Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/kAp_rZb2gToB3LZpR4hJ9G7AZKg.roa
File: kAp_rZb2gToB3LZpR4hJ9G7AZKg.roa (raw, json)
Hash identifier: sesj53HjO3Oi9X/tKqq2kSAY319ltazP7/WUB+Xd4as=
Subject key identifier: 90:0A:7F:AD:96:F6:81:3A:01:DC:B6:69:47:88:49:F4:6E:C0:64:A8
Certificate issuer: /CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Certificate serial: 018CC8DE67EEFA13D0A3AF35BA0E9F25FAF6
Authority key identifier: 27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/kAp_rZb2gToB3LZpR4hJ9G7AZKg.roa
Signing time: Tue 02 Jan 2024 06:31:07 +0000
ROA not before: Tue 02 Jan 2024 06:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47262
IP address blocks: 212.120.192.0/19 maxlen: 19
212.120.196.0/23 maxlen: 23
46.245.0.0/18 maxlen: 20
95.81.64.0/24 maxlen: 24
46.245.9.0/24 maxlen: 24
95.81.66.0/23 maxlen: 23
95.81.65.0/24 maxlen: 24
95.81.68.0/22 maxlen: 22
95.81.68.0/23 maxlen: 23
95.81.104.0/21 maxlen: 21
2a00:d20::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 17:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:67:ee:fa:13:d0:a3:af:35:ba:0e:9f:25:fa:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=272ed090acf7c829a22bbfbe2b0e998cd20ad826
Validity
Not Before: Jan 2 06:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=900a7fad96f6813a01dcb669478849f46ec064a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:82:88:7a:c9:16:05:d5:7e:15:06:97:6e:b7:
f7:7b:4a:05:59:08:9d:3a:76:b3:f3:1c:cc:98:bf:
ae:bf:da:19:a8:c4:fb:98:3c:60:5d:ad:06:1a:4c:
a7:8f:5a:97:c3:9e:01:74:79:1f:74:34:82:71:a4:
ab:3f:12:7a:f7:54:88:27:7a:e7:36:3c:07:4d:0d:
d4:f2:34:bc:36:7a:b7:3f:45:b8:28:2f:c6:96:25:
8a:81:0a:30:e4:74:f6:8a:2c:f1:ff:72:46:a2:c5:
ef:3a:85:b7:3b:6a:b4:c6:8c:98:62:0a:32:cb:54:
8d:4d:23:94:16:c8:b5:48:ff:cf:8d:d5:ab:11:04:
aa:ec:c3:1e:cc:98:7f:18:5a:11:a2:32:46:a5:1d:
d6:90:45:3b:ef:32:07:2c:eb:a4:ba:c9:0c:9a:d6:
7b:b5:59:0a:f9:d3:8d:42:48:d3:1e:f7:e0:c8:01:
8f:81:e0:a3:19:42:c0:1f:03:1c:e4:5f:74:0d:09:
55:ba:a0:af:f6:a7:d6:5b:50:f2:8b:45:90:33:d6:
c4:ef:86:d1:24:a7:2f:f3:6f:3a:d6:0d:24:f6:ac:
1f:7d:70:92:b7:9c:dc:97:d5:ee:0f:f8:24:28:33:
8e:09:a1:40:48:69:82:8d:59:a7:4f:6d:eb:5e:6b:
95:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0A:7F:AD:96:F6:81:3A:01:DC:B6:69:47:88:49:F4:6E:C0:64:A8
X509v3 Authority Key Identifier:
keyid:27:2E:D0:90:AC:F7:C8:29:A2:2B:BF:BE:2B:0E:99:8C:D2:0A:D8:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/kAp_rZb2gToB3LZpR4hJ9G7AZKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/a15f96-ec18-4644-89b3-acc22bb4dced/1/Jy7QkKz3yCmiK7--Kw6ZjNIK2CY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.0.0/18
95.81.64.0/21
95.81.104.0/21
212.120.192.0/19
IPv6:
2a00:d20::/32
Signature Algorithm: sha256WithRSAEncryption
34:ee:69:17:b4:20:8c:07:28:64:f3:05:1c:e6:20:db:85:29:
bd:2c:68:9a:e2:bf:9c:7f:4a:af:7c:a6:f2:b3:a1:ac:d1:e8:
65:8a:52:55:2b:19:22:d9:14:e8:fb:4c:18:ee:83:c6:a3:db:
23:5c:86:84:0a:ac:54:40:ee:5a:02:e1:51:e8:d0:30:86:1a:
95:16:ed:2a:9e:86:a4:ca:49:5b:1b:60:67:0e:97:b1:a9:58:
5b:3e:4a:38:8f:c8:13:27:a4:d8:52:80:d0:28:b8:4d:26:15:
a2:11:fa:6b:72:ae:06:b0:5e:45:5d:fd:d2:65:56:05:eb:f0:
67:38:9c:8a:57:92:31:19:e6:3c:0d:e2:f8:62:87:6f:43:22:
ae:f2:26:49:e6:46:22:f9:bd:12:27:22:c8:8c:60:62:98:6e:
ce:c0:70:47:2c:1e:38:55:1f:3f:7b:da:53:cd:fd:f7:00:71:
e0:c4:05:5c:88:58:3f:31:04:a0:32:c8:c7:87:de:43:31:73:
59:12:0e:81:03:95:5d:94:8a:8f:d1:50:43:6e:d9:59:e8:33:
8b:01:ec:3a:3a:db:14:91:6a:6b:cf:9e:27:e0:14:e1:a1:6e:
e9:c1:7c:d9:8c:d9:ed:46:23:5f:22:15:71:fe:0d:76:2a:e9:
d4:b8:e1:4c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzI3mfu+hPQo681ug6fJfr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MmVkMDkwYWNmN2M4MjlhMjJiYmZiZTJiMGU5OThjZDIw
YWQ4MjYwHhcNMjQwMTAyMDYzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBhN2ZhZDk2ZjY4MTNhMDFkY2I2Njk0Nzg4NDlmNDZlYzA2NGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloKIeskWBdV+FQaXbrf3e0oFWQid
Onaz8xzMmL+uv9oZqMT7mDxgXa0GGkynj1qXw54BdHkfdDSCcaSrPxJ691SIJ3rn
NjwHTQ3U8jS8Nnq3P0W4KC/GliWKgQow5HT2iizx/3JGosXvOoW3O2q0xoyYYgoy
y1SNTSOUFsi1SP/PjdWrEQSq7MMezJh/GFoRojJGpR3WkEU77zIHLOukuskMmtZ7
tVkK+dONQkjTHvfgyAGPgeCjGULAHwMc5F90DQlVuqCv9qfWW1Dyi0WQM9bE74bR
JKcv82861g0k9qwffXCSt5zcl9XuD/gkKDOOCaFASGmCjVmnT23rXmuViwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJAKf62W9oE6Ady2aUeISfRuwGSoMB8GA1UdIwQY
MBaAFCcu0JCs98gpoiu/visOmYzSCtgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMt
YWNjMjJiYjRkY2VkLzEva0FwX3JaYjJnVG9CM0xacFI0aEo5RzdBWktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9hMTVmOTYtZWMxOC00NjQ0LTg5YjMtYWNjMjJiYjRkY2Vk
LzEvSnk3UWtLejN5Q21pSzctLUt3NlpqTklLMkNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGLvUAAwQD
X1FAAwQDX1FoAwQF1HjAMA0EAgACMAcDBQAqAA0gMA0GCSqGSIb3DQEBCwUAA4IB
AQA07mkXtCCMByhk8wUc5iDbhSm9LGia4r+cf0qvfKbys6Gs0ehlilJVKxki2RTo
+0wY7oPGo9sjXIaECqxUQO5aAuFR6NAwhhqVFu0qnoakyklbG2BnDpexqVhbPko4
j8gTJ6TYUoDQKLhNJhWiEfprcq4GsF5FXf3SZVYF6/BnOJyKV5IxGeY8DeL4Yodv
QyKu8iZJ5kYi+b0SJyLIjGBimG7OwHBHLB44VR8/e9pTzf33AHHgxAVciFg/MQSg
MsjHh95DMXNZEg6BA5VdlIqP0VBDbtlZ6DOLAew6OtsUkWprz54n4BThoW7pwXzZ
jNntRiNfIhVx/g12KunUuOFM
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:20:04 2024 by rpki-client on console-ams.rpki-client.org