Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/kVplrTYwIku3PnCn94k1sRRPa1E.roa
File: kVplrTYwIku3PnCn94k1sRRPa1E.roa (raw, json)
Hash identifier: yT8R8lNkk0W6gyWY7sB/MAb5u7EuYLkrxNJmvAuDrqw=
Subject key identifier: 91:5A:65:AD:36:30:22:4B:B7:3E:70:A7:F7:89:35:B1:14:4F:6B:51
Certificate issuer: /CN=4a4ad03a0f592bb9c97c3052a690125d846415a4
Certificate serial: 018CC2DB0B2026A1205BFBCA6E397FB74E97
Authority key identifier: 4A:4A:D0:3A:0F:59:2B:B9:C9:7C:30:52:A6:90:12:5D:84:64:15:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SkrQOg9ZK7nJfDBSppASXYRkFaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/kVplrTYwIku3PnCn94k1sRRPa1E.roa
Signing time: Mon 01 Jan 2024 02:29:44 +0000
ROA not before: Mon 01 Jan 2024 02:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58293
IP address blocks: 185.195.48.0/24 maxlen: 24
185.195.50.0/24 maxlen: 24
185.195.49.0/24 maxlen: 24
185.195.51.0/24 maxlen: 24
45.11.201.0/24 maxlen: 24
193.162.40.0/24 maxlen: 24
45.81.100.0/22 maxlen: 24
2a07:a5c0::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/SkrQOg9ZK7nJfDBSppASXYRkFaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/SkrQOg9ZK7nJfDBSppASXYRkFaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SkrQOg9ZK7nJfDBSppASXYRkFaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:0b:20:26:a1:20:5b:fb:ca:6e:39:7f:b7:4e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a4ad03a0f592bb9c97c3052a690125d846415a4
Validity
Not Before: Jan 1 02:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=915a65ad3630224bb73e70a7f78935b1144f6b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c7:52:2b:61:b4:d0:19:4f:5d:b7:82:9b:a0:
b6:4a:33:0c:79:e0:ae:b1:fc:97:0d:86:b7:13:0a:
0a:91:fd:09:9e:fe:05:5a:8a:62:54:ab:5d:52:cf:
bf:37:17:84:47:72:8e:0b:51:05:96:c4:c9:59:9f:
84:72:b7:1d:c6:54:55:59:53:0c:7a:e4:6e:44:1e:
6d:71:78:fc:35:80:43:61:d7:9b:79:4c:78:18:41:
5e:9c:7f:c9:40:e3:d3:9f:e4:ad:9d:3a:34:36:be:
75:b2:79:eb:18:9b:e5:cf:c4:19:c7:0f:55:0c:98:
ad:23:1a:e6:de:55:ed:9a:87:7e:9d:87:ab:cd:5a:
38:15:11:da:53:c7:f8:41:74:47:e5:1b:f5:78:f1:
90:2c:6c:7a:74:91:77:ea:ab:b6:43:1e:30:6e:ed:
72:29:3a:a1:6e:8a:d1:0b:88:7a:62:de:1c:1d:df:
5e:41:9b:92:44:90:08:83:c1:b0:02:bf:3f:48:0d:
69:5d:8b:df:67:97:d9:f9:f7:c6:b7:44:9a:dc:2a:
a9:92:da:37:07:ad:55:f3:cf:09:26:21:9d:8e:4d:
9d:69:44:2c:30:c2:a2:b3:0d:fc:79:e3:19:07:c5:
5c:f7:e1:31:13:40:62:ce:93:bd:10:2d:da:38:89:
0c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:5A:65:AD:36:30:22:4B:B7:3E:70:A7:F7:89:35:B1:14:4F:6B:51
X509v3 Authority Key Identifier:
keyid:4A:4A:D0:3A:0F:59:2B:B9:C9:7C:30:52:A6:90:12:5D:84:64:15:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkrQOg9ZK7nJfDBSppASXYRkFaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/kVplrTYwIku3PnCn94k1sRRPa1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/SkrQOg9ZK7nJfDBSppASXYRkFaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.201.0/24
45.81.100.0/22
185.195.48.0/22
193.162.40.0/24
IPv6:
2a07:a5c0::/36
Signature Algorithm: sha256WithRSAEncryption
3c:65:58:12:68:58:83:ea:6c:62:2d:1e:18:c5:10:35:a5:5e:
d9:58:71:41:00:a2:d6:6f:8e:46:2e:bd:a6:a1:eb:49:bd:71:
74:ea:2a:62:b6:de:3f:46:f8:b3:7b:26:1a:64:8e:b1:00:76:
cd:0d:14:af:ec:74:08:36:b7:03:93:0f:ac:8b:d5:10:02:06:
9f:dd:a2:1b:ac:4e:6e:4a:fd:6a:4a:cb:6f:40:9f:bc:69:90:
0c:df:4f:a2:8f:8b:af:a9:47:46:b2:9b:05:f6:09:b4:08:e9:
89:b7:5c:ed:51:e7:77:75:f1:4c:bc:22:2f:9f:ed:96:7d:b7:
36:c1:f0:ce:7f:27:b9:5e:3c:00:bd:fe:25:d0:65:b2:5d:4e:
4f:9f:73:75:37:89:d6:91:8a:3e:c0:3b:57:72:7c:16:27:11:
df:58:af:97:8d:d1:1c:d0:3f:ec:f0:ac:f0:58:15:9c:fd:8e:
da:09:ad:31:0e:74:ee:bd:3b:89:3a:c0:a5:4c:3c:59:45:6c:
0f:94:f3:06:65:59:74:df:d6:e5:59:d6:23:3f:e8:e3:61:3d:
38:c0:98:e1:2a:3b:8f:42:00:05:c2:c6:f3:d7:cb:01:a7:c8:
4b:cc:5c:12:8f:2b:cf:ab:0f:1f:2f:ac:35:fd:83:5b:e4:3d:
1d:e2:ae:2d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzC2wsgJqEgW/vKbjl/t06XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNGFkMDNhMGY1OTJiYjljOTdjMzA1MmE2OTAxMjVkODQ2
NDE1YTQwHhcNMjQwMTAxMDIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTVhNjVhZDM2MzAyMjRiYjczZTcwYTdmNzg5MzViMTE0NGY2YjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8dSK2G00BlPXbeCm6C2SjMMeeCu
sfyXDYa3EwoKkf0Jnv4FWopiVKtdUs+/NxeER3KOC1EFlsTJWZ+EcrcdxlRVWVMM
euRuRB5tcXj8NYBDYdebeUx4GEFenH/JQOPTn+StnTo0Nr51snnrGJvlz8QZxw9V
DJitIxrm3lXtmod+nYerzVo4FRHaU8f4QXRH5Rv1ePGQLGx6dJF36qu2Qx4wbu1y
KTqhborRC4h6Yt4cHd9eQZuSRJAIg8GwAr8/SA1pXYvfZ5fZ+ffGt0Sa3Cqpkto3
B61V888JJiGdjk2daUQsMMKisw38eeMZB8Vc9+ExE0BizpO9EC3aOIkMOwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJFaZa02MCJLtz5wp/eJNbEUT2tRMB8GA1UdIwQY
MBaAFEpK0DoPWSu5yXwwUqaQEl2EZBWkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tyUU9nOVpLN25KZkRCU3BwQVNYWVJrRmFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xNjc5MDMtZjQyNi00YmYwLTkyMzMt
YTlhYzY2YmU0OGY3LzEva1ZwbHJUWXdJa3UzUG5Dbjk0azFzUlJQYTFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xNjc5MDMtZjQyNi00YmYwLTkyMzMtYTlhYzY2YmU0OGY3
LzEvU2tyUU9nOVpLN25KZkRCU3BwQVNYWVJrRmFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQALQvJAwQC
LVFkAwQCucMwAwQAwaIoMA4EAgACMAgDBgQqB6XAADANBgkqhkiG9w0BAQsFAAOC
AQEAPGVYEmhYg+psYi0eGMUQNaVe2VhxQQCi1m+ORi69pqHrSb1xdOoqYrbeP0b4
s3smGmSOsQB2zQ0Ur+x0CDa3A5MPrIvVEAIGn92iG6xObkr9akrLb0CfvGmQDN9P
oo+Lr6lHRrKbBfYJtAjpibdc7VHnd3XxTLwiL5/tln23NsHwzn8nuV48AL3+JdBl
sl1OT59zdTeJ1pGKPsA7V3J8FicR31ivl43RHNA/7PCs8FgVnP2O2gmtMQ507r07
iTrApUw8WUVsD5TzBmVZdN/W5VnWIz/o42E9OMCY4So7j0IABcLG89fLAafIS8xc
Eo8rz6sPHy+sNf2DW+Q9HeKuLQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:41:15 2024 by rpki-client on console-ams.rpki-client.org