Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/K3SAnA_9z0z4bk6dZUBs2CQPAok.roa
File: K3SAnA_9z0z4bk6dZUBs2CQPAok.roa (raw, json)
Hash identifier: 7T/lNu6iTWxrgMxOQvvvddzcUFDEw2Jc23IbxbiSx4c=
Subject key identifier: 2B:74:80:9C:0F:FD:CF:4C:F8:6E:4E:9D:65:40:6C:D8:24:0F:02:89
Certificate issuer: /CN=f4c6b7dd5175be8db7a0522f7d4e41c5c42c6b29
Certificate serial: 0190DFDE7E7D6D529EF7904F3E8E3AC8DE8A
Authority key identifier: F4:C6:B7:DD:51:75:BE:8D:B7:A0:52:2F:7D:4E:41:C5:C4:2C:6B:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Ma33VF1vo23oFIvfU5BxcQsayk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/K3SAnA_9z0z4bk6dZUBs2CQPAok.roa
Signing time: Tue 23 Jul 2024 13:53:38 +0000
ROA not before: Tue 23 Jul 2024 13:53:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212136
IP address blocks: 5.172.178.0/24 maxlen: 24
81.22.46.0/24 maxlen: 24
81.22.47.0/24 maxlen: 24
185.228.248.0/24 maxlen: 24
185.247.187.0/24 maxlen: 24
194.31.9.0/24 maxlen: 24
213.232.254.0/24 maxlen: 24
2a10:aa80::/30 maxlen: 30
2a10:aa84::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/9Ma33VF1vo23oFIvfU5BxcQsayk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/9Ma33VF1vo23oFIvfU5BxcQsayk.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Ma33VF1vo23oFIvfU5BxcQsayk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:de:7e:7d:6d:52:9e:f7:90:4f:3e:8e:3a:c8:de:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c6b7dd5175be8db7a0522f7d4e41c5c42c6b29
Validity
Not Before: Jul 23 13:53:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b74809c0ffdcf4cf86e4e9d65406cd8240f0289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:df:ba:a6:61:ea:ab:dc:09:f0:57:dc:35:9c:
42:30:5d:6d:29:2c:a9:48:16:c0:6c:28:18:f5:1c:
ab:a7:81:ec:0c:43:14:6c:20:5b:16:d2:2a:59:11:
46:4c:ef:aa:61:86:ef:63:63:e3:62:7f:7d:14:ea:
08:ac:e4:9f:09:a4:2b:22:15:11:c0:fd:70:ec:ec:
d3:6e:f2:c2:5b:b9:be:f5:b6:79:c6:6f:73:9f:34:
8a:d1:4d:97:84:67:d1:f7:f9:67:97:15:8d:ed:54:
68:79:e9:95:99:73:ff:c9:29:83:ab:69:2f:c6:23:
e0:53:7d:e0:66:ab:5b:f2:ca:62:7b:99:66:cb:cf:
11:94:b6:c8:d5:45:41:d5:bb:db:59:53:8a:80:60:
27:47:e5:23:9a:fd:2b:96:1e:52:32:48:9c:bb:bb:
88:ce:50:c8:5a:47:98:e5:19:e1:69:2e:b6:1e:29:
12:d1:b2:fb:ba:32:96:b5:6d:8a:81:a7:0b:94:b5:
25:21:f1:eb:c8:92:18:6f:fa:46:87:5b:e7:d5:6d:
14:3f:1d:02:8c:02:1f:d5:d7:eb:f6:3b:8d:db:55:
22:58:b3:aa:78:06:3e:a4:e7:ac:d4:e9:9f:ea:e6:
7b:9e:eb:8c:c0:83:97:b3:66:45:21:ac:8e:45:b4:
d4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:74:80:9C:0F:FD:CF:4C:F8:6E:4E:9D:65:40:6C:D8:24:0F:02:89
X509v3 Authority Key Identifier:
keyid:F4:C6:B7:DD:51:75:BE:8D:B7:A0:52:2F:7D:4E:41:C5:C4:2C:6B:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Ma33VF1vo23oFIvfU5BxcQsayk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/K3SAnA_9z0z4bk6dZUBs2CQPAok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/9Ma33VF1vo23oFIvfU5BxcQsayk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.178.0/24
81.22.46.0/23
185.228.248.0/24
185.247.187.0/24
194.31.9.0/24
213.232.254.0/24
IPv6:
2a10:aa80::/29
Signature Algorithm: sha256WithRSAEncryption
57:7e:b4:af:e1:98:19:37:67:37:76:0d:c8:7c:77:ff:b9:73:
c2:d5:db:18:93:99:34:e1:6c:a4:f1:77:cc:6a:34:5c:b3:a1:
3e:8f:b5:32:60:f4:b2:e0:fb:7c:eb:be:3c:b4:f3:3a:25:d5:
30:26:c7:18:e0:33:25:db:55:b0:a9:c3:b6:16:1d:fa:5e:7e:
4f:dd:36:bf:92:72:2f:d9:d2:b4:fe:ba:88:05:4a:03:1d:82:
af:d2:53:c1:a3:30:86:71:62:08:a8:24:1a:7d:ef:db:20:69:
5f:e3:50:98:48:21:e6:fd:41:df:2e:bb:75:46:46:39:b9:02:
42:fb:72:de:f0:34:55:fa:83:a7:5e:2d:02:d9:57:9a:71:6f:
8f:55:f3:33:50:28:25:9b:dc:f4:93:d0:21:12:21:d5:52:74:
9c:66:94:7f:24:cf:02:ec:ea:f3:f5:54:0c:e0:f8:4d:e8:bf:
a0:78:02:7f:55:a5:1a:66:4e:2b:a4:1b:c0:b8:ed:42:b6:cf:
3e:f2:1f:63:27:bc:c3:80:c6:3c:34:03:16:c5:98:9a:58:a4:
53:7c:f2:15:b5:55:6a:d5:ef:1a:98:be:20:e5:ac:2c:e2:42:
d5:e5:bd:90:1b:cb:f3:10:9d:2f:97:41:77:f3:fe:70:0c:02:
d8:a2:a6:2b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZDf3n59bVKe95BPPo46yN6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzZiN2RkNTE3NWJlOGRiN2EwNTIyZjdkNGU0MWM1YzQy
YzZiMjkwHhcNMjQwNzIzMTM1MzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjc0ODA5YzBmZmRjZjRjZjg2ZTRlOWQ2NTQwNmNkODI0MGYwMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN+6pmHqq9wJ8FfcNZxCMF1tKSyp
SBbAbCgY9Ryrp4HsDEMUbCBbFtIqWRFGTO+qYYbvY2PjYn99FOoIrOSfCaQrIhUR
wP1w7OzTbvLCW7m+9bZ5xm9znzSK0U2XhGfR9/lnlxWN7VRoeemVmXP/ySmDq2kv
xiPgU33gZqtb8spie5lmy88RlLbI1UVB1bvbWVOKgGAnR+Ujmv0rlh5SMkicu7uI
zlDIWkeY5RnhaS62HikS0bL7ujKWtW2KgacLlLUlIfHryJIYb/pGh1vn1W0UPx0C
jAIf1dfr9juN21UiWLOqeAY+pOes1Omf6uZ7nuuMwIOXs2ZFIayORbTUNwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCt0gJwP/c9M+G5OnWVAbNgkDwKJMB8GA1UdIwQY
MBaAFPTGt91Rdb6Nt6BSL31OQcXELGspMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1hMzNWRjF2bzIzb0ZJdmZVNUJ4Y1FzYXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jNWY3MTQtNDcyYy00ODU2LWFhNGIt
OWIyMWI2ZjY2NzlhLzEvSzNTQW5BXzl6MHo0Yms2ZFpVQnMyQ1FQQW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jNWY3MTQtNDcyYy00ODU2LWFhNGItOWIyMWI2ZjY2Nzlh
LzEvOU1hMzNWRjF2bzIzb0ZJdmZVNUJ4Y1FzYXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQABayyAwQB
URYuAwQAueT4AwQAufe7AwQAwh8JAwQA1ej+MA0EAgACMAcDBQMqEKqAMA0GCSqG
SIb3DQEBCwUAA4IBAQBXfrSv4ZgZN2c3dg3IfHf/uXPC1dsYk5k04Wyk8XfMajRc
s6E+j7UyYPSy4Pt86748tPM6JdUwJscY4DMl21WwqcO2Fh36Xn5P3Ta/knIv2dK0
/rqIBUoDHYKv0lPBozCGcWIIqCQafe/bIGlf41CYSCHm/UHfLrt1RkY5uQJC+3Le
8DRV+oOnXi0C2VeacW+PVfMzUCglm9z0k9AhEiHVUnScZpR/JM8C7Orz9VQM4PhN
6L+geAJ/VaUaZk4rpBvAuO1Cts8+8h9jJ7zDgMY8NAMWxZiaWKRTfPIVtVVq1e8a
mL4g5aws4kLV5b2QG8vzEJ0vl0F38/5wDALYoqYr
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:20:40 2024 by rpki-client on console-ams.rpki-client.org