Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/kLapSaCszHTkHjj-5D35BnwdX3U.roa
File: kLapSaCszHTkHjj-5D35BnwdX3U.roa (raw, json)
Hash identifier: aum+w/zWFNqnp2yXDmIDbNJpry2kTCqoMURv44gS960=
Subject key identifier: 90:B6:A9:49:A0:AC:CC:74:E4:1E:38:FE:E4:3D:F9:06:7C:1D:5F:75
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 018CC94E6F553426EB9749C2B5FC22E0E221
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/kLapSaCszHTkHjj-5D35BnwdX3U.roa
Signing time: Tue 02 Jan 2024 08:33:29 +0000
ROA not before: Tue 02 Jan 2024 08:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47390
IP address blocks: 185.220.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6f:55:34:26:eb:97:49:c2:b5:fc:22:e0:e2:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 2 08:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90b6a949a0accc74e41e38fee43df9067c1d5f75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fe:87:b6:ae:df:97:06:d8:04:11:96:ea:e5:
16:b9:88:28:9c:c8:3c:18:6a:00:21:2e:e6:be:87:
f2:f7:cb:b8:e4:c9:24:95:a2:b7:c8:28:6b:ce:ea:
a8:af:d9:f4:13:43:cb:54:fe:b2:e9:a9:4f:16:26:
c7:82:86:0a:b0:ad:d3:1b:39:01:2d:60:15:96:f4:
78:fa:9e:ac:b6:61:0f:b5:2a:07:46:d1:8d:bf:c6:
23:7c:b4:ad:be:00:30:a0:56:fa:00:95:d0:38:05:
c2:93:71:11:e1:05:8c:41:51:9f:29:b5:80:45:80:
11:fa:62:52:75:c2:bd:34:92:24:18:cf:ac:4a:db:
c6:19:39:d4:72:25:e3:7b:ac:45:a5:59:eb:db:31:
43:ff:94:53:7c:c4:aa:5a:d3:1b:b2:49:8e:c9:2e:
b6:23:fd:a9:d6:ef:a1:19:27:cb:4c:20:8a:8f:88:
77:05:43:9f:b7:59:72:a6:32:be:56:7e:39:fb:0b:
15:ca:f2:05:02:2b:67:45:7c:2d:00:66:90:fb:3a:
b3:4e:df:35:3f:ee:56:b5:a5:7c:6c:8f:f0:5e:32:
27:58:5c:c4:80:9a:95:5b:6e:f1:c7:85:f3:ce:2c:
1d:70:9b:26:0e:b6:1f:de:ce:23:d8:51:97:9e:76:
3a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B6:A9:49:A0:AC:CC:74:E4:1E:38:FE:E4:3D:F9:06:7C:1D:5F:75
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/kLapSaCszHTkHjj-5D35BnwdX3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.187.0/24
Signature Algorithm: sha256WithRSAEncryption
11:82:ce:45:75:d4:81:1e:4d:b8:df:4d:42:c8:3f:68:82:b2:
48:48:ee:ee:c3:ce:12:fa:31:19:bf:02:c5:83:e7:62:7d:1a:
14:2e:71:22:bc:42:e4:cd:81:84:6c:31:4b:c0:d9:53:ea:c9:
c0:56:cb:99:18:5a:7a:65:e5:db:d7:35:e5:6d:87:c7:84:dd:
eb:1c:2a:5d:b1:22:98:be:03:bb:74:8d:c5:63:45:56:c2:93:
fc:97:e9:7c:94:7c:8a:f6:7c:97:c8:b8:7f:01:3a:5b:13:c0:
e1:e3:b7:61:c2:64:ea:79:6e:f3:4d:c0:72:ce:1a:c3:45:c4:
74:dc:23:2d:ce:37:8e:b0:5b:04:cf:09:fd:84:73:0a:1a:fb:
1e:b4:25:c7:ca:4e:ae:cc:60:e4:bc:64:e7:59:50:4b:aa:b3:
86:79:6b:4b:8b:a5:85:0b:c9:5d:9a:2d:26:71:6f:1b:99:b4:
a2:5f:9b:16:3f:e5:62:45:d4:d4:f4:0b:57:60:f9:0e:49:c1:
13:38:73:dc:62:d6:cf:0a:61:00:59:7d:1c:d3:5c:77:59:27:
26:d6:9e:67:98:e8:6e:a0:c6:97:60:89:61:f1:b0:39:e6:8d:
19:11:7f:d8:5f:10:6f:0d:67:4a:ef:2c:be:c6:df:01:da:a6:
01:fc:48:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTm9VNCbrl0nCtfwi4OIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjQwMTAyMDgzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGI2YTk0OWEwYWNjYzc0ZTQxZTM4ZmVlNDNkZjkwNjdjMWQ1Zjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP6Htq7flwbYBBGW6uUWuYgonMg8
GGoAIS7mvofy98u45MkklaK3yChrzuqor9n0E0PLVP6y6alPFibHgoYKsK3TGzkB
LWAVlvR4+p6stmEPtSoHRtGNv8YjfLStvgAwoFb6AJXQOAXCk3ER4QWMQVGfKbWA
RYAR+mJSdcK9NJIkGM+sStvGGTnUciXje6xFpVnr2zFD/5RTfMSqWtMbskmOyS62
I/2p1u+hGSfLTCCKj4h3BUOft1lypjK+Vn45+wsVyvIFAitnRXwtAGaQ+zqzTt81
P+5WtaV8bI/wXjInWFzEgJqVW27xx4XzziwdcJsmDrYf3s4j2FGXnnY6vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJC2qUmgrMx05B44/uQ9+QZ8HV91MB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEva0xhcFNhQ3N6SFRrSGpqLTVEMzVCbndkWDNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudy7MA0G
CSqGSIb3DQEBCwUAA4IBAQARgs5FddSBHk24301CyD9ogrJISO7uw84S+jEZvwLF
g+difRoULnEivELkzYGEbDFLwNlT6snAVsuZGFp6ZeXb1zXlbYfHhN3rHCpdsSKY
vgO7dI3FY0VWwpP8l+l8lHyK9nyXyLh/ATpbE8Dh47dhwmTqeW7zTcByzhrDRcR0
3CMtzjeOsFsEzwn9hHMKGvsetCXHyk6uzGDkvGTnWVBLqrOGeWtLi6WFC8ldmi0m
cW8bmbSiX5sWP+ViRdTU9AtXYPkOScETOHPcYtbPCmEAWX0c01x3WScm1p5nmOhu
oMaXYIlh8bA55o0ZEX/YXxBvDWdK7yy+xt8B2qYB/EhZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:00:17 2024 by rpki-client on console-fra.rpki-client.org