Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/d8f8cf-188a-4bd0-8dba-41e7fba6d6e1/1/KYEJ82HOFybWhWxIq9HeWYsxbk0.roa
File: KYEJ82HOFybWhWxIq9HeWYsxbk0.roa (raw, json)
Hash identifier: YzY+PwcyiZTBnoGZgbVmBwWy0rAYVP9CpaLpUUxlRrU=
Subject key identifier: 29:81:09:F3:61:CE:17:26:D6:85:6C:48:AB:D1:DE:59:8B:31:6E:4D
Certificate issuer: /CN=d29dc792adfcfe88c79e7958fbfec525630b62f9
Certificate serial: 018CC94CD91C2B13BBF3A5E3D9476B28D3CA
Authority key identifier: D2:9D:C7:92:AD:FC:FE:88:C7:9E:79:58:FB:FE:C5:25:63:0B:62:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0p3Hkq38_ojHnnlY-_7FJWMLYvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/d8f8cf-188a-4bd0-8dba-41e7fba6d6e1/1/KYEJ82HOFybWhWxIq9HeWYsxbk0.roa
Signing time: Tue 02 Jan 2024 08:31:45 +0000
ROA not before: Tue 02 Jan 2024 08:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60757
IP address blocks: 45.132.84.0/24 maxlen: 24
45.143.89.0/24 maxlen: 24
85.92.120.0/24 maxlen: 24
85.92.122.0/24 maxlen: 24
85.92.121.0/24 maxlen: 24
85.92.123.0/24 maxlen: 24
185.217.189.0/24 maxlen: 24
185.217.188.0/24 maxlen: 24
185.217.191.0/24 maxlen: 24
185.217.190.0/24 maxlen: 24
2a0d:bcc0::/32 maxlen: 48
2a0d:bcc1::/32 maxlen: 48
2a0d:bcc2::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/d8f8cf-188a-4bd0-8dba-41e7fba6d6e1/1/0p3Hkq38_ojHnnlY-_7FJWMLYvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/d8f8cf-188a-4bd0-8dba-41e7fba6d6e1/1/0p3Hkq38_ojHnnlY-_7FJWMLYvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/0p3Hkq38_ojHnnlY-_7FJWMLYvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:d9:1c:2b:13:bb:f3:a5:e3:d9:47:6b:28:d3:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d29dc792adfcfe88c79e7958fbfec525630b62f9
Validity
Not Before: Jan 2 08:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=298109f361ce1726d6856c48abd1de598b316e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:85:2e:57:ed:80:74:9c:07:4a:41:e8:c6:59:
db:4b:b6:99:c4:84:42:33:35:b3:1d:dd:79:3f:d1:
d4:96:e6:f9:3f:f8:81:94:b8:19:21:7e:0d:9e:79:
60:d4:84:d0:07:47:0b:f0:67:ea:26:f5:20:b5:31:
d0:5c:47:48:ff:fa:be:af:8c:40:90:2a:f6:9c:93:
3f:24:4e:06:9f:0b:75:c1:1f:c5:17:a8:96:9a:bb:
43:c4:56:c8:80:f2:b4:da:cb:fe:d8:64:3b:0f:ce:
c2:50:86:9a:ff:57:1d:3f:c3:84:79:38:6a:6b:b3:
91:1f:8a:b0:82:f8:a9:c9:3c:f9:de:fd:03:63:36:
db:93:b2:4b:62:9f:b5:da:51:3a:ba:15:f7:e0:61:
8d:24:1b:ee:59:c9:c0:c6:1f:4f:ba:3f:6e:ab:56:
a7:70:78:13:71:a2:d0:fb:40:f3:2d:8b:5c:56:c6:
5d:e4:f7:83:6f:a0:a7:81:c4:71:82:d8:04:6a:56:
5b:67:70:69:20:a4:0d:0a:38:88:0e:9a:6e:a0:aa:
a3:3c:da:bb:0c:7c:ee:1f:13:d4:ce:e0:06:8b:9c:
d2:59:0b:4f:73:57:f8:b2:3e:02:ca:57:53:e5:90:
f5:81:e3:87:40:ed:8b:4f:6e:29:09:e4:ae:7d:44:
46:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:81:09:F3:61:CE:17:26:D6:85:6C:48:AB:D1:DE:59:8B:31:6E:4D
X509v3 Authority Key Identifier:
keyid:D2:9D:C7:92:AD:FC:FE:88:C7:9E:79:58:FB:FE:C5:25:63:0B:62:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0p3Hkq38_ojHnnlY-_7FJWMLYvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/d8f8cf-188a-4bd0-8dba-41e7fba6d6e1/1/KYEJ82HOFybWhWxIq9HeWYsxbk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/d8f8cf-188a-4bd0-8dba-41e7fba6d6e1/1/0p3Hkq38_ojHnnlY-_7FJWMLYvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.84.0/24
45.143.89.0/24
85.92.120.0/22
185.217.188.0/22
IPv6:
2a0d:bcc0::-2a0d:bcc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a6:21:14:62:e2:cc:11:78:46:29:e1:53:1f:23:a4:6f:86:ec:
38:1a:ff:cb:21:14:96:87:ce:eb:6e:05:14:49:5e:bf:e0:52:
d1:35:0e:bd:dd:d5:bc:ce:a7:25:67:67:c7:92:b2:3a:d3:d8:
d4:93:83:0c:7e:38:84:bc:e3:61:31:8c:b7:7b:a3:79:ae:00:
84:d0:3c:a0:04:30:15:5a:bb:dc:86:a1:d3:6e:88:15:af:e6:
12:e3:5f:e8:d5:f5:84:07:17:a8:c0:a3:54:05:fe:06:65:f9:
d8:93:59:95:fc:d2:11:a1:c0:d5:27:fe:66:57:49:64:3e:47:
59:cc:84:2b:9b:04:85:64:4b:3c:37:41:cc:d2:ef:0f:9d:2e:
39:64:39:e3:9b:06:63:65:24:74:36:fa:d4:73:9b:73:22:08:
6a:fa:af:79:ea:b0:28:91:0a:21:f5:70:e9:3b:3d:09:7d:de:
2d:90:83:94:4b:c8:b5:a1:49:df:34:ec:93:cc:03:6a:82:79:
2f:66:16:15:95:2c:0d:17:54:70:ad:bb:83:f6:9a:79:d3:f2:
7f:64:bd:29:c9:3d:27:ee:2c:6b:af:0d:e6:bc:78:40:33:ea:
45:f9:55:b4:de:a9:d5:b5:ca:b7:fb:00:c6:b3:23:c9:48:c4:
02:91:16:8b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzJTNkcKxO786Xj2UdrKNPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOWRjNzkyYWRmY2ZlODhjNzllNzk1OGZiZmVjNTI1NjMw
YjYyZjkwHhcNMjQwMTAyMDgzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTgxMDlmMzYxY2UxNzI2ZDY4NTZjNDhhYmQxZGU1OThiMzE2ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoUuV+2AdJwHSkHoxlnbS7aZxIRC
MzWzHd15P9HUlub5P/iBlLgZIX4Nnnlg1ITQB0cL8GfqJvUgtTHQXEdI//q+r4xA
kCr2nJM/JE4Gnwt1wR/FF6iWmrtDxFbIgPK02sv+2GQ7D87CUIaa/1cdP8OEeThq
a7ORH4qwgvipyTz53v0DYzbbk7JLYp+12lE6uhX34GGNJBvuWcnAxh9Puj9uq1an
cHgTcaLQ+0DzLYtcVsZd5PeDb6CngcRxgtgEalZbZ3BpIKQNCjiIDppuoKqjPNq7
DHzuHxPUzuAGi5zSWQtPc1f4sj4CyldT5ZD1geOHQO2LT24pCeSufURGdwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCmBCfNhzhcm1oVsSKvR3lmLMW5NMB8GA1UdIwQY
MBaAFNKdx5Kt/P6Ix555WPv+xSVjC2L5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHAzSGtxMzhfb2pIbm5sWS1fN0ZKV01MWXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kOGY4Y2YtMTg4YS00YmQwLThkYmEt
NDFlN2ZiYTZkNmUxLzEvS1lFSjgySE9GeWJXaFd4SXE5SGVXWXN4YmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kOGY4Y2YtMTg4YS00YmQwLThkYmEtNDFlN2ZiYTZkNmUx
LzEvMHAzSGtxMzhfb2pIbm5sWS1fN0ZKV01MWXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQALYRUAwQA
LY9ZAwQCVVx4AwQCudm8MBYEAgACMBAwDgMFBioNvMADBQAqDbzCMA0GCSqGSIb3
DQEBCwUAA4IBAQCmIRRi4swReEYp4VMfI6Rvhuw4Gv/LIRSWh87rbgUUSV6/4FLR
NQ693dW8zqclZ2fHkrI609jUk4MMfjiEvONhMYy3e6N5rgCE0DygBDAVWrvchqHT
bogVr+YS41/o1fWEBxeowKNUBf4GZfnYk1mV/NIRocDVJ/5mV0lkPkdZzIQrmwSF
ZEs8N0HM0u8PnS45ZDnjmwZjZSR0NvrUc5tzIghq+q956rAokQoh9XDpOz0Jfd4t
kIOUS8i1oUnfNOyTzANqgnkvZhYVlSwNF1RwrbuD9pp50/J/ZL0pyT0n7ixrrw3m
vHhAM+pF+VW03qnVtcq3+wDGsyPJSMQCkRaL
-----END CERTIFICATE-----
Generated at Sat May 18 05:49:37 2024 by rpki-client on console-ams.rpki-client.org