Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/kQ2QfEGh3AcUd1-IbYJdmCvvZaU.roa
File: kQ2QfEGh3AcUd1-IbYJdmCvvZaU.roa (raw, json)
Hash identifier: xkghHpC2/1RChbQmXyAVeSCC+wvdiSg7IqxiCBJNAks=
Subject key identifier: 91:0D:90:7C:41:A1:DC:07:14:77:5F:88:6D:82:5D:98:2B:EF:65:A5
Certificate issuer: /CN=d9d0318f2685e32d2dba923f6662771427359738
Certificate serial: 018CC3B70321A176300FBBCA1C1BB9DFEB52
Authority key identifier: D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/kQ2QfEGh3AcUd1-IbYJdmCvvZaU.roa
Signing time: Mon 01 Jan 2024 06:30:00 +0000
ROA not before: Mon 01 Jan 2024 06:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8728
IP address blocks: 84.52.0.0/18 maxlen: 32
212.7.0.0/19 maxlen: 32
82.147.160.0/19 maxlen: 32
82.147.160.0/21 maxlen: 32
185.200.68.0/22 maxlen: 32
82.147.168.0/21 maxlen: 32
212.7.30.0/24 maxlen: 32
89.235.192.0/18 maxlen: 32
109.235.240.0/21 maxlen: 32
2001:1b28::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:03:21:a1:76:30:0f:bb:ca:1c:1b:b9:df:eb:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d0318f2685e32d2dba923f6662771427359738
Validity
Not Before: Jan 1 06:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=910d907c41a1dc0714775f886d825d982bef65a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:69:a8:e6:09:93:c8:e8:44:60:92:af:68:60:
a3:f9:96:81:c5:23:9c:1f:de:03:86:e1:69:16:ba:
05:68:b8:12:c8:2e:80:c6:a8:d7:bd:c1:ee:4a:80:
c1:a4:86:fd:40:65:4d:8b:37:33:fc:b7:4a:f4:e3:
67:1f:54:da:d3:06:4d:cf:9a:1e:19:24:67:89:0c:
20:ca:aa:26:34:6a:a9:10:55:7a:a9:52:a7:8c:e9:
8f:03:1e:58:2c:d5:ce:e7:0a:94:8b:3a:56:bf:18:
12:eb:fb:b4:8b:63:f2:60:f0:8b:70:c9:d5:4c:1c:
12:9d:8b:b3:73:b9:68:7f:2f:5b:27:69:1a:24:c3:
40:6d:af:af:69:54:4c:96:3f:2a:01:10:69:b7:53:
5e:20:5b:22:93:a3:82:8c:87:71:e2:ae:9b:da:56:
44:49:ca:66:81:08:09:a4:f2:04:e6:ed:5e:fc:f0:
18:bd:22:73:50:75:06:b1:45:8d:0e:4b:56:33:b6:
26:05:6b:2d:73:e2:90:ad:5e:f4:14:b3:3c:4b:38:
cf:2e:1f:b3:e1:42:44:6a:7e:38:ac:73:16:cc:c4:
f4:d8:38:39:b7:f8:4d:ab:0e:49:a0:8e:2a:88:e4:
26:ac:9b:06:4b:1e:c9:27:c3:dd:c0:46:93:1a:7e:
ce:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0D:90:7C:41:A1:DC:07:14:77:5F:88:6D:82:5D:98:2B:EF:65:A5
X509v3 Authority Key Identifier:
keyid:D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/kQ2QfEGh3AcUd1-IbYJdmCvvZaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.147.160.0/19
84.52.0.0/18
89.235.192.0/18
109.235.240.0/21
185.200.68.0/22
212.7.0.0/19
IPv6:
2001:1b28::/32
Signature Algorithm: sha256WithRSAEncryption
82:45:18:3d:92:52:a5:2c:fb:c0:8e:0e:11:16:8d:40:44:92:
43:b2:ef:67:be:73:66:55:b9:74:b5:41:e6:94:60:e2:67:c6:
36:2b:13:7d:74:28:89:21:62:bd:24:71:29:e9:18:a7:6f:96:
ab:7f:36:3e:8f:be:0f:87:3a:53:c4:18:0f:70:2e:5a:5c:9e:
b4:73:c8:f9:4d:eb:13:67:97:ec:89:41:f9:84:6a:7b:27:10:
26:d5:99:b2:d7:21:0c:28:51:52:7b:4c:00:12:bf:a2:a9:0c:
f4:75:3f:ae:5c:07:a6:be:0e:fd:d1:00:36:44:7f:1c:2b:98:
06:34:96:fb:57:6b:cc:ab:3d:5f:95:2b:93:a7:d9:01:61:d0:
9c:77:20:b5:83:f8:ce:1c:d9:3d:d6:5d:38:86:1f:fd:35:e5:
55:c2:6b:fc:24:26:6c:1f:08:96:2b:b8:cb:03:1a:81:cc:3a:
fc:e3:d8:1f:50:cd:cc:5e:f6:5b:8d:b4:42:67:8a:12:78:ba:
f2:80:8e:04:70:aa:35:a4:f7:cb:6e:64:3c:17:cb:82:e2:53:
d6:b7:81:56:07:a3:41:c7:08:68:b6:83:79:72:9f:be:52:8a:
7f:aa:9a:13:b6:94:23:f8:7c:81:ec:db:c7:3d:b4:06:41:ef:
0b:59:4d:cb
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzDtwMhoXYwD7vKHBu53+tSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDAzMThmMjY4NWUzMmQyZGJhOTIzZjY2NjI3NzE0Mjcz
NTk3MzgwHhcNMjQwMTAxMDYzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTBkOTA3YzQxYTFkYzA3MTQ3NzVmODg2ZDgyNWQ5ODJiZWY2NWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGmo5gmTyOhEYJKvaGCj+ZaBxSOc
H94DhuFpFroFaLgSyC6AxqjXvcHuSoDBpIb9QGVNizcz/LdK9ONnH1Ta0wZNz5oe
GSRniQwgyqomNGqpEFV6qVKnjOmPAx5YLNXO5wqUizpWvxgS6/u0i2PyYPCLcMnV
TBwSnYuzc7lofy9bJ2kaJMNAba+vaVRMlj8qARBpt1NeIFsik6OCjIdx4q6b2lZE
ScpmgQgJpPIE5u1e/PAYvSJzUHUGsUWNDktWM7YmBWstc+KQrV70FLM8SzjPLh+z
4UJEan44rHMWzMT02Dg5t/hNqw5JoI4qiOQmrJsGSx7JJ8PdwEaTGn7OgQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJENkHxBodwHFHdfiG2CXZgr72WlMB8GA1UdIwQY
MBaAFNnQMY8mheMtLbqSP2ZidxQnNZc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRBeGp5YUY0eTB0dXBJX1ptSjNGQ2MxbHpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84Y2U2MDktZGIxZC00OTk3LTlkOGEt
OTZkZGQ1YTAyMzlkLzEva1EyUWZFR2gzQWNVZDEtSWJZSmRtQ3Z2WmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84Y2U2MDktZGIxZC00OTk3LTlkOGEtOTZkZGQ1YTAyMzlk
LzEvMmRBeGp5YUY0eTB0dXBJX1ptSjNGQ2MxbHpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFUpOgAwQG
VDQAAwQGWevAAwQDbevwAwQCuchEAwQF1AcAMA0EAgACMAcDBQAgARsoMA0GCSqG
SIb3DQEBCwUAA4IBAQCCRRg9klKlLPvAjg4RFo1ARJJDsu9nvnNmVbl0tUHmlGDi
Z8Y2KxN9dCiJIWK9JHEp6Rinb5arfzY+j74PhzpTxBgPcC5aXJ60c8j5TesTZ5fs
iUH5hGp7JxAm1Zmy1yEMKFFSe0wAEr+iqQz0dT+uXAemvg790QA2RH8cK5gGNJb7
V2vMqz1flSuTp9kBYdCcdyC1g/jOHNk91l04hh/9NeVVwmv8JCZsHwiWK7jLAxqB
zDr849gfUM3MXvZbjbRCZ4oSeLrygI4EcKo1pPfLbmQ8F8uC4lPWt4FWB6NBxwho
toN5cp++Uop/qpoTtpQj+HyB7NvHPbQGQe8LWU3L
-----END CERTIFICATE-----
Generated at Fri May 17 21:44:33 2024 by rpki-client on console-fra.rpki-client.org