Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/7ec8cb-369e-4bbb-b8b4-7aeadb45a237/1/KykskAajsLLF7gvylhVazG2Bhz8.roa
File: KykskAajsLLF7gvylhVazG2Bhz8.roa (raw, json)
Hash identifier: UadLLJUMpeEh8lK7mCcWQ/I1EGIQ8733GWbtoT90cgw=
Subject key identifier: 2B:29:2C:90:06:A3:B0:B2:C5:EE:0B:F2:96:15:5A:CC:6D:81:87:3F
Certificate issuer: /CN=ac53cbeb715084b322a1a149c96e09c40ed6d883
Certificate serial: 018CC8023B6F450FC2E2FEDB1D4B587FC730
Authority key identifier: AC:53:CB:EB:71:50:84:B3:22:A1:A1:49:C9:6E:09:C4:0E:D6:D8:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rFPL63FQhLMioaFJyW4JxA7W2IM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/7ec8cb-369e-4bbb-b8b4-7aeadb45a237/1/KykskAajsLLF7gvylhVazG2Bhz8.roa
Signing time: Tue 02 Jan 2024 02:30:38 +0000
ROA not before: Tue 02 Jan 2024 02:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208381
IP address blocks: 194.124.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/7ec8cb-369e-4bbb-b8b4-7aeadb45a237/1/rFPL63FQhLMioaFJyW4JxA7W2IM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/7ec8cb-369e-4bbb-b8b4-7aeadb45a237/1/rFPL63FQhLMioaFJyW4JxA7W2IM.mft
rsync://rpki.ripe.net/repository/DEFAULT/rFPL63FQhLMioaFJyW4JxA7W2IM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:3b:6f:45:0f:c2:e2:fe:db:1d:4b:58:7f:c7:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac53cbeb715084b322a1a149c96e09c40ed6d883
Validity
Not Before: Jan 2 02:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b292c9006a3b0b2c5ee0bf296155acc6d81873f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e2:ca:33:04:da:89:9a:41:33:62:4c:1a:17:
1e:64:20:f2:5f:96:47:df:cf:b0:b0:14:6e:28:40:
19:90:6f:27:aa:3b:25:b1:9e:40:2a:8d:14:81:5d:
be:56:70:1f:cd:e6:26:98:de:3b:40:8b:2b:60:49:
e0:7d:15:70:28:73:f2:e4:fd:8b:d7:fb:49:83:a0:
ec:12:b9:d2:e2:d8:b3:f1:2b:4d:b1:a9:b7:ea:4e:
17:f5:e7:6b:26:67:b4:5a:71:8e:e1:67:02:7c:0a:
86:8e:37:0a:1e:42:24:3f:88:4e:22:8c:ad:bf:82:
67:02:8f:77:b0:23:8c:b5:11:44:fd:85:5f:ac:e3:
9e:a7:9d:6c:53:3f:90:b5:19:04:6f:0f:02:8b:c8:
7e:47:2b:15:fe:3e:7a:63:69:39:c7:ba:ce:dc:cd:
fc:da:f5:c8:b5:7b:4b:fd:6c:97:09:6a:c9:50:df:
41:50:fc:51:2a:08:ce:49:ea:b9:43:b1:d6:d2:08:
79:d2:48:7f:50:52:63:b5:3b:9a:65:96:46:82:37:
7a:a6:8c:a2:ae:d1:51:b9:50:b1:9e:9e:41:ca:69:
36:a9:21:2d:49:47:83:28:41:94:c6:45:75:c4:ce:
92:5f:48:b4:87:20:fa:d3:d4:8f:e1:d1:a1:35:0b:
07:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:29:2C:90:06:A3:B0:B2:C5:EE:0B:F2:96:15:5A:CC:6D:81:87:3F
X509v3 Authority Key Identifier:
keyid:AC:53:CB:EB:71:50:84:B3:22:A1:A1:49:C9:6E:09:C4:0E:D6:D8:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rFPL63FQhLMioaFJyW4JxA7W2IM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/7ec8cb-369e-4bbb-b8b4-7aeadb45a237/1/KykskAajsLLF7gvylhVazG2Bhz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/7ec8cb-369e-4bbb-b8b4-7aeadb45a237/1/rFPL63FQhLMioaFJyW4JxA7W2IM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.254.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:59:52:ef:3f:e3:91:86:5b:ac:b5:41:29:63:7b:d3:20:c9:
66:86:50:ce:82:a0:94:68:69:ed:21:33:89:6e:ad:2a:0e:13:
21:a5:12:db:de:77:23:ec:62:5f:2d:73:f9:bc:1b:3e:8a:8e:
f2:e6:14:41:50:75:b1:72:37:6e:88:28:cf:3d:a8:a3:46:87:
c2:11:e8:f3:b9:fe:00:06:c1:ae:9a:3e:b2:7d:57:78:34:fa:
50:e7:e2:93:85:c1:84:3c:30:4a:58:40:54:d5:12:a0:a5:86:
1a:32:4c:e2:c5:84:e2:ab:c0:d9:3b:c8:11:59:21:51:11:a6:
22:31:27:e6:9a:54:24:6e:23:7a:d7:c4:6e:56:fd:c6:b8:25:
a9:e9:9c:ef:2a:84:da:fa:26:b6:8b:1d:0d:cc:cc:77:d5:f3:
c5:ca:5a:a3:24:96:21:aa:b4:f3:9f:45:2f:08:e4:8d:ee:67:
06:33:71:10:a9:8c:6c:fc:59:bd:25:ef:b0:6f:fe:e6:09:81:
97:af:2e:bd:54:78:2f:3f:8a:4d:19:59:67:56:8d:0f:8e:16:
99:7a:57:b4:fa:07:94:60:bf:54:b4:64:56:27:d3:d7:34:af:
0b:18:16:44:46:08:34:f8:0e:e0:a1:19:7c:52:7b:63:d8:ee:
75:bd:cd:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAjtvRQ/C4v7bHUtYf8cwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNTNjYmViNzE1MDg0YjMyMmExYTE0OWM5NmUwOWM0MGVk
NmQ4ODMwHhcNMjQwMTAyMDIzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjI5MmM5MDA2YTNiMGIyYzVlZTBiZjI5NjE1NWFjYzZkODE4NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uLKMwTaiZpBM2JMGhceZCDyX5ZH
38+wsBRuKEAZkG8nqjslsZ5AKo0UgV2+VnAfzeYmmN47QIsrYEngfRVwKHPy5P2L
1/tJg6DsErnS4tiz8StNsam36k4X9edrJme0WnGO4WcCfAqGjjcKHkIkP4hOIoyt
v4JnAo93sCOMtRFE/YVfrOOep51sUz+QtRkEbw8Ci8h+RysV/j56Y2k5x7rO3M38
2vXItXtL/WyXCWrJUN9BUPxRKgjOSeq5Q7HW0gh50kh/UFJjtTuaZZZGgjd6poyi
rtFRuVCxnp5Bymk2qSEtSUeDKEGUxkV1xM6SX0i0hyD609SP4dGhNQsH4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCspLJAGo7Cyxe4L8pYVWsxtgYc/MB8GA1UdIwQY
MBaAFKxTy+txUISzIqGhScluCcQO1tiDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckZQTDYzRlFoTE1pb2FGSnlXNEp4QTdXMklNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi83ZWM4Y2ItMzY5ZS00YmJiLWI4YjQt
N2FlYWRiNDVhMjM3LzEvS3lrc2tBYWpzTExGN2d2eWxoVmF6RzJCaHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi83ZWM4Y2ItMzY5ZS00YmJiLWI4YjQtN2FlYWRiNDVhMjM3
LzEvckZQTDYzRlFoTE1pb2FGSnlXNEp4QTdXMklNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnz+MA0G
CSqGSIb3DQEBCwUAA4IBAQBPWVLvP+ORhlustUEpY3vTIMlmhlDOgqCUaGntITOJ
bq0qDhMhpRLb3ncj7GJfLXP5vBs+io7y5hRBUHWxcjduiCjPPaijRofCEejzuf4A
BsGumj6yfVd4NPpQ5+KThcGEPDBKWEBU1RKgpYYaMkzixYTiq8DZO8gRWSFREaYi
MSfmmlQkbiN618RuVv3GuCWp6ZzvKoTa+ia2ix0NzMx31fPFylqjJJYhqrTzn0Uv
COSN7mcGM3EQqYxs/Fm9Je+wb/7mCYGXry69VHgvP4pNGVlnVo0PjhaZele0+geU
YL9UtGRWJ9PXNK8LGBZERgg0+A7goRl8Untj2O51vc3Z
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:24:26 2024 by rpki-client on console-fra.rpki-client.org