Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/KaQbilE19oqJAZLaqPDdMMYurrI.roa
File: KaQbilE19oqJAZLaqPDdMMYurrI.roa (raw, json)
Hash identifier: /UFAbi5stq1T4O5uj7DjnI34M075liWEefkVH9aVZHA=
Subject key identifier: 29:A4:1B:8A:51:35:F6:8A:89:01:92:DA:A8:F0:DD:30:C6:2E:AE:B2
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 018CC5DC8852639ED0D364FC6F20F98A4DB0
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/KaQbilE19oqJAZLaqPDdMMYurrI.roa
Signing time: Mon 01 Jan 2024 16:30:13 +0000
ROA not before: Mon 01 Jan 2024 16:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33387
IP address blocks: 185.127.94.0/24 maxlen: 24
185.127.93.0/24 maxlen: 24
147.189.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:88:52:63:9e:d0:d3:64:fc:6f:20:f9:8a:4d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jan 1 16:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29a41b8a5135f68a890192daa8f0dd30c62eaeb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1e:8d:44:e1:e0:b2:11:d2:7c:ba:a8:e4:31:
5a:b9:c3:de:7f:48:5d:92:ca:68:1d:07:e8:e3:a9:
cc:d3:9f:34:84:a4:91:39:b2:be:b2:41:c2:88:2b:
14:01:8e:f3:47:1d:75:06:87:b6:3d:c6:68:9b:85:
e6:7e:14:5b:42:70:b1:0f:e2:c4:1f:99:5d:a8:15:
be:3b:8a:49:92:10:36:b1:4f:ac:8a:f0:0d:11:bd:
a6:84:c1:ad:0f:68:bf:69:0b:3d:5b:c3:6c:ed:74:
32:aa:ca:e6:c1:67:58:79:b2:37:6f:8b:5b:ff:51:
cb:6c:e2:47:1f:29:61:87:09:32:8a:48:5f:2c:4a:
d2:3a:70:36:5d:5c:ed:df:dd:e6:f3:17:3c:37:e1:
2a:90:4a:92:8c:c2:4a:d6:95:0e:47:78:c0:a1:33:
99:80:50:c6:5f:91:fb:74:de:a9:de:95:3b:44:7e:
39:1b:8b:e4:23:b2:e1:97:80:90:dd:5c:8f:13:1b:
30:18:3e:f4:7c:6e:d6:ba:57:f5:6b:04:3b:91:ca:
95:27:95:55:03:4f:08:46:eb:fc:2e:72:04:d2:8c:
e6:a7:78:ff:96:3f:c7:0c:d9:47:55:74:ee:83:7e:
42:84:ad:c2:5d:92:84:86:9b:28:c6:e5:c2:a7:0c:
e5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A4:1B:8A:51:35:F6:8A:89:01:92:DA:A8:F0:DD:30:C6:2E:AE:B2
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/KaQbilE19oqJAZLaqPDdMMYurrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.142.0/24
185.127.93.0-185.127.94.255
Signature Algorithm: sha256WithRSAEncryption
76:fa:d3:32:ea:95:8a:5a:be:67:85:5f:ae:00:5a:78:13:1e:
cb:fc:60:18:ea:60:54:c2:85:5a:25:2c:b5:50:04:3e:4b:e9:
52:12:57:a9:51:f8:91:cc:9a:01:95:13:d8:98:b3:53:94:a4:
ce:81:c6:fc:7c:89:0c:d7:2c:27:2e:94:f1:07:e9:62:34:b6:
4c:a4:22:e3:4f:fd:0a:13:6f:1d:ac:7d:15:60:97:f4:8d:c5:
dd:f4:96:b2:44:d9:e0:48:f1:b2:d6:f8:14:78:31:95:38:63:
c5:0f:b1:38:73:e0:1f:89:59:8c:74:df:ef:35:66:4a:b7:59:
36:2e:19:5f:c5:70:3d:45:cd:fe:7f:f3:21:10:09:d6:fe:78:
88:2d:e6:54:eb:0e:96:f6:28:9e:4d:ee:66:8a:77:41:7d:bb:
7a:35:5a:30:2b:f2:f4:21:e4:ac:04:09:45:96:43:18:c0:6a:
7d:cc:b3:3b:86:5f:42:63:30:c3:c5:87:4e:f5:a9:b3:41:70:
74:13:59:3a:43:45:85:80:27:37:c9:e7:a6:d8:1f:ee:d9:3f:
9a:65:8e:4f:6f:4f:38:a6:51:5c:02:a8:3f:1c:1f:f9:1f:13:
12:e4:4d:34:bc:7e:ab:8b:8a:17:6a:f1:06:5f:f0:36:0f:eb:
7e:58:07:ce
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzF3IhSY57Q02T8byD5ik2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjQwMTAxMTYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE0MWI4YTUxMzVmNjhhODkwMTkyZGFhOGYwZGQzMGM2MmVhZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmx6NROHgshHSfLqo5DFaucPef0hd
kspoHQfo46nM0580hKSRObK+skHCiCsUAY7zRx11Boe2PcZom4XmfhRbQnCxD+LE
H5ldqBW+O4pJkhA2sU+sivANEb2mhMGtD2i/aQs9W8Ns7XQyqsrmwWdYebI3b4tb
/1HLbOJHHylhhwkyikhfLErSOnA2XVzt393m8xc8N+EqkEqSjMJK1pUOR3jAoTOZ
gFDGX5H7dN6p3pU7RH45G4vkI7Lhl4CQ3VyPExswGD70fG7Wulf1awQ7kcqVJ5VV
A08IRuv8LnIE0ozmp3j/lj/HDNlHVXTug35ChK3CXZKEhpsoxuXCpwzl8QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCmkG4pRNfaKiQGS2qjw3TDGLq6yMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL0thUWJpbEUxOW9xSkFaTGFxUERkTU1ZdXJySS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQDBACTvY4w
DAMEALl/XQMEALl/XjANBgkqhkiG9w0BAQsFAAOCAQEAdvrTMuqVilq+Z4VfrgBa
eBMey/xgGOpgVMKFWiUstVAEPkvpUhJXqVH4kcyaAZUT2JizU5SkzoHG/HyJDNcs
Jy6U8QfpYjS2TKQi40/9ChNvHax9FWCX9I3F3fSWskTZ4Ejxstb4FHgxlThjxQ+x
OHPgH4lZjHTf7zVmSrdZNi4ZX8VwPUXN/n/zIRAJ1v54iC3mVOsOlvYonk3uZop3
QX27ejVaMCvy9CHkrAQJRZZDGMBqfcyzO4ZfQmMww8WHTvWps0FwdBNZOkNFhYAn
N8nnptgf7tk/mmWOT29POKZRXAKoPxwf+R8TEuRNNLx+q4uKF2rxBl/wNg/rflgH
zg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:18:46 2024 by rpki-client on console-fra.rpki-client.org