Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/1195ab-ed41-452f-bc22-7fd0deae32c5/1/Keir4GQt_xK2AMSqC5Gty8KlRPQ.roa
File: Keir4GQt_xK2AMSqC5Gty8KlRPQ.roa (raw, json)
Hash identifier: 9ofOIAEcRqd+tVSQFgghpabhzWnyPNjBi8UjGqzQCxE=
Subject key identifier: 29:E8:AB:E0:64:2D:FF:12:B6:00:C4:AA:0B:91:AD:CB:C2:A5:44:F4
Certificate issuer: /CN=97aaa555a329edd86606cc0e3e296bd478ac73de
Certificate serial: 018CC8DF9F64B1687CDE4AC2C32D6BA5DD53
Authority key identifier: 97:AA:A5:55:A3:29:ED:D8:66:06:CC:0E:3E:29:6B:D4:78:AC:73:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l6qlVaMp7dhmBswOPilr1Hisc94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/1195ab-ed41-452f-bc22-7fd0deae32c5/1/Keir4GQt_xK2AMSqC5Gty8KlRPQ.roa
Signing time: Tue 02 Jan 2024 06:32:27 +0000
ROA not before: Tue 02 Jan 2024 06:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30848
IP address blocks: 185.249.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/1195ab-ed41-452f-bc22-7fd0deae32c5/1/l6qlVaMp7dhmBswOPilr1Hisc94.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/1195ab-ed41-452f-bc22-7fd0deae32c5/1/l6qlVaMp7dhmBswOPilr1Hisc94.mft
rsync://rpki.ripe.net/repository/DEFAULT/l6qlVaMp7dhmBswOPilr1Hisc94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:9f:64:b1:68:7c:de:4a:c2:c3:2d:6b:a5:dd:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97aaa555a329edd86606cc0e3e296bd478ac73de
Validity
Not Before: Jan 2 06:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29e8abe0642dff12b600c4aa0b91adcbc2a544f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:41:43:21:59:90:08:b9:cd:1a:2c:a0:5b:9e:
ef:65:19:d2:b7:7a:a0:f3:74:53:f1:9a:44:ee:02:
84:e5:3b:81:0b:83:9d:4e:1f:b2:ae:1e:c1:6a:18:
f4:c0:01:b6:fc:d5:1e:d6:f6:83:5a:9f:55:6a:26:
0c:54:9c:5c:93:af:a7:21:ca:97:29:4a:61:e0:ef:
00:96:f2:03:c4:a2:ce:0d:dc:a9:7d:b5:6f:c1:9d:
d8:6b:06:c6:64:2f:1a:c3:02:e4:78:6d:06:ad:66:
41:a7:1e:dc:8a:e6:76:d9:fa:61:a7:54:6b:73:ed:
06:fd:44:9f:61:bc:f3:c7:09:fe:69:92:80:a8:42:
0b:09:df:9e:8f:f1:35:bb:a3:00:3e:01:94:17:bc:
c5:f8:87:c2:94:83:ba:a6:07:49:f1:b7:64:92:17:
8c:52:7b:42:04:97:bc:1e:3c:3c:6d:33:a0:6c:9f:
30:2d:4b:ea:35:03:79:df:6b:9d:72:50:08:73:cb:
2d:87:e2:7c:8c:ed:ce:71:fb:b7:5e:a8:c9:90:fb:
2a:0c:76:b2:bb:7d:d3:db:0c:47:d0:66:65:54:66:
f2:7f:9f:1c:7a:48:e2:31:4a:1d:71:0d:11:c5:81:
e8:20:c3:2a:87:0c:89:d4:9d:3e:3d:3d:55:7c:43:
58:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E8:AB:E0:64:2D:FF:12:B6:00:C4:AA:0B:91:AD:CB:C2:A5:44:F4
X509v3 Authority Key Identifier:
keyid:97:AA:A5:55:A3:29:ED:D8:66:06:CC:0E:3E:29:6B:D4:78:AC:73:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l6qlVaMp7dhmBswOPilr1Hisc94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1195ab-ed41-452f-bc22-7fd0deae32c5/1/Keir4GQt_xK2AMSqC5Gty8KlRPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1195ab-ed41-452f-bc22-7fd0deae32c5/1/l6qlVaMp7dhmBswOPilr1Hisc94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.17.0/24
Signature Algorithm: sha256WithRSAEncryption
70:20:d5:3f:8b:b8:3a:bd:51:2a:15:55:4e:4b:01:e6:01:89:
81:69:fc:9b:9d:7a:87:57:69:ca:1a:cc:5f:80:8f:56:12:3e:
7e:82:79:33:97:eb:a7:70:3f:29:4a:30:d2:60:6a:59:d7:a4:
e3:cf:30:92:1e:fc:ce:22:54:bc:bc:87:60:78:fd:d3:42:41:
87:74:8a:33:d8:77:9c:72:41:cc:74:89:35:af:96:5b:9c:f5:
e9:5a:82:6a:48:22:f4:ec:5a:86:26:cf:b3:41:a0:95:9a:31:
7c:1c:c6:2d:ef:5c:ba:55:e4:58:a7:33:65:99:e9:7e:b6:c4:
5f:b0:46:10:a8:31:b8:07:11:bd:87:c5:c4:ba:60:89:ea:da:
0e:b2:d5:29:4f:79:d0:84:20:4a:b8:c5:44:52:4e:29:0f:44:
4a:a2:4d:52:36:d0:66:1a:e0:46:5f:e7:47:30:b4:be:17:4d:
9d:59:ba:bd:bd:45:26:25:48:ca:05:b2:d7:b7:08:49:6e:4c:
66:a5:4b:a7:77:12:47:2d:bc:7b:7d:8c:17:b7:05:34:6f:b9:
f3:7d:15:cd:d5:ef:d6:03:b1:97:10:49:b6:21:f5:d7:35:17:
3d:08:e2:c6:21:71:a2:8d:02:dc:89:a2:45:da:8c:3e:9a:d4:
24:20:49:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI359ksWh83krCwy1rpd1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YWFhNTU1YTMyOWVkZDg2NjA2Y2MwZTNlMjk2YmQ0Nzhh
YzczZGUwHhcNMjQwMTAyMDYzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWU4YWJlMDY0MmRmZjEyYjYwMGM0YWEwYjkxYWRjYmMyYTU0NGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEFDIVmQCLnNGiygW57vZRnSt3qg
83RT8ZpE7gKE5TuBC4OdTh+yrh7Bahj0wAG2/NUe1vaDWp9VaiYMVJxck6+nIcqX
KUph4O8AlvIDxKLODdypfbVvwZ3YawbGZC8awwLkeG0GrWZBpx7ciuZ22fphp1Rr
c+0G/USfYbzzxwn+aZKAqEILCd+ej/E1u6MAPgGUF7zF+IfClIO6pgdJ8bdkkheM
UntCBJe8Hjw8bTOgbJ8wLUvqNQN532udclAIc8sth+J8jO3Ocfu3XqjJkPsqDHay
u33T2wxH0GZlVGbyf58cekjiMUodcQ0RxYHoIMMqhwyJ1J0+PT1VfENYhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnoq+BkLf8StgDEqguRrcvCpUT0MB8GA1UdIwQY
MBaAFJeqpVWjKe3YZgbMDj4pa9R4rHPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDZxbFZhTXA3ZGhtQnN3T1BpbHIxSGlzYzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xMTk1YWItZWQ0MS00NTJmLWJjMjIt
N2ZkMGRlYWUzMmM1LzEvS2VpcjRHUXRfeEsyQU1TcUM1R3R5OEtsUlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xMTk1YWItZWQ0MS00NTJmLWJjMjItN2ZkMGRlYWUzMmM1
LzEvbDZxbFZhTXA3ZGhtQnN3T1BpbHIxSGlzYzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufkRMA0G
CSqGSIb3DQEBCwUAA4IBAQBwINU/i7g6vVEqFVVOSwHmAYmBafybnXqHV2nKGsxf
gI9WEj5+gnkzl+uncD8pSjDSYGpZ16TjzzCSHvzOIlS8vIdgeP3TQkGHdIoz2Hec
ckHMdIk1r5ZbnPXpWoJqSCL07FqGJs+zQaCVmjF8HMYt71y6VeRYpzNlmel+tsRf
sEYQqDG4BxG9h8XEumCJ6toOstUpT3nQhCBKuMVEUk4pD0RKok1SNtBmGuBGX+dH
MLS+F02dWbq9vUUmJUjKBbLXtwhJbkxmpUundxJHLbx7fYwXtwU0b7nzfRXN1e/W
A7GXEEm2IfXXNRc9COLGIXGijQLciaJF2ow+mtQkIEkr
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:12 2024 by rpki-client on console-fra.rpki-client.org