Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/KqUx24iMNgIY7LOOlAmTHib7qHM.roa
File: KqUx24iMNgIY7LOOlAmTHib7qHM.roa (raw, json)
Hash identifier: NoKU8BydiyqAHRz8W56r3GZIuTybAt6/eVSPRunTiH4=
Subject key identifier: 2A:A5:31:DB:88:8C:36:02:18:EC:B3:8E:94:09:93:1E:26:FB:A8:73
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018CC64ADACD92159EA26DACD923BC13308A
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/KqUx24iMNgIY7LOOlAmTHib7qHM.roa
Signing time: Mon 01 Jan 2024 18:30:43 +0000
ROA not before: Mon 01 Jan 2024 18:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197726
IP address blocks: 212.86.111.0/24 maxlen: 24
212.86.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:da:cd:92:15:9e:a2:6d:ac:d9:23:bc:13:30:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 18:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2aa531db888c360218ecb38e9409931e26fba873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:03:bc:55:0a:b6:80:bf:eb:5c:d8:46:2f:d0:
62:8b:63:20:ab:b0:74:fc:07:65:70:20:4e:19:de:
53:7b:4f:a5:c5:a2:2b:53:be:2a:c1:ea:d3:04:12:
09:d0:23:4a:01:58:08:88:eb:79:2c:6a:f1:00:59:
23:00:56:20:30:f5:ac:5a:16:d3:b9:2f:76:10:81:
42:19:70:9b:87:4e:dd:e8:e4:7a:98:41:dd:01:1c:
a2:a2:c1:2f:4d:7b:7b:88:98:d7:af:b1:b5:a7:70:
af:96:46:14:d1:f1:a0:32:6d:6c:d3:65:17:2b:bd:
66:d7:3e:d2:ab:92:b9:1b:0e:4a:3a:ac:ca:0a:6a:
3f:b6:28:9b:27:b1:19:99:d1:4a:9c:e7:1c:6f:15:
79:9b:ff:46:67:aa:61:86:cc:56:b7:ac:40:d3:6a:
0f:bd:1c:f8:0e:e6:76:fa:50:37:43:4d:0b:d2:d8:
ef:e7:94:39:85:ed:93:48:2c:c3:4d:20:9e:89:5f:
67:05:ff:9a:79:1a:72:4e:a1:74:94:fd:f9:22:aa:
13:ec:7f:bd:d7:04:d9:e0:90:6e:89:59:4f:24:6d:
0a:79:3d:03:bb:6b:0d:1e:2d:c5:ad:7f:de:42:bb:
eb:86:67:73:11:84:5f:a9:4b:a8:ef:ce:0c:31:04:
1b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A5:31:DB:88:8C:36:02:18:EC:B3:8E:94:09:93:1E:26:FB:A8:73
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/KqUx24iMNgIY7LOOlAmTHib7qHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.86.110.0/23
Signature Algorithm: sha256WithRSAEncryption
09:49:a2:8b:2e:71:e9:75:91:cd:c9:1c:30:b4:10:69:90:d6:
f2:22:9a:01:6c:b0:e5:f9:54:34:b1:04:c8:df:2b:3d:cf:96:
2f:c3:1f:bf:d0:a5:7a:20:db:56:0a:63:ac:04:82:d3:11:8c:
21:9c:e0:06:f1:ca:8b:4f:e0:3d:b2:44:48:b9:81:0f:44:5d:
a0:0d:2c:85:87:01:55:9b:4e:a3:fc:da:4b:8f:1c:a7:db:a0:
71:c3:3e:d4:6c:a4:3d:e9:b1:4e:15:43:c2:2f:aa:90:be:4a:
b3:01:82:63:9e:bd:71:06:ca:dd:b8:da:44:0a:ef:c0:0b:ac:
e8:e2:8a:1f:1a:21:02:e5:f3:86:0a:81:e7:07:87:c8:f6:02:
2f:d5:fa:a0:64:a1:fe:6b:e6:85:e2:17:d7:01:1b:ae:31:99:
e9:b2:ce:67:43:22:ef:70:42:2f:75:34:d3:0b:2b:33:da:da:
d5:98:9b:cd:5c:a6:53:d9:1f:9d:72:2d:58:ec:c5:26:0a:f5:
9e:55:8f:4f:2b:0d:d5:04:d2:1f:1a:72:09:d6:0f:ca:dd:d7:
12:53:17:ab:78:88:39:cc:32:4e:64:fb:30:2f:b9:ba:71:5b:
7c:c5:7b:ec:96:62:9d:c2:2a:27:4b:88:53:fd:03:d0:84:01:
69:1f:cd:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGStrNkhWeom2s2SO8EzCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMTAxMTgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWE1MzFkYjg4OGMzNjAyMThlY2IzOGU5NDA5OTMxZTI2ZmJhODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAO8VQq2gL/rXNhGL9Bii2Mgq7B0
/AdlcCBOGd5Te0+lxaIrU74qwerTBBIJ0CNKAVgIiOt5LGrxAFkjAFYgMPWsWhbT
uS92EIFCGXCbh07d6OR6mEHdARyiosEvTXt7iJjXr7G1p3CvlkYU0fGgMm1s02UX
K71m1z7Sq5K5Gw5KOqzKCmo/tiibJ7EZmdFKnOccbxV5m/9GZ6phhsxWt6xA02oP
vRz4DuZ2+lA3Q00L0tjv55Q5he2TSCzDTSCeiV9nBf+aeRpyTqF0lP35IqoT7H+9
1wTZ4JBuiVlPJG0KeT0Du2sNHi3FrX/eQrvrhmdzEYRfqUuo784MMQQbgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqlMduIjDYCGOyzjpQJkx4m+6hzMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvS3FVeDI0aU1OZ0lZN0xPT2xBbVRIaWI3cUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1FZuMA0G
CSqGSIb3DQEBCwUAA4IBAQAJSaKLLnHpdZHNyRwwtBBpkNbyIpoBbLDl+VQ0sQTI
3ys9z5Yvwx+/0KV6INtWCmOsBILTEYwhnOAG8cqLT+A9skRIuYEPRF2gDSyFhwFV
m06j/NpLjxyn26Bxwz7UbKQ96bFOFUPCL6qQvkqzAYJjnr1xBsrduNpECu/AC6zo
4oofGiEC5fOGCoHnB4fI9gIv1fqgZKH+a+aF4hfXARuuMZnpss5nQyLvcEIvdTTT
Cysz2trVmJvNXKZT2R+dci1Y7MUmCvWeVY9PKw3VBNIfGnIJ1g/K3dcSUxereIg5
zDJOZPswL7m6cVt8xXvslmKdwionS4hT/QPQhAFpH80J
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:40:52 2024 by rpki-client on console-ams.rpki-client.org