Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/KwqbwUX6KEKA9oCAbqrACS7VzdI.roa
File: KwqbwUX6KEKA9oCAbqrACS7VzdI.roa (raw, json)
Hash identifier: rLVVIxv+oky7Goh14DCSsRvkWMIOhntxJEeoJKV0rDw=
Subject key identifier: 2B:0A:9B:C1:45:FA:28:42:80:F6:80:80:6E:AA:C0:09:2E:D5:CD:D2
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0192AE5BFC967B035E4D1B0A2AC86AE3FF5C
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/KwqbwUX6KEKA9oCAbqrACS7VzdI.roa
Signing time: Mon 21 Oct 2024 09:15:16 +0000
ROA not before: Mon 21 Oct 2024 09:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 31.129.22.0/24 maxlen: 24
45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
77.83.116.0/24 maxlen: 24
89.191.232.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
185.247.184.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:5b:fc:96:7b:03:5e:4d:1b:0a:2a:c8:6a:e3:ff:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Oct 21 09:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b0a9bc145fa284280f680806eaac0092ed5cdd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ce:a9:1a:25:f4:14:2e:67:2f:46:0c:99:15:
50:da:57:03:5a:ed:79:34:38:59:a6:ca:59:9a:92:
eb:3d:ce:b3:c5:bc:75:d7:19:a6:a5:51:db:d2:f5:
cd:95:50:f0:73:c2:08:fe:24:29:b1:16:60:ff:a3:
a0:f1:4d:e1:ed:88:84:30:b1:cb:a3:7b:c9:c8:8a:
d5:be:51:a5:6f:4b:70:e6:61:e9:9f:f8:c1:f3:91:
13:ac:1d:87:b0:33:a9:02:c3:d9:0d:42:ae:37:fd:
ee:22:d7:75:82:1d:36:d1:bc:7d:94:e8:f2:45:1b:
0f:74:1b:58:9c:d8:01:00:3a:36:5d:bc:7b:e2:53:
ff:5d:89:96:85:ce:e0:24:53:3c:63:5c:73:73:80:
06:39:e8:bf:47:3b:c1:33:6e:cc:6c:55:02:69:6e:
87:0a:66:31:db:bb:4b:7b:00:d1:6b:fa:80:9e:69:
c2:80:a0:b7:92:c5:27:c6:42:51:4a:bc:6d:d6:79:
da:5d:2e:87:7b:d4:07:e4:11:4b:9f:0d:36:1c:b4:
f5:c5:76:d0:b3:54:65:4f:67:b7:97:f4:1d:48:8e:
4c:f8:71:2b:1b:73:28:41:c5:af:51:34:d4:a4:09:
88:2d:90:4b:fd:7b:5f:df:cf:95:f6:74:ea:fe:c9:
e5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0A:9B:C1:45:FA:28:42:80:F6:80:80:6E:AA:C0:09:2E:D5:CD:D2
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/KwqbwUX6KEKA9oCAbqrACS7VzdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.22.0/24
45.95.232.0/23
77.83.116.0/24
89.191.232.0/24
92.118.112.0/24
141.98.233.0-141.98.234.255
185.247.184.0/24
194.28.192.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:48:b3:3c:0d:a8:d6:b8:15:20:08:8f:b7:66:9c:60:ef:5b:
44:9a:33:c0:0c:3d:94:30:c9:4c:d8:87:de:7f:97:69:22:c0:
3b:09:5c:05:c5:7e:6c:be:37:9f:1c:65:bb:23:0a:ce:b3:70:
32:86:b6:7f:a8:7a:01:06:1a:7e:32:d1:db:2a:54:52:d5:ee:
cd:ad:13:c9:cd:d9:7d:f6:08:ba:66:f6:30:be:33:f4:be:42:
ef:06:1c:c1:83:0b:2c:75:66:3d:e2:24:89:c8:48:72:3b:9c:
fb:c5:a7:3d:e9:5d:5a:48:5b:5c:73:eb:c3:bf:1b:f7:81:ea:
9e:ac:5c:d1:e6:0d:35:94:d2:61:cf:42:b1:8c:ce:69:a1:36:
f3:84:b5:ec:80:03:07:fa:60:3d:7a:1e:68:00:a1:fb:a8:ae:
12:78:11:53:04:cb:8a:4a:1c:55:66:27:0b:31:3d:77:88:78:
96:d8:cd:3f:10:72:78:54:5e:47:48:6f:f4:6b:fe:cf:5b:54:
7e:f2:a9:27:64:2e:fe:cc:b5:ef:71:32:f4:29:c0:de:e8:82:
df:12:da:6f:33:35:f3:d1:dc:d7:a8:16:70:31:ec:80:49:35:
9b:be:6c:bb:96:d7:e3:a4:15:ea:48:03:1c:28:b3:83:52:1e:
85:ea:99:b3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZKuW/yWewNeTRsKKshq4/9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQxMDIxMDkxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjBhOWJjMTQ1ZmEyODQyODBmNjgwODA2ZWFhYzAwOTJlZDVjZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM6pGiX0FC5nL0YMmRVQ2lcDWu15
NDhZpspZmpLrPc6zxbx11xmmpVHb0vXNlVDwc8II/iQpsRZg/6Og8U3h7YiEMLHL
o3vJyIrVvlGlb0tw5mHpn/jB85ETrB2HsDOpAsPZDUKuN/3uItd1gh020bx9lOjy
RRsPdBtYnNgBADo2Xbx74lP/XYmWhc7gJFM8Y1xzc4AGOei/RzvBM27MbFUCaW6H
CmYx27tLewDRa/qAnmnCgKC3ksUnxkJRSrxt1nnaXS6He9QH5BFLnw02HLT1xXbQ
s1RlT2e3l/QdSI5M+HErG3MoQcWvUTTUpAmILZBL/Xtf38+V9nTq/snlIQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCsKm8FF+ihCgPaAgG6qwAku1c3SMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvS3dxYndVWDZLRUtBOW9DQWJxckFDUzdWemRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAH4EWAwQB
LV/oAwQATVN0AwQAWb/oAwQAXHZwMAwDBACNYukDBACNYuoDBAC597gDBADCHMAw
DQYJKoZIhvcNAQELBQADggEBADtIszwNqNa4FSAIj7dmnGDvW0SaM8AMPZQwyUzY
h95/l2kiwDsJXAXFfmy+N58cZbsjCs6zcDKGtn+oegEGGn4y0dsqVFLV7s2tE8nN
2X32CLpm9jC+M/S+Qu8GHMGDCyx1Zj3iJInISHI7nPvFpz3pXVpIW1xz68O/G/eB
6p6sXNHmDTWU0mHPQrGMzmmhNvOEteyAAwf6YD16HmgAofuorhJ4EVMEy4pKHFVm
JwsxPXeIeJbYzT8QcnhUXkdIb/Rr/s9bVH7yqSdkLv7Mte9xMvQpwN7ogt8S2m8z
NfPR3NeoFnAx7IBJNZu+bLuW1+OkFepIAxwos4NSHoXqmbM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:23:10 2024 by rpki-client on console-ams.rpki-client.org