Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9ab3a5-1c46-4be0-8937-ad4bd7f23ce4/1/_lKmYfUqmann_IxMC5eGBKtKet0.roa
File: _lKmYfUqmann_IxMC5eGBKtKet0.roa (raw, json)
Hash identifier: coP4xyhEJYikr82rJ9USRYSfVNYGIu7eTyeZQRI2IM4=
Subject key identifier: FE:52:A6:61:F5:2A:99:A9:E7:FC:8C:4C:0B:97:86:04:AB:4A:7A:DD
Certificate issuer: /CN=462231e713f0f834bd09c3f76e12e250e773c290
Certificate serial: 01900127DC1CCBCE08017F7AC7F3D3DEBCB6
Authority key identifier: 46:22:31:E7:13:F0:F8:34:BD:09:C3:F7:6E:12:E2:50:E7:73:C2:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RiIx5xPw-DS9CcP3bhLiUOdzwpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/9ab3a5-1c46-4be0-8937-ad4bd7f23ce4/1/_lKmYfUqmann_IxMC5eGBKtKet0.roa
Signing time: Mon 10 Jun 2024 07:58:27 +0000
ROA not before: Mon 10 Jun 2024 07:58:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42687
IP address blocks: 185.182.168.0/22 maxlen: 22
185.182.170.0/23 maxlen: 23
185.219.242.0/23 maxlen: 24
2a0d:25c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/9ab3a5-1c46-4be0-8937-ad4bd7f23ce4/1/RiIx5xPw-DS9CcP3bhLiUOdzwpA.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/9ab3a5-1c46-4be0-8937-ad4bd7f23ce4/1/RiIx5xPw-DS9CcP3bhLiUOdzwpA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RiIx5xPw-DS9CcP3bhLiUOdzwpA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:27:dc:1c:cb:ce:08:01:7f:7a:c7:f3:d3:de:bc:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=462231e713f0f834bd09c3f76e12e250e773c290
Validity
Not Before: Jun 10 07:58:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe52a661f52a99a9e7fc8c4c0b978604ab4a7add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:44:79:80:89:22:2d:28:22:87:4d:2b:65:68:
7c:7c:df:a4:1f:b3:93:c6:cf:3f:40:f9:70:0f:42:
6b:35:b2:ed:4f:ee:80:d3:2c:0d:b2:49:d5:59:7e:
f8:f8:f8:7d:65:db:4e:f1:3c:98:61:f4:e9:38:b7:
bd:2e:1c:86:2c:8e:0a:e0:e7:6a:13:c0:c4:25:c7:
b3:40:14:b6:95:21:9b:d0:05:f8:6c:04:a3:a3:85:
3f:df:13:85:73:df:5e:8b:ba:9c:1c:fc:7a:c3:bf:
88:2e:a7:e4:20:65:01:b3:48:cd:6c:4d:1a:c6:6e:
fe:39:c9:16:d5:1e:b0:2f:bb:ca:7a:31:4c:e7:7a:
0b:9b:46:86:04:39:e7:93:2e:09:7a:75:4b:02:d6:
81:9c:c1:af:03:2e:69:b8:12:80:55:13:d5:b7:c3:
94:2f:06:b9:da:db:9d:e1:ea:7d:43:f3:33:87:41:
ee:03:b9:7f:ed:ee:6a:96:30:fe:0b:a2:3e:d6:0e:
65:08:19:01:d1:15:3e:d2:d8:58:cf:79:84:e4:52:
dd:45:12:30:c0:d5:c8:74:f1:4b:aa:57:fd:fd:0f:
f1:80:dc:15:a1:a1:a6:f6:22:54:8d:4e:5e:15:dc:
93:5d:e9:95:82:a8:b0:e3:20:7c:63:1c:55:e1:fa:
74:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:52:A6:61:F5:2A:99:A9:E7:FC:8C:4C:0B:97:86:04:AB:4A:7A:DD
X509v3 Authority Key Identifier:
keyid:46:22:31:E7:13:F0:F8:34:BD:09:C3:F7:6E:12:E2:50:E7:73:C2:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RiIx5xPw-DS9CcP3bhLiUOdzwpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9ab3a5-1c46-4be0-8937-ad4bd7f23ce4/1/_lKmYfUqmann_IxMC5eGBKtKet0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9ab3a5-1c46-4be0-8937-ad4bd7f23ce4/1/RiIx5xPw-DS9CcP3bhLiUOdzwpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.168.0/22
185.219.242.0/23
IPv6:
2a0d:25c0::/29
Signature Algorithm: sha256WithRSAEncryption
26:46:31:38:0f:5a:e7:a3:85:b1:a7:a8:fa:74:34:e2:ac:63:
61:18:1a:fc:18:a9:a6:29:29:c6:0e:c3:92:e8:f1:a8:59:00:
76:43:da:c7:12:fb:56:09:42:d3:e1:02:4d:77:ca:07:86:fa:
49:f9:e7:2e:ca:ad:05:dc:6d:31:4e:81:6b:8d:fc:61:53:b7:
ba:15:42:4c:e5:11:a2:3c:db:9b:e4:3c:26:9d:56:88:8a:cc:
61:bf:b6:6d:50:d7:53:da:52:b3:96:2f:99:31:18:0c:3c:7a:
79:d2:fc:b9:44:16:9c:a4:3d:04:25:fb:5a:3a:11:3c:6f:3b:
5b:3e:1d:53:b6:67:f2:cc:db:72:08:31:01:40:68:37:8a:ee:
b5:80:c8:43:eb:06:e0:b5:31:d1:e5:43:b5:56:f1:53:52:5c:
65:01:66:46:10:1c:93:e6:8b:68:af:6c:d1:f4:dd:3a:67:21:
37:13:5d:14:f4:0f:41:43:82:4e:ca:59:37:72:e6:f3:e3:cc:
bf:1e:8f:92:3e:3c:1c:b7:56:50:c2:8e:4c:d7:92:20:be:21:
40:2c:a9:77:5b:a5:17:5b:4b:00:86:86:60:68:fa:2b:70:3e:
34:67:19:ba:5e:85:66:b3:9c:0a:08:9a:bb:48:56:0c:31:1e:
71:df:db:6d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZABJ9wcy84IAX96x/PT3ry2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MjIzMWU3MTNmMGY4MzRiZDA5YzNmNzZlMTJlMjUwZTc3
M2MyOTAwHhcNMjQwNjEwMDc1ODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTUyYTY2MWY1MmE5OWE5ZTdmYzhjNGMwYjk3ODYwNGFiNGE3YWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0R5gIkiLSgih00rZWh8fN+kH7OT
xs8/QPlwD0JrNbLtT+6A0ywNsknVWX74+Ph9ZdtO8TyYYfTpOLe9LhyGLI4K4Odq
E8DEJcezQBS2lSGb0AX4bASjo4U/3xOFc99ei7qcHPx6w7+ILqfkIGUBs0jNbE0a
xm7+OckW1R6wL7vKejFM53oLm0aGBDnnky4JenVLAtaBnMGvAy5puBKAVRPVt8OU
Lwa52tud4ep9Q/Mzh0HuA7l/7e5qljD+C6I+1g5lCBkB0RU+0thYz3mE5FLdRRIw
wNXIdPFLqlf9/Q/xgNwVoaGm9iJUjU5eFdyTXemVgqiw4yB8YxxV4fp0dQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP5SpmH1Kpmp5/yMTAuXhgSrSnrdMB8GA1UdIwQY
MBaAFEYiMecT8Pg0vQnD924S4lDnc8KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmlJeDV4UHctRFM5Q2NQM2JoTGlVT2R6d3BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85YWIzYTUtMWM0Ni00YmUwLTg5Mzct
YWQ0YmQ3ZjIzY2U0LzEvX2xLbVlmVXFtYW5uX0l4TUM1ZUdCS3RLZXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85YWIzYTUtMWM0Ni00YmUwLTg5MzctYWQ0YmQ3ZjIzY2U0
LzEvUmlJeDV4UHctRFM5Q2NQM2JoTGlVT2R6d3BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubaoAwQB
udvyMA0EAgACMAcDBQMqDSXAMA0GCSqGSIb3DQEBCwUAA4IBAQAmRjE4D1rno4Wx
p6j6dDTirGNhGBr8GKmmKSnGDsOS6PGoWQB2Q9rHEvtWCULT4QJNd8oHhvpJ+ecu
yq0F3G0xToFrjfxhU7e6FUJM5RGiPNub5DwmnVaIisxhv7ZtUNdT2lKzli+ZMRgM
PHp50vy5RBacpD0EJftaOhE8bztbPh1TtmfyzNtyCDEBQGg3iu61gMhD6wbgtTHR
5UO1VvFTUlxlAWZGEByT5otor2zR9N06ZyE3E10U9A9BQ4JOylk3cubz48y/Ho+S
Pjwct1ZQwo5M15IgviFALKl3W6UXW0sAhoZgaPorcD40Zxm6XoVms5wKCJq7SFYM
MR5x39tt
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:27 2024 by rpki-client on console-fra.rpki-client.org