Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/kgfC2MhvKjPAmPquecec_xdJBmY.roa
File: kgfC2MhvKjPAmPquecec_xdJBmY.roa (raw, json)
Hash identifier: fhbVNacdrQDLqhAwFfpiMJUfLRz+7XmpoUMdy+v5L74=
Subject key identifier: 92:07:C2:D8:C8:6F:2A:33:C0:98:FA:AE:79:C7:9C:FF:17:49:06:66
Certificate issuer: /CN=c09fc8a067fa6d2476bdce24afffad17131d9e86
Certificate serial: 018CC5DC182FB5CDE9EFF2B8317E2FE45F12
Authority key identifier: C0:9F:C8:A0:67:FA:6D:24:76:BD:CE:24:AF:FF:AD:17:13:1D:9E:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/kgfC2MhvKjPAmPquecec_xdJBmY.roa
Signing time: Mon 01 Jan 2024 16:29:44 +0000
ROA not before: Mon 01 Jan 2024 16:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211607
IP address blocks: 195.230.103.0/24 maxlen: 24
2a10:b640:3000::/36 maxlen: 48
2001:678:e70::/48 maxlen: 48
2a10:b641::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:18:2f:b5:cd:e9:ef:f2:b8:31:7e:2f:e4:5f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c09fc8a067fa6d2476bdce24afffad17131d9e86
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9207c2d8c86f2a33c098faae79c79cff17490666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dc:b9:fd:e1:22:e1:42:44:9c:94:eb:08:d0:
9d:64:fa:3a:82:ae:08:d8:1e:59:b0:0c:e3:95:d0:
b6:79:50:e1:c6:d3:e2:40:0d:f5:1e:dc:1a:1f:e6:
bf:8f:ce:13:d3:8c:07:4d:2e:96:70:9f:a7:2f:9c:
9e:6b:82:a0:b6:72:ab:4f:e8:1d:fd:c4:ec:38:1c:
e8:c7:d6:7d:11:af:df:0f:d5:58:44:38:3e:6c:34:
11:05:b3:0f:a7:2a:f6:ff:69:3b:9e:aa:18:ac:05:
3b:2c:0c:20:d3:f9:88:b8:68:27:55:5b:40:c7:6e:
3e:3e:a1:6f:33:4f:5d:e9:82:a3:78:59:78:a5:58:
63:e4:8a:57:4f:ea:29:0f:c9:a9:97:76:43:5f:57:
0e:4d:20:9a:f4:58:ea:6c:c9:84:6d:f0:f1:14:14:
e4:6a:9b:f2:1e:57:d1:5b:e1:ba:ef:2a:bb:68:9e:
eb:d9:a7:53:11:4e:4e:26:26:e7:c3:b8:7f:99:62:
c2:fe:d5:8f:8e:80:f4:28:04:b6:e9:5d:bf:e9:02:
2a:b5:fb:8d:df:46:b2:57:b2:5f:9c:1d:9f:86:58:
47:38:43:af:a9:c0:85:ef:41:06:13:35:a7:57:11:
25:bf:b4:0e:96:3c:af:95:7a:05:4a:9d:df:29:30:
b7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:07:C2:D8:C8:6F:2A:33:C0:98:FA:AE:79:C7:9C:FF:17:49:06:66
X509v3 Authority Key Identifier:
keyid:C0:9F:C8:A0:67:FA:6D:24:76:BD:CE:24:AF:FF:AD:17:13:1D:9E:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/kgfC2MhvKjPAmPquecec_xdJBmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/a733bc-68f8-499f-850f-8e924ffbe584/1/wJ_IoGf6bSR2vc4kr_-tFxMdnoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.103.0/24
IPv6:
2001:678:e70::/48
2a10:b640:3000::/36
2a10:b641::/36
Signature Algorithm: sha256WithRSAEncryption
08:68:2f:26:36:53:e3:e5:38:84:e3:5f:e8:6d:63:c1:cd:5a:
42:ff:b3:15:cb:2b:e7:86:8f:10:04:75:b2:7b:cb:96:f9:18:
f2:ef:8b:38:12:de:1b:ef:d9:1d:5a:04:37:67:13:ac:0d:e6:
ec:51:4f:26:6d:e0:fb:47:b5:48:01:2d:f9:74:6a:30:40:b0:
1c:c8:cf:7e:19:72:8e:ae:0e:a1:ea:43:91:75:37:72:54:83:
f6:9a:54:09:95:63:1b:11:42:30:54:d7:e7:88:80:9e:a9:ce:
61:e3:a7:82:68:12:e7:64:e9:0f:e3:e2:7d:91:50:8b:08:11:
24:6c:85:bb:6e:2f:97:80:90:15:58:9e:11:1c:93:84:dd:bf:
5a:93:20:20:6a:33:ed:76:e9:76:ab:66:63:df:96:25:0d:3d:
ae:0b:23:e8:c1:ee:75:4e:b1:a1:1d:cb:0b:f4:ee:c7:cf:25:
69:3c:19:91:b1:d9:be:cb:fe:aa:13:43:a3:b2:99:88:eb:26:
3e:d9:ce:e2:d3:c3:87:39:53:ec:96:f1:17:bc:40:a3:c7:33:
63:60:c4:2c:91:4a:1f:fa:89:6f:b1:9e:83:c2:c7:1c:3d:3d:
48:de:53:b6:b5:3f:e2:47:fa:ac:f3:1b:03:7d:85:c7:0c:a4:
62:0f:df:23
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzF3Bgvtc3p7/K4MX4v5F8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOWZjOGEwNjdmYTZkMjQ3NmJkY2UyNGFmZmZhZDE3MTMx
ZDllODYwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjA3YzJkOGM4NmYyYTMzYzA5OGZhYWU3OWM3OWNmZjE3NDkwNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldy5/eEi4UJEnJTrCNCdZPo6gq4I
2B5ZsAzjldC2eVDhxtPiQA31HtwaH+a/j84T04wHTS6WcJ+nL5yea4KgtnKrT+gd
/cTsOBzox9Z9Ea/fD9VYRDg+bDQRBbMPpyr2/2k7nqoYrAU7LAwg0/mIuGgnVVtA
x24+PqFvM09d6YKjeFl4pVhj5IpXT+opD8mpl3ZDX1cOTSCa9FjqbMmEbfDxFBTk
apvyHlfRW+G67yq7aJ7r2adTEU5OJibnw7h/mWLC/tWPjoD0KAS26V2/6QIqtfuN
30ayV7JfnB2fhlhHOEOvqcCF70EGEzWnVxElv7QOljyvlXoFSp3fKTC3mQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJIHwtjIbyozwJj6rnnHnP8XSQZmMB8GA1UdIwQY
MBaAFMCfyKBn+m0kdr3OJK//rRcTHZ6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pfSW9HZjZiU1IydmM0a3JfLXRGeE1kbm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9hNzMzYmMtNjhmOC00OTlmLTg1MGYt
OGU5MjRmZmJlNTg0LzEva2dmQzJNaHZLalBBbVBxdWVjZWNfeGRKQm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9hNzMzYmMtNjhmOC00OTlmLTg1MGYtOGU5MjRmZmJlNTg0
LzEvd0pfSW9HZjZiU1IydmM0a3JfLXRGeE1kbm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQAw+ZnMB8E
AgACMBkDBwAgAQZ4DnADBgQqELZAMAMGBCoQtkEAMA0GCSqGSIb3DQEBCwUAA4IB
AQAIaC8mNlPj5TiE41/obWPBzVpC/7MVyyvnho8QBHWye8uW+Rjy74s4Et4b79kd
WgQ3ZxOsDebsUU8mbeD7R7VIAS35dGowQLAcyM9+GXKOrg6h6kORdTdyVIP2mlQJ
lWMbEUIwVNfniICeqc5h46eCaBLnZOkP4+J9kVCLCBEkbIW7bi+XgJAVWJ4RHJOE
3b9akyAgajPtdul2q2Zj35YlDT2uCyPowe51TrGhHcsL9O7HzyVpPBmRsdm+y/6q
E0OjspmI6yY+2c7i08OHOVPslvEXvECjxzNjYMQskUof+olvsZ6DwsccPT1I3lO2
tT/iR/qs8xsDfYXHDKRiD98j
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:46:39 2024 by rpki-client on console-ams.rpki-client.org