Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/KpMQAtPuHdlX7rG5Rn7GkNjdkvo.roa
File: KpMQAtPuHdlX7rG5Rn7GkNjdkvo.roa (raw, json)
Hash identifier: mLO9YcGJa5MjqoJDWHsNEflkwos3bDXmJkVUum24YVI=
Subject key identifier: 2A:93:10:02:D3:EE:1D:D9:57:EE:B1:B9:46:7E:C6:90:D8:DD:92:FA
Certificate issuer: /CN=b82e7b8068c4ae9ae4ca4c3a6b2096199a741ff2
Certificate serial: 018CC7945807A6572D4DBA4294B485387B72
Authority key identifier: B8:2E:7B:80:68:C4:AE:9A:E4:CA:4C:3A:6B:20:96:19:9A:74:1F:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/KpMQAtPuHdlX7rG5Rn7GkNjdkvo.roa
Signing time: Tue 02 Jan 2024 00:30:36 +0000
ROA not before: Tue 02 Jan 2024 00:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26548
IP address blocks: 178.159.100.0/24 maxlen: 24
178.159.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/uC57gGjErprkykw6ayCWGZp0H_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/uC57gGjErprkykw6ayCWGZp0H_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:58:07:a6:57:2d:4d:ba:42:94:b4:85:38:7b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b82e7b8068c4ae9ae4ca4c3a6b2096199a741ff2
Validity
Not Before: Jan 2 00:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a931002d3ee1dd957eeb1b9467ec690d8dd92fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7f:2c:f2:fc:af:9e:1e:cb:d0:a6:e6:29:fd:
3a:6e:e4:18:3e:7c:04:4c:a6:3f:8d:cd:e9:8a:e9:
4b:4e:c0:e3:91:44:3a:4c:3a:ec:2a:71:93:0c:5e:
ab:ce:f7:71:30:7f:0f:66:6c:d5:b2:78:13:c5:d5:
58:7e:01:b2:3b:7e:23:7f:64:45:16:b2:b7:8d:33:
85:a8:a4:bd:24:7d:9d:09:c9:88:a9:d3:e5:90:4c:
9e:0f:32:b1:40:55:e5:f1:24:51:bd:cf:13:5f:72:
f5:ac:68:1f:17:46:6d:e2:3f:a9:83:63:80:26:4d:
86:95:5b:d7:a5:a3:11:6e:fd:d1:c1:8f:d2:28:b3:
e1:e8:ba:87:23:c7:48:21:0d:44:1a:b0:e2:34:b9:
c2:47:58:fb:a1:04:5b:37:46:65:d3:20:9b:5a:1d:
7f:40:6f:5b:c2:ac:77:40:38:37:78:c7:41:eb:06:
5e:b9:48:f7:d0:05:24:a7:9c:c3:8e:12:f4:84:f4:
6e:57:fb:f4:56:3d:82:56:50:d2:98:52:f3:88:d1:
a9:0f:37:20:0f:d6:c3:b8:81:fd:88:ed:11:95:20:
12:bc:d4:43:06:9d:77:e5:55:2a:e8:c2:57:6b:74:
5b:91:bd:7c:b8:85:0a:f3:c4:cf:ba:ed:8a:6d:73:
26:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:93:10:02:D3:EE:1D:D9:57:EE:B1:B9:46:7E:C6:90:D8:DD:92:FA
X509v3 Authority Key Identifier:
keyid:B8:2E:7B:80:68:C4:AE:9A:E4:CA:4C:3A:6B:20:96:19:9A:74:1F:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uC57gGjErprkykw6ayCWGZp0H_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/KpMQAtPuHdlX7rG5Rn7GkNjdkvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29c915-2cbc-4768-840c-aadfa9c06742/1/uC57gGjErprkykw6ayCWGZp0H_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.159.100.0/24
178.159.107.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:f4:a0:d0:2d:4a:5f:26:f6:9c:19:97:ed:cc:e3:aa:14:83:
b1:5c:f8:dd:5b:e7:3c:9c:f2:f1:b4:d7:eb:05:12:d4:54:36:
8e:85:ad:ec:f8:a5:9b:88:5c:14:ca:5d:54:74:d5:2f:dd:af:
78:66:3b:2b:a1:01:53:c5:0d:f5:47:5b:d4:3d:2f:ea:62:77:
b2:dc:9a:f5:17:e4:d8:33:6a:ad:61:f6:49:43:bb:d7:26:25:
a7:b8:1f:a1:44:7b:57:b4:e2:d4:57:de:cf:62:40:1c:e3:7e:
7d:d7:1b:58:d4:3f:cf:ec:f9:f9:03:5c:cc:da:32:2f:b4:39:
8a:64:6b:82:b8:08:3b:7d:27:c3:90:ac:2e:2a:49:a0:de:5e:
99:73:50:33:6e:9c:87:88:0e:de:03:b1:1b:74:a9:e6:76:54:
bf:2a:79:fb:25:5d:42:5a:3e:79:20:76:8f:a2:b1:f0:bd:c6:
83:43:18:23:39:19:31:34:ba:3f:45:7f:a6:0c:9f:dd:e6:49:
b5:a8:ca:e3:e7:ff:81:23:cc:42:44:e2:bf:26:59:cb:51:32:
03:32:83:5a:63:cf:69:68:0e:10:29:03:34:e8:4c:32:45:90:
03:37:4d:b2:bb:39:f0:32:29:b4:61:1d:7d:16:cf:6e:76:2b:
d7:e6:ad:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlFgHplctTbpClLSFOHtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MmU3YjgwNjhjNGFlOWFlNGNhNGMzYTZiMjA5NjE5OWE3
NDFmZjIwHhcNMjQwMTAyMDAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTkzMTAwMmQzZWUxZGQ5NTdlZWIxYjk0NjdlYzY5MGQ4ZGQ5MmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH8s8vyvnh7L0KbmKf06buQYPnwE
TKY/jc3piulLTsDjkUQ6TDrsKnGTDF6rzvdxMH8PZmzVsngTxdVYfgGyO34jf2RF
FrK3jTOFqKS9JH2dCcmIqdPlkEyeDzKxQFXl8SRRvc8TX3L1rGgfF0Zt4j+pg2OA
Jk2GlVvXpaMRbv3RwY/SKLPh6LqHI8dIIQ1EGrDiNLnCR1j7oQRbN0Zl0yCbWh1/
QG9bwqx3QDg3eMdB6wZeuUj30AUkp5zDjhL0hPRuV/v0Vj2CVlDSmFLziNGpDzcg
D9bDuIH9iO0RlSASvNRDBp135VUq6MJXa3Rbkb18uIUK88TPuu2KbXMmBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCqTEALT7h3ZV+6xuUZ+xpDY3ZL6MB8GA1UdIwQY
MBaAFLgue4BoxK6a5MpMOmsglhmadB/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUM1N2dHakVycHJreWt3NmF5Q1dHWnAwSF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yOWM5MTUtMmNiYy00NzY4LTg0MGMt
YWFkZmE5YzA2NzQyLzEvS3BNUUF0UHVIZGxYN3JHNVJuN0drTmpka3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yOWM5MTUtMmNiYy00NzY4LTg0MGMtYWFkZmE5YzA2NzQy
LzEvdUM1N2dHakVycHJreWt3NmF5Q1dHWnAwSF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsp9kAwQA
sp9rMA0GCSqGSIb3DQEBCwUAA4IBAQAK9KDQLUpfJvacGZftzOOqFIOxXPjdW+c8
nPLxtNfrBRLUVDaOha3s+KWbiFwUyl1UdNUv3a94ZjsroQFTxQ31R1vUPS/qYney
3Jr1F+TYM2qtYfZJQ7vXJiWnuB+hRHtXtOLUV97PYkAc43591xtY1D/P7Pn5A1zM
2jIvtDmKZGuCuAg7fSfDkKwuKkmg3l6Zc1AzbpyHiA7eA7EbdKnmdlS/Knn7JV1C
Wj55IHaPorHwvcaDQxgjORkxNLo/RX+mDJ/d5km1qMrj5/+BI8xCROK/JlnLUTID
MoNaY89paA4QKQM06EwyRZADN02yuznwMim0YR19Fs9udivX5q18
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:53:59 2024 by rpki-client on console-ams.rpki-client.org