Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/702829-0d8e-49db-84ae-04925194c5e6/1/KOYYtIAQWGozo4J98j9KTQ8LI1Y.roa
File: KOYYtIAQWGozo4J98j9KTQ8LI1Y.roa (raw, json)
Hash identifier: yDyDzJHgnbIa3NfEodvc4REjssHeW+sR+SeDvzkc7NU=
Subject key identifier: 28:E6:18:B4:80:10:58:6A:33:A3:82:7D:F2:3F:4A:4D:0F:0B:23:56
Certificate issuer: /CN=06484d1f57db0cc2326faa53d3a7aad268dbc266
Certificate serial: 018CC5013773CFB005EAFE1D6F652BAB8134
Authority key identifier: 06:48:4D:1F:57:DB:0C:C2:32:6F:AA:53:D3:A7:AA:D2:68:DB:C2:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BkhNH1fbDMIyb6pT06eq0mjbwmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/702829-0d8e-49db-84ae-04925194c5e6/1/KOYYtIAQWGozo4J98j9KTQ8LI1Y.roa
Signing time: Mon 01 Jan 2024 12:30:40 +0000
ROA not before: Mon 01 Jan 2024 12:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44066
IP address blocks: 185.15.8.0/22 maxlen: 22
2a02:fb00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/702829-0d8e-49db-84ae-04925194c5e6/1/BkhNH1fbDMIyb6pT06eq0mjbwmY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/702829-0d8e-49db-84ae-04925194c5e6/1/BkhNH1fbDMIyb6pT06eq0mjbwmY.mft
rsync://rpki.ripe.net/repository/DEFAULT/BkhNH1fbDMIyb6pT06eq0mjbwmY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:37:73:cf:b0:05:ea:fe:1d:6f:65:2b:ab:81:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06484d1f57db0cc2326faa53d3a7aad268dbc266
Validity
Not Before: Jan 1 12:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28e618b48010586a33a3827df23f4a4d0f0b2356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8f:be:7e:77:eb:bb:13:4f:3f:93:4c:cc:28:
d8:36:33:15:3c:43:52:7b:84:56:bf:3c:04:a6:a5:
95:3e:d7:3e:8c:89:d8:54:17:6e:5d:7f:de:0a:20:
3e:b6:a4:54:57:05:cb:ea:47:5b:35:0b:fa:a8:24:
5e:78:2e:58:23:93:e7:66:21:ae:f2:f9:3c:3d:62:
b5:28:d7:6e:b8:54:28:93:e8:23:49:13:86:fa:37:
09:ba:01:54:40:e9:ab:5b:45:90:41:b8:87:c3:a9:
58:23:c9:5b:9a:15:08:0f:58:62:d8:4a:78:1c:7c:
e4:ae:08:7e:92:41:ce:eb:79:8b:97:d2:83:19:57:
dc:09:d1:0b:23:d5:b9:d2:c7:b8:87:8e:b3:d9:0f:
87:6f:87:ae:e7:f0:45:28:53:1e:17:19:fb:99:20:
b2:66:34:48:67:24:3f:37:95:0b:11:32:f4:e0:a4:
69:2d:12:1a:e8:47:f1:ae:ab:22:58:e5:52:5e:0b:
cb:f9:2e:75:fd:58:0c:97:bc:b4:a4:3b:33:cb:c9:
1d:b1:38:85:b7:94:ff:39:c4:c8:65:f9:8d:77:bc:
4b:40:d0:e2:7f:7f:8f:97:df:a3:1c:12:37:05:35:
af:6e:02:b2:bd:0c:90:16:1e:42:22:05:f1:40:45:
cc:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E6:18:B4:80:10:58:6A:33:A3:82:7D:F2:3F:4A:4D:0F:0B:23:56
X509v3 Authority Key Identifier:
keyid:06:48:4D:1F:57:DB:0C:C2:32:6F:AA:53:D3:A7:AA:D2:68:DB:C2:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BkhNH1fbDMIyb6pT06eq0mjbwmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/702829-0d8e-49db-84ae-04925194c5e6/1/KOYYtIAQWGozo4J98j9KTQ8LI1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/702829-0d8e-49db-84ae-04925194c5e6/1/BkhNH1fbDMIyb6pT06eq0mjbwmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.8.0/22
IPv6:
2a02:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
85:06:05:04:70:ee:9a:1e:eb:06:58:4c:56:43:85:a0:ff:55:
cf:83:13:f3:1c:44:e8:a5:8e:94:ca:3c:57:e9:fa:df:f0:e7:
2d:57:f2:1f:f9:0d:7b:b1:df:75:36:5a:20:5d:b6:ef:03:c2:
d1:6f:92:06:e1:70:eb:17:2a:34:eb:75:bf:5c:1c:8c:2c:da:
88:45:a3:a0:11:79:23:87:f2:90:6a:83:64:ad:fe:aa:73:80:
5f:2c:a2:8f:a1:ce:63:7d:7f:04:53:69:9c:5a:b4:c4:ad:be:
b5:b9:1e:a3:44:72:b2:d4:db:09:e0:4b:93:69:a8:f2:ad:36:
5b:22:af:17:26:15:f2:48:66:09:d6:b7:de:13:46:65:c4:d0:
47:fb:c7:e4:09:5e:45:47:26:17:44:67:23:09:55:6d:41:2d:
c2:65:06:99:3a:7f:6a:8c:06:1d:7c:93:1a:0b:f7:11:ca:a1:
a8:ec:21:de:d8:f6:78:03:9c:29:98:ef:af:9c:10:53:66:a1:
58:ce:38:26:1a:81:57:6e:66:31:c9:4b:00:81:0b:be:b5:d1:
e8:0b:5f:b2:65:4f:35:89:db:ff:97:f9:59:25:fa:84:ee:00:
96:dc:3e:8d:d2:18:3d:a1:fa:d3:6c:4c:21:7d:56:6a:0c:51:
12:f5:d5:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFATdzz7AF6v4db2Urq4E0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NDg0ZDFmNTdkYjBjYzIzMjZmYWE1M2QzYTdhYWQyNjhk
YmMyNjYwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGU2MThiNDgwMTA1ODZhMzNhMzgyN2RmMjNmNGE0ZDBmMGIyMzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI++fnfruxNPP5NMzCjYNjMVPENS
e4RWvzwEpqWVPtc+jInYVBduXX/eCiA+tqRUVwXL6kdbNQv6qCReeC5YI5PnZiGu
8vk8PWK1KNduuFQok+gjSROG+jcJugFUQOmrW0WQQbiHw6lYI8lbmhUID1hi2Ep4
HHzkrgh+kkHO63mLl9KDGVfcCdELI9W50se4h46z2Q+Hb4eu5/BFKFMeFxn7mSCy
ZjRIZyQ/N5ULETL04KRpLRIa6EfxrqsiWOVSXgvL+S51/VgMl7y0pDszy8kdsTiF
t5T/OcTIZfmNd7xLQNDif3+Pl9+jHBI3BTWvbgKyvQyQFh5CIgXxQEXM5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCjmGLSAEFhqM6OCffI/Sk0PCyNWMB8GA1UdIwQY
MBaAFAZITR9X2wzCMm+qU9OnqtJo28JmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmtoTkgxZmJETUl5YjZwVDA2ZXEwbWpid21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83MDI4MjktMGQ4ZS00OWRiLTg0YWUt
MDQ5MjUxOTRjNWU2LzEvS09ZWXRJQVFXR296bzRKOThqOUtUUThMSTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83MDI4MjktMGQ4ZS00OWRiLTg0YWUtMDQ5MjUxOTRjNWU2
LzEvQmtoTkgxZmJETUl5YjZwVDA2ZXEwbWpid21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ8IMA0E
AgACMAcDBQMqAvsAMA0GCSqGSIb3DQEBCwUAA4IBAQCFBgUEcO6aHusGWExWQ4Wg
/1XPgxPzHETopY6UyjxX6frf8OctV/If+Q17sd91NlogXbbvA8LRb5IG4XDrFyo0
63W/XByMLNqIRaOgEXkjh/KQaoNkrf6qc4BfLKKPoc5jfX8EU2mcWrTErb61uR6j
RHKy1NsJ4EuTaajyrTZbIq8XJhXySGYJ1rfeE0ZlxNBH+8fkCV5FRyYXRGcjCVVt
QS3CZQaZOn9qjAYdfJMaC/cRyqGo7CHe2PZ4A5wpmO+vnBBTZqFYzjgmGoFXbmYx
yUsAgQu+tdHoC1+yZU81idv/l/lZJfqE7gCW3D6N0hg9ofrTbEwhfVZqDFES9dXB
-----END CERTIFICATE-----
Generated at Sat May 4 22:34:19 2024 by rpki-client on console-ams.rpki-client.org