Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/KHkhbTCUnkLoepaB-LfHVjgNLXM.roa
File: KHkhbTCUnkLoepaB-LfHVjgNLXM.roa (raw, json)
Hash identifier: rw4BDubx5DausqCmok4Cvol4wah+bBMuqoLku+InsOk=
Subject key identifier: 28:79:21:6D:30:94:9E:42:E8:7A:96:81:F8:B7:C7:56:38:0D:2D:73
Certificate issuer: /CN=57130f799f8a8985502a2ea3356037674085cfca
Certificate serial: 018CC4923C2429B0E1CB1EFE08BD6FE6015C
Authority key identifier: 57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/KHkhbTCUnkLoepaB-LfHVjgNLXM.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 185.18.80.0/22 maxlen: 22
185.166.100.0/22 maxlen: 22
2a0c:d040::/32 maxlen: 32
2a03:f4c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3c:24:29:b0:e1:cb:1e:fe:08:bd:6f:e6:01:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57130f799f8a8985502a2ea3356037674085cfca
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2879216d30949e42e87a9681f8b7c756380d2d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:47:b8:11:f5:5e:da:02:55:05:c1:a5:4a:d9:
61:53:58:7e:f6:ef:f4:5f:79:93:6a:cf:ca:bf:da:
9c:cf:4f:91:17:61:06:32:8c:61:0d:8b:e6:58:0d:
59:42:9a:c4:92:80:ed:a9:d2:35:20:12:6c:89:dc:
a9:ca:87:73:e2:4e:92:de:87:bb:38:88:73:61:f3:
6f:fe:ef:4a:5a:ab:a3:8b:2d:31:8d:55:32:22:d4:
ec:9a:4a:42:d0:7f:a2:c0:a0:6b:bc:f5:fc:e1:d1:
04:78:80:60:90:d8:43:c6:89:2a:40:05:e6:a2:fd:
cc:f1:c4:6c:0e:32:f5:42:3f:36:9d:93:23:7e:da:
80:0c:9b:7b:86:a0:12:24:ae:55:f4:90:e6:a8:8d:
a3:17:e0:99:38:46:e1:22:87:01:11:39:12:44:e6:
27:70:86:37:03:c3:19:c6:28:3d:2f:d7:93:52:b8:
99:de:8c:29:b3:b4:d6:e9:cb:4d:00:95:2b:02:94:
16:22:ac:f2:c8:a3:06:f7:78:1d:b5:6c:36:d1:db:
58:eb:a2:8a:18:df:fe:b8:a2:b2:c0:ae:f4:e3:c3:
07:12:a4:78:5b:96:0c:b0:bf:c9:ea:17:86:a2:56:
46:7d:f4:5f:07:07:14:dd:26:31:0d:b4:63:1c:a8:
7a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:79:21:6D:30:94:9E:42:E8:7A:96:81:F8:B7:C7:56:38:0D:2D:73
X509v3 Authority Key Identifier:
keyid:57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/KHkhbTCUnkLoepaB-LfHVjgNLXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.80.0/22
185.166.100.0/22
IPv6:
2a03:f4c0::/32
2a0c:d040::/32
Signature Algorithm: sha256WithRSAEncryption
96:92:73:99:35:4d:a3:1b:8c:63:9c:9c:ed:6a:43:0e:08:18:
e9:59:75:f3:c6:b0:a4:fc:80:93:23:dc:78:70:7c:0a:8d:12:
35:a3:8e:e3:68:23:1c:5c:53:86:94:3b:27:3c:14:3c:98:dc:
81:6a:44:f0:e4:31:4b:f5:ac:e2:51:d2:b0:f7:5b:cd:b5:8a:
bb:a4:4d:f0:ef:91:59:8e:75:b0:d0:49:67:51:fe:7a:65:bb:
70:ed:e3:db:05:28:74:83:59:f7:fc:f5:c5:c3:c1:77:c0:7d:
f0:51:20:98:02:44:27:9c:dc:28:ad:c1:5e:62:82:12:b7:8e:
66:9a:ed:61:0c:97:fc:95:6d:8c:8a:95:87:fa:b7:22:6a:df:
88:50:35:21:e8:51:39:f5:a3:78:f3:a2:9a:51:a0:0b:4e:73:
43:b9:e5:40:21:f5:c3:b1:82:5b:55:61:d1:e0:0d:7b:dd:d9:
08:01:00:88:90:12:45:e5:93:01:bb:c5:76:67:e9:06:92:65:
7a:76:6c:b9:3d:5b:2c:4b:78:76:19:8a:ab:37:57:4b:e6:09:
cb:f8:4a:6f:b3:1b:b7:a7:25:0c:2f:87:77:64:77:5d:83:a9:
66:ab:67:63:19:38:72:ff:75:9d:a1:7a:c8:04:87:39:9c:87:
a3:a8:bf:80
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzEkjwkKbDhyx7+CL1v5gFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTMwZjc5OWY4YTg5ODU1MDJhMmVhMzM1NjAzNzY3NDA4
NWNmY2EwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODc5MjE2ZDMwOTQ5ZTQyZTg3YTk2ODFmOGI3Yzc1NjM4MGQyZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEe4EfVe2gJVBcGlStlhU1h+9u/0
X3mTas/Kv9qcz0+RF2EGMoxhDYvmWA1ZQprEkoDtqdI1IBJsidypyodz4k6S3oe7
OIhzYfNv/u9KWqujiy0xjVUyItTsmkpC0H+iwKBrvPX84dEEeIBgkNhDxokqQAXm
ov3M8cRsDjL1Qj82nZMjftqADJt7hqASJK5V9JDmqI2jF+CZOEbhIocBETkSROYn
cIY3A8MZxig9L9eTUriZ3owps7TW6ctNAJUrApQWIqzyyKMG93gdtWw20dtY66KK
GN/+uKKywK7048MHEqR4W5YMsL/J6heGolZGffRfBwcU3SYxDbRjHKh6mwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCh5IW0wlJ5C6HqWgfi3x1Y4DS1zMB8GA1UdIwQY
MBaAFFcTD3mfiomFUCouozVgN2dAhc/KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMt
ZDNiOTBhOWI5YjQxLzEvS0hraGJUQ1Vua0xvZXBhQi1MZkhWamdOTFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMtZDNiOTBhOWI5YjQx
LzEvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuRJQAwQC
uaZkMBQEAgACMA4DBQAqA/TAAwUAKgzQQDANBgkqhkiG9w0BAQsFAAOCAQEAlpJz
mTVNoxuMY5yc7WpDDggY6Vl188awpPyAkyPceHB8Co0SNaOO42gjHFxThpQ7JzwU
PJjcgWpE8OQxS/Ws4lHSsPdbzbWKu6RN8O+RWY51sNBJZ1H+emW7cO3j2wUodINZ
9/z1xcPBd8B98FEgmAJEJ5zcKK3BXmKCEreOZprtYQyX/JVtjIqVh/q3ImrfiFA1
IehROfWjePOimlGgC05zQ7nlQCH1w7GCW1Vh0eANe93ZCAEAiJASReWTAbvFdmfp
BpJlenZsuT1bLEt4dhmKqzdXS+YJy/hKb7Mbt6clDC+Hd2R3XYOpZqtnYxk4cv91
naF6yASHOZyHo6i/gA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:36:39 2024 by rpki-client on console-ams.rpki-client.org