Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/kemo6U9hRz_dvg8OEFiCmUepxmI.roa
File: kemo6U9hRz_dvg8OEFiCmUepxmI.roa (raw, json)
Hash identifier: 70hNV1f5wqfs8gUnLVE/hJ1y5t+CmKpm6rJ9yRvqe0s=
Subject key identifier: 91:E9:A8:E9:4F:61:47:3F:DD:BE:0F:0E:10:58:82:99:47:A9:C6:62
Certificate issuer: /CN=adc8a9bbc2bc3a4c8bb876ccdd95fd865250b6db
Certificate serial: 018DA18831CD75AD7C307DF353DE9164F480
Authority key identifier: AD:C8:A9:BB:C2:BC:3A:4C:8B:B8:76:CC:DD:95:FD:86:52:50:B6:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rcipu8K8OkyLuHbM3ZX9hlJQtts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/kemo6U9hRz_dvg8OEFiCmUepxmI.roa
Signing time: Tue 13 Feb 2024 08:14:33 +0000
ROA not before: Tue 13 Feb 2024 08:14:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3352
IP address blocks: 45.148.220.0/24 maxlen: 24
81.90.104.0/24 maxlen: 24
81.90.110.0/24 maxlen: 24
81.90.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/rcipu8K8OkyLuHbM3ZX9hlJQtts.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/rcipu8K8OkyLuHbM3ZX9hlJQtts.mft
rsync://rpki.ripe.net/repository/DEFAULT/rcipu8K8OkyLuHbM3ZX9hlJQtts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a1:88:31:cd:75:ad:7c:30:7d:f3:53:de:91:64:f4:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adc8a9bbc2bc3a4c8bb876ccdd95fd865250b6db
Validity
Not Before: Feb 13 08:14:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91e9a8e94f61473fddbe0f0e1058829947a9c662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:25:16:cc:12:f2:1a:7e:62:78:67:be:1a:ea:
a8:80:ac:b9:80:c3:3d:7a:09:93:79:d9:4f:f4:22:
43:aa:bd:cb:04:d2:4d:ba:b6:58:fa:c1:11:49:1f:
5a:5a:db:71:c1:68:55:8f:35:cd:6d:c7:88:9c:13:
87:0f:79:ce:76:81:7a:00:ec:c3:99:c1:9b:d5:c6:
4e:cc:84:55:eb:bd:d7:a4:03:3c:97:db:ee:8e:6b:
b3:93:7c:e9:58:11:0b:8f:18:45:1f:3c:fe:a2:df:
38:75:d6:8e:02:92:e6:0f:95:ab:66:7f:56:f0:d0:
0e:4f:00:c6:f7:46:f9:fa:38:de:36:9a:4f:7f:17:
92:c1:91:b7:d9:6c:db:1f:de:96:e7:ec:bb:bb:e4:
f9:c9:ad:46:98:5e:7f:e0:00:3f:05:2c:b5:b7:5b:
8c:db:2f:7b:a7:d4:2b:10:f6:cb:c9:dd:07:28:c5:
19:22:af:af:d1:9e:89:fd:15:43:3f:7f:fd:83:44:
22:fb:33:73:39:1f:f4:e0:a2:77:28:71:ed:dd:91:
4c:5f:51:f8:1b:c5:cd:c9:bd:fd:90:6e:2d:04:35:
95:a9:e8:12:4d:7c:eb:45:b7:b7:eb:6d:2e:6e:38:
f7:ea:2c:a9:fe:a2:21:79:c8:3b:01:c9:c1:05:20:
ec:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E9:A8:E9:4F:61:47:3F:DD:BE:0F:0E:10:58:82:99:47:A9:C6:62
X509v3 Authority Key Identifier:
keyid:AD:C8:A9:BB:C2:BC:3A:4C:8B:B8:76:CC:DD:95:FD:86:52:50:B6:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rcipu8K8OkyLuHbM3ZX9hlJQtts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/kemo6U9hRz_dvg8OEFiCmUepxmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/rcipu8K8OkyLuHbM3ZX9hlJQtts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.220.0/24
81.90.104.0/24
81.90.110.0/23
Signature Algorithm: sha256WithRSAEncryption
84:34:27:c4:a8:30:93:bf:67:2e:89:10:2d:39:1b:59:5c:52:
46:21:af:60:6c:b8:5b:ee:7e:91:92:73:ed:4c:1d:6e:08:c1:
69:6a:a0:9f:35:90:32:a3:8f:c8:69:d2:5a:42:0e:e7:88:6f:
c9:28:34:b8:78:cc:2b:c4:09:d6:0c:fb:b8:86:a1:37:70:22:
15:0e:0c:cf:36:a0:29:32:b2:3d:6e:2c:7d:79:e7:8f:11:98:
95:f4:56:3c:22:21:de:db:d6:d6:42:eb:a9:f4:81:37:44:46:
28:99:9d:ab:8e:ff:27:f9:3e:8b:0e:7f:36:8c:47:cc:ae:55:
a5:bb:38:24:41:40:83:c6:0a:52:7b:c4:13:47:bf:c0:fb:d6:
80:a8:5a:64:38:98:c3:11:0a:22:1c:ae:fd:d3:3c:3d:e1:6c:
86:9c:e8:77:c2:cb:96:89:9c:b2:2c:ba:e7:71:a3:37:50:8a:
32:d1:2f:3f:40:82:14:1a:e1:75:3e:4c:04:21:f3:b6:9a:78:
0a:7a:34:2e:79:01:ed:c1:d5:fa:23:51:4c:ba:61:5b:ae:65:
55:dd:38:8b:98:2b:96:74:76:41:62:61:f8:ef:78:d9:97:95:
e8:b7:fc:33:4b:b3:98:1b:df:a7:e6:1c:ab:b7:bd:0a:eb:ad:
cd:c9:7b:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2hiDHNda18MH3zU96RZPSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYzhhOWJiYzJiYzNhNGM4YmI4NzZjY2RkOTVmZDg2NTI1
MGI2ZGIwHhcNMjQwMjEzMDgxNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWU5YThlOTRmNjE0NzNmZGRiZTBmMGUxMDU4ODI5OTQ3YTljNjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSUWzBLyGn5ieGe+GuqogKy5gMM9
egmTedlP9CJDqr3LBNJNurZY+sERSR9aWttxwWhVjzXNbceInBOHD3nOdoF6AOzD
mcGb1cZOzIRV673XpAM8l9vujmuzk3zpWBELjxhFHzz+ot84ddaOApLmD5WrZn9W
8NAOTwDG90b5+jjeNppPfxeSwZG32WzbH96W5+y7u+T5ya1GmF5/4AA/BSy1t1uM
2y97p9QrEPbLyd0HKMUZIq+v0Z6J/RVDP3/9g0Qi+zNzOR/04KJ3KHHt3ZFMX1H4
G8XNyb39kG4tBDWVqegSTXzrRbe3620ubjj36iyp/qIhecg7AcnBBSDsGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJHpqOlPYUc/3b4PDhBYgplHqcZiMB8GA1UdIwQY
MBaAFK3IqbvCvDpMi7h2zN2V/YZSULbbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmNpcHU4SzhPa3lMdUhiTTNaWDlobEpRdHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS84Njc3MmUtNWU2Yi00MDZjLThhOWUt
MTY1NGE4MGRiYzM2LzEva2VtbzZVOWhSel9kdmc4T0VGaUNtVWVweG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS84Njc3MmUtNWU2Yi00MDZjLThhOWUtMTY1NGE4MGRiYzM2
LzEvcmNpcHU4SzhPa3lMdUhiTTNaWDlobEpRdHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZTcAwQA
UVpoAwQBUVpuMA0GCSqGSIb3DQEBCwUAA4IBAQCENCfEqDCTv2cuiRAtORtZXFJG
Ia9gbLhb7n6RknPtTB1uCMFpaqCfNZAyo4/IadJaQg7niG/JKDS4eMwrxAnWDPu4
hqE3cCIVDgzPNqApMrI9bix9eeePEZiV9FY8IiHe29bWQuup9IE3REYomZ2rjv8n
+T6LDn82jEfMrlWluzgkQUCDxgpSe8QTR7/A+9aAqFpkOJjDEQoiHK790zw94WyG
nOh3wsuWiZyyLLrncaM3UIoy0S8/QIIUGuF1PkwEIfO2mngKejQueQHtwdX6I1FM
umFbrmVV3TiLmCuWdHZBYmH473jZl5Xot/wzS7OYG9+n5hyrt70K663NyXsw
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:00:14 2024 by rpki-client on console-ams.rpki-client.org