Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/KCiky9_Pt9Z3JjgVmCu_5wM-X8w.roa
File: KCiky9_Pt9Z3JjgVmCu_5wM-X8w.roa (raw, json)
Hash identifier: WlrHbLt/7e1Eel8fV1VhGtAMPHdvEvQu58Plo5Zv+Tk=
Subject key identifier: 28:28:A4:CB:DF:CF:B7:D6:77:26:38:15:98:2B:BF:E7:03:3E:5F:CC
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 018CC9BA5CD35E21D26C012E705089B9CBE4
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/KCiky9_Pt9Z3JjgVmCu_5wM-X8w.roa
Signing time: Tue 02 Jan 2024 10:31:23 +0000
ROA not before: Tue 02 Jan 2024 10:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6723
IP address blocks: 185.5.252.0/22 maxlen: 24
178.255.176.0/21 maxlen: 24
2a01:6d80:f000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:5c:d3:5e:21:d2:6c:01:2e:70:50:89:b9:cb:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Jan 2 10:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2828a4cbdfcfb7d677263815982bbfe7033e5fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:10:ec:c9:f7:eb:10:1e:f8:40:55:fe:35:2b:
3e:7e:3f:cc:fe:5c:2a:4f:d4:9f:30:aa:88:57:b8:
86:be:8e:ee:c3:26:fe:7e:a1:1f:fb:ae:81:a1:fc:
f8:64:10:2c:28:3d:f9:85:59:20:99:3f:42:58:e7:
4d:e7:60:1d:61:61:20:b7:ad:2a:ab:76:81:38:4b:
c3:5a:df:2e:bb:7b:40:a9:73:9d:f2:76:7f:b4:43:
51:e1:2a:b9:b6:54:13:0a:75:0d:ce:69:55:f9:86:
05:a4:3a:02:30:07:08:dd:3f:01:f0:97:44:ec:22:
30:72:92:28:c8:25:f0:11:06:b1:0c:b0:de:9e:36:
89:92:35:e2:5b:ae:4d:f6:36:dd:4f:59:3f:70:97:
8e:98:7c:ed:2e:4d:90:2c:48:8b:de:e1:0c:f4:bd:
a9:a6:6d:17:35:5c:16:a0:d8:91:b5:03:f3:f2:38:
94:8a:4e:3b:ea:d6:d2:91:24:14:b3:cc:72:42:e4:
c2:d7:a6:9e:da:bc:c3:e1:fb:90:bc:fd:7d:c1:ab:
1d:54:46:84:49:df:71:10:86:fb:ca:39:f3:8d:05:
5a:23:6e:b9:c3:60:f8:4d:e2:35:73:1b:6b:ba:2b:
1e:12:6b:c5:d0:09:e4:f9:b9:5d:11:79:89:e0:37:
42:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:28:A4:CB:DF:CF:B7:D6:77:26:38:15:98:2B:BF:E7:03:3E:5F:CC
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/KCiky9_Pt9Z3JjgVmCu_5wM-X8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.176.0/21
185.5.252.0/22
IPv6:
2a01:6d80:f000::/36
Signature Algorithm: sha256WithRSAEncryption
a3:6e:7e:48:2a:22:a6:60:93:26:91:9c:09:b1:95:cc:1d:08:
28:2f:19:69:6a:c5:4d:19:b3:df:c7:4b:80:8c:c9:24:6c:5b:
9d:47:f6:fa:7d:88:00:ea:ca:64:22:c7:ba:21:5f:36:65:b1:
f2:e8:f3:62:6d:77:1b:54:d9:5f:fe:09:c2:23:04:4d:f5:df:
31:ee:1c:f3:3f:db:25:20:45:a4:bd:1b:6e:29:d2:df:98:c3:
69:de:19:98:92:3a:de:2c:f5:de:3a:5f:4b:b4:a5:03:94:77:
af:94:bb:ab:32:a5:cf:71:0a:df:7f:99:12:69:84:22:72:42:
4c:d0:d5:4b:a1:8c:29:0f:4c:0c:0f:2e:6d:e6:6d:82:3b:52:
27:46:d9:5d:ad:e0:25:95:24:0c:a1:d3:25:f6:af:d2:43:e8:
fe:d6:1c:12:28:87:63:af:30:60:df:0a:a7:3d:e0:21:bc:79:
d5:7b:7c:72:2c:10:53:5e:53:49:58:df:63:06:66:f5:1e:c0:
1d:9b:a4:7a:9d:06:11:d1:ba:48:e3:cc:5f:a5:51:a6:07:bc:
41:b9:f7:1b:67:61:63:e7:11:a1:c4:de:79:78:68:c4:72:93:
f1:3c:c7:16:76:c9:f9:d5:b5:38:6d:99:63:f6:f0:3d:cc:ad:
8b:6a:92:44
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzJulzTXiHSbAEucFCJucvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjQwMTAyMTAzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODI4YTRjYmRmY2ZiN2Q2NzcyNjM4MTU5ODJiYmZlNzAzM2U1ZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xDsyffrEB74QFX+NSs+fj/M/lwq
T9SfMKqIV7iGvo7uwyb+fqEf+66Bofz4ZBAsKD35hVkgmT9CWOdN52AdYWEgt60q
q3aBOEvDWt8uu3tAqXOd8nZ/tENR4Sq5tlQTCnUNzmlV+YYFpDoCMAcI3T8B8JdE
7CIwcpIoyCXwEQaxDLDenjaJkjXiW65N9jbdT1k/cJeOmHztLk2QLEiL3uEM9L2p
pm0XNVwWoNiRtQPz8jiUik476tbSkSQUs8xyQuTC16ae2rzD4fuQvP19wasdVEaE
Sd9xEIb7yjnzjQVaI265w2D4TeI1cxtruiseEmvF0Ank+bldEXmJ4DdCAwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCgopMvfz7fWdyY4FZgrv+cDPl/MMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvS0Npa3k5X1B0OVozSmpnVm1DdV81d00tWDh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDsv+wAwQC
uQX8MA4EAgACMAgDBgQqAW2A8DANBgkqhkiG9w0BAQsFAAOCAQEAo25+SCoipmCT
JpGcCbGVzB0IKC8ZaWrFTRmz38dLgIzJJGxbnUf2+n2IAOrKZCLHuiFfNmWx8ujz
Ym13G1TZX/4JwiMETfXfMe4c8z/bJSBFpL0bbinS35jDad4ZmJI63iz13jpfS7Sl
A5R3r5S7qzKlz3EK33+ZEmmEInJCTNDVS6GMKQ9MDA8ubeZtgjtSJ0bZXa3gJZUk
DKHTJfav0kPo/tYcEiiHY68wYN8Kpz3gIbx51Xt8ciwQU15TSVjfYwZm9R7AHZuk
ep0GEdG6SOPMX6VRpge8Qbn3G2dhY+cRocTeeXhoxHKT8TzHFnbJ+dW1OG2ZY/bw
Pcyti2qSRA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:11:45 2024 by rpki-client on console-ams.rpki-client.org