Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/2-KvKLcygQV1bctBugvX4im-EIE.roa
File: 2-KvKLcygQV1bctBugvX4im-EIE.roa (raw, json)
Hash identifier: ap3oo5NJBAoMeclF5N2aYwleeNlIxlA+UdGTmZera7E=
Subject key identifier: DB:E2:AF:28:B7:32:81:05:75:6D:CB:41:BA:0B:D7:E2:29:BE:10:81
Certificate issuer: /CN=36cfaffc9c7868708f3c81ee5c0d64c35ac1bef1
Certificate serial: 0192B3F20B4F83FD36B5297EAC6E979D3989
Authority key identifier: 36:CF:AF:FC:9C:78:68:70:8F:3C:81:EE:5C:0D:64:C3:5A:C1:BE:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/2-KvKLcygQV1bctBugvX4im-EIE.roa
Signing time: Tue 22 Oct 2024 11:17:17 +0000
ROA not before: Tue 22 Oct 2024 11:17:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206948
IP address blocks: 91.226.78.0/24 maxlen: 24
91.226.160.0/24 maxlen: 24
91.226.184.0/24 maxlen: 24
185.216.182.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:f2:0b:4f:83:fd:36:b5:29:7e:ac:6e:97:9d:39:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36cfaffc9c7868708f3c81ee5c0d64c35ac1bef1
Validity
Not Before: Oct 22 11:17:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbe2af28b7328105756dcb41ba0bd7e229be1081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:65:24:29:28:9c:7a:54:19:84:fd:87:ed:1d:
91:3f:85:a9:eb:7b:ac:ec:42:6e:cf:3f:03:e9:e6:
b4:33:69:09:1e:10:2f:99:58:39:53:be:f1:51:44:
60:ff:c0:fa:99:48:8e:3c:be:a9:52:3b:4c:24:b5:
b6:02:40:ca:ac:37:83:33:0b:84:bb:2d:fd:8a:fb:
b5:89:ce:6e:38:68:c8:b0:4f:54:8b:a2:09:53:59:
a2:f7:b6:5c:ea:2e:ca:ad:25:14:bf:60:9a:28:49:
9d:b8:58:35:45:92:67:29:77:63:46:56:bd:21:c5:
ce:a2:e8:54:0f:96:64:6d:a8:ba:dd:f4:10:f2:0b:
88:87:fb:9a:2f:8d:7f:24:45:ca:a4:07:47:36:a8:
e1:8c:51:5f:68:38:2e:82:2e:fe:73:3e:32:16:05:
7f:93:31:0e:23:c4:5a:6d:9b:6c:92:89:1a:ce:0c:
e4:57:ad:f9:07:45:e5:20:65:57:da:fb:e5:c6:b8:
29:50:81:05:be:4a:79:e4:ad:ac:72:b2:f0:c6:31:
86:ce:0a:5d:57:d3:4c:19:09:82:8d:71:7a:13:c1:
e1:57:6e:f0:9f:98:45:cb:33:ec:dd:00:06:e8:d1:
a5:48:dd:3d:aa:77:e5:ab:d0:67:02:b6:ac:bd:90:
92:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E2:AF:28:B7:32:81:05:75:6D:CB:41:BA:0B:D7:E2:29:BE:10:81
X509v3 Authority Key Identifier:
keyid:36:CF:AF:FC:9C:78:68:70:8F:3C:81:EE:5C:0D:64:C3:5A:C1:BE:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/2-KvKLcygQV1bctBugvX4im-EIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d09b56-4fcb-47bf-8025-99878cc9b14c/1/Ns-v_Jx4aHCPPIHuXA1kw1rBvvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.78.0/24
91.226.160.0/24
91.226.184.0/24
185.216.182.0/23
Signature Algorithm: sha256WithRSAEncryption
04:5c:cd:3b:db:96:cf:d7:c4:3e:3d:29:3a:d2:eb:13:a9:d4:
af:86:5b:ae:a5:af:1a:23:3a:03:71:0e:d1:c0:a6:96:9d:43:
b8:30:b5:23:27:17:29:0a:c1:12:94:cf:09:59:86:e5:1f:e8:
1b:6e:c1:fb:9a:cc:c5:e2:2e:24:94:71:34:4b:d2:d5:50:10:
cc:37:f9:0e:45:81:f8:aa:1a:5d:0a:1a:8c:3e:5f:c9:81:3d:
58:18:2a:7c:e2:e1:7a:28:ed:18:72:12:23:c5:73:0a:6b:81:
5a:f9:6b:8b:11:37:59:2f:5e:75:fc:e9:21:c7:7a:5c:8d:37:
b2:ee:81:cc:ce:0f:e5:fc:dd:7a:5c:30:b0:6b:39:13:4b:e3:
2d:61:1b:27:c1:04:a0:df:a6:92:35:bf:20:d0:24:67:26:7a:
be:1f:c3:6c:28:9b:68:e2:be:37:01:27:c6:d4:ed:56:3b:b3:
5b:1a:d8:fe:a5:6a:f7:4a:b3:56:68:19:c7:e6:07:f9:67:ed:
e2:6e:d4:28:aa:49:92:c8:bb:53:53:9d:db:a1:48:59:ad:39:
95:f5:41:f0:ae:9c:31:de:86:cd:04:ef:81:e7:7c:f0:2f:45:
b7:2e:b5:73:04:7b:a7:dc:72:ec:10:9c:6f:a4:77:9d:be:42:
6a:78:b7:b4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKz8gtPg/02tSl+rG6XnTmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Y2ZhZmZjOWM3ODY4NzA4ZjNjODFlZTVjMGQ2NGMzNWFj
MWJlZjEwHhcNMjQxMDIyMTExNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmUyYWYyOGI3MzI4MTA1NzU2ZGNiNDFiYTBiZDdlMjI5YmUxMDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomUkKSicelQZhP2H7R2RP4Wp63us
7EJuzz8D6ea0M2kJHhAvmVg5U77xUURg/8D6mUiOPL6pUjtMJLW2AkDKrDeDMwuE
uy39ivu1ic5uOGjIsE9Ui6IJU1mi97Zc6i7KrSUUv2CaKEmduFg1RZJnKXdjRla9
IcXOouhUD5Zkbai63fQQ8guIh/uaL41/JEXKpAdHNqjhjFFfaDgugi7+cz4yFgV/
kzEOI8RabZtskokazgzkV635B0XlIGVX2vvlxrgpUIEFvkp55K2scrLwxjGGzgpd
V9NMGQmCjXF6E8HhV27wn5hFyzPs3QAG6NGlSN09qnflq9BnArasvZCSAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNviryi3MoEFdW3LQboL1+IpvhCBMB8GA1UdIwQY
MBaAFDbPr/yceGhwjzyB7lwNZMNawb7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnMtdl9KeDRhSENQUElIdVhBMWt3MXJCdnZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kMDliNTYtNGZjYi00N2JmLTgwMjUt
OTk4NzhjYzliMTRjLzEvMi1LdktMY3lnUVYxYmN0QnVndlg0aW0tRUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kMDliNTYtNGZjYi00N2JmLTgwMjUtOTk4NzhjYzliMTRj
LzEvTnMtdl9KeDRhSENQUElIdVhBMWt3MXJCdnZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+JOAwQA
W+KgAwQAW+K4AwQBudi2MA0GCSqGSIb3DQEBCwUAA4IBAQAEXM0725bP18Q+PSk6
0usTqdSvhluupa8aIzoDcQ7RwKaWnUO4MLUjJxcpCsESlM8JWYblH+gbbsH7mszF
4i4klHE0S9LVUBDMN/kORYH4qhpdChqMPl/JgT1YGCp84uF6KO0YchIjxXMKa4Fa
+WuLETdZL151/Okhx3pcjTey7oHMzg/l/N16XDCwazkTS+MtYRsnwQSg36aSNb8g
0CRnJnq+H8NsKJto4r43ASfG1O1WO7NbGtj+pWr3SrNWaBnH5gf5Z+3ibtQoqkmS
yLtTU53boUhZrTmV9UHwrpwx3obNBO+B53zwL0W3LrVzBHun3HLsEJxvpHedvkJq
eLe0
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:11:34 2024 by rpki-client on console-ams.rpki-client.org