Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/kt1qjTv5x_27VMJKRA9CuwvbLbM.roa
File: kt1qjTv5x_27VMJKRA9CuwvbLbM.roa (raw, json)
Hash identifier: IHiFIN7m9pmzHg/39vNI+0N/0CzGmHOkLWTTwwl6KCY=
Subject key identifier: 92:DD:6A:8D:3B:F9:C7:FD:BB:54:C2:4A:44:0F:42:BB:0B:DB:2D:B3
Certificate issuer: /CN=128f0960bf2fbf70c4c49ae101dff2ecc39875ed
Certificate serial: 018CC3B6E915985C4999F5B35A6502C2B99D
Authority key identifier: 12:8F:09:60:BF:2F:BF:70:C4:C4:9A:E1:01:DF:F2:EC:C3:98:75:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eo8JYL8vv3DExJrhAd_y7MOYde0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/kt1qjTv5x_27VMJKRA9CuwvbLbM.roa
Signing time: Mon 01 Jan 2024 06:29:53 +0000
ROA not before: Mon 01 Jan 2024 06:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50535
IP address blocks: 46.18.88.0/22 maxlen: 22
193.107.56.0/22 maxlen: 22
46.18.92.0/22 maxlen: 22
141.138.152.0/22 maxlen: 22
141.138.156.0/22 maxlen: 22
185.116.88.0/22 maxlen: 24
2a00:ce80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/Eo8JYL8vv3DExJrhAd_y7MOYde0.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/Eo8JYL8vv3DExJrhAd_y7MOYde0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Eo8JYL8vv3DExJrhAd_y7MOYde0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e9:15:98:5c:49:99:f5:b3:5a:65:02:c2:b9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=128f0960bf2fbf70c4c49ae101dff2ecc39875ed
Validity
Not Before: Jan 1 06:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92dd6a8d3bf9c7fdbb54c24a440f42bb0bdb2db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f3:34:d7:62:06:52:df:e2:bd:11:03:35:c2:
9f:c7:c9:87:63:41:14:a9:a5:63:03:7b:f2:6e:e6:
cb:e7:fe:ff:94:26:ef:1c:63:7d:d9:94:07:02:e2:
a6:98:91:d1:cc:fc:b1:4f:ae:16:76:b2:94:d2:b1:
07:e5:ce:37:f8:fe:72:6d:9f:2d:bd:31:8a:10:03:
61:e1:85:02:2e:86:61:7c:03:a2:7f:07:fd:aa:9f:
cc:9a:84:40:6a:b4:5d:de:03:d4:9c:ce:ad:99:50:
66:4c:3b:3e:7b:cd:0b:fc:88:ee:c8:fc:6c:d3:7f:
ab:b3:0a:6d:1f:b7:38:ac:7f:b4:cd:3d:ad:bc:65:
41:93:e4:76:39:5c:8c:5e:05:e2:cd:0a:16:7d:e9:
54:70:03:51:23:73:3a:e5:83:90:dc:d1:cb:94:17:
e9:46:2f:22:38:bd:b0:19:f9:e5:b2:22:70:ac:1b:
cb:29:fe:f4:4e:fd:aa:48:7b:8d:55:3e:35:c0:fb:
ab:d1:25:d9:fc:b9:b2:d9:87:13:74:75:08:31:1e:
52:3e:89:d3:48:0a:37:b1:c5:70:a5:be:a1:40:1b:
65:f0:41:9e:2f:7e:e2:8b:f9:e1:fa:1b:f4:fc:33:
99:99:06:27:ce:df:ad:53:60:f4:87:4b:13:2a:5c:
b8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DD:6A:8D:3B:F9:C7:FD:BB:54:C2:4A:44:0F:42:BB:0B:DB:2D:B3
X509v3 Authority Key Identifier:
keyid:12:8F:09:60:BF:2F:BF:70:C4:C4:9A:E1:01:DF:F2:EC:C3:98:75:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eo8JYL8vv3DExJrhAd_y7MOYde0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/kt1qjTv5x_27VMJKRA9CuwvbLbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/008681-df79-477b-9236-45309a5e2768/1/Eo8JYL8vv3DExJrhAd_y7MOYde0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.88.0/21
141.138.152.0/21
185.116.88.0/22
193.107.56.0/22
IPv6:
2a00:ce80::/32
Signature Algorithm: sha256WithRSAEncryption
b8:87:ff:d1:32:e5:a9:be:1f:77:0f:d2:51:1b:e0:d6:d3:be:
22:02:f9:76:e3:7d:7b:b6:41:3a:6b:80:1c:84:b7:b0:38:6d:
18:3e:4f:b6:32:b4:36:66:e5:c2:22:73:27:aa:31:9c:b3:61:
83:79:e8:f3:0c:a0:6c:4e:ec:2c:d9:76:6b:48:f8:49:1a:1b:
6b:88:d3:04:6a:9c:1a:6a:a1:95:be:a4:c3:f3:80:39:e5:3c:
5d:51:63:d0:c2:b7:ec:b9:bc:a9:e6:a3:55:fb:6c:04:90:93:
6b:7d:4f:a4:dd:cb:3a:4f:f3:58:1d:3a:5f:bf:e0:b5:fe:73:
df:ff:ce:96:74:f0:74:56:ea:7f:5f:cd:6d:a2:73:60:f7:11:
28:bb:59:ec:eb:a8:f9:6b:90:b7:d0:5d:9c:0f:eb:c3:70:cb:
1a:bd:d5:28:b7:4f:d6:f3:3e:f9:2e:86:4c:4a:3e:fc:4c:b4:
4d:c7:4b:52:0d:49:7a:80:b8:b2:8d:37:e3:43:2b:df:ab:76:
9f:16:b6:22:1d:ae:1f:b0:9b:ef:1f:a8:43:30:01:aa:f4:33:
5d:85:91:7a:09:f0:42:01:a1:d4:58:e3:b5:ee:f6:63:90:9d:
56:bb:a8:a7:11:66:16:fc:fc:bf:b9:0a:13:db:f5:59:61:32:
13:40:de:f4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDtukVmFxJmfWzWmUCwrmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyOGYwOTYwYmYyZmJmNzBjNGM0OWFlMTAxZGZmMmVjYzM5
ODc1ZWQwHhcNMjQwMTAxMDYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRkNmE4ZDNiZjljN2ZkYmI1NGMyNGE0NDBmNDJiYjBiZGIyZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/M012IGUt/ivREDNcKfx8mHY0EU
qaVjA3vybubL5/7/lCbvHGN92ZQHAuKmmJHRzPyxT64WdrKU0rEH5c43+P5ybZ8t
vTGKEANh4YUCLoZhfAOifwf9qp/MmoRAarRd3gPUnM6tmVBmTDs+e80L/IjuyPxs
03+rswptH7c4rH+0zT2tvGVBk+R2OVyMXgXizQoWfelUcANRI3M65YOQ3NHLlBfp
Ri8iOL2wGfnlsiJwrBvLKf70Tv2qSHuNVT41wPur0SXZ/Lmy2YcTdHUIMR5SPonT
SAo3scVwpb6hQBtl8EGeL37ii/nh+hv0/DOZmQYnzt+tU2D0h0sTKly4eQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJLdao07+cf9u1TCSkQPQrsL2y2zMB8GA1UdIwQY
MBaAFBKPCWC/L79wxMSa4QHf8uzDmHXtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW84SllMOHZ2M0RFeEpyaEFkX3k3TU9ZZGUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wMDg2ODEtZGY3OS00NzdiLTkyMzYt
NDUzMDlhNWUyNzY4LzEva3QxcWpUdjV4XzI3Vk1KS1JBOUN1d3ZiTGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wMDg2ODEtZGY3OS00NzdiLTkyMzYtNDUzMDlhNWUyNzY4
LzEvRW84SllMOHZ2M0RFeEpyaEFkX3k3TU9ZZGUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLhJYAwQD
jYqYAwQCuXRYAwQCwWs4MA0EAgACMAcDBQAqAM6AMA0GCSqGSIb3DQEBCwUAA4IB
AQC4h//RMuWpvh93D9JRG+DW074iAvl24317tkE6a4AchLewOG0YPk+2MrQ2ZuXC
InMnqjGcs2GDeejzDKBsTuws2XZrSPhJGhtriNMEapwaaqGVvqTD84A55TxdUWPQ
wrfsubyp5qNV+2wEkJNrfU+k3cs6T/NYHTpfv+C1/nPf/86WdPB0Vup/X81tonNg
9xEou1ns66j5a5C30F2cD+vDcMsavdUot0/W8z75LoZMSj78TLRNx0tSDUl6gLiy
jTfjQyvfq3afFrYiHa4fsJvvH6hDMAGq9DNdhZF6CfBCAaHUWOO17vZjkJ1Wu6in
EWYW/Py/uQoT2/VZYTITQN70
-----END CERTIFICATE-----
Generated at Sat May 18 16:21:31 2024 by rpki-client on console-ams.rpki-client.org