Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/251f4a-82d7-46a5-a130-0a9b06e16ddc/1/KglPTXdiG91riSkLpGFaB5Xwi3Q.roa
File: KglPTXdiG91riSkLpGFaB5Xwi3Q.roa (raw, json)
Hash identifier: 7XRnll8Em+cn8Q3/7McH/fh2gzEZ45eefnqyXjYFMao=
Subject key identifier: 2A:09:4F:4D:77:62:1B:DD:6B:89:29:0B:A4:61:5A:07:95:F0:8B:74
Certificate issuer: /CN=5fcf5d25a3661a3e72d2729454f7ff804b43bdb9
Certificate serial: 018CC42461E10BE80823E756DD55EE43C14A
Authority key identifier: 5F:CF:5D:25:A3:66:1A:3E:72:D2:72:94:54:F7:FF:80:4B:43:BD:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X89dJaNmGj5y0nKUVPf_gEtDvbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/251f4a-82d7-46a5-a130-0a9b06e16ddc/1/KglPTXdiG91riSkLpGFaB5Xwi3Q.roa
Signing time: Mon 01 Jan 2024 08:29:27 +0000
ROA not before: Mon 01 Jan 2024 08:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199524
IP address blocks: 185.105.1.0/24 maxlen: 24
185.105.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/251f4a-82d7-46a5-a130-0a9b06e16ddc/1/X89dJaNmGj5y0nKUVPf_gEtDvbk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/251f4a-82d7-46a5-a130-0a9b06e16ddc/1/X89dJaNmGj5y0nKUVPf_gEtDvbk.mft
rsync://rpki.ripe.net/repository/DEFAULT/X89dJaNmGj5y0nKUVPf_gEtDvbk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:61:e1:0b:e8:08:23:e7:56:dd:55:ee:43:c1:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fcf5d25a3661a3e72d2729454f7ff804b43bdb9
Validity
Not Before: Jan 1 08:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a094f4d77621bdd6b89290ba4615a0795f08b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:34:43:d2:4c:c5:39:97:c3:57:37:d1:59:7d:
84:ef:6d:23:6a:b6:6a:a3:74:f9:bb:6d:9b:d3:45:
7e:b7:5d:5c:c8:81:11:0f:d7:45:33:de:3d:eb:4a:
a5:24:a2:25:b2:77:58:1c:2d:79:c0:b7:c8:fa:27:
b7:f7:0f:d9:b3:93:51:bb:4b:6e:54:2f:02:35:c1:
82:17:54:4a:ea:59:9e:5f:89:53:d3:c8:c7:3d:15:
d4:f9:8f:78:15:53:a9:4e:f4:ce:85:a2:ed:ac:07:
d3:31:31:29:3f:dd:17:39:94:22:52:ed:90:19:fb:
72:70:7b:c7:49:ae:e9:6e:fa:5e:5e:d4:ed:d0:17:
80:c1:85:f8:93:38:12:5d:f5:8a:44:2f:4b:95:4f:
66:79:36:2c:6a:27:4c:67:96:50:08:f3:55:63:34:
21:07:99:7a:09:99:de:2b:c4:30:25:f6:b7:be:c4:
eb:3c:a3:f0:33:1c:53:69:f8:a0:82:ee:6f:7d:00:
79:32:5c:2d:70:6e:42:26:c4:dd:44:6c:6e:87:7c:
90:b2:1a:d3:4d:25:02:13:7e:01:12:bc:68:cc:9f:
46:c6:b6:51:53:30:ae:02:e1:31:81:db:e7:04:ab:
75:69:18:8b:d9:d7:82:df:54:05:4b:0d:04:f8:ae:
c3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:09:4F:4D:77:62:1B:DD:6B:89:29:0B:A4:61:5A:07:95:F0:8B:74
X509v3 Authority Key Identifier:
keyid:5F:CF:5D:25:A3:66:1A:3E:72:D2:72:94:54:F7:FF:80:4B:43:BD:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X89dJaNmGj5y0nKUVPf_gEtDvbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/251f4a-82d7-46a5-a130-0a9b06e16ddc/1/KglPTXdiG91riSkLpGFaB5Xwi3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/251f4a-82d7-46a5-a130-0a9b06e16ddc/1/X89dJaNmGj5y0nKUVPf_gEtDvbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.1.0-185.105.2.255
Signature Algorithm: sha256WithRSAEncryption
5f:22:db:10:d5:68:74:7e:fd:4d:8b:e8:10:d0:ce:69:65:7a:
9b:c6:fb:c4:14:0e:4d:6f:ed:ee:68:18:13:7c:41:04:24:32:
d8:47:5e:1b:db:28:8d:7c:20:e9:25:4c:78:c9:10:89:1e:f4:
eb:53:a6:77:81:ad:c3:5f:94:13:fb:9b:1e:b3:e7:e6:4b:d7:
44:a6:3c:7c:de:21:27:ed:bf:05:fe:dd:3b:5c:3d:87:b9:f9:
25:62:8b:49:00:f6:41:0f:02:90:8d:25:db:f4:40:e3:74:82:
f8:38:5a:59:9c:55:4f:36:27:4c:ea:2c:73:f0:1b:c1:59:df:
23:2a:f0:54:77:66:b7:48:52:04:d8:d6:39:9b:77:69:70:13:
29:01:d9:11:1e:4a:0e:8f:71:cb:fb:ba:52:75:2d:d0:c5:b9:
cc:e3:4c:48:c6:e8:28:f3:de:db:5a:80:f1:e3:f2:39:fb:fd:
9a:20:0d:b0:9a:41:11:39:0a:35:32:07:64:9a:bb:ca:0a:56:
50:05:1c:bd:43:7e:1c:80:65:6f:e9:04:28:fd:0e:d5:19:62:
5c:9e:67:98:cf:fd:bb:0e:75:e9:2d:d2:e0:79:46:f7:72:53:
d3:a7:f4:ed:1c:b1:f0:6b:bd:81:8c:5a:a5:f4:24:50:37:10:
2a:ba:48:03
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEJGHhC+gII+dW3VXuQ8FKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmY2Y1ZDI1YTM2NjFhM2U3MmQyNzI5NDU0ZjdmZjgwNGI0
M2JkYjkwHhcNMjQwMTAxMDgyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA5NGY0ZDc3NjIxYmRkNmI4OTI5MGJhNDYxNWEwNzk1ZjA4Yjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjRD0kzFOZfDVzfRWX2E720jarZq
o3T5u22b00V+t11cyIERD9dFM94960qlJKIlsndYHC15wLfI+ie39w/Zs5NRu0tu
VC8CNcGCF1RK6lmeX4lT08jHPRXU+Y94FVOpTvTOhaLtrAfTMTEpP90XOZQiUu2Q
GftycHvHSa7pbvpeXtTt0BeAwYX4kzgSXfWKRC9LlU9meTYsaidMZ5ZQCPNVYzQh
B5l6CZneK8QwJfa3vsTrPKPwMxxTafiggu5vfQB5MlwtcG5CJsTdRGxuh3yQshrT
TSUCE34BErxozJ9GxrZRUzCuAuExgdvnBKt1aRiL2deC31QFSw0E+K7DbQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCoJT013Yhvda4kpC6RhWgeV8It0MB8GA1UdIwQY
MBaAFF/PXSWjZho+ctJylFT3/4BLQ725MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDg5ZEphTm1HajV5MG5LVVZQZl9nRXREdmJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yNTFmNGEtODJkNy00NmE1LWExMzAt
MGE5YjA2ZTE2ZGRjLzEvS2dsUFRYZGlHOTFyaVNrTHBHRmFCNVh3aTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yNTFmNGEtODJkNy00NmE1LWExMzAtMGE5YjA2ZTE2ZGRj
LzEvWDg5ZEphTm1HajV5MG5LVVZQZl9nRXREdmJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5aQED
BAC5aQIwDQYJKoZIhvcNAQELBQADggEBAF8i2xDVaHR+/U2L6BDQzmllepvG+8QU
Dk1v7e5oGBN8QQQkMthHXhvbKI18IOklTHjJEIke9OtTpneBrcNflBP7mx6z5+ZL
10SmPHzeISftvwX+3TtcPYe5+SVii0kA9kEPApCNJdv0QON0gvg4WlmcVU82J0zq
LHPwG8FZ3yMq8FR3ZrdIUgTY1jmbd2lwEykB2REeSg6Pccv7ulJ1LdDFuczjTEjG
6Cjz3ttagPHj8jn7/ZogDbCaQRE5CjUyB2Sau8oKVlAFHL1DfhyAZW/pBCj9DtUZ
YlyeZ5jP/bsOdekt0uB5RvdyU9On9O0csfBrvYGMWqX0JFA3ECq6SAM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:06:39 2024 by rpki-client on console-ams.rpki-client.org