Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/8060df-a6f7-4166-a929-a980bed33ab0/1/KV1CuLs-TuRkP0aqS5IeSJMaGYQ.roa
File: KV1CuLs-TuRkP0aqS5IeSJMaGYQ.roa (raw, json)
Hash identifier: ogZmzrdsdzK3IggjFNZovnD74N47IX4cwCNErgyTVSo=
Subject key identifier: 29:5D:42:B8:BB:3E:4E:E4:64:3F:46:AA:4B:92:1E:48:93:1A:19:84
Certificate issuer: /CN=dbb653bbd1704c47bada62ab6ce3502307f244b6
Certificate serial: 018CC64B0F824C26AF585EFFE9330F468B44
Authority key identifier: DB:B6:53:BB:D1:70:4C:47:BA:DA:62:AB:6C:E3:50:23:07:F2:44:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27ZTu9FwTEe62mKrbONQIwfyRLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/8060df-a6f7-4166-a929-a980bed33ab0/1/KV1CuLs-TuRkP0aqS5IeSJMaGYQ.roa
Signing time: Mon 01 Jan 2024 18:30:57 +0000
ROA not before: Mon 01 Jan 2024 18:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34785
IP address blocks: 193.186.80.0/22 maxlen: 22
193.186.84.0/23 maxlen: 23
193.228.112.0/21 maxlen: 21
193.228.122.0/24 maxlen: 24
193.228.120.0/23 maxlen: 23
185.72.137.0/24 maxlen: 24
185.72.138.0/24 maxlen: 24
80.80.240.0/20 maxlen: 20
185.72.136.0/24 maxlen: 24
193.186.72.0/21 maxlen: 21
2a01:af80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/8060df-a6f7-4166-a929-a980bed33ab0/1/27ZTu9FwTEe62mKrbONQIwfyRLY.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/8060df-a6f7-4166-a929-a980bed33ab0/1/27ZTu9FwTEe62mKrbONQIwfyRLY.mft
rsync://rpki.ripe.net/repository/DEFAULT/27ZTu9FwTEe62mKrbONQIwfyRLY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:0f:82:4c:26:af:58:5e:ff:e9:33:0f:46:8b:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb653bbd1704c47bada62ab6ce3502307f244b6
Validity
Not Before: Jan 1 18:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=295d42b8bb3e4ee4643f46aa4b921e48931a1984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:da:93:af:4a:e7:ca:ef:4d:d7:3a:a4:4b:ec:
3b:fe:25:04:f4:5a:48:6f:c4:87:a3:b3:4c:79:1e:
05:14:ea:01:c1:4d:45:78:17:c0:71:f4:79:dd:30:
4c:b3:63:df:b2:e6:75:be:b0:e7:d6:fd:64:3a:2c:
ac:66:8e:fd:41:08:7e:78:66:b1:76:7a:7b:8f:9e:
c4:3f:5a:e7:2a:d8:c0:62:cd:71:56:86:ae:cc:f8:
aa:41:f1:27:c4:b4:10:41:17:06:a0:50:f2:c4:ba:
87:6a:4c:f4:98:6b:55:3d:32:82:de:ec:14:12:95:
20:05:b2:de:15:96:73:cb:e1:6f:45:51:d2:00:4a:
d7:b6:f1:d4:44:33:2f:79:1a:fe:71:fb:45:b0:95:
2d:d0:09:c7:b0:c2:e5:2c:5e:79:14:d6:67:45:e3:
36:4b:2c:86:68:ba:a7:5f:4d:1b:05:db:ec:24:ff:
f4:f6:70:31:cf:c8:c5:9b:73:41:8e:f7:f3:09:71:
f2:75:b7:c4:47:66:fa:e5:fa:d7:c7:78:02:40:dd:
4c:a2:61:e4:68:e8:b2:6b:b9:0d:36:57:17:b7:a7:
a1:2e:56:6d:69:44:42:22:02:5e:a3:9b:41:79:2d:
06:4c:cb:c4:54:72:38:ab:16:18:63:3c:91:82:e8:
0f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5D:42:B8:BB:3E:4E:E4:64:3F:46:AA:4B:92:1E:48:93:1A:19:84
X509v3 Authority Key Identifier:
keyid:DB:B6:53:BB:D1:70:4C:47:BA:DA:62:AB:6C:E3:50:23:07:F2:44:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27ZTu9FwTEe62mKrbONQIwfyRLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8060df-a6f7-4166-a929-a980bed33ab0/1/KV1CuLs-TuRkP0aqS5IeSJMaGYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/8060df-a6f7-4166-a929-a980bed33ab0/1/27ZTu9FwTEe62mKrbONQIwfyRLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.80.240.0/20
185.72.136.0-185.72.138.255
193.186.72.0-193.186.85.255
193.228.112.0-193.228.122.255
IPv6:
2a01:af80::/32
Signature Algorithm: sha256WithRSAEncryption
25:ba:3d:28:6c:f2:18:da:a4:04:52:a9:47:95:cd:87:89:dc:
a2:f0:e7:08:99:97:96:71:35:d9:a0:25:ea:23:dd:dc:16:11:
da:16:5e:4f:19:a0:01:94:9b:39:b9:ae:89:0a:ce:5a:dd:16:
20:6c:6e:32:f8:c2:ca:db:11:fb:d5:44:e3:46:28:81:f0:e6:
c6:38:5f:e4:84:8c:e4:83:03:27:81:25:f1:82:70:67:4a:94:
7f:b9:7f:2b:0d:a2:4b:e4:83:11:c0:d4:9d:80:fa:fe:e9:bf:
6d:10:28:69:e4:35:7e:c0:82:86:7e:cf:0a:b0:98:0c:1b:21:
f7:57:6c:bc:54:3f:dc:34:4a:6d:54:35:ef:6f:86:2e:a1:97:
5f:4d:e4:29:a7:75:1d:4c:22:8c:65:47:1c:48:62:2b:f5:c6:
78:9b:c2:6e:b9:43:3b:70:44:8b:8d:0e:87:21:03:3d:93:34:
90:9e:64:65:65:1b:bc:5d:ba:14:30:6c:87:40:1c:a0:9c:77:
4d:13:16:57:95:42:d5:a9:1f:a8:33:82:53:ce:a8:11:36:7a:
39:e3:0c:3c:b7:d3:0e:10:05:bb:0c:20:b0:83:59:93:71:82:
f2:58:fc:14:00:24:8f:9f:33:d3:5e:2f:eb:af:d0:f6:db:0d:
2c:a2:b2:f3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzGSw+CTCavWF7/6TMPRotEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjY1M2JiZDE3MDRjNDdiYWRhNjJhYjZjZTM1MDIzMDdm
MjQ0YjYwHhcNMjQwMTAxMTgzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTVkNDJiOGJiM2U0ZWU0NjQzZjQ2YWE0YjkyMWU0ODkzMWExOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNqTr0rnyu9N1zqkS+w7/iUE9FpI
b8SHo7NMeR4FFOoBwU1FeBfAcfR53TBMs2PfsuZ1vrDn1v1kOiysZo79QQh+eGax
dnp7j57EP1rnKtjAYs1xVoauzPiqQfEnxLQQQRcGoFDyxLqHakz0mGtVPTKC3uwU
EpUgBbLeFZZzy+FvRVHSAErXtvHURDMveRr+cftFsJUt0AnHsMLlLF55FNZnReM2
SyyGaLqnX00bBdvsJP/09nAxz8jFm3NBjvfzCXHydbfER2b65frXx3gCQN1MomHk
aOiya7kNNlcXt6ehLlZtaURCIgJeo5tBeS0GTMvEVHI4qxYYYzyRgugPcwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFCldQri7Pk7kZD9GqkuSHkiTGhmEMB8GA1UdIwQY
MBaAFNu2U7vRcExHutpiq2zjUCMH8kS2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdaVHU5RndURWU2Mm1LcmJPTlFJd2Z5UkxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84MDYwZGYtYTZmNy00MTY2LWE5Mjkt
YTk4MGJlZDMzYWIwLzEvS1YxQ3VMcy1UdVJrUDBhcVM1SWVTSk1hR1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84MDYwZGYtYTZmNy00MTY2LWE5MjktYTk4MGJlZDMzYWIw
LzEvMjdaVHU5RndURWU2Mm1LcmJPTlFJd2Z5UkxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEUFDwMAwD
BAO5SIgDBAC5SIowDAMEA8G6SAMEAcG6VDAMAwQEweRwAwQAweR6MA0EAgACMAcD
BQAqAa+AMA0GCSqGSIb3DQEBCwUAA4IBAQAluj0obPIY2qQEUqlHlc2Hidyi8OcI
mZeWcTXZoCXqI93cFhHaFl5PGaABlJs5ua6JCs5a3RYgbG4y+MLK2xH71UTjRiiB
8ObGOF/khIzkgwMngSXxgnBnSpR/uX8rDaJL5IMRwNSdgPr+6b9tEChp5DV+wIKG
fs8KsJgMGyH3V2y8VD/cNEptVDXvb4YuoZdfTeQpp3UdTCKMZUccSGIr9cZ4m8Ju
uUM7cESLjQ6HIQM9kzSQnmRlZRu8XboUMGyHQBygnHdNExZXlULVqR+oM4JTzqgR
Nno54ww8t9MOEAW7DCCwg1mTcYLyWPwUACSPnzPTXi/rr9D22w0sorLz
-----END CERTIFICATE-----
Generated at Tue May 28 23:41:30 2024 by rpki-client on console-ams.rpki-client.org