Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/kKD7Fde_qRuHiOMWxKmJSSaGkaE.roa
File: kKD7Fde_qRuHiOMWxKmJSSaGkaE.roa (raw, json)
Hash identifier: CxsRP1UbxoIBz308SFbiYeExKX2O4HF2yDLw8suwUlc=
Subject key identifier: 90:A0:FB:15:D7:BF:A9:1B:87:88:E3:16:C4:A9:89:49:26:86:91:A1
Certificate issuer: /CN=c1e8b88f1e30573a0e20e479d5ba00b4e91827b6
Certificate serial: 0190C4F0809A7BB91A43D8168F1A4659AB5A
Authority key identifier: C1:E8:B8:8F:1E:30:57:3A:0E:20:E4:79:D5:BA:00:B4:E9:18:27:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wei4jx4wVzoOIOR51boAtOkYJ7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/kKD7Fde_qRuHiOMWxKmJSSaGkaE.roa
Signing time: Thu 18 Jul 2024 08:23:34 +0000
ROA not before: Thu 18 Jul 2024 08:23:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31317
IP address blocks: 91.198.136.0/24 maxlen: 24
185.170.244.0/22 maxlen: 32
2a0a:b900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/wei4jx4wVzoOIOR51boAtOkYJ7Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/wei4jx4wVzoOIOR51boAtOkYJ7Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/wei4jx4wVzoOIOR51boAtOkYJ7Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c4:f0:80:9a:7b:b9:1a:43:d8:16:8f:1a:46:59:ab:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1e8b88f1e30573a0e20e479d5ba00b4e91827b6
Validity
Not Before: Jul 18 08:23:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90a0fb15d7bfa91b8788e316c4a98949268691a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1b:8c:52:c5:b7:0b:46:bd:a0:4b:30:d4:59:
f4:00:dd:82:7a:8d:50:da:5f:2c:71:77:8d:f1:d5:
6d:59:99:a5:85:42:8b:e6:a6:ae:11:a3:89:53:55:
f5:0c:2f:31:8b:50:16:71:42:d8:72:00:88:f5:33:
fb:2c:50:ad:f1:5f:99:76:92:ad:df:28:5e:16:8d:
59:a1:2f:f8:53:24:ec:5f:70:5d:31:fe:b3:d7:95:
3b:91:ff:72:d8:86:7a:92:e4:ee:0f:0f:3b:85:ed:
c8:8a:de:91:61:e1:2d:75:1f:24:1f:76:a8:a9:56:
cf:26:b4:52:e6:2d:19:1e:ab:0c:af:15:a1:32:c8:
14:21:18:32:01:ad:66:e9:22:78:a5:57:87:2b:bb:
68:02:8a:09:7f:44:20:b4:3a:b3:b7:37:9a:0e:18:
c7:80:de:ea:92:d2:24:78:23:e3:ec:24:2b:94:31:
74:cf:29:30:1a:c6:d1:10:97:00:24:f9:53:da:f7:
0c:e6:ab:ff:08:20:55:e0:fd:f4:93:99:60:54:f9:
b3:f3:d4:c2:67:d0:3d:89:fc:45:03:fb:a7:d6:4f:
8a:99:20:6c:b5:d2:61:77:39:ea:1e:7e:ca:a0:6c:
dc:44:b8:6c:37:12:2f:1a:ee:b8:51:3d:8b:9d:c0:
e7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A0:FB:15:D7:BF:A9:1B:87:88:E3:16:C4:A9:89:49:26:86:91:A1
X509v3 Authority Key Identifier:
keyid:C1:E8:B8:8F:1E:30:57:3A:0E:20:E4:79:D5:BA:00:B4:E9:18:27:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wei4jx4wVzoOIOR51boAtOkYJ7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/kKD7Fde_qRuHiOMWxKmJSSaGkaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/wei4jx4wVzoOIOR51boAtOkYJ7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.136.0/24
185.170.244.0/22
IPv6:
2a0a:b900::/29
Signature Algorithm: sha256WithRSAEncryption
71:c5:90:1d:03:8a:ac:61:81:cf:2d:e9:de:a0:7a:d3:45:a9:
59:85:21:fa:b6:da:90:7b:b6:e0:d4:c7:c5:0b:cb:17:41:a6:
f7:c2:77:ae:f9:a8:76:31:c9:b1:0e:de:c9:37:f7:91:38:7f:
f0:d1:31:ed:6c:7f:ba:6c:58:55:3e:e9:18:7e:82:3b:ec:e9:
ee:2c:44:db:10:a5:63:9c:90:7d:b4:56:ea:56:be:c1:66:20:
9f:05:a3:9d:ab:44:ab:a6:da:af:79:73:a8:d3:28:43:d7:5d:
11:a0:4b:f2:8a:4d:fe:39:59:78:a1:79:7d:a3:94:ad:ff:0c:
2f:ca:49:35:f5:40:98:09:64:3d:03:3c:bb:1b:4c:f9:87:84:
b5:80:dc:5c:b4:03:de:12:e5:1f:d8:6f:60:70:79:6c:ed:86:
cb:ea:4e:72:dc:0c:40:08:6a:d1:88:11:e4:8e:94:ad:92:46:
ce:5e:e1:a9:23:0b:10:71:08:ee:5d:a8:8d:89:fd:c1:4f:c5:
1b:11:ad:dc:ef:99:ce:0c:39:78:29:ab:75:4f:88:e2:3c:85:
a3:a8:06:55:17:c1:92:94:83:40:84:6a:ea:f9:2f:dd:69:37:
87:a7:cc:b2:31:33:ee:1d:73:a1:e2:52:0a:d1:b4:fb:22:4e:
1e:1a:ad:5b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZDE8ICae7kaQ9gWjxpGWataMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZThiODhmMWUzMDU3M2EwZTIwZTQ3OWQ1YmEwMGI0ZTkx
ODI3YjYwHhcNMjQwNzE4MDgyMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGEwZmIxNWQ3YmZhOTFiODc4OGUzMTZjNGE5ODk0OTI2ODY5MWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBuMUsW3C0a9oEsw1Fn0AN2Ceo1Q
2l8scXeN8dVtWZmlhUKL5qauEaOJU1X1DC8xi1AWcULYcgCI9TP7LFCt8V+ZdpKt
3yheFo1ZoS/4UyTsX3BdMf6z15U7kf9y2IZ6kuTuDw87he3Iit6RYeEtdR8kH3ao
qVbPJrRS5i0ZHqsMrxWhMsgUIRgyAa1m6SJ4pVeHK7toAooJf0QgtDqztzeaDhjH
gN7qktIkeCPj7CQrlDF0zykwGsbREJcAJPlT2vcM5qv/CCBV4P30k5lgVPmz89TC
Z9A9ifxFA/un1k+KmSBstdJhdznqHn7KoGzcRLhsNxIvGu64UT2LncDn3QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJCg+xXXv6kbh4jjFsSpiUkmhpGhMB8GA1UdIwQY
MBaAFMHouI8eMFc6DiDkedW6ALTpGCe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VpNGp4NHdWem9PSU9SNTFib0F0T2tZSjdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NTcxOTctYzYyOC00OGIxLTk1NmQt
ZWZmZTk1NWE1ZDY0LzEva0tEN0ZkZV9xUnVIaU9NV3hLbUpTU2FHa2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NTcxOTctYzYyOC00OGIxLTk1NmQtZWZmZTk1NWE1ZDY0
LzEvd2VpNGp4NHdWem9PSU9SNTFib0F0T2tZSjdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW8aIAwQC
uar0MA0EAgACMAcDBQMqCrkAMA0GCSqGSIb3DQEBCwUAA4IBAQBxxZAdA4qsYYHP
LeneoHrTRalZhSH6ttqQe7bg1MfFC8sXQab3wneu+ah2McmxDt7JN/eROH/w0THt
bH+6bFhVPukYfoI77OnuLETbEKVjnJB9tFbqVr7BZiCfBaOdq0SrptqveXOo0yhD
110RoEvyik3+OVl4oXl9o5St/wwvykk19UCYCWQ9Azy7G0z5h4S1gNxctAPeEuUf
2G9gcHls7YbL6k5y3AxACGrRiBHkjpStkkbOXuGpIwsQcQjuXaiNif3BT8UbEa3c
75nODDl4Kat1T4jiPIWjqAZVF8GSlINAhGrq+S/daTeHp8yyMTPuHXOh4lIK0bT7
Ik4eGq1b
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:50 2024 by rpki-client on console-fra.rpki-client.org