Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/KAC3ZtUH_WNIGzHwE2RtJut1RP4.roa
File: KAC3ZtUH_WNIGzHwE2RtJut1RP4.roa (raw, json)
Hash identifier: bU6zFcAen26y+qjvVifcn5O1TQGaqnyycBJqPIsdoYw=
Subject key identifier: 28:00:B7:66:D5:07:FD:63:48:1B:31:F0:13:64:6D:26:EB:75:44:FE
Certificate issuer: /CN=f3751cf8c3a2d36c9744c96519899945ac607820
Certificate serial: 018CC9BCA0385CBDBC294BE2EAEF1FAC6F99
Authority key identifier: F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/KAC3ZtUH_WNIGzHwE2RtJut1RP4.roa
Signing time: Tue 02 Jan 2024 10:33:51 +0000
ROA not before: Tue 02 Jan 2024 10:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209749
IP address blocks: 37.46.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/83Uc-MOi02yXRMllGYmZRaxgeCA.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/83Uc-MOi02yXRMllGYmZRaxgeCA.mft
rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 13:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a0:38:5c:bd:bc:29:4b:e2:ea:ef:1f:ac:6f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3751cf8c3a2d36c9744c96519899945ac607820
Validity
Not Before: Jan 2 10:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2800b766d507fd63481b31f013646d26eb7544fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:20:3a:dd:e0:eb:c1:45:21:5b:04:e2:bd:4e:
90:05:26:e3:91:9c:2f:39:5f:39:4c:45:d4:dd:cb:
1b:1d:f3:1f:df:99:15:7a:20:8e:22:40:c5:19:ea:
b0:e5:16:12:73:4f:4f:13:7c:db:38:d7:22:4a:aa:
c1:42:2c:a7:2a:19:e9:50:1c:99:4c:a0:e8:32:0a:
7f:aa:30:65:bc:cb:bf:ef:05:40:1f:ff:b0:c0:e1:
9d:a4:81:c0:40:ac:dd:85:fe:3b:57:e7:1d:55:1c:
8c:63:b4:9f:2a:05:7d:08:b7:a1:6c:f9:69:0f:3c:
d6:a5:ff:f0:32:2a:d3:cb:30:2d:8a:1d:7b:28:c4:
ad:7b:2a:0b:6e:70:3c:40:94:0f:55:56:cf:95:2c:
96:b1:2d:83:0b:ed:5a:66:1f:59:72:c1:15:42:aa:
01:c5:89:74:78:96:39:e2:a2:18:d5:64:3c:98:83:
de:1f:7a:25:79:b5:45:1f:0c:94:9b:66:e8:25:97:
16:6a:e1:f8:49:64:21:fa:53:e0:ab:b1:17:27:38:
b3:65:47:22:47:13:cb:fc:db:52:dc:3c:1a:ca:5f:
ba:17:7a:b2:2c:56:21:e9:cf:72:f7:89:60:5c:fb:
99:fa:35:9c:0f:be:7b:24:c1:d7:b9:8f:0c:fb:52:
39:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:00:B7:66:D5:07:FD:63:48:1B:31:F0:13:64:6D:26:EB:75:44:FE
X509v3 Authority Key Identifier:
keyid:F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/KAC3ZtUH_WNIGzHwE2RtJut1RP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/83Uc-MOi02yXRMllGYmZRaxgeCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.12.0/24
Signature Algorithm: sha256WithRSAEncryption
65:4b:29:74:42:75:75:af:ec:0d:4a:b6:d7:f2:a8:5c:5a:bd:
9f:08:dd:72:5b:13:af:01:ec:e7:40:ab:fb:f0:c6:d0:14:4f:
bd:c1:5b:75:1b:12:b9:da:e4:36:70:11:30:2c:14:80:ef:9f:
41:c6:a5:8d:8f:c6:c7:fe:1d:9e:89:85:07:ba:c6:e8:bf:e9:
37:f6:94:8c:4c:c2:c7:08:4e:14:ea:d2:ad:fa:c3:e3:41:44:
db:16:96:09:3f:2a:71:d6:26:14:77:7d:5a:86:25:42:58:83:
c7:59:56:ee:6e:f8:7f:c4:d0:e3:82:8a:ab:e9:da:e2:78:a4:
4a:96:39:d3:72:2c:12:8b:fd:41:d1:f7:20:8c:7c:59:fe:96:
d7:e1:14:f6:bf:4a:79:ed:7d:8a:f6:f2:89:f7:94:0e:67:2e:
82:48:17:d5:aa:98:e1:0a:fd:fe:ea:2b:fa:c2:df:d5:0d:02:
3b:80:36:1b:af:2b:21:0c:fc:df:8a:2d:1e:55:92:37:6f:43:
cc:da:57:b7:b3:2d:b4:06:9c:0e:ac:94:48:0a:34:01:91:1c:
65:38:2b:d0:43:e0:61:cd:6a:81:7c:4a:bd:9e:71:16:a4:39:
57:e6:56:cf:40:cb:4f:ca:f3:2e:ac:27:5d:9e:2c:da:76:44:
a8:28:32:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvKA4XL28KUvi6u8frG+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNzUxY2Y4YzNhMmQzNmM5NzQ0Yzk2NTE5ODk5OTQ1YWM2
MDc4MjAwHhcNMjQwMTAyMTAzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODAwYjc2NmQ1MDdmZDYzNDgxYjMxZjAxMzY0NmQyNmViNzU0NGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiA63eDrwUUhWwTivU6QBSbjkZwv
OV85TEXU3csbHfMf35kVeiCOIkDFGeqw5RYSc09PE3zbONciSqrBQiynKhnpUByZ
TKDoMgp/qjBlvMu/7wVAH/+wwOGdpIHAQKzdhf47V+cdVRyMY7SfKgV9CLehbPlp
DzzWpf/wMirTyzAtih17KMSteyoLbnA8QJQPVVbPlSyWsS2DC+1aZh9ZcsEVQqoB
xYl0eJY54qIY1WQ8mIPeH3olebVFHwyUm2boJZcWauH4SWQh+lPgq7EXJzizZUci
RxPL/NtS3Dwayl+6F3qyLFYh6c9y94lgXPuZ+jWcD757JMHXuY8M+1I5MwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgAt2bVB/1jSBsx8BNkbSbrdUT+MB8GA1UdIwQY
MBaAFPN1HPjDotNsl0TJZRmJmUWsYHggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODNVYy1NT2kwMnlYUk1sbEdZbVpSYXhnZUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wOGY5YjQtMTE1Yy00NDg4LWI1Njct
NWNmN2MwNjIxMDY1LzEvS0FDM1p0VUhfV05JR3pId0UyUnRKdXQxUlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wOGY5YjQtMTE1Yy00NDg4LWI1NjctNWNmN2MwNjIxMDY1
LzEvODNVYy1NT2kwMnlYUk1sbEdZbVpSYXhnZUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJS4MMA0G
CSqGSIb3DQEBCwUAA4IBAQBlSyl0QnV1r+wNSrbX8qhcWr2fCN1yWxOvAeznQKv7
8MbQFE+9wVt1GxK52uQ2cBEwLBSA759BxqWNj8bH/h2eiYUHusbov+k39pSMTMLH
CE4U6tKt+sPjQUTbFpYJPypx1iYUd31ahiVCWIPHWVbubvh/xNDjgoqr6drieKRK
ljnTciwSi/1B0fcgjHxZ/pbX4RT2v0p57X2K9vKJ95QOZy6CSBfVqpjhCv3+6iv6
wt/VDQI7gDYbryshDPzfii0eVZI3b0PM2le3sy20BpwOrJRICjQBkRxlOCvQQ+Bh
zWqBfEq9nnEWpDlX5lbPQMtPyvMurCddnizadkSoKDI5
-----END CERTIFICATE-----
Generated at Wed May 8 18:14:16 2024 by rpki-client on console-ams.rpki-client.org