Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/2c9883-f108-4fed-b416-a6f534c307f1/1/KmBLOJdLD5N9W226eBdtIPexx0Y.roa
File: KmBLOJdLD5N9W226eBdtIPexx0Y.roa (raw, json)
Hash identifier: nWQD8tEvj6QZXmDmGERZ+kQkJY4MNrOv+BlyxH0O3j0=
Subject key identifier: 2A:60:4B:38:97:4B:0F:93:7D:5B:6D:BA:78:17:6D:20:F7:B1:C7:46
Certificate issuer: /CN=de8e60bb111087d0803fc3fcc4af327aa85c0b81
Certificate serial: 018CC3B6844501EE6A666D28617AB556C543
Authority key identifier: DE:8E:60:BB:11:10:87:D0:80:3F:C3:FC:C4:AF:32:7A:A8:5C:0B:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3o5guxEQh9CAP8P8xK8yeqhcC4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/2c9883-f108-4fed-b416-a6f534c307f1/1/KmBLOJdLD5N9W226eBdtIPexx0Y.roa
Signing time: Mon 01 Jan 2024 06:29:27 +0000
ROA not before: Mon 01 Jan 2024 06:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197075
IP address blocks: 185.49.56.0/22 maxlen: 24
185.203.124.0/22 maxlen: 24
2a0a:e6c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/2c9883-f108-4fed-b416-a6f534c307f1/1/3o5guxEQh9CAP8P8xK8yeqhcC4E.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/2c9883-f108-4fed-b416-a6f534c307f1/1/3o5guxEQh9CAP8P8xK8yeqhcC4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/3o5guxEQh9CAP8P8xK8yeqhcC4E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:84:45:01:ee:6a:66:6d:28:61:7a:b5:56:c5:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de8e60bb111087d0803fc3fcc4af327aa85c0b81
Validity
Not Before: Jan 1 06:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a604b38974b0f937d5b6dba78176d20f7b1c746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:dc:94:2a:90:7b:8f:75:b5:4a:12:d3:6d:3d:
1e:16:cc:6c:0e:50:a8:6b:aa:40:da:e1:c6:2b:97:
d8:7b:67:ec:0d:f1:5a:fe:d8:6f:04:69:bc:0f:47:
57:e1:b1:15:64:75:08:ea:ee:f7:ba:18:b6:2e:18:
97:36:52:92:f4:9b:ac:3b:3b:14:08:36:d7:15:e7:
df:a9:bb:27:cc:01:41:0e:94:8e:0d:b0:0d:bd:13:
bf:5e:1d:ca:fe:db:c8:c3:d4:9b:85:d3:da:f0:4c:
36:97:33:58:6d:d8:90:f7:18:6d:76:a0:96:79:f3:
22:70:a5:13:9d:ce:a7:31:86:81:81:de:27:59:6f:
1a:b6:6f:f0:ba:54:60:47:7c:65:8d:a8:bb:b6:8d:
78:51:fe:31:65:4c:04:34:5c:37:64:11:02:ef:65:
f2:ba:e3:56:fc:5c:4f:25:5d:33:17:37:41:8a:dd:
43:ff:8b:a1:79:d5:ea:d3:d0:f2:fa:f2:d2:34:37:
d9:44:3e:32:68:00:5a:ce:d8:3e:d3:dd:ba:b1:0b:
3f:39:97:e0:e3:f2:1e:7b:91:cc:89:45:3e:9a:33:
73:97:96:87:31:3b:69:5d:de:4e:2f:a6:36:1e:4b:
f6:59:90:b4:5a:b6:7d:b4:7a:94:9a:bc:2d:2b:6b:
c3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:60:4B:38:97:4B:0F:93:7D:5B:6D:BA:78:17:6D:20:F7:B1:C7:46
X509v3 Authority Key Identifier:
keyid:DE:8E:60:BB:11:10:87:D0:80:3F:C3:FC:C4:AF:32:7A:A8:5C:0B:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3o5guxEQh9CAP8P8xK8yeqhcC4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2c9883-f108-4fed-b416-a6f534c307f1/1/KmBLOJdLD5N9W226eBdtIPexx0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2c9883-f108-4fed-b416-a6f534c307f1/1/3o5guxEQh9CAP8P8xK8yeqhcC4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.56.0/22
185.203.124.0/22
IPv6:
2a0a:e6c0::/29
Signature Algorithm: sha256WithRSAEncryption
b1:0a:08:1d:e5:c6:5a:34:73:15:85:bf:47:7a:96:4a:5b:10:
6c:39:0a:93:bc:65:33:f3:24:6d:dc:a8:11:17:4f:b4:72:76:
f5:fd:15:9b:13:49:6b:d5:96:b2:b2:98:ce:6d:0c:04:1c:6d:
f5:98:47:45:ed:2d:24:9b:36:9c:45:9c:b9:0c:5b:f2:62:7b:
43:c3:b5:da:e6:71:5b:5d:5a:36:da:42:e2:c9:5d:ee:22:fa:
21:48:69:5f:14:55:fd:d8:c2:10:f2:85:e5:b8:be:b0:88:77:
ed:3c:0b:0f:01:51:41:06:90:dd:63:d6:cd:86:9e:94:7b:06:
81:fd:e0:6b:ae:b6:6a:d8:2b:38:23:26:5d:9e:96:ab:0e:eb:
6d:d0:27:f3:2c:9a:bf:25:1f:5f:4a:df:19:d7:a7:1a:18:7e:
73:77:74:da:64:15:d3:19:ad:63:ab:40:93:6b:fe:ea:0c:26:
ca:fc:c0:0a:2f:64:2f:02:13:75:47:23:02:11:dd:47:b7:9c:
f9:c0:31:b5:04:a5:63:d2:04:2f:9e:0f:89:6e:e8:70:06:2a:
90:0a:5a:92:9e:25:62:3e:18:03:35:c7:83:92:0f:d0:8a:43:
1e:14:33:67:10:70:75:15:dd:c2:c1:18:a9:4f:fe:3e:c9:1b:
f3:a0:58:d7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtoRFAe5qZm0oYXq1VsVDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOGU2MGJiMTExMDg3ZDA4MDNmYzNmY2M0YWYzMjdhYTg1
YzBiODEwHhcNMjQwMTAxMDYyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTYwNGIzODk3NGIwZjkzN2Q1YjZkYmE3ODE3NmQyMGY3YjFjNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdyUKpB7j3W1ShLTbT0eFsxsDlCo
a6pA2uHGK5fYe2fsDfFa/thvBGm8D0dX4bEVZHUI6u73uhi2LhiXNlKS9JusOzsU
CDbXFeffqbsnzAFBDpSODbANvRO/Xh3K/tvIw9SbhdPa8Ew2lzNYbdiQ9xhtdqCW
efMicKUTnc6nMYaBgd4nWW8atm/wulRgR3xljai7to14Uf4xZUwENFw3ZBEC72Xy
uuNW/FxPJV0zFzdBit1D/4uhedXq09Dy+vLSNDfZRD4yaABaztg+0926sQs/OZfg
4/Iee5HMiUU+mjNzl5aHMTtpXd5OL6Y2Hkv2WZC0WrZ9tHqUmrwtK2vDUQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCpgSziXSw+TfVttungXbSD3scdGMB8GA1UdIwQY
MBaAFN6OYLsREIfQgD/D/MSvMnqoXAuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM281Z3V4RVFoOUNBUDhQOHhLOHllcWhjQzRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8yYzk4ODMtZjEwOC00ZmVkLWI0MTYt
YTZmNTM0YzMwN2YxLzEvS21CTE9KZExENU45VzIyNmVCZHRJUGV4eDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8yYzk4ODMtZjEwOC00ZmVkLWI0MTYtYTZmNTM0YzMwN2Yx
LzEvM281Z3V4RVFoOUNBUDhQOHhLOHllcWhjQzRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTE4AwQC
uct8MA0EAgACMAcDBQMqCubAMA0GCSqGSIb3DQEBCwUAA4IBAQCxCggd5cZaNHMV
hb9HepZKWxBsOQqTvGUz8yRt3KgRF0+0cnb1/RWbE0lr1ZayspjObQwEHG31mEdF
7S0kmzacRZy5DFvyYntDw7Xa5nFbXVo22kLiyV3uIvohSGlfFFX92MIQ8oXluL6w
iHftPAsPAVFBBpDdY9bNhp6UewaB/eBrrrZq2Cs4IyZdnparDutt0CfzLJq/JR9f
St8Z16caGH5zd3TaZBXTGa1jq0CTa/7qDCbK/MAKL2QvAhN1RyMCEd1Ht5z5wDG1
BKVj0gQvng+JbuhwBiqQClqSniViPhgDNceDkg/QikMeFDNnEHB1Fd3CwRipT/4+
yRvzoFjX
-----END CERTIFICATE-----
Generated at Fri May 10 15:46:30 2024 by rpki-client on console-fra.rpki-client.org