Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/K_GKFulSX6Oy_EAQzLQa-3i5CJg.roa
File: K_GKFulSX6Oy_EAQzLQa-3i5CJg.roa (raw, json)
Hash identifier: l9gFAG8lRkWg7ngTMBFdXklVQR1yNsmnq3CBshIRfbs=
Subject key identifier: 2B:F1:8A:16:E9:52:5F:A3:B2:FC:40:10:CC:B4:1A:FB:78:B9:08:98
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 018CC348B183A2EA21AC164C07A63F48F230
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/K_GKFulSX6Oy_EAQzLQa-3i5CJg.roa
Signing time: Mon 01 Jan 2024 04:29:30 +0000
ROA not before: Mon 01 Jan 2024 04:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209817
IP address blocks: 94.240.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b1:83:a2:ea:21:ac:16:4c:07:a6:3f:48:f2:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jan 1 04:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bf18a16e9525fa3b2fc4010ccb41afb78b90898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c7:84:08:e7:c4:45:9e:ac:65:bd:61:ae:f5:
17:f8:83:ae:4f:38:f5:bd:1e:1e:90:39:58:c2:9c:
1f:0e:69:c5:b9:30:c4:21:b1:a6:7f:0e:5e:1e:5c:
8b:66:af:0c:b8:eb:5f:41:f1:6a:71:3b:59:45:81:
93:eb:8a:67:74:27:a3:b2:c0:72:01:a2:6b:ee:ee:
f0:63:09:e7:c1:ed:ad:ef:1c:39:bc:bb:5c:28:c7:
53:6d:60:2e:8a:a9:6b:ee:ed:b3:a6:42:f6:15:30:
78:a9:4d:25:5d:3f:c7:29:dc:dd:52:8b:8a:9f:e0:
03:95:ef:00:05:6a:3f:12:47:46:fe:a7:ac:68:9a:
25:32:f7:eb:17:13:b4:b7:71:ed:05:45:f8:a1:eb:
02:65:a2:7e:75:9a:75:b4:12:da:5c:60:c4:c1:fb:
d5:2f:8a:a2:6b:eb:58:85:5a:d3:e1:c9:0e:bf:7b:
dc:12:ca:99:7f:e0:49:0b:a7:95:29:e3:bb:50:4c:
b9:05:64:59:f7:b5:f9:2d:7a:c2:cd:91:b5:71:03:
b9:20:96:83:3d:00:61:37:be:01:2f:8d:0c:dc:49:
82:d1:86:3e:36:e0:9c:f0:f9:cb:e1:14:2b:3c:74:
77:9f:83:c8:bc:cf:87:4c:68:0d:95:90:71:50:0f:
44:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F1:8A:16:E9:52:5F:A3:B2:FC:40:10:CC:B4:1A:FB:78:B9:08:98
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/K_GKFulSX6Oy_EAQzLQa-3i5CJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.240.14.0/24
Signature Algorithm: sha256WithRSAEncryption
34:f8:a5:ac:b3:eb:76:24:30:2d:92:43:59:b7:47:ee:8c:00:
95:09:52:9f:8e:50:37:7d:bd:98:04:59:ae:92:41:8c:f3:59:
57:72:d2:0b:9d:67:e8:b2:90:02:bf:85:78:33:26:15:4c:9b:
e6:89:a3:ab:9a:be:6a:3b:12:bf:d9:9e:bb:bd:fe:43:f2:9a:
4f:e0:7f:03:23:69:d6:6a:38:ff:83:c5:e5:ee:f5:61:6e:e5:
ac:cf:0b:96:44:54:30:f3:f5:b0:09:d2:e4:59:0f:b0:06:77:
a3:6e:fc:3c:98:44:19:60:67:e0:2d:bd:ba:79:51:17:45:1b:
50:96:7b:68:2b:40:3e:b8:fc:2c:5a:b6:45:6d:7d:1c:b3:cb:
81:f9:04:37:04:3d:f0:c8:b8:98:8b:b4:3a:d9:bb:ce:14:08:
d7:6c:ae:3b:99:6b:90:a1:15:d4:a4:53:b8:3f:d3:e5:68:24:
ac:04:ac:95:fb:22:f5:42:2b:74:6a:10:2a:ca:a8:53:ea:f3:
00:86:39:69:d7:2b:37:22:40:1e:08:d3:e1:fb:b5:58:2f:93:
64:ee:81:89:63:cb:d1:08:09:3d:7b:6e:64:63:a8:d5:8e:6c:
e0:a6:57:be:2d:50:90:5d:8b:b8:d9:20:dd:a5:03:b1:56:30:
80:39:d8:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSLGDouohrBZMB6Y/SPIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjQwMTAxMDQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmYxOGExNmU5NTI1ZmEzYjJmYzQwMTBjY2I0MWFmYjc4YjkwODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MeECOfERZ6sZb1hrvUX+IOuTzj1
vR4ekDlYwpwfDmnFuTDEIbGmfw5eHlyLZq8MuOtfQfFqcTtZRYGT64pndCejssBy
AaJr7u7wYwnnwe2t7xw5vLtcKMdTbWAuiqlr7u2zpkL2FTB4qU0lXT/HKdzdUouK
n+ADle8ABWo/EkdG/qesaJolMvfrFxO0t3HtBUX4oesCZaJ+dZp1tBLaXGDEwfvV
L4qia+tYhVrT4ckOv3vcEsqZf+BJC6eVKeO7UEy5BWRZ97X5LXrCzZG1cQO5IJaD
PQBhN74BL40M3EmC0YY+NuCc8PnL4RQrPHR3n4PIvM+HTGgNlZBxUA9EowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvxihbpUl+jsvxAEMy0Gvt4uQiYMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvS19HS0Z1bFNYNk95X0VBUXpMUWEtM2k1Q0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXvAOMA0G
CSqGSIb3DQEBCwUAA4IBAQA0+KWss+t2JDAtkkNZt0fujACVCVKfjlA3fb2YBFmu
kkGM81lXctILnWfospACv4V4MyYVTJvmiaOrmr5qOxK/2Z67vf5D8ppP4H8DI2nW
ajj/g8Xl7vVhbuWszwuWRFQw8/WwCdLkWQ+wBnejbvw8mEQZYGfgLb26eVEXRRtQ
lntoK0A+uPwsWrZFbX0cs8uB+QQ3BD3wyLiYi7Q62bvOFAjXbK47mWuQoRXUpFO4
P9PlaCSsBKyV+yL1Qit0ahAqyqhT6vMAhjlp1ys3IkAeCNPh+7VYL5Nk7oGJY8vR
CAk9e25kY6jVjmzgple+LVCQXYu42SDdpQOxVjCAOdhv
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:12:40 2024 by rpki-client on console-fra.rpki-client.org