Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ks2aGH4jixCr-kPJwGx4DbtCHOg.roa
File: ks2aGH4jixCr-kPJwGx4DbtCHOg.roa (raw, json)
Hash identifier: qEcfzO/E+islmICPFp6JxpyXLA/W7cpiLOo1RoDWawY=
Subject key identifier: 92:CD:9A:18:7E:23:8B:10:AB:FA:43:C9:C0:6C:78:0D:BB:42:1C:E8
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B72CFEB3999F51CC3241EEAA2CD200
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ks2aGH4jixCr-kPJwGx4DbtCHOg.roa
Signing time: Mon 01 Jan 2024 06:30:10 +0000
ROA not before: Mon 01 Jan 2024 06:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8891
IP address blocks: 80.12.245.0/24 maxlen: 24
80.12.246.0/24 maxlen: 24
81.52.142.0/23 maxlen: 24
2a01:c9c0:a0::/44 maxlen: 48
2a01:c9c0:c0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 19:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2c:fe:b3:99:9f:51:cc:32:41:ee:aa:2c:d2:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92cd9a187e238b10abfa43c9c06c780dbb421ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:35:19:69:e4:6f:18:24:9c:5f:d7:b6:76:ca:
c9:28:53:7e:2e:dd:fa:4b:81:cc:87:5e:23:36:86:
a3:4e:83:1f:40:85:41:ac:77:18:bb:d8:4e:27:e1:
5b:be:00:62:c5:25:92:ac:c7:29:9d:c2:71:9e:a8:
b1:1a:69:59:5b:0c:8c:98:6a:e1:04:5f:d2:4b:de:
45:ce:ea:ad:23:61:b3:c3:e9:68:30:5e:0d:25:05:
5d:34:14:03:fe:49:d2:59:c4:3a:60:fc:46:3a:5c:
0d:43:2d:aa:8a:3e:f1:a3:6b:86:52:33:cc:07:c1:
65:7e:78:40:71:85:a0:7b:21:c4:8d:57:e6:27:25:
d9:e1:47:f5:a6:b5:31:f9:f9:58:33:36:d7:bf:6a:
06:99:3a:45:ae:99:b3:f5:88:d0:86:7b:20:1d:51:
ab:26:b1:67:35:66:56:31:3f:69:fc:40:56:b0:cb:
9a:b8:65:85:ba:c4:e9:da:0c:7e:fa:4c:7c:19:c4:
74:8e:a8:38:10:c7:76:31:6e:56:ea:4a:55:3e:e7:
b3:66:5e:c1:87:28:51:76:c4:29:57:bf:c5:45:df:
55:dc:55:ea:d5:d7:aa:53:14:87:d3:e5:a9:21:ac:
e8:2d:91:3f:a0:0e:55:70:8c:da:af:e1:67:70:6d:
6f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:CD:9A:18:7E:23:8B:10:AB:FA:43:C9:C0:6C:78:0D:BB:42:1C:E8
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ks2aGH4jixCr-kPJwGx4DbtCHOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.12.245.0-80.12.246.255
81.52.142.0/23
IPv6:
2a01:c9c0:a0::/44
2a01:c9c0:c0::/44
Signature Algorithm: sha256WithRSAEncryption
41:b1:ab:bc:8a:f5:19:11:c1:fa:9b:e1:86:b0:f6:69:8b:f0:
35:58:1e:f1:0f:f4:6f:90:4c:8a:9b:82:13:6f:bb:eb:26:a6:
db:ae:a4:e7:d0:46:d1:4d:4d:39:e6:37:b4:8c:21:8a:5e:1e:
5f:f2:53:2c:68:96:16:20:00:6e:0a:9b:11:29:80:b5:79:90:
ff:25:3e:a9:0b:e7:47:a2:7d:21:25:75:e7:b1:5c:59:35:48:
45:32:60:2b:3c:8e:38:87:86:b3:d5:7e:ef:2b:6a:42:0e:85:
d0:8d:c0:78:2c:8a:6c:45:c3:48:fb:b2:d6:93:d9:0f:6c:1c:
c7:36:37:c5:39:2d:09:35:73:e6:66:56:0b:d8:e6:4b:3a:90:
75:6a:c7:79:18:53:88:af:15:23:f6:d3:7c:35:ca:94:1d:ee:
87:ea:30:c8:54:e0:92:fb:69:fb:48:14:c2:25:4f:7d:a1:b7:
e2:ce:06:1c:0c:92:3c:0b:d5:ee:5d:ba:9a:60:0d:3a:cd:27:
18:41:37:96:89:12:83:38:d4:b9:62:ec:be:37:c6:58:05:7d:
81:51:d6:64:3f:63:4e:cc:dc:db:93:80:10:99:c3:60:2b:58:
e2:a7:06:99:25:fc:43:cb:df:49:2d:06:19:3e:93:b4:5f:c6:
3c:7d:55:e1
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzDtyz+s5mfUcwyQe6qLNIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmNkOWExODdlMjM4YjEwYWJmYTQzYzljMDZjNzgwZGJiNDIxY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjUZaeRvGCScX9e2dsrJKFN+Lt36
S4HMh14jNoajToMfQIVBrHcYu9hOJ+FbvgBixSWSrMcpncJxnqixGmlZWwyMmGrh
BF/SS95FzuqtI2Gzw+loMF4NJQVdNBQD/knSWcQ6YPxGOlwNQy2qij7xo2uGUjPM
B8FlfnhAcYWgeyHEjVfmJyXZ4Uf1prUx+flYMzbXv2oGmTpFrpmz9YjQhnsgHVGr
JrFnNWZWMT9p/EBWsMuauGWFusTp2gx++kx8GcR0jqg4EMd2MW5W6kpVPuezZl7B
hyhRdsQpV7/FRd9V3FXq1deqUxSH0+WpIazoLZE/oA5VcIzar+FncG1vXwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJLNmhh+I4sQq/pDycBseA27QhzoMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEva3MyYUdINGppeENyLWtQSndHeDREYnRDSE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAaBAIAATAUMAwDBABQDPUD
BABQDPYDBAFRNI4wGAQCAAIwEgMHBCoBycAAoAMHBCoBycAAwDANBgkqhkiG9w0B
AQsFAAOCAQEAQbGrvIr1GRHB+pvhhrD2aYvwNVge8Q/0b5BMipuCE2+76yam266k
59BG0U1NOeY3tIwhil4eX/JTLGiWFiAAbgqbESmAtXmQ/yU+qQvnR6J9ISV157Fc
WTVIRTJgKzyOOIeGs9V+7ytqQg6F0I3AeCyKbEXDSPuy1pPZD2wcxzY3xTktCTVz
5mZWC9jmSzqQdWrHeRhTiK8VI/bTfDXKlB3uh+owyFTgkvtp+0gUwiVPfaG34s4G
HAySPAvV7l26mmANOs0nGEE3lokSgzjUuWLsvjfGWAV9gVHWZD9jTszc25OAEJnD
YCtY4qcGmSX8Q8vfSS0GGT6TtF/GPH1V4Q==
-----END CERTIFICATE-----
Generated at Mon May 20 01:00:42 2024 by rpki-client on console-fra.rpki-client.org