Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/118413-b7aa-459c-99fa-4de1b520a594/1/K5tmgLwSKSIHb_6T-Y8s0VvFN64.roa
File: K5tmgLwSKSIHb_6T-Y8s0VvFN64.roa (raw, json)
Hash identifier: GP9XfF5SQIqFSAU7ehXm1gyttzV4nxsdj4OGMd1ZjXw=
Subject key identifier: 2B:9B:66:80:BC:12:29:22:07:6F:FE:93:F9:8F:2C:D1:5B:C5:37:AE
Certificate issuer: /CN=279669579b3ce61ee8ee7d6af7e314b0f726361f
Certificate serial: 018CC500179FD5D8410EBC126E29F55C48BA
Authority key identifier: 27:96:69:57:9B:3C:E6:1E:E8:EE:7D:6A:F7:E3:14:B0:F7:26:36:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5ZpV5s85h7o7n1q9-MUsPcmNh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/118413-b7aa-459c-99fa-4de1b520a594/1/K5tmgLwSKSIHb_6T-Y8s0VvFN64.roa
Signing time: Mon 01 Jan 2024 12:29:26 +0000
ROA not before: Mon 01 Jan 2024 12:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203512
IP address blocks: 185.129.120.0/24 maxlen: 24
185.129.123.0/24 maxlen: 24
185.129.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/118413-b7aa-459c-99fa-4de1b520a594/1/J5ZpV5s85h7o7n1q9-MUsPcmNh8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/118413-b7aa-459c-99fa-4de1b520a594/1/J5ZpV5s85h7o7n1q9-MUsPcmNh8.mft
rsync://rpki.ripe.net/repository/DEFAULT/J5ZpV5s85h7o7n1q9-MUsPcmNh8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:17:9f:d5:d8:41:0e:bc:12:6e:29:f5:5c:48:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279669579b3ce61ee8ee7d6af7e314b0f726361f
Validity
Not Before: Jan 1 12:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b9b6680bc122922076ffe93f98f2cd15bc537ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5f:48:88:40:67:8c:da:c7:78:55:ba:a9:b1:
92:f0:47:aa:c1:c6:35:32:52:de:fb:e7:0b:4e:c3:
fe:ad:f0:9f:19:17:cc:f6:b4:bc:da:31:f0:0d:40:
be:b4:81:e7:fd:21:60:ad:66:ec:a7:a3:81:af:ce:
bf:2f:d8:85:60:73:26:08:b6:9d:19:85:c5:60:6d:
d3:9c:0a:ec:96:58:64:ca:be:70:1f:ad:ba:3b:e7:
bc:0d:28:1d:a6:b9:6f:bb:15:72:43:32:6f:31:c0:
e1:56:34:14:b0:9d:59:65:63:7d:d6:73:d9:7a:23:
6d:fe:55:44:b0:10:11:b2:48:a6:e6:0f:46:32:ab:
52:21:3b:43:29:9b:05:fb:a0:99:7a:d4:8f:d3:47:
f0:42:ca:21:45:f8:99:ed:a0:3a:3b:4c:92:40:fd:
e6:38:db:23:af:b8:72:02:59:34:40:d9:4a:b2:a1:
e7:ef:e4:b7:8d:1d:c1:b5:3f:95:63:d5:db:b6:75:
0e:cf:e4:99:c6:b0:61:8d:1a:df:05:88:1a:99:da:
19:05:cd:20:00:34:48:3d:99:a6:b5:0f:00:0c:64:
41:90:1a:57:16:bf:f1:81:55:2f:3e:23:d5:72:1f:
e0:51:2d:71:e4:30:6c:81:47:1c:53:d5:d5:37:ee:
5a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9B:66:80:BC:12:29:22:07:6F:FE:93:F9:8F:2C:D1:5B:C5:37:AE
X509v3 Authority Key Identifier:
keyid:27:96:69:57:9B:3C:E6:1E:E8:EE:7D:6A:F7:E3:14:B0:F7:26:36:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5ZpV5s85h7o7n1q9-MUsPcmNh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/118413-b7aa-459c-99fa-4de1b520a594/1/K5tmgLwSKSIHb_6T-Y8s0VvFN64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/118413-b7aa-459c-99fa-4de1b520a594/1/J5ZpV5s85h7o7n1q9-MUsPcmNh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.120.0/24
185.129.122.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:a8:3d:f9:f1:de:26:90:f6:fa:75:ff:93:dd:af:2a:98:b3:
74:e1:e6:e7:f1:61:10:a0:fb:da:fe:85:88:89:5a:2b:58:9e:
7a:9b:89:1d:83:8c:5e:51:57:c1:00:20:45:bc:35:17:60:5d:
26:5f:37:9e:fb:88:8f:f3:9f:fe:9d:5d:48:2b:44:3b:c9:52:
fe:26:7f:59:04:a4:55:c2:15:35:8a:ff:e9:17:28:35:49:28:
4e:73:2e:96:85:37:8b:fc:6f:5a:9c:63:7a:39:cc:6c:fb:5f:
ef:60:0b:bb:be:5d:f2:04:c6:da:ab:ca:91:3b:a8:c8:f5:21:
e3:51:8b:7b:50:72:41:df:09:0b:77:4e:a5:d9:c8:68:49:35:
90:41:28:cc:b8:60:1a:69:56:20:39:e4:e2:a3:4c:9d:19:05:
98:ab:42:59:86:61:14:15:2c:63:58:b9:f5:6c:c3:1e:81:e8:
c2:81:ce:d4:f6:59:41:e5:e2:85:99:03:af:5e:7a:29:30:8d:
3d:ad:51:7b:99:e5:85:99:3d:05:9d:0e:5e:de:23:c7:21:86:
e3:36:dd:05:89:88:07:07:57:4f:f2:f7:0f:a8:19:ca:10:18:
f8:e3:ec:bf:66:5e:44:9a:f2:8c:da:24:00:34:83:38:a7:8c:
55:7d:33:64
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFABef1dhBDrwSbin1XEi6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTY2OTU3OWIzY2U2MWVlOGVlN2Q2YWY3ZTMxNGIwZjcy
NjM2MWYwHhcNMjQwMTAxMTIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjliNjY4MGJjMTIyOTIyMDc2ZmZlOTNmOThmMmNkMTViYzUzN2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn19IiEBnjNrHeFW6qbGS8EeqwcY1
MlLe++cLTsP+rfCfGRfM9rS82jHwDUC+tIHn/SFgrWbsp6OBr86/L9iFYHMmCLad
GYXFYG3TnArsllhkyr5wH626O+e8DSgdprlvuxVyQzJvMcDhVjQUsJ1ZZWN91nPZ
eiNt/lVEsBARskim5g9GMqtSITtDKZsF+6CZetSP00fwQsohRfiZ7aA6O0ySQP3m
ONsjr7hyAlk0QNlKsqHn7+S3jR3BtT+VY9XbtnUOz+SZxrBhjRrfBYgamdoZBc0g
ADRIPZmmtQ8ADGRBkBpXFr/xgVUvPiPVch/gUS1x5DBsgUccU9XVN+5aXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCubZoC8EikiB2/+k/mPLNFbxTeuMB8GA1UdIwQY
MBaAFCeWaVebPOYe6O59avfjFLD3JjYfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVacFY1czg1aDdvN24xcTktTVVzUGNtTmg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8xMTg0MTMtYjdhYS00NTljLTk5ZmEt
NGRlMWI1MjBhNTk0LzEvSzV0bWdMd1NLU0lIYl82VC1ZOHMwVnZGTjY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8xMTg0MTMtYjdhYS00NTljLTk5ZmEtNGRlMWI1MjBhNTk0
LzEvSjVacFY1czg1aDdvN24xcTktTVVzUGNtTmg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuYF4AwQB
uYF6MA0GCSqGSIb3DQEBCwUAA4IBAQA6qD358d4mkPb6df+T3a8qmLN04ebn8WEQ
oPva/oWIiVorWJ56m4kdg4xeUVfBACBFvDUXYF0mXzee+4iP85/+nV1IK0Q7yVL+
Jn9ZBKRVwhU1iv/pFyg1SShOcy6WhTeL/G9anGN6Ocxs+1/vYAu7vl3yBMbaq8qR
O6jI9SHjUYt7UHJB3wkLd06l2choSTWQQSjMuGAaaVYgOeTio0ydGQWYq0JZhmEU
FSxjWLn1bMMegejCgc7U9llB5eKFmQOvXnopMI09rVF7meWFmT0FnQ5e3iPHIYbj
Nt0FiYgHB1dP8vcPqBnKEBj44+y/Zl5EmvKM2iQANIM4p4xVfTNk
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:45:39 2024 by rpki-client on console-ams.rpki-client.org