Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kxmQzWugqan0M500ckn8R8o9ldA.roa
File: kxmQzWugqan0M500ckn8R8o9ldA.roa (raw, json)
Hash identifier: 4q9+lxButaqdJHDypR9OvpuBgB34jHQYguH/hWDYa7M=
Subject key identifier: 93:19:90:CD:6B:A0:A9:A9:F4:33:9D:34:72:49:FC:47:CA:3D:95:D0
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018D25F1F9F5F102082332DE8F726F4FA974
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kxmQzWugqan0M500ckn8R8o9ldA.roa
Signing time: Sat 20 Jan 2024 08:17:11 +0000
ROA not before: Sat 20 Jan 2024 08:17:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.136.184.0/22 maxlen: 24
62.106.75.0/24 maxlen: 24
62.133.34.0/24 maxlen: 24
77.75.225.0/24 maxlen: 24
185.255.54.0/24 maxlen: 24
2a0b:4080::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:25:f1:f9:f5:f1:02:08:23:32:de:8f:72:6f:4f:a9:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 20 08:17:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=931990cd6ba0a9a9f4339d347249fc47ca3d95d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ff:ef:f2:a4:5c:91:4a:ec:b6:e2:09:2f:1c:
3d:21:b9:fd:1b:59:58:0f:37:90:0f:e5:93:6b:36:
8e:5d:08:3d:77:41:10:f6:b8:51:29:0d:b5:63:61:
5d:64:10:f6:7a:2e:11:6a:8a:b4:8b:db:b6:50:42:
04:dd:05:0d:c4:d5:c0:97:9b:9c:e9:d6:87:73:4b:
d4:c8:45:1b:9c:cb:b8:2a:01:de:8e:c5:b9:58:e0:
e3:5c:6b:fb:bc:2d:52:f1:48:23:b8:bb:b5:a6:81:
d9:8c:3c:c5:ae:72:52:a9:90:c2:67:f3:68:7a:9e:
3e:37:85:0e:6f:0c:8b:b4:9c:9a:53:6b:a7:03:c8:
9f:7e:ff:16:03:33:b7:26:0b:e6:48:52:44:86:a5:
c0:e3:ff:eb:52:8b:cb:16:d7:e9:20:14:97:70:b4:
3a:9a:3b:70:e2:24:16:d1:b9:81:b9:86:17:9e:0b:
d7:56:aa:11:68:07:05:de:3b:39:ba:ed:c1:ba:31:
47:b7:95:83:d8:e2:9c:36:c7:d1:b7:57:55:d3:3d:
1e:dd:59:ce:c6:4f:ad:20:a4:be:2d:13:d0:5e:68:
a4:4a:d2:97:7a:10:d2:a5:35:6c:f3:71:81:12:c7:
41:05:52:70:81:61:61:75:38:a9:fa:90:20:4d:21:
b1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:19:90:CD:6B:A0:A9:A9:F4:33:9D:34:72:49:FC:47:CA:3D:95:D0
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kxmQzWugqan0M500ckn8R8o9ldA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.184.0/22
62.106.75.0/24
62.133.34.0/24
77.75.225.0/24
185.255.54.0/24
IPv6:
2a0b:4080::/32
Signature Algorithm: sha256WithRSAEncryption
4c:42:3d:17:c4:e4:df:08:9b:d2:72:e1:29:c8:9b:15:6d:15:
63:f4:c1:6a:f0:af:14:0a:67:ff:c9:4e:18:1d:9e:ac:04:0c:
00:25:a8:3f:0d:10:03:ad:61:56:8a:53:79:26:ce:e8:e6:33:
49:07:de:38:44:05:09:49:60:de:4b:b3:f1:4c:e4:d6:a1:b1:
7e:51:83:a4:f0:05:09:82:c7:cd:cd:e8:ef:88:6a:94:be:d9:
60:49:bb:e3:63:5d:12:b4:f9:8a:7c:0a:45:6c:29:ea:29:ee:
24:5c:7e:a3:3d:cc:c3:bb:04:28:c5:50:0d:0f:83:a6:84:32:
f1:52:bc:e0:69:ab:5a:21:b1:bf:46:71:f0:f8:bf:90:18:2a:
78:8d:6e:58:da:69:3c:5b:c8:d8:0a:f8:92:c2:ac:ff:13:c4:
32:69:9d:42:82:3c:0b:b1:3a:e7:d1:0f:22:99:98:f0:f9:3f:
22:f5:6d:35:56:e8:5f:73:bc:b7:7a:00:a6:26:17:96:d0:a8:
55:36:cd:81:8f:90:7d:d3:dc:f8:2e:5a:24:92:04:2a:97:db:
74:61:45:fb:65:34:f2:2d:8a:32:12:da:e4:f1:28:59:23:0e:
7e:a4:11:e8:36:50:a0:33:49:01:5f:65:9b:5b:77:9a:ac:19:
ce:f3:7a:87
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY0l8fn18QIIIzLej3JvT6l0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTIwMDgxNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzE5OTBjZDZiYTBhOWE5ZjQzMzlkMzQ3MjQ5ZmM0N2NhM2Q5NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv/v8qRckUrstuIJLxw9Ibn9G1lY
DzeQD+WTazaOXQg9d0EQ9rhRKQ21Y2FdZBD2ei4Raoq0i9u2UEIE3QUNxNXAl5uc
6daHc0vUyEUbnMu4KgHejsW5WODjXGv7vC1S8UgjuLu1poHZjDzFrnJSqZDCZ/No
ep4+N4UObwyLtJyaU2unA8iffv8WAzO3JgvmSFJEhqXA4//rUovLFtfpIBSXcLQ6
mjtw4iQW0bmBuYYXngvXVqoRaAcF3js5uu3BujFHt5WD2OKcNsfRt1dV0z0e3VnO
xk+tIKS+LRPQXmikStKXehDSpTVs83GBEsdBBVJwgWFhdTip+pAgTSGxzQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJMZkM1roKmp9DOdNHJJ/EfKPZXQMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEva3htUXpXdWdxYW4wTTUwMGNrbjhSOG85bGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLYi4AwQA
PmpLAwQAPoUiAwQATUvhAwQAuf82MA0EAgACMAcDBQAqC0CAMA0GCSqGSIb3DQEB
CwUAA4IBAQBMQj0XxOTfCJvScuEpyJsVbRVj9MFq8K8UCmf/yU4YHZ6sBAwAJag/
DRADrWFWilN5Js7o5jNJB944RAUJSWDeS7PxTOTWobF+UYOk8AUJgsfNzejviGqU
vtlgSbvjY10StPmKfApFbCnqKe4kXH6jPczDuwQoxVAND4OmhDLxUrzgaataIbG/
RnHw+L+QGCp4jW5Y2mk8W8jYCviSwqz/E8QyaZ1CgjwLsTrn0Q8imZjw+T8i9W01
Vuhfc7y3egCmJheW0KhVNs2Bj5B909z4LlokkgQql9t0YUX7ZTTyLYoyEtrk8ShZ
Iw5+pBHoNlCgM0kBX2WbW3earBnO83qH
-----END CERTIFICATE-----
Generated at Thu May 2 01:35:09 2024 by rpki-client on console-ams.rpki-client.org