Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/KLqDVpOBqjJl-Uvfjb6FWynXXPE.roa
File: KLqDVpOBqjJl-Uvfjb6FWynXXPE.roa (raw, json)
Hash identifier: 7Rt0duZIW5SJMJM73waU4psOR4GOf5HB6tibmhJy6uc=
Subject key identifier: 28:BA:83:56:93:81:AA:32:65:F9:4B:DF:8D:BE:85:5B:29:D7:5C:F1
Certificate issuer: /CN=7e45a9a0353a33c6a4f93608f9d25f27c85948b7
Certificate serial: 018DEB2775F5760A7465896E2F07B68E57CF
Authority key identifier: 7E:45:A9:A0:35:3A:33:C6:A4:F9:36:08:F9:D2:5F:27:C8:59:48:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/KLqDVpOBqjJl-Uvfjb6FWynXXPE.roa
Signing time: Tue 27 Feb 2024 15:20:48 +0000
ROA not before: Tue 27 Feb 2024 15:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43207
IP address blocks: 5.133.172.0/22 maxlen: 24
46.231.8.0/21 maxlen: 24
85.95.32.0/19 maxlen: 19
91.209.142.0/24 maxlen: 24
91.214.228.0/22 maxlen: 24
151.249.64.0/20 maxlen: 24
185.44.248.0/22 maxlen: 24
185.113.0.0/22 maxlen: 24
185.168.144.0/22 maxlen: 22
209.35.128.0/20 maxlen: 20
2a01:5640::/32 maxlen: 32
2a0d:ea00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:27:75:f5:76:0a:74:65:89:6e:2f:07:b6:8e:57:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e45a9a0353a33c6a4f93608f9d25f27c85948b7
Validity
Not Before: Feb 27 15:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28ba83569381aa3265f94bdf8dbe855b29d75cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:96:17:0d:4c:9b:ed:61:48:91:39:6a:a8:20:
50:9f:cf:7d:9d:60:a5:71:80:15:cd:3f:be:db:db:
51:a2:c1:27:ac:25:8d:e2:d2:79:62:f1:33:ca:67:
80:f9:dc:76:2b:ff:bf:aa:ea:22:c0:a6:79:e2:93:
08:c3:75:0f:ce:b4:c1:4a:2c:e7:6c:47:83:80:4e:
80:af:2f:28:a1:5e:d3:22:55:b8:b1:a8:c6:c2:40:
19:1f:4e:c4:50:c9:85:96:7a:f5:a5:90:43:3c:80:
92:4d:df:45:5d:8b:93:63:76:84:55:95:7a:d1:e0:
78:4f:09:32:87:eb:b0:db:f4:77:79:90:9b:45:32:
6c:03:a6:70:17:31:91:8f:8e:4a:db:05:6f:73:9b:
7a:99:e3:44:0e:27:dc:9e:64:23:a3:bd:85:2c:53:
07:51:12:70:8a:8c:4c:50:6e:78:0d:42:57:d2:4b:
51:1d:95:aa:53:ae:de:b7:44:82:50:22:b5:1d:38:
e6:d6:b7:c6:d0:67:cc:64:ca:4e:45:15:e2:27:20:
2b:41:4d:09:4c:5b:89:af:ee:8d:83:a1:b2:09:27:
10:64:b5:e0:1d:29:67:12:4f:2e:db:9c:23:d3:3f:
e3:44:fb:9d:22:d8:51:5d:2b:15:c3:eb:3c:90:a3:
8f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BA:83:56:93:81:AA:32:65:F9:4B:DF:8D:BE:85:5B:29:D7:5C:F1
X509v3 Authority Key Identifier:
keyid:7E:45:A9:A0:35:3A:33:C6:A4:F9:36:08:F9:D2:5F:27:C8:59:48:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/KLqDVpOBqjJl-Uvfjb6FWynXXPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.172.0/22
46.231.8.0/21
85.95.32.0/19
91.209.142.0/24
91.214.228.0/22
151.249.64.0/20
185.44.248.0/22
185.113.0.0/22
185.168.144.0/22
209.35.128.0/20
IPv6:
2a01:5640::/32
2a0d:ea00::/29
Signature Algorithm: sha256WithRSAEncryption
5f:44:25:98:e7:0a:dd:f1:e3:cf:f7:14:c8:33:4c:4b:2a:be:
97:e0:95:e2:22:09:2a:3a:c8:92:10:2a:24:c5:af:d9:41:10:
32:71:bc:88:5c:90:7d:4f:d3:c6:e6:fa:64:99:1b:60:83:7e:
73:8c:f1:fe:3e:99:0c:5c:31:80:36:72:8b:25:91:fc:d1:db:
20:01:ff:91:39:6b:78:02:d1:0d:7b:f4:9a:c8:9b:48:91:ff:
36:25:fb:42:6f:45:22:01:f0:a7:7b:a2:f2:fd:cc:a9:af:b4:
95:b4:78:f1:07:e6:ab:90:d6:75:e4:4f:45:52:bd:ec:63:7e:
ce:02:a2:ee:ec:74:7c:25:1b:0d:b0:bb:77:8d:e7:eb:c1:ef:
a3:c3:a7:bb:69:12:eb:9e:bf:0e:ef:a6:53:38:56:bf:fd:af:
5a:cc:21:0b:95:49:65:8e:52:f2:ed:ee:8b:d8:7c:d5:fe:29:
44:86:d8:bb:2d:f6:cd:29:d5:9e:85:13:98:ac:71:e8:64:36:
9d:60:64:00:d4:80:ba:9f:60:2c:a7:9c:11:94:9a:54:39:c2:
1b:e4:9b:af:1e:70:d2:81:c6:6c:d6:be:ab:7d:15:d0:be:78:
bc:3b:eb:1c:7e:7a:58:72:f7:65:1e:b9:1b:71:2f:8a:29:f4:
9e:ad:e9:7f
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY3rJ3X1dgp0ZYluLwe2jlfPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNDVhOWEwMzUzYTMzYzZhNGY5MzYwOGY5ZDI1ZjI3Yzg1
OTQ4YjcwHhcNMjQwMjI3MTUyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGJhODM1NjkzODFhYTMyNjVmOTRiZGY4ZGJlODU1YjI5ZDc1Y2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZYXDUyb7WFIkTlqqCBQn899nWCl
cYAVzT++29tRosEnrCWN4tJ5YvEzymeA+dx2K/+/quoiwKZ54pMIw3UPzrTBSizn
bEeDgE6Ary8ooV7TIlW4sajGwkAZH07EUMmFlnr1pZBDPICSTd9FXYuTY3aEVZV6
0eB4Twkyh+uw2/R3eZCbRTJsA6ZwFzGRj45K2wVvc5t6meNEDifcnmQjo72FLFMH
URJwioxMUG54DUJX0ktRHZWqU67et0SCUCK1HTjm1rfG0GfMZMpORRXiJyArQU0J
TFuJr+6Ng6GyCScQZLXgHSlnEk8u25wj0z/jRPudIthRXSsVw+s8kKOPSwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFCi6g1aTgaoyZflL342+hVsp11zxMB8GA1UdIwQY
MBaAFH5FqaA1OjPGpPk2CPnSXyfIWUi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmtXcG9EVTZNOGFrLVRZSS1kSmZKOGhaU0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kZDdiZWItNmY3OC00MTliLTk1N2Qt
MzdhNjBjMzM1YTVkLzEvS0xxRFZwT0JxakpsLVV2ZmpiNkZXeW5YWFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kZDdiZWItNmY3OC00MTliLTk1N2QtMzdhNjBjMzM1YTVk
LzEvZmtXcG9EVTZNOGFrLVRZSS1kSmZKOGhaU0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQCBYWsAwQD
LucIAwQFVV8gAwQAW9GOAwQCW9bkAwQEl/lAAwQCuSz4AwQCuXEAAwQCuaiQAwQE
0SOAMBQEAgACMA4DBQAqAVZAAwUDKg3qADANBgkqhkiG9w0BAQsFAAOCAQEAX0Ql
mOcK3fHjz/cUyDNMSyq+l+CV4iIJKjrIkhAqJMWv2UEQMnG8iFyQfU/Txub6ZJkb
YIN+c4zx/j6ZDFwxgDZyiyWR/NHbIAH/kTlreALRDXv0msibSJH/NiX7Qm9FIgHw
p3ui8v3Mqa+0lbR48Qfmq5DWdeRPRVK97GN+zgKi7ux0fCUbDbC7d43n68Hvo8On
u2kS656/Du+mUzhWv/2vWswhC5VJZY5S8u3ui9h81f4pRIbYuy32zSnVnoUTmKxx
6GQ2nWBkANSAup9gLKecEZSaVDnCG+Sbrx5w0oHGbNa+q30V0L54vDvrHH56WHL3
ZR65G3Eviin0nq3pfw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:25:36 2024 by rpki-client on console-ams.rpki-client.org