Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/KrwYPYjkTBLxy_cFHXBQtyoKXik.roa
File: KrwYPYjkTBLxy_cFHXBQtyoKXik.roa (raw, json)
Hash identifier: aPQYqENdlMsS0aU+8yi2EjEZAegi5Lk8Fsh4BKzRL7w=
Subject key identifier: 2A:BC:18:3D:88:E4:4C:12:F1:CB:F7:05:1D:70:50:B7:2A:0A:5E:29
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 018CC79584D3CCC745373D4BAEF1DF6FE190
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/KrwYPYjkTBLxy_cFHXBQtyoKXik.roa
Signing time: Tue 02 Jan 2024 00:31:53 +0000
ROA not before: Tue 02 Jan 2024 00:31:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 192.144.52.0/22 maxlen: 24
185.161.252.0/22 maxlen: 24
193.9.40.0/22 maxlen: 24
45.83.112.0/22 maxlen: 24
185.181.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:84:d3:cc:c7:45:37:3d:4b:ae:f1:df:6f:e1:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Jan 2 00:31:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2abc183d88e44c12f1cbf7051d7050b72a0a5e29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5f:63:4c:40:35:51:e2:22:fb:85:01:ee:f4:
f3:10:38:77:27:8b:92:83:13:37:9c:7f:cf:39:c9:
cd:51:66:0b:42:94:07:6d:72:dd:ee:32:df:99:1d:
3d:bd:57:7d:3a:69:2f:9f:2c:81:3d:cb:c0:69:cd:
aa:59:5c:4c:7f:46:da:b7:f0:9a:76:8c:5e:8a:2e:
c2:20:95:2e:fb:9a:66:24:f5:13:56:37:6a:97:26:
ee:c6:82:3d:ff:ba:9b:b2:1c:7b:c3:65:e2:a6:f7:
0f:b1:84:b5:92:d0:b3:da:ff:80:c2:1c:5e:c2:dd:
d8:b6:c4:ce:d7:da:91:60:ad:80:0b:7e:cf:b5:34:
6f:08:d6:f0:f4:4e:3a:41:65:b2:8f:a7:09:38:99:
16:0b:30:b5:45:0a:58:65:87:d2:5e:8c:f4:62:b0:
27:86:8f:37:a2:27:20:23:83:64:24:d4:41:62:4b:
ae:45:e6:02:43:38:16:55:88:81:65:6e:31:30:27:
8f:60:f7:ea:e3:3c:0b:ce:36:3e:ef:73:b2:64:c1:
c5:59:0a:1b:2c:ee:d3:28:82:b2:74:9f:2b:fd:61:
2f:7c:c8:03:b5:9b:10:28:3a:a2:3d:62:54:a4:ad:
c2:de:cb:24:06:b6:82:20:4d:da:e2:8b:97:40:b5:
35:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BC:18:3D:88:E4:4C:12:F1:CB:F7:05:1D:70:50:B7:2A:0A:5E:29
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/KrwYPYjkTBLxy_cFHXBQtyoKXik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.112.0/22
185.161.252.0/22
185.181.56.0/22
192.144.52.0/22
193.9.40.0/22
Signature Algorithm: sha256WithRSAEncryption
02:24:b6:90:6d:fd:2f:23:01:90:04:4b:e6:f4:f5:04:3a:ee:
92:85:a3:06:18:7e:8f:40:59:09:f1:43:91:44:59:f7:7c:d8:
ce:0b:47:11:57:9f:c8:b9:1b:42:41:92:2f:c8:1a:2e:15:79:
2f:e1:4e:7e:fc:60:47:ee:4c:46:a2:e6:81:50:3a:2c:54:13:
72:6a:61:ef:5f:7d:46:7c:5d:d5:57:7a:a1:71:90:68:ff:c8:
d8:53:0e:af:93:c4:c9:82:4c:df:5a:be:d3:df:48:90:75:c8:
da:5a:ec:19:5d:52:27:b6:0e:31:06:7d:b1:5e:05:b1:6a:b6:
ba:50:bb:55:ec:72:a2:d3:a6:9b:2c:65:4d:8a:8b:6b:3b:70:
0a:77:95:03:31:ea:f7:6e:5b:40:c0:53:fc:4b:9b:f3:c2:38:
a4:2f:6e:7b:ff:55:d5:04:c8:1c:07:de:c0:4e:01:20:b7:20:
cf:de:08:f2:00:44:85:d4:6d:0a:fe:20:6f:c4:12:20:0d:6c:
f7:2b:f9:ef:6e:ad:3a:eb:4a:5a:8e:12:d6:25:82:27:44:1a:
4c:21:42:07:ed:dc:2c:d3:91:37:86:79:6e:a5:53:8c:8b:2e:
6a:3e:b9:7c:e1:fa:e7:ac:33:2d:6b:0f:1c:29:98:61:5d:f3:
4b:2e:8c:83
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHlYTTzMdFNz1LrvHfb+GQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjQwMTAyMDAzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJjMTgzZDg4ZTQ0YzEyZjFjYmY3MDUxZDcwNTBiNzJhMGE1ZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF9jTEA1UeIi+4UB7vTzEDh3J4uS
gxM3nH/POcnNUWYLQpQHbXLd7jLfmR09vVd9OmkvnyyBPcvAac2qWVxMf0bat/Ca
doxeii7CIJUu+5pmJPUTVjdqlybuxoI9/7qbshx7w2XipvcPsYS1ktCz2v+Awhxe
wt3YtsTO19qRYK2AC37PtTRvCNbw9E46QWWyj6cJOJkWCzC1RQpYZYfSXoz0YrAn
ho83oicgI4NkJNRBYkuuReYCQzgWVYiBZW4xMCePYPfq4zwLzjY+73OyZMHFWQob
LO7TKIKydJ8r/WEvfMgDtZsQKDqiPWJUpK3C3sskBraCIE3a4ouXQLU12QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCq8GD2I5EwS8cv3BR1wULcqCl4pMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvS3J3WVBZamtUQkx4eV9jRkhYQlF0eW9LWGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLVNwAwQC
uaH8AwQCubU4AwQCwJA0AwQCwQkoMA0GCSqGSIb3DQEBCwUAA4IBAQACJLaQbf0v
IwGQBEvm9PUEOu6ShaMGGH6PQFkJ8UORRFn3fNjOC0cRV5/IuRtCQZIvyBouFXkv
4U5+/GBH7kxGouaBUDosVBNyamHvX31GfF3VV3qhcZBo/8jYUw6vk8TJgkzfWr7T
30iQdcjaWuwZXVIntg4xBn2xXgWxara6ULtV7HKi06abLGVNiotrO3AKd5UDMer3
bltAwFP8S5vzwjikL257/1XVBMgcB97ATgEgtyDP3gjyAESF1G0K/iBvxBIgDWz3
K/nvbq0660pajhLWJYInRBpMIUIH7dws05E3hnlupVOMiy5qPrl84frnrDMtaw8c
KZhhXfNLLoyD
-----END CERTIFICATE-----
Generated at Thu May 2 13:06:22 2024 by rpki-client on console-ams.rpki-client.org