Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/ktb50iUV8cfzmFj6O05TQYiAjUI.roa
File: ktb50iUV8cfzmFj6O05TQYiAjUI.roa (raw, json)
Hash identifier: az6Nhq7FJLQr+fgzjxNOLszJITxf7bcd/Agh+yNrods=
Subject key identifier: 92:D6:F9:D2:25:15:F1:C7:F3:98:58:FA:3B:4E:53:41:88:80:8D:42
Certificate issuer: /CN=3ef46116a11f11f51fc9a1d225a0bfcefdbed786
Certificate serial: 018CC8DF6CBDC197FDEB3C8714453DF6B1B3
Authority key identifier: 3E:F4:61:16:A1:1F:11:F5:1F:C9:A1:D2:25:A0:BF:CE:FD:BE:D7:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvRhFqEfEfUfyaHSJaC_zv2-14Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/ktb50iUV8cfzmFj6O05TQYiAjUI.roa
Signing time: Tue 02 Jan 2024 06:32:14 +0000
ROA not before: Tue 02 Jan 2024 06:32:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 185.132.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/PvRhFqEfEfUfyaHSJaC_zv2-14Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/PvRhFqEfEfUfyaHSJaC_zv2-14Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/PvRhFqEfEfUfyaHSJaC_zv2-14Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:6c:bd:c1:97:fd:eb:3c:87:14:45:3d:f6:b1:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ef46116a11f11f51fc9a1d225a0bfcefdbed786
Validity
Not Before: Jan 2 06:32:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92d6f9d22515f1c7f39858fa3b4e534188808d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:94:80:b0:5b:c7:db:15:a1:b3:8d:0c:51:f6:
f9:91:be:e2:a3:4d:da:15:73:9f:14:5e:fc:37:ea:
1b:0a:78:47:3a:f6:dd:45:97:a8:15:a2:0b:c7:70:
ec:69:99:17:e0:ba:88:e6:77:75:b6:e2:3e:06:83:
6f:92:ff:50:a3:3c:5f:f4:c4:9e:58:ea:70:f9:69:
3c:48:b2:c4:31:93:4a:f8:77:99:f2:6c:4f:15:11:
6b:08:d0:e6:56:6e:17:3c:01:02:76:3a:12:9c:d7:
82:cb:e6:1e:34:a1:8e:6c:9f:4a:5d:97:9f:d1:3b:
58:52:9b:af:3c:98:2a:4d:a9:e1:41:74:0e:50:7f:
73:44:11:c5:58:21:18:ea:aa:50:2c:9e:ea:36:35:
cb:07:4b:01:fa:42:7d:6d:18:b4:df:4f:9d:ab:89:
73:63:1a:a5:3d:2b:31:62:e6:fd:05:7e:c1:e9:1a:
e2:a9:18:f3:7b:dc:05:9a:d9:4c:48:21:e1:31:67:
61:24:24:64:cf:31:fa:46:c8:92:aa:ba:54:21:06:
b5:60:31:87:c2:b2:a7:ff:ae:50:7a:cc:77:8e:e6:
ec:da:ee:68:e7:84:fb:b4:78:e1:62:13:33:3b:af:
af:04:ca:56:b9:f8:e3:25:79:7f:f2:55:2d:25:a4:
db:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:D6:F9:D2:25:15:F1:C7:F3:98:58:FA:3B:4E:53:41:88:80:8D:42
X509v3 Authority Key Identifier:
keyid:3E:F4:61:16:A1:1F:11:F5:1F:C9:A1:D2:25:A0:BF:CE:FD:BE:D7:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvRhFqEfEfUfyaHSJaC_zv2-14Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/ktb50iUV8cfzmFj6O05TQYiAjUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/PvRhFqEfEfUfyaHSJaC_zv2-14Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.148.0/24
Signature Algorithm: sha256WithRSAEncryption
19:49:c0:06:f2:c9:fa:29:67:15:7b:11:c1:12:4e:86:f4:a4:
c5:a5:9a:21:94:c5:e6:2c:31:68:c1:78:1c:11:d9:7a:9c:42:
95:ad:fc:f3:2c:d2:6c:7a:fe:c3:6d:97:6a:86:df:e6:08:7a:
19:4b:11:f6:7c:3f:31:cc:0f:58:3d:0e:3a:61:e7:4a:ab:43:
5a:62:b2:20:f2:1d:57:ac:ed:d2:42:5a:5f:e2:ca:1d:41:ca:
83:8d:11:80:cb:6b:8f:89:19:1a:0f:0a:59:fa:a5:6e:6f:69:
a6:39:27:2a:4a:cc:6c:31:27:bd:ac:dc:b6:f5:e5:39:67:5f:
79:68:fc:09:16:9a:84:a8:06:a5:a6:ee:97:5b:87:96:51:8f:
28:e0:a4:6f:78:60:a7:ba:26:92:15:1f:03:3c:d6:ab:59:1d:
59:8b:b1:c3:4a:a2:e4:ba:30:a8:b5:61:ab:71:b3:5d:02:2c:
37:12:bd:74:dd:98:b9:1d:bd:e4:12:be:ad:25:9f:d0:99:cc:
53:0b:73:8e:4e:f5:cd:53:05:76:6c:bb:b2:77:da:7b:f9:3f:
9d:b3:cb:b8:1c:70:59:03:e4:13:23:16:24:ec:50:66:59:33:
db:02:7d:3f:bc:52:c1:e9:11:ce:da:7b:d0:12:0e:63:2d:7e:
19:9c:e7:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI32y9wZf96zyHFEU99rGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZjQ2MTE2YTExZjExZjUxZmM5YTFkMjI1YTBiZmNlZmRi
ZWQ3ODYwHhcNMjQwMTAyMDYzMjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmQ2ZjlkMjI1MTVmMWM3ZjM5ODU4ZmEzYjRlNTM0MTg4ODA4ZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpSAsFvH2xWhs40MUfb5kb7io03a
FXOfFF78N+obCnhHOvbdRZeoFaILx3DsaZkX4LqI5nd1tuI+BoNvkv9Qozxf9MSe
WOpw+Wk8SLLEMZNK+HeZ8mxPFRFrCNDmVm4XPAECdjoSnNeCy+YeNKGObJ9KXZef
0TtYUpuvPJgqTanhQXQOUH9zRBHFWCEY6qpQLJ7qNjXLB0sB+kJ9bRi030+dq4lz
YxqlPSsxYub9BX7B6RriqRjze9wFmtlMSCHhMWdhJCRkzzH6RsiSqrpUIQa1YDGH
wrKn/65Qesx3jubs2u5o54T7tHjhYhMzO6+vBMpWufjjJXl/8lUtJaTb/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLW+dIlFfHH85hY+jtOU0GIgI1CMB8GA1UdIwQY
MBaAFD70YRahHxH1H8mh0iWgv879vteGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHZSaEZxRWZFZlVmeWFIU0phQ196djItMTRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMTBhMWMtMGFkZS00YmNiLWJiZmMt
NjdiYTdhMjE1NjMwLzEva3RiNTBpVVY4Y2Z6bUZqNk8wNVRRWWlBalVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMTBhMWMtMGFkZS00YmNiLWJiZmMtNjdiYTdhMjE1NjMw
LzEvUHZSaEZxRWZFZlVmeWFIU0phQ196djItMTRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYSUMA0G
CSqGSIb3DQEBCwUAA4IBAQAZScAG8sn6KWcVexHBEk6G9KTFpZohlMXmLDFowXgc
Edl6nEKVrfzzLNJsev7DbZdqht/mCHoZSxH2fD8xzA9YPQ46YedKq0NaYrIg8h1X
rO3SQlpf4sodQcqDjRGAy2uPiRkaDwpZ+qVub2mmOScqSsxsMSe9rNy29eU5Z195
aPwJFpqEqAalpu6XW4eWUY8o4KRveGCnuiaSFR8DPNarWR1Zi7HDSqLkujCotWGr
cbNdAiw3Er103Zi5Hb3kEr6tJZ/QmcxTC3OOTvXNUwV2bLuyd9p7+T+ds8u4HHBZ
A+QTIxYk7FBmWTPbAn0/vFLB6RHO2nvQEg5jLX4ZnOfm
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:45:30 2024 by rpki-client on console-ams.rpki-client.org