuX2Smptz8Em1PV0kptxT7mE/gvFIU1iP+DyzpC4
vz2DtyUHD91rkfejovQ0l1RSmXzmi4k1yK5JOSW7wCwsJJPhxFuW
-----END CERTIFICATE-----
Generated at Wed Nov 27 07:18:10 2024 by rpki-client on console-fra.rpki-client.org