Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/KWVk8nqivC3auw2GGbUpgIuur5w.roa
File: KWVk8nqivC3auw2GGbUpgIuur5w.roa (raw, json)
Hash identifier: OZKAVWIPNoVsdMpt+NyF7Pqs1N0Bp7IU/bl8h8w/z20=
Subject key identifier: 29:65:64:F2:7A:A2:BC:2D:DA:BB:0D:86:19:B5:29:80:8B:AE:AF:9C
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018CC94CA6BF8A500252CE897AA415BA06D1
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/KWVk8nqivC3auw2GGbUpgIuur5w.roa
Signing time: Tue 02 Jan 2024 08:31:33 +0000
ROA not before: Tue 02 Jan 2024 08:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200017
IP address blocks: 188.191.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:a6:bf:8a:50:02:52:ce:89:7a:a4:15:ba:06:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 2 08:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=296564f27aa2bc2ddabb0d8619b529808baeaf9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2d:32:55:c9:e3:73:42:6b:de:a2:dd:5c:6a:
5c:54:be:48:f2:8c:66:2c:73:46:a2:50:ad:3e:ee:
65:da:a2:d6:6a:c1:10:d5:72:63:6f:8f:da:4c:b6:
fd:3d:08:ec:07:6b:e7:5f:b9:c6:13:03:54:ec:ab:
b1:80:04:1b:b6:df:c9:fe:c0:f8:03:97:f9:89:a7:
83:b9:47:9a:ae:bc:f0:1e:5e:36:7a:6b:bc:98:11:
f2:8f:0d:ba:09:ec:db:8e:ba:2c:05:e3:69:7d:58:
8a:f1:bd:d9:7e:a9:b9:31:ea:f5:50:75:98:25:da:
c3:43:b3:d7:c2:0c:29:ff:f0:d1:af:1a:36:77:be:
68:26:41:7b:fd:19:54:9c:6f:ee:97:c9:d5:b7:af:
e8:71:1a:f8:6e:08:cb:0b:28:6f:43:dd:ac:f2:a4:
da:84:4d:0f:57:86:85:79:13:c0:62:70:e8:e7:38:
3a:d4:c0:6e:cb:97:02:b3:d7:dd:2f:c3:53:a5:b0:
9a:ac:48:9d:f4:7b:4d:6b:8f:2f:06:e0:7a:13:89:
a4:ce:97:ef:00:80:cd:93:f9:87:42:d9:0e:7d:41:
79:2e:83:91:08:dc:7d:6a:fb:08:eb:a0:cd:36:00:
eb:bb:48:f5:c4:e7:eb:f6:fe:af:23:d0:3f:95:b6:
ca:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:65:64:F2:7A:A2:BC:2D:DA:BB:0D:86:19:B5:29:80:8B:AE:AF:9C
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/KWVk8nqivC3auw2GGbUpgIuur5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.105.0/24
Signature Algorithm: sha256WithRSAEncryption
89:dc:c7:e1:ac:60:c5:de:9e:d7:cf:64:9a:04:e5:9c:84:7f:
3a:d6:99:11:67:a4:b3:47:37:ea:81:d8:ca:1f:3c:e6:f3:13:
33:dc:c9:6e:59:55:a4:56:88:b6:7c:22:f8:b2:67:84:fd:c2:
23:ac:85:9a:42:30:c4:16:53:2b:63:b4:86:65:cb:89:75:27:
b9:c2:6d:ba:d0:63:e9:10:c0:7f:b4:31:7b:c7:23:7e:3a:1f:
10:64:e1:e5:31:2a:02:13:16:23:e2:57:a0:43:a4:cd:44:7c:
bd:15:ea:cb:27:08:10:5a:49:4a:c1:55:26:82:32:a0:6b:35:
ef:c1:08:75:07:dd:fa:84:b0:3f:7e:6c:66:6d:e1:43:c0:92:
75:41:5c:30:8b:92:2c:09:87:bc:33:2e:da:0f:87:a2:e8:7d:
4b:80:cc:76:5d:12:b1:05:d5:ef:0f:3e:c9:f3:48:60:23:ba:
35:ce:5c:68:2a:0f:02:12:20:fc:41:f0:67:c6:8c:ba:01:2b:
4c:c9:75:c4:8b:83:3e:bf:88:cf:90:16:9b:7b:7b:30:14:a3:
1c:b2:8d:46:66:43:46:71:ce:c2:98:c0:27:08:0f:f6:34:8e:
b9:ac:02:03:47:ff:70:16:41:25:96:f3:b0:28:f7:4b:96:2d:
dd:fa:9d:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTKa/ilACUs6JeqQVugbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQwMTAyMDgzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTY1NjRmMjdhYTJiYzJkZGFiYjBkODYxOWI1Mjk4MDhiYWVhZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2y0yVcnjc0Jr3qLdXGpcVL5I8oxm
LHNGolCtPu5l2qLWasEQ1XJjb4/aTLb9PQjsB2vnX7nGEwNU7KuxgAQbtt/J/sD4
A5f5iaeDuUearrzwHl42emu8mBHyjw26CezbjrosBeNpfViK8b3Zfqm5Mer1UHWY
JdrDQ7PXwgwp//DRrxo2d75oJkF7/RlUnG/ul8nVt6/ocRr4bgjLCyhvQ92s8qTa
hE0PV4aFeRPAYnDo5zg61MBuy5cCs9fdL8NTpbCarEid9HtNa48vBuB6E4mkzpfv
AIDNk/mHQtkOfUF5LoORCNx9avsI66DNNgDru0j1xOfr9v6vI9A/lbbKAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCllZPJ6orwt2rsNhhm1KYCLrq+cMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvS1dWazhucWl2QzNhdXcyR0diVXBnSXV1cjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9pMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ3MfhrGDF3p7Xz2SaBOWchH861pkRZ6SzRzfqgdjK
Hzzm8xMz3MluWVWkVoi2fCL4smeE/cIjrIWaQjDEFlMrY7SGZcuJdSe5wm260GPp
EMB/tDF7xyN+Oh8QZOHlMSoCExYj4legQ6TNRHy9FerLJwgQWklKwVUmgjKgazXv
wQh1B936hLA/fmxmbeFDwJJ1QVwwi5IsCYe8My7aD4ei6H1LgMx2XRKxBdXvDz7J
80hgI7o1zlxoKg8CEiD8QfBnxoy6AStMyXXEi4M+v4jPkBabe3swFKMcso1GZkNG
cc7CmMAnCA/2NI65rAIDR/9wFkEllvOwKPdLli3d+p3M
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:50:16 2024 by rpki-client on console-ams.rpki-client.org