Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/kKAFQr0lqBMD8HlYZRHVnch9ge4.roa
File: kKAFQr0lqBMD8HlYZRHVnch9ge4.roa (raw, json)
Hash identifier: US2ajpoOokHwIiJAHpFU2VhH4QnCdgcFzRAfbUasG4Y=
Subject key identifier: 90:A0:05:42:BD:25:A8:13:03:F0:79:58:65:11:D5:9D:C8:7D:81:EE
Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Certificate serial: 018CC49374A9412950A6917F12482FE4EAFC
Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/kKAFQr0lqBMD8HlYZRHVnch9ge4.roa
Signing time: Mon 01 Jan 2024 10:30:47 +0000
ROA not before: Mon 01 Jan 2024 10:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39605
IP address blocks: 185.159.104.0/22 maxlen: 24
185.159.104.0/23 maxlen: 23
2a07:b880::/41 maxlen: 41
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:74:a9:41:29:50:a6:91:7f:12:48:2f:e4:ea:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Validity
Not Before: Jan 1 10:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90a00542bd25a81303f079586511d59dc87d81ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2f:9f:3a:d6:06:8c:66:8f:1e:f0:ce:e5:33:
67:7a:84:8a:66:50:ac:44:17:12:95:38:ea:79:89:
e0:49:08:ec:c9:b8:e7:22:6b:b9:ee:9f:9b:b7:eb:
71:49:7a:8b:ae:e5:7a:e0:4f:15:2a:50:20:60:87:
32:3b:1e:8d:31:27:85:20:45:7e:5f:1d:68:34:18:
43:6a:12:eb:d3:e1:03:07:f8:b0:c0:fd:8d:31:22:
ed:36:e9:92:b5:9d:cb:49:d4:e2:9a:a6:b9:08:dd:
ea:5d:19:b8:42:77:0b:57:85:0b:98:07:d8:59:2e:
30:e9:fe:4a:e2:14:ad:07:b9:4c:19:37:a3:eb:18:
c8:4b:9f:57:87:89:3a:df:f2:08:86:56:e5:8f:9e:
2d:cf:a6:9d:ba:96:6b:53:24:be:c9:e8:51:76:e2:
34:04:25:8d:52:fa:7c:46:3c:74:a2:96:8b:f5:a9:
2c:4c:6f:ea:34:08:6e:4b:b2:12:92:cd:8b:c1:2f:
95:52:c5:33:38:d1:f0:36:ab:a0:32:cf:1b:22:af:
a2:a2:07:19:93:0c:cb:b2:ee:21:81:01:7e:a1:39:
19:5a:6e:58:ea:1f:8a:6a:34:c9:9f:e4:72:6f:5f:
28:ac:16:1c:b3:1d:82:e1:e1:ac:6e:13:e6:ef:94:
5f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A0:05:42:BD:25:A8:13:03:F0:79:58:65:11:D5:9D:C8:7D:81:EE
X509v3 Authority Key Identifier:
keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/kKAFQr0lqBMD8HlYZRHVnch9ge4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.104.0/22
IPv6:
2a07:b880::/41
Signature Algorithm: sha256WithRSAEncryption
91:ba:22:98:9e:bb:7a:28:19:92:c7:56:e1:42:80:07:21:a1:
a2:57:3f:16:7c:01:db:68:ae:65:ce:c2:db:3e:73:c8:44:00:
0d:c5:b5:dd:38:e6:d0:1b:9e:0d:a2:41:06:0a:ca:cc:b4:c0:
63:91:f7:46:1e:e2:d6:90:0c:ea:5b:25:29:46:0d:a4:93:f3:
6c:df:dc:58:fb:6c:cb:f8:3b:b9:fd:90:61:a5:23:25:2b:e9:
48:59:b6:33:fa:80:fe:c0:16:ef:41:4e:69:d0:2c:a5:80:ea:
d8:81:57:43:73:b3:2c:b6:3a:e6:48:29:aa:cd:c0:8c:74:2f:
35:94:29:76:75:ec:64:0b:00:65:f4:3d:86:cc:9f:1b:ce:f0:
5d:02:e6:ea:4c:e3:0c:f9:15:a1:82:2b:3d:e4:43:66:01:16:
6a:59:20:d3:6c:8b:54:33:ce:d1:55:4d:84:2c:3c:e2:ad:b4:
42:12:ed:c9:c9:b6:0d:d9:2d:e5:67:f1:ad:dd:2a:81:e5:bc:
17:ae:31:1b:3b:26:41:a9:84:62:b2:70:ec:9d:eb:dd:55:8c:
2c:b1:cc:27:43:0a:12:d8:87:34:ea:38:8c:bc:40:1f:19:68:
98:ba:2e:eb:92:49:81:ae:01:00:22:dc:91:6e:0b:2e:13:47:
94:67:99:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEk3SpQSlQppF/Ekgv5Or8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDNhMGRmMDU5YTUyNTFhNDAwYjVhMWYxMzIxYmEwMGQz
MTIwZDIwHhcNMjQwMTAxMTAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGEwMDU0MmJkMjVhODEzMDNmMDc5NTg2NTExZDU5ZGM4N2Q4MWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC+fOtYGjGaPHvDO5TNneoSKZlCs
RBcSlTjqeYngSQjsybjnImu57p+bt+txSXqLruV64E8VKlAgYIcyOx6NMSeFIEV+
Xx1oNBhDahLr0+EDB/iwwP2NMSLtNumStZ3LSdTimqa5CN3qXRm4QncLV4ULmAfY
WS4w6f5K4hStB7lMGTej6xjIS59Xh4k63/IIhlblj54tz6adupZrUyS+yehRduI0
BCWNUvp8Rjx0opaL9aksTG/qNAhuS7ISks2LwS+VUsUzONHwNqugMs8bIq+iogcZ
kwzLsu4hgQF+oTkZWm5Y6h+KajTJn+Ryb18orBYcsx2C4eGsbhPm75RfvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJCgBUK9JagTA/B5WGUR1Z3IfYHuMB8GA1UdIwQY
MBaAFA5DoN8FmlJRpAC1ofEyG6ANMSDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMt
MDA0ZmU0MzNjN2M4LzEva0tBRlFyMGxxQk1EOEhsWVpSSFZuY2g5Z2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMtMDA0ZmU0MzNjN2M4
LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuZ9oMA8E
AgACMAkDBwcqB7iAAAAwDQYJKoZIhvcNAQELBQADggEBAJG6Ipieu3ooGZLHVuFC
gAchoaJXPxZ8AdtormXOwts+c8hEAA3Ftd045tAbng2iQQYKysy0wGOR90Ye4taQ
DOpbJSlGDaST82zf3Fj7bMv4O7n9kGGlIyUr6UhZtjP6gP7AFu9BTmnQLKWA6tiB
V0Nzsyy2OuZIKarNwIx0LzWUKXZ17GQLAGX0PYbMnxvO8F0C5upM4wz5FaGCKz3k
Q2YBFmpZINNsi1QzztFVTYQsPOKttEIS7cnJtg3ZLeVn8a3dKoHlvBeuMRs7JkGp
hGKycOyd691VjCyxzCdDChLYhzTqOIy8QB8ZaJi6LuuSSYGuAQAi3JFuCy4TR5Rn
mXY=
-----END CERTIFICATE-----
Generated at Sat May 18 22:29:50 2024 by rpki-client on console-fra.rpki-client.org