Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/KjM0pDVOikf30ab8npERrzc6sDY.roa
File: KjM0pDVOikf30ab8npERrzc6sDY.roa (raw, json)
Hash identifier: goNFGfmihmvd0nOi2mzj2LBN5mHupmqGlOCSV7V8wv0=
Subject key identifier: 2A:33:34:A4:35:4E:8A:47:F7:D1:A6:FC:9E:91:11:AF:37:3A:B0:36
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018CC94E32A9906BD1A9349EFF8E14EFA598
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/KjM0pDVOikf30ab8npERrzc6sDY.roa
Signing time: Tue 02 Jan 2024 08:33:14 +0000
ROA not before: Tue 02 Jan 2024 08:33:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35238
IP address blocks: 86.63.224.0/19 maxlen: 19
91.91.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:32:a9:90:6b:d1:a9:34:9e:ff:8e:14:ef:a5:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 08:33:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a3334a4354e8a47f7d1a6fc9e9111af373ab036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d1:d9:2e:01:bc:f3:bc:e2:50:23:78:85:a4:
01:63:81:df:b1:96:24:7f:a5:5a:aa:ce:52:04:a3:
df:03:9b:94:64:73:88:4f:21:4d:c1:14:43:c3:c0:
b7:22:ca:a0:ad:f5:e5:ec:39:b5:84:6f:02:bf:78:
a5:20:cc:a8:79:ee:62:b2:7d:6d:29:5a:7b:30:cb:
75:ce:c1:da:88:43:d1:9a:b1:67:d3:d4:e5:91:05:
cd:32:2e:ee:e0:99:11:ed:b8:92:3c:70:96:bb:ae:
c3:e4:5e:9c:22:de:54:4b:78:29:73:3a:9d:de:71:
b1:bf:3b:ff:b2:11:9b:c9:72:fe:d0:98:b5:91:01:
1a:40:f6:72:7d:cf:89:bd:af:9e:2b:6d:7e:4b:8e:
0f:c2:8a:3d:cb:bd:6f:60:15:a0:da:4e:8b:28:07:
3c:13:29:b0:05:d9:58:5a:e7:6b:42:45:0f:03:5b:
ac:5e:22:29:a0:ae:45:ab:80:dc:4a:14:d8:b8:fb:
8a:4a:f4:10:09:f9:f2:85:e9:c9:63:19:a6:7c:5f:
e1:e5:76:58:59:3f:15:b4:52:05:b6:d4:18:b5:93:
6f:29:8e:ec:32:4f:b1:b8:e1:58:7c:c2:07:cc:64:
a4:24:4b:e4:8a:06:27:99:c2:26:b9:23:e6:f3:23:
75:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:33:34:A4:35:4E:8A:47:F7:D1:A6:FC:9E:91:11:AF:37:3A:B0:36
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/KjM0pDVOikf30ab8npERrzc6sDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.63.224.0/19
91.91.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:71:c8:96:43:61:dd:28:9b:7e:59:3f:90:52:ee:bf:bd:bc:
b9:79:40:7f:5b:be:eb:ad:a4:3f:3e:4c:ff:15:dd:c0:56:37:
89:af:28:71:35:87:79:98:42:b5:ab:69:b2:78:28:04:b2:5c:
63:62:95:da:5d:d8:9f:a1:fb:a4:f5:f0:2f:14:d7:51:eb:bd:
f2:e4:3b:72:ce:1f:1a:cd:e8:b3:8e:e4:48:88:1e:d4:ef:36:
36:cc:e0:33:9b:f0:09:5e:a2:61:3b:64:7e:40:1a:50:21:9c:
5f:44:10:ab:e2:db:3b:82:90:e3:3f:77:a4:53:c5:10:05:03:
20:51:96:04:f3:1d:63:9c:8c:5b:34:77:25:d5:ec:3c:bf:d0:
35:c2:58:6d:1b:d3:06:0d:ba:f8:6e:3c:01:df:a2:38:73:97:
13:fb:07:8b:7a:ee:bd:a7:c1:65:32:16:89:be:78:9c:4a:f0:
41:9f:7d:1b:f4:47:45:15:1f:40:81:14:13:92:5e:c7:c4:80:
00:87:7c:fb:d7:4d:21:ec:3b:bc:23:c8:18:e9:0d:d3:d2:86:
06:1f:60:b2:2e:e0:1b:ae:40:34:d5:b3:2d:9b:de:16:5a:ac:
ce:c9:86:dc:49:0e:9b:2f:72:5d:db:9a:f5:4d:05:49:8a:cf:
3e:ab:0c:55
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYzJTjKpkGvRqTSe/44U76WYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMTAyMDgzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTMzMzRhNDM1NGU4YTQ3ZjdkMWE2ZmM5ZTkxMTFhZjM3M2FiMDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9HZLgG887ziUCN4haQBY4HfsZYk
f6Vaqs5SBKPfA5uUZHOITyFNwRRDw8C3IsqgrfXl7Dm1hG8Cv3ilIMyoee5isn1t
KVp7MMt1zsHaiEPRmrFn09TlkQXNMi7u4JkR7biSPHCWu67D5F6cIt5US3gpczqd
3nGxvzv/shGbyXL+0Ji1kQEaQPZyfc+Jva+eK21+S44Pwoo9y71vYBWg2k6LKAc8
EymwBdlYWudrQkUPA1usXiIpoK5Fq4DcShTYuPuKSvQQCfnyhenJYxmmfF/h5XZY
WT8VtFIFttQYtZNvKY7sMk+xuOFYfMIHzGSkJEvkigYnmcImuSPm8yN13wIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFCozNKQ1TopH99Gm/J6REa83OrA2MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvS2pNMHBEVk9pa2YzMGFiOG5wRVJyemM2c0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwQFVj/gAwMA
W1swDQYJKoZIhvcNAQELBQADggEBAFJxyJZDYd0om35ZP5BS7r+9vLl5QH9bvuut
pD8+TP8V3cBWN4mvKHE1h3mYQrWrabJ4KASyXGNildpd2J+h+6T18C8U11HrvfLk
O3LOHxrN6LOO5EiIHtTvNjbM4DOb8AleomE7ZH5AGlAhnF9EEKvi2zuCkOM/d6RT
xRAFAyBRlgTzHWOcjFs0dyXV7Dy/0DXCWG0b0wYNuvhuPAHfojhzlxP7B4t67r2n
wWUyFom+eJxK8EGffRv0R0UVH0CBFBOSXsfEgACHfPvXTSHsO7wjyBjpDdPShgYf
YLIu4BuuQDTVsy2b3hZarM7JhtxJDpsvcl3bmvVNBUmKzz6rDFU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:43:13 2024 by rpki-client on console-ams.rpki-client.org