Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/KdsRkIpodBwP82iuN8U8x10jAkU.roa
File: KdsRkIpodBwP82iuN8U8x10jAkU.roa (raw, json)
Hash identifier: Buxu8EEs3+xzYDH3RHzWT9lkJkq+ns6gcetr5weDt/s=
Subject key identifier: 29:DB:11:90:8A:68:74:1C:0F:F3:68:AE:37:C5:3C:C7:5D:23:02:45
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E1B222ECB05063C91B9EE1761FDBD
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/KdsRkIpodBwP82iuN8U8x10jAkU.roa
Signing time: Mon 01 Jan 2024 14:29:36 +0000
ROA not before: Mon 01 Jan 2024 14:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209087
IP address blocks: 179.189.212.0/22 maxlen: 22
185.227.92.0/22 maxlen: 22
85.8.136.0/23 maxlen: 23
85.8.138.0/23 maxlen: 23
85.8.137.0/24 maxlen: 24
85.8.139.0/24 maxlen: 24
85.8.136.0/22 maxlen: 22
85.8.136.0/24 maxlen: 24
85.8.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 04:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1b:22:2e:cb:05:06:3c:91:b9:ee:17:61:fd:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29db11908a68741c0ff368ae37c53cc75d230245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:68:d1:25:7f:78:bc:27:79:42:a6:55:a4:11:
bb:5c:74:2e:1d:d0:81:81:8c:ef:ee:95:75:78:8f:
df:4c:18:8c:70:1a:2a:96:7e:13:a4:6e:59:9c:70:
fc:98:fd:64:8e:e3:cc:a2:d9:56:e8:c8:de:24:4d:
a3:b4:34:41:06:af:cb:14:2f:38:2d:74:aa:3c:10:
43:40:23:7c:d2:a8:42:95:da:4f:0d:a4:5b:17:db:
c9:0a:e0:04:19:1f:f8:32:af:2e:ba:16:51:0a:a5:
de:c7:bf:d1:89:de:0e:53:cd:11:2d:30:3f:ae:7a:
46:25:02:0d:db:1f:8b:a0:58:b0:49:cc:10:7c:a9:
5e:22:ac:46:99:8c:c4:e3:1b:37:fa:ec:cd:f7:5e:
e6:f9:88:a9:cd:97:64:af:c9:9a:a8:3a:bd:bf:1d:
5e:d2:00:76:0f:98:a0:5c:7c:b0:ce:a9:df:03:3a:
6f:cf:1c:ec:63:68:cb:46:42:3f:71:83:22:9b:9e:
79:b8:c0:da:b4:ad:5b:a6:cd:12:44:49:69:fe:09:
91:83:ab:32:f7:a2:d1:7d:d4:31:46:f0:52:92:9e:
a6:dd:35:8c:d3:9a:fa:bc:f6:5c:3b:42:fb:e1:82:
2f:5b:5b:cb:89:6c:50:85:9b:80:86:3e:3d:ee:b9:
ce:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:DB:11:90:8A:68:74:1C:0F:F3:68:AE:37:C5:3C:C7:5D:23:02:45
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/KdsRkIpodBwP82iuN8U8x10jAkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.136.0/22
179.189.212.0/22
185.227.92.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:1f:79:b6:39:bb:2c:59:d8:a2:80:93:90:2d:9b:ba:09:b6:
e1:31:d6:e4:ba:cb:fc:5f:9d:03:03:ab:77:20:6a:37:21:89:
0f:6c:14:e6:cb:6d:90:c9:30:4d:42:d2:6e:ba:92:1b:f1:25:
5b:c9:d8:84:e1:af:25:12:89:95:9b:64:13:39:62:42:c0:52:
b0:b7:6d:db:03:0a:6a:a4:b7:59:0b:ba:e0:fb:8e:c7:fd:90:
fb:73:e6:95:a3:1c:b4:7e:7e:d9:f4:c9:d3:65:00:85:f3:8f:
79:f4:a3:d7:32:87:09:b2:49:6e:52:0d:9a:94:33:bf:aa:39:
cc:e4:71:c0:e5:7e:a7:15:53:e5:fd:28:d2:d5:d2:11:8e:86:
89:a4:4a:f0:22:dc:ed:02:9d:61:65:3b:a9:94:0d:45:88:48:
ee:9d:83:01:27:a0:85:42:df:5d:cd:b3:ec:90:7a:e9:08:23:
50:f3:ca:31:93:ad:17:f5:d7:52:45:54:a2:2c:ce:39:55:2c:
32:b0:86:cf:98:ee:0c:08:cc:6e:f8:c4:77:23:57:80:0e:87:
21:c3:36:34:0a:d4:3f:f3:4a:1f:8f:05:d4:53:cf:c3:54:d5:
f5:3a:fb:df:27:81:62:8e:2f:0f:cf:08:f5:59:ca:f4:d6:64:
fe:4f:c7:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbhsiLssFBjyRue4XYf29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWRiMTE5MDhhNjg3NDFjMGZmMzY4YWUzN2M1M2NjNzVkMjMwMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGjRJX94vCd5QqZVpBG7XHQuHdCB
gYzv7pV1eI/fTBiMcBoqln4TpG5ZnHD8mP1kjuPMotlW6MjeJE2jtDRBBq/LFC84
LXSqPBBDQCN80qhCldpPDaRbF9vJCuAEGR/4Mq8uuhZRCqXex7/Rid4OU80RLTA/
rnpGJQIN2x+LoFiwScwQfKleIqxGmYzE4xs3+uzN917m+YipzZdkr8maqDq9vx1e
0gB2D5igXHywzqnfAzpvzxzsY2jLRkI/cYMim555uMDatK1bps0SRElp/gmRg6sy
96LRfdQxRvBSkp6m3TWM05r6vPZcO0L74YIvW1vLiWxQhZuAhj497rnOKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCnbEZCKaHQcD/NorjfFPMddIwJFMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvS2RzUmtJcG9kQndQODJpdU44VTh4MTBqQWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVQiIAwQC
s73UAwQCueNcMA0GCSqGSIb3DQEBCwUAA4IBAQC6H3m2ObssWdiigJOQLZu6Cbbh
Mdbkusv8X50DA6t3IGo3IYkPbBTmy22QyTBNQtJuupIb8SVbydiE4a8lEomVm2QT
OWJCwFKwt23bAwpqpLdZC7rg+47H/ZD7c+aVoxy0fn7Z9MnTZQCF84959KPXMocJ
skluUg2alDO/qjnM5HHA5X6nFVPl/SjS1dIRjoaJpErwItztAp1hZTuplA1FiEju
nYMBJ6CFQt9dzbPskHrpCCNQ88oxk60X9ddSRVSiLM45VSwysIbPmO4MCMxu+MR3
I1eADochwzY0CtQ/80ofjwXUU8/DVNX1OvvfJ4Fiji8Pzwj1Wcr01mT+T8e4
-----END CERTIFICATE-----
Generated at Fri May 3 12:41:38 2024 by rpki-client on console-fra.rpki-client.org