Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/KzBm6DsLgDUDl4P8yKGvaY11SO4.roa
File: KzBm6DsLgDUDl4P8yKGvaY11SO4.roa (raw, json)
Hash identifier: SCAYPZEFnvekxTopBR1u6jQcUSu7s4r8mL5GllJg6Pw=
Subject key identifier: 2B:30:66:E8:3B:0B:80:35:03:97:83:FC:C8:A1:AF:69:8D:75:48:EE
Certificate issuer: /CN=1b68656126198373d07886bf4ab8fb06b9006780
Certificate serial: 018EE1A0483699FD5990D8504B04EF3EFCBA
Authority key identifier: 1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/KzBm6DsLgDUDl4P8yKGvaY11SO4.roa
Signing time: Mon 15 Apr 2024 11:59:21 +0000
ROA not before: Mon 15 Apr 2024 11:59:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208621
IP address blocks: 45.92.36.0/24 maxlen: 24
45.92.37.0/24 maxlen: 24
45.92.38.0/24 maxlen: 24
45.92.39.0/24 maxlen: 24
2a0e:1bc0::/35 maxlen: 35
2a0e:1bc0:2000::/35 maxlen: 35
2a0e:1bc0:4000::/35 maxlen: 35
2a0e:1bc0:6000::/35 maxlen: 35
2a0e:1bc1::/35 maxlen: 35
2a0e:1bc1:2000::/35 maxlen: 35
2a0e:1bc1:4000::/35 maxlen: 35
2a0e:1bc4::/35 maxlen: 35
2a0e:1bc5::/35 maxlen: 35
2a0e:1bc7::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.mft
rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:a0:48:36:99:fd:59:90:d8:50:4b:04:ef:3e:fc:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b68656126198373d07886bf4ab8fb06b9006780
Validity
Not Before: Apr 15 11:59:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b3066e83b0b8035039783fcc8a1af698d7548ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f3:97:a5:8c:1f:d7:a0:13:3b:21:fd:0c:09:
45:bb:62:0d:fe:94:8f:19:3a:fb:70:a1:7b:5c:70:
19:f3:ea:4e:88:e0:a8:89:26:5b:60:df:3f:9f:b6:
2d:53:00:4f:63:63:25:24:be:82:8d:b4:9e:fa:5b:
9f:da:2d:19:05:06:c7:23:ea:cb:b9:90:90:49:0a:
71:f9:b3:43:23:af:bb:40:80:03:95:a8:c7:c9:61:
a4:58:98:42:25:98:aa:e9:23:68:e3:49:f7:a5:42:
3e:c6:f7:57:f9:2d:38:d4:a9:41:fd:8d:2d:38:2b:
a6:67:5f:dc:e1:51:e2:53:ed:bb:f8:c5:8b:f9:8f:
37:bf:16:48:60:ed:4f:b1:c2:b3:47:de:4f:b0:24:
6d:5d:a1:64:10:2e:c7:54:b1:a8:e2:fb:18:dc:d6:
5f:12:e2:c0:9f:b9:07:45:3d:74:9b:d1:07:22:98:
27:af:08:c7:d0:0c:de:ec:48:4c:19:fd:42:61:ca:
71:fc:43:e2:85:bf:97:f8:ac:e5:fe:f4:bd:24:e9:
19:00:6a:f3:46:8c:64:89:c7:8d:50:9d:d5:9d:78:
89:90:78:7b:49:c0:58:ae:f0:25:3d:2a:11:e9:87:
88:8a:fe:5e:66:90:97:08:4a:ce:97:18:6d:d8:f0:
55:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:30:66:E8:3B:0B:80:35:03:97:83:FC:C8:A1:AF:69:8D:75:48:EE
X509v3 Authority Key Identifier:
keyid:1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/KzBm6DsLgDUDl4P8yKGvaY11SO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.36.0/22
IPv6:
2a0e:1bc0::/33
2a0e:1bc1::-2a0e:1bc1:5fff:ffff:ffff:ffff:ffff:ffff
2a0e:1bc4::/35
2a0e:1bc5::/35
2a0e:1bc7::/35
Signature Algorithm: sha256WithRSAEncryption
29:f2:4c:77:6c:a0:a3:20:17:3d:ce:87:ee:da:33:78:cf:de:
e9:7a:b5:e2:81:6a:cf:1d:ce:74:e0:7a:45:2a:9c:cb:35:00:
04:11:04:a4:c4:4a:fd:11:a3:11:1a:38:6f:c3:2f:9c:26:f3:
08:56:b5:6c:b4:7e:fe:ae:73:d8:4f:d7:cf:15:2f:8c:b1:82:
00:f5:4b:c3:8b:08:30:73:e7:9a:df:a6:4d:0c:fb:3b:d0:ec:
73:fe:ea:08:6c:c0:a2:c7:cc:1d:01:ad:16:54:df:0f:45:4b:
2e:e7:23:e3:21:1a:52:85:69:68:ee:0f:bd:4f:7b:b4:9c:66:
b8:a8:50:9b:96:f0:ba:87:da:2b:de:9b:ca:3d:5a:6b:11:a3:
f2:b2:b8:b3:11:39:0b:04:01:7c:53:6a:27:50:3f:8d:4e:49:
7d:ba:73:d2:8d:5e:d6:bb:40:10:28:51:1c:67:17:02:9e:e0:
eb:77:5e:70:47:c8:85:87:b4:4d:61:a4:ff:59:84:4f:e3:07:
f8:2f:ed:0e:4a:9e:80:85:9e:4d:71:58:47:a4:b8:5a:8c:33:
07:67:9e:5a:09:e8:19:51:66:76:cd:eb:56:59:26:b4:bd:dc:
16:ed:89:e5:5a:19:81:91:ad:44:70:a2:50:13:af:3a:f5:a6:
4c:c1:8b:e4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY7hoEg2mf1ZkNhQSwTvPvy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjg2NTYxMjYxOTgzNzNkMDc4ODZiZjRhYjhmYjA2Yjkw
MDY3ODAwHhcNMjQwNDE1MTE1OTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjMwNjZlODNiMGI4MDM1MDM5NzgzZmNjOGExYWY2OThkNzU0OGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfOXpYwf16ATOyH9DAlFu2IN/pSP
GTr7cKF7XHAZ8+pOiOCoiSZbYN8/n7YtUwBPY2MlJL6CjbSe+luf2i0ZBQbHI+rL
uZCQSQpx+bNDI6+7QIADlajHyWGkWJhCJZiq6SNo40n3pUI+xvdX+S041KlB/Y0t
OCumZ1/c4VHiU+27+MWL+Y83vxZIYO1PscKzR95PsCRtXaFkEC7HVLGo4vsY3NZf
EuLAn7kHRT10m9EHIpgnrwjH0Aze7EhMGf1CYcpx/EPihb+X+Kzl/vS9JOkZAGrz
RoxkiceNUJ3VnXiJkHh7ScBYrvAlPSoR6YeIiv5eZpCXCErOlxht2PBVLwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFCswZug7C4A1A5eD/Mihr2mNdUjuMB8GA1UdIwQY
MBaAFBtoZWEmGYNz0HiGv0q4+wa5AGeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODIt
MjM5ODcwNGFiNTBjLzEvS3pCbTZEc0xnRFVEbDRQOHlLR3ZhWTExU080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODItMjM5ODcwNGFiNTBj
LzEvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAMBAIAATAGAwQCLVwkMDcE
AgACMDEDBgcqDhvAADAPAwUAKg4bwQMGBSoOG8FAAwYFKg4bxAADBgUqDhvFAAMG
BSoOG8cAMA0GCSqGSIb3DQEBCwUAA4IBAQAp8kx3bKCjIBc9zofu2jN4z97perXi
gWrPHc504HpFKpzLNQAEEQSkxEr9EaMRGjhvwy+cJvMIVrVstH7+rnPYT9fPFS+M
sYIA9UvDiwgwc+ea36ZNDPs70Oxz/uoIbMCix8wdAa0WVN8PRUsu5yPjIRpShWlo
7g+9T3u0nGa4qFCblvC6h9or3pvKPVprEaPysrizETkLBAF8U2onUD+NTkl9unPS
jV7Wu0AQKFEcZxcCnuDrd15wR8iFh7RNYaT/WYRP4wf4L+0OSp6AhZ5NcVhHpLha
jDMHZ55aCegZUWZ2zetWWSa0vdwW7YnlWhmBka1EcKJQE6869aZMwYvk
-----END CERTIFICATE-----
Generated at Sat May 18 13:56:59 2024 by rpki-client on console-fra.rpki-client.org