Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/1KYG3F8pHKNPo0Xcmmw4LB-YfeU.roa
File: 1KYG3F8pHKNPo0Xcmmw4LB-YfeU.roa (raw, json)
Hash identifier: V/C4+cebLGRIpHH0s7FnVcrAHDMjo2KgHcCuNuiGAJY=
Subject key identifier: D4:A6:06:DC:5F:29:1C:A3:4F:A3:45:DC:9A:6C:38:2C:1F:98:7D:E5
Certificate issuer: /CN=f9c9e0305cfed5794448732a8b0bd8427450d813
Certificate serial: 018CC501132DBE0B3461D944420E146FF577
Authority key identifier: F9:C9:E0:30:5C:FE:D5:79:44:48:73:2A:8B:0B:D8:42:74:50:D8:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-cngMFz-1XlESHMqiwvYQnRQ2BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/1KYG3F8pHKNPo0Xcmmw4LB-YfeU.roa
Signing time: Mon 01 Jan 2024 12:30:31 +0000
ROA not before: Mon 01 Jan 2024 12:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31493
IP address blocks: 185.76.36.0/22 maxlen: 22
212.124.192.0/19 maxlen: 19
2a00:19e8::/29 maxlen: 29
2a00:19e8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/1-cngMFz-1XlESHMqiwvYQnRQ2BM.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/1-cngMFz-1XlESHMqiwvYQnRQ2BM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-cngMFz-1XlESHMqiwvYQnRQ2BM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 12:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:13:2d:be:0b:34:61:d9:44:42:0e:14:6f:f5:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9c9e0305cfed5794448732a8b0bd8427450d813
Validity
Not Before: Jan 1 12:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4a606dc5f291ca34fa345dc9a6c382c1f987de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f8:a2:45:bf:ba:d0:59:e3:28:7e:4d:8d:39:
fc:d6:28:c0:b1:2a:3a:a8:8b:39:cd:3e:ae:dc:33:
a0:24:e4:a5:82:14:19:ef:b0:3e:8f:25:ff:99:75:
d2:d8:3c:bd:94:1b:4e:66:14:46:49:a9:54:68:07:
7b:60:3b:84:e4:fa:8a:c8:00:67:68:8f:4c:d3:93:
3c:9b:c0:d4:5e:14:b7:b6:65:e6:f7:ea:23:09:e0:
6e:80:f4:07:27:56:63:13:f2:05:09:4c:c6:2b:a7:
5d:66:4a:21:33:a2:d2:a4:ec:dc:bd:89:29:f5:c9:
fb:e0:61:1c:42:0a:92:37:11:72:a0:e2:64:8a:64:
11:30:69:ba:8c:ab:12:3e:b3:d7:d2:5b:f8:8b:c1:
7d:18:fa:ac:b9:c0:25:3c:2c:6a:87:f2:20:db:3d:
b1:e6:12:4c:d8:19:08:7b:31:d1:62:49:fe:a3:a8:
c5:e6:19:7a:c6:a4:0d:7b:64:b1:c0:72:83:03:c6:
be:ba:16:51:d8:86:39:b4:37:02:7c:6f:8d:01:48:
f9:4a:3d:0e:6b:2b:21:89:bc:73:85:d5:e0:31:df:
7b:ef:3b:c7:f6:12:a8:6b:d6:6e:c1:5c:a5:a2:52:
31:11:84:08:7d:e2:50:0d:70:7d:28:70:47:da:d0:
24:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A6:06:DC:5F:29:1C:A3:4F:A3:45:DC:9A:6C:38:2C:1F:98:7D:E5
X509v3 Authority Key Identifier:
keyid:F9:C9:E0:30:5C:FE:D5:79:44:48:73:2A:8B:0B:D8:42:74:50:D8:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-cngMFz-1XlESHMqiwvYQnRQ2BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/1KYG3F8pHKNPo0Xcmmw4LB-YfeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/36190d-1c6c-48c6-a414-2fbb208ad182/1/1-cngMFz-1XlESHMqiwvYQnRQ2BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.36.0/22
212.124.192.0/19
IPv6:
2a00:19e8::/29
Signature Algorithm: sha256WithRSAEncryption
c4:9d:56:81:10:18:54:c9:99:5e:6c:3c:99:9f:aa:f7:c7:73:
28:0a:51:04:d0:77:65:87:2c:03:61:6f:c6:af:af:62:47:ea:
74:c0:79:59:b1:9a:c2:54:46:bb:0c:53:4b:d3:b4:47:8e:5f:
96:d2:ac:0a:65:1f:a7:61:4d:a2:97:e2:01:6e:8d:ce:5e:c4:
4a:31:c7:09:1e:ad:0a:8a:77:0c:78:71:f5:09:6f:86:2c:91:
ff:12:cc:e9:ae:a9:e5:07:56:60:72:b0:9c:ee:e1:62:93:d7:
34:78:87:f4:b1:78:f1:a4:f7:fc:61:c2:09:fe:1d:85:66:7a:
4d:73:44:1b:ea:63:51:b7:30:f9:e6:60:50:68:f9:b4:9e:2d:
ae:c1:22:88:83:d9:1f:64:c6:e9:bf:8a:04:c2:8c:03:a5:79:
a2:ef:e9:14:df:92:b4:8d:c3:30:e9:7e:3d:73:fc:0c:cb:ef:
dc:cb:a5:00:6d:73:05:a0:46:06:38:5e:87:77:2e:0c:44:3b:
d1:7e:fe:ea:49:8e:a9:79:da:eb:27:a9:ad:5d:7c:a0:ce:77:
85:1a:2b:7c:b1:fc:c7:f9:87:aa:2c:10:0d:e5:db:2d:d3:bc:
76:d0:60:7b:df:98:c1:eb:32:e3:e3:3a:75:d0:f1:01:0d:6e:
fb:3a:3d:84
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFARMtvgs0YdlEQg4Ub/V3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5YzllMDMwNWNmZWQ1Nzk0NDQ4NzMyYThiMGJkODQyNzQ1
MGQ4MTMwHhcNMjQwMTAxMTIzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGE2MDZkYzVmMjkxY2EzNGZhMzQ1ZGM5YTZjMzgyYzFmOTg3ZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkviiRb+60FnjKH5NjTn81ijAsSo6
qIs5zT6u3DOgJOSlghQZ77A+jyX/mXXS2Dy9lBtOZhRGSalUaAd7YDuE5PqKyABn
aI9M05M8m8DUXhS3tmXm9+ojCeBugPQHJ1ZjE/IFCUzGK6ddZkohM6LSpOzcvYkp
9cn74GEcQgqSNxFyoOJkimQRMGm6jKsSPrPX0lv4i8F9GPqsucAlPCxqh/Ig2z2x
5hJM2BkIezHRYkn+o6jF5hl6xqQNe2SxwHKDA8a+uhZR2IY5tDcCfG+NAUj5Sj0O
ayshibxzhdXgMd977zvH9hKoa9ZuwVylolIxEYQIfeJQDXB9KHBH2tAksQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNSmBtxfKRyjT6NF3JpsOCwfmH3lMB8GA1UdIwQY
MBaAFPnJ4DBc/tV5REhzKosL2EJ0UNgTMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1jbmdNRnotMVhsRVNITXFpd3ZZUW5SUTJCTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcvMzYxOTBkLTFjNmMtNDhjNi1hNDE0
LTJmYmIyMDhhZDE4Mi8xLzFLWUczRjhwSEtOUG8wWGNtbXc0TEItWWZlVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzcvMzYxOTBkLTFjNmMtNDhjNi1hNDE0LTJmYmIyMDhhZDE4
Mi8xLzEtY25nTUZ6LTFYbEVTSE1xaXd2WVFuUlEyQk0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5TCQD
BAXUfMAwDQQCAAIwBwMFAyoAGegwDQYJKoZIhvcNAQELBQADggEBAMSdVoEQGFTJ
mV5sPJmfqvfHcygKUQTQd2WHLANhb8avr2JH6nTAeVmxmsJURrsMU0vTtEeOX5bS
rAplH6dhTaKX4gFujc5exEoxxwkerQqKdwx4cfUJb4Yskf8SzOmuqeUHVmBysJzu
4WKT1zR4h/SxePGk9/xhwgn+HYVmek1zRBvqY1G3MPnmYFBo+bSeLa7BIoiD2R9k
xum/igTCjAOleaLv6RTfkrSNwzDpfj1z/AzL79zLpQBtcwWgRgY4Xod3LgxEO9F+
/upJjql52usnqa1dfKDOd4UaK3yx/Mf5h6osEA3l2y3TvHbQYHvfmMHrMuPjOnXQ
8QENbvs6PYQ=
-----END CERTIFICATE-----
Generated at Fri Sep 27 21:55:04 2024 by rpki-client on console-ams.rpki-client.org