Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/kKT4TliL6MJiJ-azO-acqsNPtB8.roa
File: kKT4TliL6MJiJ-azO-acqsNPtB8.roa (raw, json)
Hash identifier: +D0XjicN/kBTIeloKLWbBwLbmo4CHuQ/LhRSjuyrQj4=
Subject key identifier: 90:A4:F8:4E:58:8B:E8:C2:62:27:E6:B3:3B:E6:9C:AA:C3:4F:B4:1F
Certificate issuer: /CN=49e44eeea26569d0ddbd0e8637f12cf505a4ede9
Certificate serial: 018CC5DBE2FDA470A4CF0D09BDD885F2BB3A
Authority key identifier: 49:E4:4E:EE:A2:65:69:D0:DD:BD:0E:86:37:F1:2C:F5:05:A4:ED:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeRO7qJladDdvQ6GN_Es9QWk7ek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/kKT4TliL6MJiJ-azO-acqsNPtB8.roa
Signing time: Mon 01 Jan 2024 16:29:31 +0000
ROA not before: Mon 01 Jan 2024 16:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35676
IP address blocks: 178.213.68.0/22 maxlen: 24
178.213.64.0/22 maxlen: 24
194.5.88.0/23 maxlen: 24
185.16.252.0/22 maxlen: 24
2a03:6f82:100::/40 maxlen: 40
2a03:6f82::/32 maxlen: 33
2a03:6f81::/32 maxlen: 33
2a03:6f82:200::/40 maxlen: 40
2a03:6f81:200::/40 maxlen: 40
2a03:6f82:300::/40 maxlen: 40
2a03:6f81:700::/40 maxlen: 40
2a03:6f81:400::/40 maxlen: 40
2a03:6f81:100::/40 maxlen: 40
2a03:6f81:600::/40 maxlen: 40
2a03:6f81:300::/40 maxlen: 40
2a03:6f81:500::/40 maxlen: 40
2a03:6f81::/40 maxlen: 40
2a03:6f80:700::/40 maxlen: 40
2a03:6f80:600::/40 maxlen: 40
2a03:6f80:500::/40 maxlen: 40
2a03:6f80:100::/40 maxlen: 40
2a03:6f80:300::/40 maxlen: 40
2a03:6f80:800::/40 maxlen: 40
2a03:6f80:900::/40 maxlen: 40
2a03:6f80:400::/40 maxlen: 40
2a03:6f80:200::/40 maxlen: 40
2a03:6f80::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/SeRO7qJladDdvQ6GN_Es9QWk7ek.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/SeRO7qJladDdvQ6GN_Es9QWk7ek.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeRO7qJladDdvQ6GN_Es9QWk7ek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e2:fd:a4:70:a4:cf:0d:09:bd:d8:85:f2:bb:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e44eeea26569d0ddbd0e8637f12cf505a4ede9
Validity
Not Before: Jan 1 16:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90a4f84e588be8c26227e6b33be69caac34fb41f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:97:c2:47:66:18:94:70:97:30:49:48:89:38:
b9:bc:1d:e5:11:59:48:0d:8b:90:87:92:b5:cd:1f:
cd:e9:97:20:03:11:95:fd:dd:84:fc:69:79:3b:ef:
88:d3:bb:a5:95:21:8c:dd:58:ff:2f:92:90:38:4f:
eb:a4:3f:0b:48:13:1e:f6:d9:62:6e:90:f4:fd:38:
63:a2:2e:bd:ec:bc:d2:ae:20:78:fe:e9:a3:3e:0b:
10:f2:3e:05:a3:89:31:b8:db:9d:c9:57:b2:e0:c1:
86:24:b1:ab:29:b2:5c:56:a4:49:41:42:5e:c9:d3:
e8:ac:38:75:f4:d5:6f:3a:60:49:d8:5d:75:b0:6b:
44:32:7f:cd:1a:cf:35:34:1b:da:61:30:98:8a:5f:
76:30:9b:ba:e8:2e:a9:b5:8d:2a:d6:2e:44:34:a9:
9e:a2:53:34:96:17:74:40:57:dc:75:8f:d6:84:ee:
49:67:2a:e1:4e:a9:14:d1:fb:27:e0:e5:79:3c:4c:
46:7b:d0:12:00:0e:47:a8:0d:a4:4b:e2:ec:84:d7:
89:a8:f0:9a:4a:24:90:9f:81:a3:bc:88:ca:46:0d:
74:97:81:16:05:2e:40:93:f9:b5:ff:ff:47:bd:fb:
76:37:a8:63:2b:f5:24:cb:9a:38:70:90:ce:09:71:
63:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A4:F8:4E:58:8B:E8:C2:62:27:E6:B3:3B:E6:9C:AA:C3:4F:B4:1F
X509v3 Authority Key Identifier:
keyid:49:E4:4E:EE:A2:65:69:D0:DD:BD:0E:86:37:F1:2C:F5:05:A4:ED:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeRO7qJladDdvQ6GN_Es9QWk7ek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/kKT4TliL6MJiJ-azO-acqsNPtB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/SeRO7qJladDdvQ6GN_Es9QWk7ek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.213.64.0/21
185.16.252.0/22
194.5.88.0/23
IPv6:
2a03:6f80::-2a03:6f82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5f:e5:c2:6f:99:82:96:97:14:5e:8c:54:a8:8d:ea:6e:af:6f:
0e:a0:f8:70:8b:ca:e5:3b:08:eb:15:3c:92:55:12:c3:31:7e:
7b:9e:f7:80:ee:12:64:42:e8:48:52:7b:37:a9:33:75:8d:a8:
7e:6b:3f:c5:5d:7d:84:90:7e:43:e6:d5:91:12:0d:4b:29:49:
55:6f:97:68:5e:91:14:7f:9d:ca:de:4b:b2:64:67:e1:27:44:
ab:c3:40:65:b9:47:bf:d9:76:f8:45:e8:9d:0d:19:16:8a:8d:
29:b2:f0:c0:dd:4c:a4:ec:99:f4:bd:61:9c:4e:3c:07:ce:5a:
c5:53:99:77:1d:3f:1f:1e:64:87:21:5a:cb:35:d0:ec:bc:73:
6a:be:17:8f:fc:5d:0b:0d:84:cb:64:1e:c8:5a:9b:e9:4a:53:
dc:95:31:7b:0b:b3:08:54:f6:02:6b:17:d9:7a:22:01:17:c3:
9c:94:7e:2a:c7:91:87:bd:ab:85:8f:22:c1:84:d3:e0:64:a5:
68:01:f1:11:75:b1:d2:33:d5:95:0f:f9:df:d2:8d:6f:17:01:
3d:cb:e4:a0:ba:99:69:03:7b:38:ec:7f:82:e1:27:94:8f:24:
ed:e8:3f:e9:d8:8d:72:56:cb:f9:ff:ae:d2:65:65:71:59:d5:
d2:8c:d6:3c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzF2+L9pHCkzw0JvdiF8rs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTQ0ZWVlYTI2NTY5ZDBkZGJkMGU4NjM3ZjEyY2Y1MDVh
NGVkZTkwHhcNMjQwMTAxMTYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGE0Zjg0ZTU4OGJlOGMyNjIyN2U2YjMzYmU2OWNhYWMzNGZiNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpfCR2YYlHCXMElIiTi5vB3lEVlI
DYuQh5K1zR/N6ZcgAxGV/d2E/Gl5O++I07ullSGM3Vj/L5KQOE/rpD8LSBMe9tli
bpD0/Thjoi697LzSriB4/umjPgsQ8j4Fo4kxuNudyVey4MGGJLGrKbJcVqRJQUJe
ydPorDh19NVvOmBJ2F11sGtEMn/NGs81NBvaYTCYil92MJu66C6ptY0q1i5ENKme
olM0lhd0QFfcdY/WhO5JZyrhTqkU0fsn4OV5PExGe9ASAA5HqA2kS+LshNeJqPCa
SiSQn4GjvIjKRg10l4EWBS5Ak/m1//9Hvft2N6hjK/Uky5o4cJDOCXFjaQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJCk+E5Yi+jCYifmszvmnKrDT7QfMB8GA1UdIwQY
MBaAFEnkTu6iZWnQ3b0OhjfxLPUFpO3pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VSTzdxSmxhZERkdlE2R05fRXM5UVdrN2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jM2RjMWItZDFlZS00ZmYyLWE1YWEt
ZjBjNGJlOGUyNDBhLzEva0tUNFRsaUw2TUppSi1hek8tYWNxc05QdEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9jM2RjMWItZDFlZS00ZmYyLWE1YWEtZjBjNGJlOGUyNDBh
LzEvU2VSTzdxSmxhZERkdlE2R05fRXM5UVdrN2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQDstVAAwQC
uRD8AwQBwgVYMBYEAgACMBAwDgMFByoDb4ADBQAqA2+CMA0GCSqGSIb3DQEBCwUA
A4IBAQBf5cJvmYKWlxRejFSojepur28OoPhwi8rlOwjrFTySVRLDMX57nveA7hJk
QuhIUns3qTN1jah+az/FXX2EkH5D5tWREg1LKUlVb5doXpEUf53K3kuyZGfhJ0Sr
w0BluUe/2Xb4ReidDRkWio0psvDA3Uyk7Jn0vWGcTjwHzlrFU5l3HT8fHmSHIVrL
NdDsvHNqvheP/F0LDYTLZB7IWpvpSlPclTF7C7MIVPYCaxfZeiIBF8OclH4qx5GH
vauFjyLBhNPgZKVoAfERdbHSM9WVD/nf0o1vFwE9y+SguplpA3s47H+C4SeUjyTt
6D/p2I1yVsv5/67SZWVxWdXSjNY8
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:12 2024 by rpki-client on console-ams.rpki-client.org