Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/KJZRzDNaLiKvHDCB8MD5nOMsOwQ.roa
File: KJZRzDNaLiKvHDCB8MD5nOMsOwQ.roa (raw, json)
Hash identifier: M9y6v4QHaBwTFAHkA4LdCiNEMu4XSGm+hiR97uiiVj0=
Subject key identifier: 28:96:51:CC:33:5A:2E:22:AF:1C:30:81:F0:C0:F9:9C:E3:2C:3B:04
Certificate issuer: /CN=20d2633bffb16da2d75edaf49bc821187cfb88ef
Certificate serial: 018CC56E3E805E041C84253B52DD04126755
Authority key identifier: 20:D2:63:3B:FF:B1:6D:A2:D7:5E:DA:F4:9B:C8:21:18:7C:FB:88:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/INJjO_-xbaLXXtr0m8ghGHz7iO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/KJZRzDNaLiKvHDCB8MD5nOMsOwQ.roa
Signing time: Mon 01 Jan 2024 14:29:45 +0000
ROA not before: Mon 01 Jan 2024 14:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47895
IP address blocks: 185.244.20.0/22 maxlen: 22
185.189.100.0/22 maxlen: 22
185.34.21.0/24 maxlen: 24
185.34.20.0/22 maxlen: 22
91.205.131.0/24 maxlen: 24
91.205.128.0/22 maxlen: 22
78.142.232.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/INJjO_-xbaLXXtr0m8ghGHz7iO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/INJjO_-xbaLXXtr0m8ghGHz7iO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/INJjO_-xbaLXXtr0m8ghGHz7iO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:3e:80:5e:04:1c:84:25:3b:52:dd:04:12:67:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20d2633bffb16da2d75edaf49bc821187cfb88ef
Validity
Not Before: Jan 1 14:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=289651cc335a2e22af1c3081f0c0f99ce32c3b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a7:bc:5c:6b:45:97:fe:99:20:95:22:d2:f1:
28:fe:96:d4:1c:6b:30:cc:8d:35:6c:ad:7a:53:5e:
00:fb:dd:dd:ed:70:4a:53:19:fe:8c:a0:1b:69:9c:
fb:3e:8d:b8:98:0d:4a:3c:a0:18:55:1f:93:f2:63:
1a:e8:7c:5a:3e:39:48:05:81:a5:71:04:f6:54:04:
6e:93:80:21:ad:7e:7b:76:c1:41:ad:c7:cc:a5:23:
77:7c:94:c3:68:da:ae:51:fc:1b:88:34:0f:95:58:
f9:ce:49:36:b0:f9:14:8b:d2:12:0c:c4:01:c1:b4:
87:70:d0:aa:96:4f:bc:6a:b4:d3:5f:02:c8:39:6c:
ee:cb:65:18:6f:c2:f7:bf:62:bb:cf:2c:f1:84:bf:
16:8b:13:ea:bc:af:82:81:61:0b:03:f1:3e:fe:eb:
a4:f5:e8:bb:db:e4:3d:aa:4c:ed:18:60:8d:90:f7:
b9:da:dd:e1:6d:11:60:5a:b9:86:8f:f1:31:94:fe:
71:fd:d4:c2:7f:16:b0:cf:c0:9b:b4:e8:00:fb:36:
c8:f3:8e:3a:ea:6c:78:65:44:07:7b:e1:ba:59:3b:
cc:be:31:40:c7:4e:24:e9:e5:7c:80:df:3b:62:d4:
a3:06:96:ac:45:db:b4:d5:14:67:3a:08:c8:8c:c2:
2f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:96:51:CC:33:5A:2E:22:AF:1C:30:81:F0:C0:F9:9C:E3:2C:3B:04
X509v3 Authority Key Identifier:
keyid:20:D2:63:3B:FF:B1:6D:A2:D7:5E:DA:F4:9B:C8:21:18:7C:FB:88:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/INJjO_-xbaLXXtr0m8ghGHz7iO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/KJZRzDNaLiKvHDCB8MD5nOMsOwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/INJjO_-xbaLXXtr0m8ghGHz7iO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.232.0/22
91.205.128.0/22
185.34.20.0/22
185.189.100.0/22
185.244.20.0/22
Signature Algorithm: sha256WithRSAEncryption
78:ec:f9:b1:7e:77:96:5c:4a:68:1f:20:8d:f3:dd:68:aa:02:
08:29:b1:4d:0a:2c:00:f0:70:80:e0:e0:14:2e:bc:09:28:c9:
cb:a1:3b:9f:78:5a:e2:d8:74:25:1a:04:2b:f2:fe:04:d4:98:
e5:74:08:82:0b:7b:d3:4f:f4:37:1d:2f:da:4e:b7:d8:c9:41:
d3:9f:83:70:f3:1a:c8:23:2b:8f:73:1c:fa:64:90:bd:69:7d:
21:99:63:58:5a:bf:45:ec:c6:b8:78:f6:62:fb:c6:7b:1f:3c:
1f:5f:36:52:ed:59:b6:1c:ad:2b:6d:17:99:ab:4d:b5:5b:c4:
14:a9:3c:ca:29:e2:b9:4e:0a:03:b9:9f:9d:3a:e3:c7:df:a4:
c5:50:97:8d:c5:d4:71:a8:0d:fb:83:0c:8f:2a:b9:8d:98:b1:
21:9a:8a:86:70:78:95:dc:c2:a9:65:7c:08:e4:ce:5c:ce:fd:
14:51:a3:ad:52:eb:14:52:1e:e1:a7:fa:fe:e1:fc:ce:44:1a:
69:67:19:8d:80:c5:1a:38:51:4d:a5:2f:29:ea:f3:57:db:9a:
8e:45:5a:08:ce:a8:e7:4f:0e:a6:66:31:d3:1f:75:18:47:34:
a7:74:ff:02:47:86:bc:a0:51:ea:ca:2e:eb:42:13:cf:1b:3b:
9e:03:a6:31
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFbj6AXgQchCU7Ut0EEmdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZDI2MzNiZmZiMTZkYTJkNzVlZGFmNDliYzgyMTE4N2Nm
Yjg4ZWYwHhcNMjQwMTAxMTQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODk2NTFjYzMzNWEyZTIyYWYxYzMwODFmMGMwZjk5Y2UzMmMzYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqe8XGtFl/6ZIJUi0vEo/pbUHGsw
zI01bK16U14A+93d7XBKUxn+jKAbaZz7Po24mA1KPKAYVR+T8mMa6HxaPjlIBYGl
cQT2VARuk4AhrX57dsFBrcfMpSN3fJTDaNquUfwbiDQPlVj5zkk2sPkUi9ISDMQB
wbSHcNCqlk+8arTTXwLIOWzuy2UYb8L3v2K7zyzxhL8WixPqvK+CgWELA/E+/uuk
9ei72+Q9qkztGGCNkPe52t3hbRFgWrmGj/ExlP5x/dTCfxawz8CbtOgA+zbI8446
6mx4ZUQHe+G6WTvMvjFAx04k6eV8gN87YtSjBpasRdu01RRnOgjIjMIvxwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCiWUcwzWi4irxwwgfDA+ZzjLDsEMB8GA1UdIwQY
MBaAFCDSYzv/sW2i117a9JvIIRh8+4jvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU5Kak9fLXhiYUxYWHRyMG04Z2hHSHo3aU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi83ZjA0NjQtMjI2ZC00ZjQ5LWEyNzAt
MWNkNmM4NzFjMWU4LzEvS0paUnpETmFMaUt2SERDQjhNRDVuT01zT3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi83ZjA0NjQtMjI2ZC00ZjQ5LWEyNzAtMWNkNmM4NzFjMWU4
LzEvSU5Kak9fLXhiYUxYWHRyMG04Z2hHSHo3aU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCTo7oAwQC
W82AAwQCuSIUAwQCub1kAwQCufQUMA0GCSqGSIb3DQEBCwUAA4IBAQB47PmxfneW
XEpoHyCN891oqgIIKbFNCiwA8HCA4OAULrwJKMnLoTufeFri2HQlGgQr8v4E1Jjl
dAiCC3vTT/Q3HS/aTrfYyUHTn4Nw8xrIIyuPcxz6ZJC9aX0hmWNYWr9F7Ma4ePZi
+8Z7HzwfXzZS7Vm2HK0rbReZq021W8QUqTzKKeK5TgoDuZ+dOuPH36TFUJeNxdRx
qA37gwyPKrmNmLEhmoqGcHiV3MKpZXwI5M5czv0UUaOtUusUUh7hp/r+4fzORBpp
ZxmNgMUaOFFNpS8p6vNX25qORVoIzqjnTw6mZjHTH3UYRzSndP8CR4a8oFHqyi7r
QhPPGzueA6Yx
-----END CERTIFICATE-----
Generated at Tue May 28 13:06:49 2024 by rpki-client on console-ams.rpki-client.org