Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/KmrMWw-SpiymPWIlrLSCoDddkX4.roa
File: KmrMWw-SpiymPWIlrLSCoDddkX4.roa (raw, json)
Hash identifier: V51qQ1tFXdQhQv6SJndzcfpocuqfhWFxCJK2YoeYOZ8=
Subject key identifier: 2A:6A:CC:5B:0F:92:A6:2C:A6:3D:62:25:AC:B4:82:A0:37:5D:91:7E
Certificate issuer: /CN=029e98336f6a6cc9dbcf1ecb4895580f094e3e2b
Certificate serial: 018CC348A28B34889AF4F75C3EF5979105E6
Authority key identifier: 02:9E:98:33:6F:6A:6C:C9:DB:CF:1E:CB:48:95:58:0F:09:4E:3E:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ap6YM29qbMnbzx7LSJVYDwlOPis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/KmrMWw-SpiymPWIlrLSCoDddkX4.roa
Signing time: Mon 01 Jan 2024 04:29:26 +0000
ROA not before: Mon 01 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8376
IP address blocks: 212.34.0.0/19 maxlen: 24
185.98.224.0/22 maxlen: 24
213.139.32.0/19 maxlen: 24
2a00:18d8::/29 maxlen: 64
2a00:18d8::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/Ap6YM29qbMnbzx7LSJVYDwlOPis.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/Ap6YM29qbMnbzx7LSJVYDwlOPis.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ap6YM29qbMnbzx7LSJVYDwlOPis.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a2:8b:34:88:9a:f4:f7:5c:3e:f5:97:91:05:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=029e98336f6a6cc9dbcf1ecb4895580f094e3e2b
Validity
Not Before: Jan 1 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a6acc5b0f92a62ca63d6225acb482a0375d917e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:eb:49:5c:87:47:6a:f6:3c:af:ad:96:2b:f0:
49:f8:15:a9:bc:c6:57:53:a0:2e:83:6b:a2:63:2f:
9b:52:13:2e:ac:3f:b4:b2:21:a4:84:10:3e:23:18:
34:fb:85:81:cd:28:c2:b7:53:0b:d9:9d:ff:e8:1d:
75:64:74:83:a6:0b:e3:73:ff:7c:57:ca:01:15:2f:
cd:cf:81:89:5b:65:db:09:35:3b:31:1e:a4:ce:6f:
fd:bd:24:36:fa:1c:7f:bf:d9:5f:82:b8:c5:3e:a5:
e0:26:3d:a0:6c:60:57:43:72:1c:83:8d:a4:28:52:
53:8e:f4:db:b7:87:8a:58:e5:04:b4:93:7e:e1:2b:
6a:b8:91:0f:b3:ab:72:c3:38:9a:11:ae:13:d7:d5:
11:5c:7e:12:f3:77:26:2a:ad:b1:8b:10:64:eb:9e:
1f:91:37:22:ab:e7:0b:fe:52:0f:35:f8:ad:7d:8f:
29:d7:c4:d0:37:86:81:8f:19:cb:52:ac:0d:8b:dd:
2a:6a:a4:e9:75:fe:60:69:c4:98:ef:c5:3a:77:8d:
ce:79:1a:21:b1:b7:d4:14:e1:2c:55:85:b3:a4:5f:
1b:ff:4a:6f:bf:be:c9:1d:50:3d:f6:8b:1a:2d:78:
08:d9:8e:60:4b:c4:3d:34:bf:6e:e4:fe:ec:7e:e9:
b3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:6A:CC:5B:0F:92:A6:2C:A6:3D:62:25:AC:B4:82:A0:37:5D:91:7E
X509v3 Authority Key Identifier:
keyid:02:9E:98:33:6F:6A:6C:C9:DB:CF:1E:CB:48:95:58:0F:09:4E:3E:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ap6YM29qbMnbzx7LSJVYDwlOPis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/KmrMWw-SpiymPWIlrLSCoDddkX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/Ap6YM29qbMnbzx7LSJVYDwlOPis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.224.0/22
212.34.0.0/19
213.139.32.0/19
IPv6:
2a00:18d8::/29
Signature Algorithm: sha256WithRSAEncryption
3f:6a:05:a0:99:33:70:1f:16:ed:f2:09:68:86:b3:88:ef:84:
7e:06:74:28:c1:4d:92:5f:29:a7:f3:8f:73:c3:a6:7a:98:d1:
b0:5e:da:86:58:67:6e:1c:76:16:b6:ef:d3:60:fc:f5:cb:01:
ba:a4:d4:f0:ff:69:1f:94:74:f7:49:47:76:47:7b:ba:8d:a6:
17:bb:25:90:1e:ee:6a:9a:e5:cc:38:58:47:d5:d0:a3:a4:b3:
86:c4:fc:df:b8:3f:34:39:c1:99:cb:34:5c:ac:38:dc:38:0a:
63:ad:9c:c7:27:09:3c:30:bc:b2:6e:9c:3e:7e:17:ca:99:a8:
0d:2a:8c:51:88:bc:8e:e8:78:fc:a2:38:c5:6c:b7:25:44:a2:
67:f1:a6:b6:7a:4b:88:7a:1d:e4:f5:fb:e0:c7:0c:ef:85:0a:
21:fe:71:4b:80:12:3c:c6:79:ff:f5:55:4a:9f:3f:89:19:e4:
ce:f8:31:d4:1e:b4:c1:51:87:60:7d:24:2f:37:77:c8:7c:1f:
09:28:99:2f:01:fa:ee:c9:48:3b:ae:15:76:fe:ec:54:e6:59:
64:43:dc:a1:52:e5:34:f5:83:18:d2:1e:de:54:3d:31:6b:ab:
c0:44:77:40:a8:89:da:c7:7f:5b:54:19:22:12:c5:fb:45:cc:
df:b3:9d:97
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSKKLNIia9PdcPvWXkQXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOWU5ODMzNmY2YTZjYzlkYmNmMWVjYjQ4OTU1ODBmMDk0
ZTNlMmIwHhcNMjQwMTAxMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZhY2M1YjBmOTJhNjJjYTYzZDYyMjVhY2I0ODJhMDM3NWQ5MTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOtJXIdHavY8r62WK/BJ+BWpvMZX
U6Aug2uiYy+bUhMurD+0siGkhBA+Ixg0+4WBzSjCt1ML2Z3/6B11ZHSDpgvjc/98
V8oBFS/Nz4GJW2XbCTU7MR6kzm/9vSQ2+hx/v9lfgrjFPqXgJj2gbGBXQ3Icg42k
KFJTjvTbt4eKWOUEtJN+4StquJEPs6tywziaEa4T19URXH4S83cmKq2xixBk654f
kTciq+cL/lIPNfitfY8p18TQN4aBjxnLUqwNi90qaqTpdf5gacSY78U6d43OeRoh
sbfUFOEsVYWzpF8b/0pvv77JHVA99osaLXgI2Y5gS8Q9NL9u5P7sfumzVQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCpqzFsPkqYspj1iJay0gqA3XZF+MB8GA1UdIwQY
MBaAFAKemDNvamzJ288ey0iVWA8JTj4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXA2WU0yOXFiTW5ieng3TFNKVllEd2xPUGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9mYmMxNDEtOTlmYy00ZjgzLWI1ODUt
MGZlNmY1NWRiM2Y2LzEvS21yTVd3LVNwaXltUFdJbHJMU0NvRGRka1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9mYmMxNDEtOTlmYy00ZjgzLWI1ODUtMGZlNmY1NWRiM2Y2
LzEvQXA2WU0yOXFiTW5ieng3TFNKVllEd2xPUGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWLgAwQF
1CIAAwQF1YsgMA0EAgACMAcDBQMqABjYMA0GCSqGSIb3DQEBCwUAA4IBAQA/agWg
mTNwHxbt8glohrOI74R+BnQowU2SXymn849zw6Z6mNGwXtqGWGduHHYWtu/TYPz1
ywG6pNTw/2kflHT3SUd2R3u6jaYXuyWQHu5qmuXMOFhH1dCjpLOGxPzfuD80OcGZ
yzRcrDjcOApjrZzHJwk8MLyybpw+fhfKmagNKoxRiLyO6Hj8ojjFbLclRKJn8aa2
ekuIeh3k9fvgxwzvhQoh/nFLgBI8xnn/9VVKnz+JGeTO+DHUHrTBUYdgfSQvN3fI
fB8JKJkvAfruyUg7rhV2/uxU5llkQ9yhUuU09YMY0h7eVD0xa6vARHdAqInax39b
VBkiEsX7Rczfs52X
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:52:10 2024 by rpki-client on console-fra.rpki-client.org