Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KTVmd9cjams2n-vfwlGzmGCCDkU.roa
File: KTVmd9cjams2n-vfwlGzmGCCDkU.roa (raw, json)
Hash identifier: WDJyaTho1pWBdr+NnhgrGGWeGg9GNhKuTa7sGDNXG3Y=
Subject key identifier: 29:35:66:77:D7:23:6A:6B:36:9F:EB:DF:C2:51:B3:98:60:82:0E:45
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 019121E7302F4E0C518BDA23A11D05D4701B
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KTVmd9cjams2n-vfwlGzmGCCDkU.roa
Signing time: Mon 05 Aug 2024 09:38:04 +0000
ROA not before: Mon 05 Aug 2024 09:38:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206866
IP address blocks: 84.232.40.0/21 maxlen: 21
84.232.122.0/23 maxlen: 23
94.24.44.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:21:e7:30:2f:4e:0c:51:8b:da:23:a1:1d:05:d4:70:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Aug 5 09:38:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29356677d7236a6b369febdfc251b39860820e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:08:52:b2:7b:9d:ec:36:99:c0:93:1a:32:55:
01:7a:91:ca:25:8c:ff:d0:9a:7e:be:95:ed:69:f8:
0a:14:56:31:2e:c1:68:21:4d:7c:30:19:0c:72:2b:
cb:cb:a2:84:d0:b0:c6:7b:5b:6f:09:60:d8:53:11:
9b:cf:b5:77:15:9c:df:a3:79:ce:fa:a3:20:01:ee:
bd:79:c2:31:68:a3:11:4f:a7:63:06:a2:52:5a:48:
5e:bf:43:1e:e1:1f:a4:6d:d5:29:a1:f8:4a:21:54:
2d:e1:e9:da:73:fd:af:d4:75:c3:f2:9d:e3:22:67:
ac:88:43:2d:4b:65:cc:5f:08:9f:a7:fb:b8:66:48:
02:92:29:f3:0d:97:71:00:cf:a8:d9:85:29:62:1e:
a2:16:23:91:b6:d0:68:bc:fb:25:ce:f8:4d:b1:9a:
e4:52:10:b2:cd:a1:b0:9e:1d:8a:c3:15:9d:b8:90:
a3:c8:2b:43:43:d2:dc:a3:9b:71:75:43:4d:03:cd:
6c:f3:87:34:9f:4f:a6:f7:f9:f0:cc:49:7e:63:c0:
29:6f:ef:b6:95:93:9c:5c:4a:31:ce:a6:9d:44:a4:
e2:dc:66:89:e2:fc:65:ed:38:86:2e:3b:0b:35:70:
26:3f:3b:f5:e7:2c:be:0b:25:0f:3d:19:3b:66:36:
f5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:35:66:77:D7:23:6A:6B:36:9F:EB:DF:C2:51:B3:98:60:82:0E:45
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/KTVmd9cjams2n-vfwlGzmGCCDkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.40.0/21
84.232.122.0/23
94.24.44.0/23
Signature Algorithm: sha256WithRSAEncryption
03:8e:a9:7c:37:d6:01:b5:f7:77:a9:9e:42:7b:d0:90:51:04:
94:46:06:76:e7:cd:38:cd:66:42:be:9b:7f:06:44:bc:6c:44:
9c:ba:33:bc:5e:59:20:53:1b:ca:a8:a4:90:f8:e3:6d:1a:ef:
48:40:49:10:b4:34:e5:66:61:f5:2f:4c:08:f2:21:6d:f9:b0:
ef:4e:65:45:a6:81:b1:48:05:ff:46:8d:48:b2:d3:3e:33:c4:
9d:a8:86:27:da:6c:25:82:4a:eb:8a:03:3d:54:af:f7:c8:df:
b2:b2:d8:4e:ab:95:68:0a:e7:2d:f7:b8:72:e3:51:ee:05:23:
af:73:27:f6:75:d4:2d:83:67:be:6a:9e:63:34:82:83:48:d1:
c5:4c:35:12:c3:27:90:83:90:8a:3c:7f:b9:af:cb:dc:d2:25:
14:00:ff:0d:13:18:a8:fc:56:38:3f:b5:e1:6a:d5:17:0b:b0:
04:61:ad:15:d5:62:4b:bc:f2:e4:a6:42:1b:86:6f:0a:ee:d0:
e9:bb:05:c8:84:05:92:d6:86:4f:72:6f:68:0e:ff:24:cf:8a:
d9:71:63:5f:0b:ca:a7:2f:04:ee:3d:82:c9:36:72:4f:ec:c2:
23:07:34:f3:f6:69:65:8d:4b:9d:bb:ea:3a:34:f9:5b:6c:b5:
03:47:e2:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEh5zAvTgxRi9ojoR0F1HAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwODA1MDkzODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTM1NjY3N2Q3MjM2YTZiMzY5ZmViZGZjMjUxYjM5ODYwODIwZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzghSsnud7DaZwJMaMlUBepHKJYz/
0Jp+vpXtafgKFFYxLsFoIU18MBkMcivLy6KE0LDGe1tvCWDYUxGbz7V3FZzfo3nO
+qMgAe69ecIxaKMRT6djBqJSWkhev0Me4R+kbdUpofhKIVQt4enac/2v1HXD8p3j
ImesiEMtS2XMXwifp/u4ZkgCkinzDZdxAM+o2YUpYh6iFiORttBovPslzvhNsZrk
UhCyzaGwnh2KwxWduJCjyCtDQ9Lco5txdUNNA81s84c0n0+m9/nwzEl+Y8Apb++2
lZOcXEoxzqadRKTi3GaJ4vxl7TiGLjsLNXAmPzv15yy+CyUPPRk7Zjb18QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCk1ZnfXI2prNp/r38JRs5hggg5FMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvS1RWbWQ5Y2phbXMybi12ZndsR3ptR0NDRGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDVOgoAwQB
VOh6AwQBXhgsMA0GCSqGSIb3DQEBCwUAA4IBAQADjql8N9YBtfd3qZ5Ce9CQUQSU
RgZ25804zWZCvpt/BkS8bEScujO8XlkgUxvKqKSQ+ONtGu9IQEkQtDTlZmH1L0wI
8iFt+bDvTmVFpoGxSAX/Ro1IstM+M8SdqIYn2mwlgkrrigM9VK/3yN+ysthOq5Vo
Cuct97hy41HuBSOvcyf2ddQtg2e+ap5jNIKDSNHFTDUSwyeQg5CKPH+5r8vc0iUU
AP8NExio/FY4P7XhatUXC7AEYa0V1WJLvPLkpkIbhm8K7tDpuwXIhAWS1oZPcm9o
Dv8kz4rZcWNfC8qnLwTuPYLJNnJP7MIjBzTz9mlljUudu+o6NPlbbLUDR+Jf
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:52 2024 by rpki-client on console-fra.rpki-client.org