Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/kKQtVoStbUXMAoqMrFi5FwjAQpo.roa
File: kKQtVoStbUXMAoqMrFi5FwjAQpo.roa (raw, json)
Hash identifier: WwsQ0AmIlCsQIt3wmQGHw5BWxYET56vz3cFVaeDtHtA=
Subject key identifier: 90:A4:2D:56:84:AD:6D:45:CC:02:8A:8C:AC:58:B9:17:08:C0:42:9A
Certificate issuer: /CN=78356c6a831680e9b8b7c95514953007a9407e87
Certificate serial: 018CC5014E855752E72D70A9833D64D45762
Authority key identifier: 78:35:6C:6A:83:16:80:E9:B8:B7:C9:55:14:95:30:07:A9:40:7E:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eDVsaoMWgOm4t8lVFJUwB6lAfoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/kKQtVoStbUXMAoqMrFi5FwjAQpo.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48596
IP address blocks: 185.181.104.0/22 maxlen: 24
45.87.156.0/22 maxlen: 24
2a0a:c980::/29 maxlen: 48
2a02:d500::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/eDVsaoMWgOm4t8lVFJUwB6lAfoc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/eDVsaoMWgOm4t8lVFJUwB6lAfoc.mft
rsync://rpki.ripe.net/repository/DEFAULT/eDVsaoMWgOm4t8lVFJUwB6lAfoc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 09:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4e:85:57:52:e7:2d:70:a9:83:3d:64:d4:57:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78356c6a831680e9b8b7c95514953007a9407e87
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90a42d5684ad6d45cc028a8cac58b91708c0429a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ee:18:20:f5:c2:e1:46:49:af:47:b6:28:9d:
2e:79:b3:a9:1d:84:6e:3d:67:16:62:de:63:f5:21:
fe:75:c8:a7:f0:12:46:39:35:cf:04:a3:e3:c1:e1:
81:b9:ef:0e:58:c5:72:2b:22:93:be:3f:11:c4:3a:
79:4b:fc:a7:1b:df:8e:2d:b9:18:58:72:7a:f5:0f:
3a:43:c8:78:05:f1:54:55:25:7f:30:4d:7a:d1:0b:
6c:64:41:09:b0:d2:f6:2a:20:8b:2e:96:ee:5f:61:
65:75:8f:4a:fc:78:cb:2d:8e:88:20:fd:1a:db:be:
a7:62:ff:52:2d:0b:2f:f5:fa:b3:d7:69:7b:f9:35:
b4:2e:1d:8b:1f:9e:ef:b4:53:88:e9:4d:b2:d4:ca:
66:2e:d0:c7:9a:94:dc:b1:dc:17:59:6a:cb:1f:79:
b6:b1:c3:4a:0b:e6:28:48:0f:95:5c:d4:70:fd:cc:
7f:5a:5d:9a:78:12:b4:c7:21:6e:76:83:22:2c:03:
8c:b7:25:cb:6f:b4:85:62:69:a1:f2:35:c5:bb:d4:
23:cd:e4:05:cf:81:fe:e8:e5:8c:c1:53:1b:d6:19:
ae:5c:a6:ae:d2:9a:e8:b9:e8:14:e4:5b:eb:a6:63:
7b:6e:1a:c7:49:53:cb:0f:8c:f3:79:c4:67:da:fe:
bf:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A4:2D:56:84:AD:6D:45:CC:02:8A:8C:AC:58:B9:17:08:C0:42:9A
X509v3 Authority Key Identifier:
keyid:78:35:6C:6A:83:16:80:E9:B8:B7:C9:55:14:95:30:07:A9:40:7E:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eDVsaoMWgOm4t8lVFJUwB6lAfoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/kKQtVoStbUXMAoqMrFi5FwjAQpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/eDVsaoMWgOm4t8lVFJUwB6lAfoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.156.0/22
185.181.104.0/22
IPv6:
2a02:d500::/29
2a0a:c980::/29
Signature Algorithm: sha256WithRSAEncryption
ad:d8:c5:3e:c8:ec:3e:c8:18:00:59:bc:56:16:6e:b9:eb:53:
7e:b8:92:a9:84:84:a0:57:78:14:da:45:2c:f2:69:65:d5:44:
43:f3:b5:63:b8:ef:c8:1a:d9:2f:dc:00:9a:1b:8c:76:ee:fb:
b8:cc:5b:47:f3:e3:59:10:48:d5:91:3d:be:2e:5f:60:62:d1:
76:03:c4:1c:fa:86:f0:8b:c5:6e:54:67:45:7f:ab:fe:f5:2a:
7b:a2:b1:47:04:57:11:b8:6c:ca:dd:f7:6a:7d:2a:de:d9:01:
9e:fb:f3:b3:b6:61:59:72:bf:4c:df:c0:a9:d0:99:bb:6c:d3:
8e:0f:f2:f9:e2:05:ce:0d:9f:14:67:8f:1c:f1:a8:41:09:ab:
f3:ba:b0:a5:e5:85:cc:e4:7e:61:8b:ed:a1:24:10:b7:05:ca:
be:b2:ad:7e:eb:ff:6a:f5:4e:4a:8f:0e:c1:75:31:e4:6e:40:
b3:c3:8b:83:6d:59:a9:44:4f:04:42:98:58:33:e9:22:28:b5:
da:26:b9:af:1e:cd:4b:39:6d:ce:e0:a5:e7:c6:20:47:22:80:
2f:33:b2:31:a8:ff:0c:62:61:32:cd:ea:07:95:0c:5b:06:cf:
44:45:5c:cb:b4:70:8c:51:b9:65:2c:ff:e3:42:5b:19:f6:68:
1d:65:34:82
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzFAU6FV1LnLXCpgz1k1FdiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MzU2YzZhODMxNjgwZTliOGI3Yzk1NTE0OTUzMDA3YTk0
MDdlODcwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGE0MmQ1Njg0YWQ2ZDQ1Y2MwMjhhOGNhYzU4YjkxNzA4YzA0MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+4YIPXC4UZJr0e2KJ0uebOpHYRu
PWcWYt5j9SH+dcin8BJGOTXPBKPjweGBue8OWMVyKyKTvj8RxDp5S/ynG9+OLbkY
WHJ69Q86Q8h4BfFUVSV/ME160QtsZEEJsNL2KiCLLpbuX2FldY9K/HjLLY6IIP0a
276nYv9SLQsv9fqz12l7+TW0Lh2LH57vtFOI6U2y1MpmLtDHmpTcsdwXWWrLH3m2
scNKC+YoSA+VXNRw/cx/Wl2aeBK0xyFudoMiLAOMtyXLb7SFYmmh8jXFu9QjzeQF
z4H+6OWMwVMb1hmuXKau0prouegU5FvrpmN7bhrHSVPLD4zzecRn2v6/swIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJCkLVaErW1FzAKKjKxYuRcIwEKaMB8GA1UdIwQY
MBaAFHg1bGqDFoDpuLfJVRSVMAepQH6HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZURWc2FvTVdnT200dDhsVkZKVXdCNmxBZm9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84ZDkxMzYtMWNiMi00MzQ5LWFiODYt
NWRjMzkyZGU2MzdiLzEva0tRdFZvU3RiVVhNQW9xTXJGaTVGd2pBUXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84ZDkxMzYtMWNiMi00MzQ5LWFiODYtNWRjMzkyZGU2Mzdi
LzEvZURWc2FvTVdnT200dDhsVkZKVXdCNmxBZm9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVecAwQC
ubVoMBQEAgACMA4DBQMqAtUAAwUDKgrJgDANBgkqhkiG9w0BAQsFAAOCAQEArdjF
PsjsPsgYAFm8VhZuuetTfriSqYSEoFd4FNpFLPJpZdVEQ/O1Y7jvyBrZL9wAmhuM
du77uMxbR/PjWRBI1ZE9vi5fYGLRdgPEHPqG8IvFblRnRX+r/vUqe6KxRwRXEbhs
yt33an0q3tkBnvvzs7ZhWXK/TN/AqdCZu2zTjg/y+eIFzg2fFGePHPGoQQmr87qw
peWFzOR+YYvtoSQQtwXKvrKtfuv/avVOSo8OwXUx5G5As8OLg21ZqURPBEKYWDPp
Iii12ia5rx7NSzltzuCl58YgRyKALzOyMaj/DGJhMs3qB5UMWwbPREVcy7RwjFG5
ZSz/40JbGfZoHWU0gg==
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:59:50 2024 by rpki-client on console-fra.rpki-client.org