Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7c363a-9ba7-4d45-83b7-60d3fe19c3bc/1/kmZEuaMu8qSRPRVNeaqE9h0Ygb8.roa
File: kmZEuaMu8qSRPRVNeaqE9h0Ygb8.roa (raw, json)
Hash identifier: RC9nXpAESkiOpUAaFvO40Ngjc7dEYqbnWsuvTu9RjKU=
Subject key identifier: 92:66:44:B9:A3:2E:F2:A4:91:3D:15:4D:79:AA:84:F6:1D:18:81:BF
Certificate issuer: /CN=16092063a2a7dc609e2b6f9cc0daf04f1e98b9ed
Certificate serial: 018CC3B69A30AEF8B43E2EB6907CB6805032
Authority key identifier: 16:09:20:63:A2:A7:DC:60:9E:2B:6F:9C:C0:DA:F0:4F:1E:98:B9:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgkgY6Kn3GCeK2-cwNrwTx6Yue0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/7c363a-9ba7-4d45-83b7-60d3fe19c3bc/1/kmZEuaMu8qSRPRVNeaqE9h0Ygb8.roa
Signing time: Mon 01 Jan 2024 06:29:33 +0000
ROA not before: Mon 01 Jan 2024 06:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42061
IP address blocks: 185.248.180.0/22 maxlen: 22
193.186.5.0/24 maxlen: 24
193.186.6.0/24 maxlen: 24
2a0d:ee80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/7c363a-9ba7-4d45-83b7-60d3fe19c3bc/1/FgkgY6Kn3GCeK2-cwNrwTx6Yue0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/7c363a-9ba7-4d45-83b7-60d3fe19c3bc/1/FgkgY6Kn3GCeK2-cwNrwTx6Yue0.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgkgY6Kn3GCeK2-cwNrwTx6Yue0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:9a:30:ae:f8:b4:3e:2e:b6:90:7c:b6:80:50:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16092063a2a7dc609e2b6f9cc0daf04f1e98b9ed
Validity
Not Before: Jan 1 06:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=926644b9a32ef2a4913d154d79aa84f61d1881bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fe:40:ac:0d:11:bd:45:ef:68:2e:53:be:80:
6a:1e:5b:23:6d:a5:b5:a2:de:75:f0:7a:7f:ed:8d:
e1:8c:a8:d3:b0:3f:49:72:37:11:71:a9:45:07:6e:
dc:8e:5a:0a:54:60:36:d0:a1:7f:e7:77:c0:bd:ce:
a5:80:f4:a4:94:d2:f5:11:09:5e:b2:5b:f7:18:ec:
eb:af:6a:bf:62:d9:59:35:0f:cd:38:30:c3:27:83:
f3:59:00:9d:b4:ff:f3:e7:64:89:49:75:72:09:68:
3a:07:2d:32:1c:f0:26:90:87:0f:01:da:b7:e5:3f:
26:7f:6c:53:6a:da:f9:0f:bb:f2:6e:a2:6d:6c:93:
dc:0a:19:7e:5b:00:88:54:fc:34:7b:8e:f2:37:09:
14:b6:33:47:96:58:a9:f8:77:1b:fa:3a:9c:fb:ad:
eb:09:42:91:db:90:07:50:4d:56:b7:63:7b:7b:85:
1c:13:88:8d:c4:b0:49:44:1c:f1:43:9d:56:d8:19:
eb:fe:3b:15:14:7c:9b:66:e6:92:e7:e1:fe:9f:bf:
18:c9:15:e9:cd:3e:21:2b:50:58:dc:22:51:67:3f:
7a:ca:71:15:b4:05:e8:34:fe:6d:d8:68:02:84:81:
c2:8f:e6:b5:f9:6a:6e:68:b4:ab:e0:b0:4c:3d:13:
7e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:66:44:B9:A3:2E:F2:A4:91:3D:15:4D:79:AA:84:F6:1D:18:81:BF
X509v3 Authority Key Identifier:
keyid:16:09:20:63:A2:A7:DC:60:9E:2B:6F:9C:C0:DA:F0:4F:1E:98:B9:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgkgY6Kn3GCeK2-cwNrwTx6Yue0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7c363a-9ba7-4d45-83b7-60d3fe19c3bc/1/kmZEuaMu8qSRPRVNeaqE9h0Ygb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7c363a-9ba7-4d45-83b7-60d3fe19c3bc/1/FgkgY6Kn3GCeK2-cwNrwTx6Yue0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.180.0/22
193.186.5.0-193.186.6.255
IPv6:
2a0d:ee80::/32
Signature Algorithm: sha256WithRSAEncryption
86:1a:05:84:44:15:c5:00:ea:18:5c:28:11:c4:e5:9e:10:d2:
09:38:10:99:db:98:85:52:c0:1a:14:19:ab:41:b5:77:ed:9f:
d4:e8:5e:66:3a:8c:27:fb:6e:84:78:5c:5d:13:ca:76:10:d5:
e2:b4:b6:a0:a7:52:96:e5:94:72:39:33:2d:b0:e9:19:36:64:
60:99:3d:d7:e2:28:e8:91:98:8f:9c:1b:6f:8f:90:2b:d1:ea:
da:b7:52:64:3d:4a:4e:12:64:c9:53:44:b2:49:42:d3:b2:58:
6c:36:5b:e0:07:7e:36:43:91:ff:c6:69:97:2e:b9:de:6b:1a:
aa:be:41:0b:64:39:f0:42:cd:f0:89:5d:d3:0a:86:72:90:19:
b7:76:49:6b:6a:aa:f0:f5:ca:e7:e8:d7:fd:3b:7c:df:1a:d4:
36:ed:93:7c:64:53:54:27:ed:2b:39:f1:dc:24:c2:ad:fe:d8:
a4:a9:23:94:9f:a8:df:ff:5f:2e:59:c7:fc:89:14:e9:af:f6:
46:a6:fa:03:05:12:a3:84:f2:bb:d5:ae:90:c7:0d:88:f2:0e:
39:38:a1:46:d1:d7:d9:96:d7:9e:c2:ee:85:b3:cf:2b:ed:4d:
36:b2:08:d3:95:5f:f1:4c:17:6f:14:4b:5c:3d:68:b6:87:52:
9f:35:a5:97
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzDtpowrvi0Pi62kHy2gFAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDkyMDYzYTJhN2RjNjA5ZTJiNmY5Y2MwZGFmMDRmMWU5
OGI5ZWQwHhcNMjQwMTAxMDYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjY2NDRiOWEzMmVmMmE0OTEzZDE1NGQ3OWFhODRmNjFkMTg4MWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv5ArA0RvUXvaC5TvoBqHlsjbaW1
ot518Hp/7Y3hjKjTsD9JcjcRcalFB27cjloKVGA20KF/53fAvc6lgPSklNL1EQle
slv3GOzrr2q/YtlZNQ/NODDDJ4PzWQCdtP/z52SJSXVyCWg6By0yHPAmkIcPAdq3
5T8mf2xTatr5D7vybqJtbJPcChl+WwCIVPw0e47yNwkUtjNHllip+Hcb+jqc+63r
CUKR25AHUE1Wt2N7e4UcE4iNxLBJRBzxQ51W2Bnr/jsVFHybZuaS5+H+n78YyRXp
zT4hK1BY3CJRZz96ynEVtAXoNP5t2GgChIHCj+a1+WpuaLSr4LBMPRN+dQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJJmRLmjLvKkkT0VTXmqhPYdGIG/MB8GA1UdIwQY
MBaAFBYJIGOip9xgnitvnMDa8E8emLntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdrZ1k2S24zR0NlSzItY3dOcndUeDZZdWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy83YzM2M2EtOWJhNy00ZDQ1LTgzYjct
NjBkM2ZlMTljM2JjLzEva21aRXVhTXU4cVNSUFJWTmVhcUU5aDBZZ2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy83YzM2M2EtOWJhNy00ZDQ1LTgzYjctNjBkM2ZlMTljM2Jj
LzEvRmdrZ1k2S24zR0NlSzItY3dOcndUeDZZdWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCufi0MAwD
BADBugUDBADBugYwDQQCAAIwBwMFACoN7oAwDQYJKoZIhvcNAQELBQADggEBAIYa
BYREFcUA6hhcKBHE5Z4Q0gk4EJnbmIVSwBoUGatBtXftn9ToXmY6jCf7boR4XF0T
ynYQ1eK0tqCnUpbllHI5My2w6Rk2ZGCZPdfiKOiRmI+cG2+PkCvR6tq3UmQ9Sk4S
ZMlTRLJJQtOyWGw2W+AHfjZDkf/GaZcuud5rGqq+QQtkOfBCzfCJXdMKhnKQGbd2
SWtqqvD1yufo1/07fN8a1Dbtk3xkU1Qn7Ss58dwkwq3+2KSpI5SfqN//Xy5Zx/yJ
FOmv9kam+gMFEqOE8rvVrpDHDYjyDjk4oUbR19mW157C7oWzzyvtTTayCNOVX/FM
F28US1w9aLaHUp81pZc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:04:20 2024 by rpki-client on console-fra.rpki-client.org