Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/dda412-4545-48a6-bde2-9a37c6069bc1/1/KLQnqLU7MnE1vQ0C3fBZR_wippM.roa
File: KLQnqLU7MnE1vQ0C3fBZR_wippM.roa (raw, json)
Hash identifier: uHteR/ljeWmrkFZklyk5enYp36A5QLg9oQc2huNod+o=
Subject key identifier: 28:B4:27:A8:B5:3B:32:71:35:BD:0D:02:DD:F0:59:47:FC:22:A6:93
Certificate issuer: /CN=0325034258f275b7c87e5f4f70706c0cf588efc3
Certificate serial: 0190BD67DA3FCC1BC0315DB616D9F53A512F
Authority key identifier: 03:25:03:42:58:F2:75:B7:C8:7E:5F:4F:70:70:6C:0C:F5:88:EF:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyUDQljydbfIfl9PcHBsDPWI78M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/dda412-4545-48a6-bde2-9a37c6069bc1/1/KLQnqLU7MnE1vQ0C3fBZR_wippM.roa
Signing time: Tue 16 Jul 2024 21:16:58 +0000
ROA not before: Tue 16 Jul 2024 21:16:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206706
IP address blocks: 185.126.32.0/24 maxlen: 24
2a10:18c0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/dda412-4545-48a6-bde2-9a37c6069bc1/1/AyUDQljydbfIfl9PcHBsDPWI78M.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/dda412-4545-48a6-bde2-9a37c6069bc1/1/AyUDQljydbfIfl9PcHBsDPWI78M.mft
rsync://rpki.ripe.net/repository/DEFAULT/AyUDQljydbfIfl9PcHBsDPWI78M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bd:67:da:3f:cc:1b:c0:31:5d:b6:16:d9:f5:3a:51:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0325034258f275b7c87e5f4f70706c0cf588efc3
Validity
Not Before: Jul 16 21:16:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28b427a8b53b327135bd0d02ddf05947fc22a693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d3:c7:b8:65:a5:71:11:b0:7e:82:1b:15:a6:
13:ff:07:18:56:93:83:6e:d7:09:59:08:fd:6b:f9:
6e:cb:5a:9f:5a:d5:2e:51:ae:77:c1:de:01:32:f0:
95:20:37:8f:b2:e9:bd:27:25:da:59:e8:78:a1:0b:
42:fa:56:1b:17:28:3b:66:10:82:ea:6a:35:c1:9f:
4e:04:66:ce:28:9a:62:ff:2e:db:7b:71:8d:d8:ba:
bb:2d:3d:df:51:b5:97:3e:96:c4:a3:4b:f2:05:8a:
5c:09:05:9f:07:61:ff:2c:a7:5e:ec:14:f2:c9:27:
09:05:3e:0d:58:cd:36:ee:b5:bc:6f:d5:7f:25:0f:
5c:f3:b8:cd:73:30:fa:2a:c7:7d:df:51:b5:0b:94:
18:92:7f:d1:f3:54:6f:c5:c7:55:1e:8a:d4:e7:9c:
51:d7:56:d2:d1:ac:3a:f1:6a:9f:2c:44:66:aa:5d:
79:50:79:19:8c:52:89:2e:10:8f:6d:00:ea:1c:b8:
5d:4c:df:45:43:50:8d:7c:24:db:80:64:44:ba:2d:
a3:b2:2b:f1:11:5f:e4:a4:7a:59:f3:15:41:f8:4f:
19:7e:98:26:63:6d:6a:e4:6d:18:9c:5c:ab:81:b3:
20:7f:e3:7f:63:63:83:43:4c:cf:cb:d7:d1:f4:9f:
07:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B4:27:A8:B5:3B:32:71:35:BD:0D:02:DD:F0:59:47:FC:22:A6:93
X509v3 Authority Key Identifier:
keyid:03:25:03:42:58:F2:75:B7:C8:7E:5F:4F:70:70:6C:0C:F5:88:EF:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyUDQljydbfIfl9PcHBsDPWI78M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/dda412-4545-48a6-bde2-9a37c6069bc1/1/KLQnqLU7MnE1vQ0C3fBZR_wippM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/dda412-4545-48a6-bde2-9a37c6069bc1/1/AyUDQljydbfIfl9PcHBsDPWI78M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.32.0/24
IPv6:
2a10:18c0::/30
Signature Algorithm: sha256WithRSAEncryption
28:51:fd:73:54:48:13:84:c2:b2:45:9a:97:28:61:ce:7f:a8:
11:3b:b5:f2:9d:a4:70:f7:0d:d8:80:3f:bc:97:f5:c2:b2:68:
54:80:2c:2a:ff:ec:b6:7a:5d:bd:7c:52:6c:92:37:1b:a5:9f:
68:bf:9d:5c:89:df:bb:e9:01:5b:78:fd:44:26:4c:73:22:d0:
11:4b:7b:af:23:f3:16:7e:f8:61:a7:2b:44:73:0c:89:cb:db:
1c:be:d7:0b:83:9f:ed:fb:81:76:52:da:6d:5c:be:b0:81:32:
63:71:77:35:79:ee:5d:77:6d:14:2f:2f:14:ab:01:37:ad:4b:
22:02:5a:6e:6e:69:89:f1:3c:af:8b:3a:9d:7e:f5:35:4a:78:
8f:19:80:5b:9e:49:cc:21:1f:d1:fa:97:e0:b4:13:10:67:11:
49:22:6a:42:49:75:4d:16:fb:17:86:c5:00:9e:c4:28:e8:69:
23:ca:d3:ea:b2:cd:f4:68:24:4d:0c:95:ae:00:78:e6:d1:91:
14:ef:6d:38:95:61:d4:78:2e:c1:70:dd:44:2d:e9:71:01:54:
62:4f:e4:c3:47:9c:99:3b:39:4c:b8:95:d3:10:19:1a:f6:f8:
91:09:77:7c:63:e9:7a:44:78:c2:30:6c:76:ab:30:61:96:7f:
60:b9:ef:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZC9Z9o/zBvAMV22Ftn1OlEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjUwMzQyNThmMjc1YjdjODdlNWY0ZjcwNzA2YzBjZjU4
OGVmYzMwHhcNMjQwNzE2MjExNjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGI0MjdhOGI1M2IzMjcxMzViZDBkMDJkZGYwNTk0N2ZjMjJhNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztPHuGWlcRGwfoIbFaYT/wcYVpOD
btcJWQj9a/luy1qfWtUuUa53wd4BMvCVIDePsum9JyXaWeh4oQtC+lYbFyg7ZhCC
6mo1wZ9OBGbOKJpi/y7be3GN2Lq7LT3fUbWXPpbEo0vyBYpcCQWfB2H/LKde7BTy
yScJBT4NWM027rW8b9V/JQ9c87jNczD6Ksd931G1C5QYkn/R81RvxcdVHorU55xR
11bS0aw68WqfLERmql15UHkZjFKJLhCPbQDqHLhdTN9FQ1CNfCTbgGREui2jsivx
EV/kpHpZ8xVB+E8ZfpgmY21q5G0YnFyrgbMgf+N/Y2ODQ0zPy9fR9J8HZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCi0J6i1OzJxNb0NAt3wWUf8IqaTMB8GA1UdIwQY
MBaAFAMlA0JY8nW3yH5fT3BwbAz1iO/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlVRFFsanlkYmZJZmw5UGNIQnNEUFdJNzhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9kZGE0MTItNDU0NS00OGE2LWJkZTIt
OWEzN2M2MDY5YmMxLzEvS0xRbnFMVTdNbkUxdlEwQzNmQlpSX3dpcHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9kZGE0MTItNDU0NS00OGE2LWJkZTItOWEzN2M2MDY5YmMx
LzEvQXlVRFFsanlkYmZJZmw5UGNIQnNEUFdJNzhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuX4gMA0E
AgACMAcDBQIqEBjAMA0GCSqGSIb3DQEBCwUAA4IBAQAoUf1zVEgThMKyRZqXKGHO
f6gRO7XynaRw9w3YgD+8l/XCsmhUgCwq/+y2el29fFJskjcbpZ9ov51cid+76QFb
eP1EJkxzItARS3uvI/MWfvhhpytEcwyJy9scvtcLg5/t+4F2UtptXL6wgTJjcXc1
ee5dd20ULy8UqwE3rUsiAlpubmmJ8TyvizqdfvU1SniPGYBbnknMIR/R+pfgtBMQ
ZxFJImpCSXVNFvsXhsUAnsQo6GkjytPqss30aCRNDJWuAHjm0ZEU7204lWHUeC7B
cN1ELelxAVRiT+TDR5yZOzlMuJXTEBka9viRCXd8Y+l6RHjCMGx2qzBhln9gue/K
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:52 2024 by rpki-client on console-fra.rpki-client.org