Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kLr38JxFwh_LFhyn3sq7__Xq4AM.roa
File: kLr38JxFwh_LFhyn3sq7__Xq4AM.roa (raw, json)
Hash identifier: hV9HMmxGiXX2iU1VO24EWfo3WrYOpTXMQpSVlim0k4I=
Subject key identifier: 90:BA:F7:F0:9C:45:C2:1F:CB:16:1C:A7:DE:CA:BB:FF:F5:EA:E0:03
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A28D45752AE601427105B900FA68B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kLr38JxFwh_LFhyn3sq7__Xq4AM.roa
Signing time: Tue 02 Jan 2024 12:33:29 +0000
ROA not before: Tue 02 Jan 2024 12:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61312
IP address blocks: 93.171.152.0/24 maxlen: 24
92.38.34.0/24 maxlen: 24
31.148.25.0/24 maxlen: 24
93.170.55.0/24 maxlen: 24
93.170.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:28:d4:57:52:ae:60:14:27:10:5b:90:0f:a6:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90baf7f09c45c21fcb161ca7decabbfff5eae003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:26:f7:18:b8:bd:f5:fc:69:7a:9c:71:14:4f:
0f:59:17:01:be:11:45:84:e6:ff:86:5d:13:45:05:
fe:16:be:e0:c5:12:90:da:31:ca:5b:15:f3:49:cd:
57:df:1e:ec:f1:7a:3a:d7:58:bf:96:2e:80:60:9d:
ec:25:72:c8:7d:5f:b9:68:a4:11:b1:44:14:2d:d3:
88:84:c1:73:bd:4f:3d:91:06:26:fd:da:bc:a3:83:
01:48:03:53:d1:08:d9:67:fe:f9:5b:16:7f:3f:8a:
4d:3f:04:7f:e7:c0:4b:46:38:12:45:68:ba:e8:50:
d1:a6:ce:13:72:36:7c:21:e7:79:7a:d6:f0:68:48:
d5:1f:27:25:dd:51:0c:9c:2d:86:34:ac:4f:2d:0f:
17:6e:4f:50:5a:00:d2:7d:69:f5:bc:12:d6:95:b0:
8a:ec:89:6c:06:02:21:98:1c:27:f6:62:28:4a:a5:
5e:c9:b7:38:37:57:4d:65:7b:a8:ff:d4:1d:1b:ff:
e9:85:da:c1:ee:50:51:15:63:92:01:08:9d:0e:7d:
4e:ad:2d:43:3b:6b:d1:8a:c0:27:5b:69:c8:bb:65:
cf:52:79:74:de:16:3f:15:ea:8f:26:f0:ad:96:41:
7d:8c:47:12:b8:0a:6a:a9:0c:0c:29:ed:c8:1c:51:
f8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BA:F7:F0:9C:45:C2:1F:CB:16:1C:A7:DE:CA:BB:FF:F5:EA:E0:03
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/kLr38JxFwh_LFhyn3sq7__Xq4AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.25.0/24
92.38.34.0/24
93.170.55.0/24
93.170.175.0/24
93.171.152.0/24
Signature Algorithm: sha256WithRSAEncryption
97:d6:0c:55:56:35:1b:78:c5:d7:d4:1c:26:26:07:d3:54:ea:
bd:9e:4d:1f:99:04:17:f3:94:5f:ee:12:bb:62:fb:9f:c6:a3:
e0:4c:e5:08:64:98:dc:53:6f:c7:35:d2:61:b6:6e:f4:6a:56:
99:88:46:96:f0:54:aa:7d:9e:19:98:a6:e4:bb:22:bb:c0:33:
ad:71:b2:d1:3c:d3:94:fd:c4:ec:01:a9:c6:f5:4b:b5:96:4c:
72:37:ac:33:6c:23:45:ba:4a:79:d9:17:9e:60:63:d8:b8:98:
38:f0:e7:83:8c:4c:c9:ff:4f:19:f9:36:e0:42:5a:f7:c8:d5:
ba:04:38:27:75:40:41:78:a1:ba:bd:03:34:a8:ab:7d:fb:68:
43:75:be:22:c5:f7:1b:bf:2b:82:33:c7:bb:b8:6f:f3:2a:01:
37:55:e7:dc:3e:d8:20:53:24:d4:e7:b5:7f:a9:98:2d:28:4a:
88:e2:65:1c:50:78:c3:16:c6:49:88:0c:e7:3f:36:bc:92:d6:
b4:13:01:00:c8:66:b9:dd:ee:70:c7:80:cd:89:13:14:b8:35:
1e:5a:0c:15:a2:35:0e:02:dd:0a:3b:65:9e:ec:70:b0:47:0a:
37:af:49:ff:57:e5:66:f4:e1:fa:0a:b3:b4:f6:4d:68:5a:cb:
31:d2:ed:4d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzKKijUV1KuYBQnEFuQD6aLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGJhZjdmMDljNDVjMjFmY2IxNjFjYTdkZWNhYmJmZmY1ZWFlMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyb3GLi99fxpepxxFE8PWRcBvhFF
hOb/hl0TRQX+Fr7gxRKQ2jHKWxXzSc1X3x7s8Xo611i/li6AYJ3sJXLIfV+5aKQR
sUQULdOIhMFzvU89kQYm/dq8o4MBSANT0QjZZ/75WxZ/P4pNPwR/58BLRjgSRWi6
6FDRps4TcjZ8Ied5etbwaEjVHycl3VEMnC2GNKxPLQ8Xbk9QWgDSfWn1vBLWlbCK
7IlsBgIhmBwn9mIoSqVeybc4N1dNZXuo/9QdG//phdrB7lBRFWOSAQidDn1OrS1D
O2vRisAnW2nIu2XPUnl03hY/FeqPJvCtlkF9jEcSuApqqQwMKe3IHFH47QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJC69/CcRcIfyxYcp97Ku//16uADMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEva0xyMzhKeEZ3aF9MRmh5bjNzcTdfX1hxNEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH5QZAwQA
XCYiAwQAXao3AwQAXaqvAwQAXauYMA0GCSqGSIb3DQEBCwUAA4IBAQCX1gxVVjUb
eMXX1BwmJgfTVOq9nk0fmQQX85Rf7hK7YvufxqPgTOUIZJjcU2/HNdJhtm70alaZ
iEaW8FSqfZ4ZmKbkuyK7wDOtcbLRPNOU/cTsAanG9Uu1lkxyN6wzbCNFukp52Ree
YGPYuJg48OeDjEzJ/08Z+TbgQlr3yNW6BDgndUBBeKG6vQM0qKt9+2hDdb4ixfcb
vyuCM8e7uG/zKgE3VefcPtggUyTU57V/qZgtKEqI4mUcUHjDFsZJiAznPza8kta0
EwEAyGa53e5wx4DNiRMUuDUeWgwVojUOAt0KO2We7HCwRwo3r0n/V+Vm9OH6CrO0
9k1oWssx0u1N
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:30:08 2024 by rpki-client on console-fra.rpki-client.org