Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Kg3SmAND62QL3-SDQn-IRWTqb5U.roa
File: Kg3SmAND62QL3-SDQn-IRWTqb5U.roa (raw, json)
Hash identifier: e+aNLlkluG412rP8rKU5tgRjVlTnT3Y7a6yQ2b8GkaI=
Subject key identifier: 2A:0D:D2:98:03:43:EB:64:0B:DF:E4:83:42:7F:88:45:64:EA:6F:95
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019420D6591AD3BD8F8DB18EC2E0CD5D2040
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Kg3SmAND62QL3-SDQn-IRWTqb5U.roa
Signing time: Wed 01 Jan 2025 07:48:25 +0000
ROA not before: Wed 01 Jan 2025 07:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46475
IP address blocks: 77.223.214.0/23 maxlen: 24
77.223.214.0/24 maxlen: 24
77.223.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 02:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:59:1a:d3:bd:8f:8d:b1:8e:c2:e0:cd:5d:20:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 1 07:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a0dd2980343eb640bdfe483427f884564ea6f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:66:e8:fb:46:9d:c8:a6:1d:70:08:28:e0:de:
78:fa:61:98:f1:a1:b3:70:81:17:a4:1b:d8:69:c1:
e4:c9:5b:1b:50:4b:42:18:50:a6:21:c3:9b:d8:22:
08:c4:0c:4b:c1:0c:5b:6b:e1:bf:0d:c5:32:27:e4:
5a:d3:55:43:7f:cf:82:13:2c:5b:64:49:49:22:f4:
0e:72:b2:d4:21:52:67:48:e9:be:06:74:99:fc:30:
c4:14:59:8f:c6:3c:e4:23:29:fc:70:ec:7e:b9:dd:
ab:f1:7d:40:32:28:a2:de:eb:3c:56:df:67:a4:52:
73:87:7a:92:20:21:fa:48:02:c7:83:98:e1:a0:9e:
a2:d1:b2:2b:27:8b:43:75:da:2e:33:18:62:f9:32:
89:72:c0:f7:a3:92:1b:44:a0:b6:38:e4:45:5f:c3:
4a:8b:ce:ae:9a:5a:12:2f:91:b1:04:03:d5:34:6e:
7e:00:5a:aa:65:b9:14:1f:ab:3d:72:47:34:6c:88:
b1:ce:af:32:f6:93:db:2f:9e:23:74:b8:ca:ef:c3:
ad:73:9b:a3:80:62:5d:d8:95:a7:e4:27:51:b5:92:
00:f5:d8:11:97:33:6b:97:0a:8a:00:09:5a:40:e2:
ba:80:72:33:a5:21:6e:8f:f6:8c:cf:01:82:b3:74:
51:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0D:D2:98:03:43:EB:64:0B:DF:E4:83:42:7F:88:45:64:EA:6F:95
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Kg3SmAND62QL3-SDQn-IRWTqb5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.214.0/23
Signature Algorithm: sha256WithRSAEncryption
17:13:ee:c2:37:7f:ad:12:62:a8:4a:54:94:9e:6c:e2:1f:e8:
5e:55:3a:b6:e5:5d:47:9b:c0:66:92:ea:7f:d7:c1:78:4e:7a:
6d:d7:ff:17:e8:a4:86:4d:f5:4b:0d:55:f1:fc:75:3a:40:b0:
ba:29:06:25:56:3e:7b:ee:08:d4:94:77:f6:c0:6c:44:ca:5e:
4c:96:c2:79:b5:bd:a8:83:c2:bb:81:5b:5c:34:ad:d8:79:7e:
33:74:c8:6b:99:c8:cb:53:2f:1b:58:2c:d2:3e:00:bd:8f:f7:
8a:43:03:8d:6e:c1:05:19:dc:a9:9c:88:09:22:69:bb:bb:30:
e2:f3:e3:3c:b4:eb:f0:68:ad:1d:26:c2:27:74:1c:d0:31:c2:
e0:10:73:7b:dd:46:1e:89:09:28:90:f6:de:41:31:ec:1b:c3:
eb:fb:4d:86:59:e0:df:ba:6b:2d:70:09:e8:b1:be:c2:fa:e3:
13:08:f1:cc:4a:fe:6a:b0:41:22:db:ec:e6:85:a8:66:d2:0b:
c3:4c:64:97:c0:29:aa:bf:b1:b8:79:b5:19:eb:d0:ae:10:b5:
53:e6:6f:fd:45:38:9e:d8:9f:23:1b:ed:94:8c:b4:05:53:e1:
01:a7:2c:73:8a:cf:52:58:fc:0e:25:ea:a8:bd:2c:b5:63:17:
81:dc:96:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1lka072PjbGOwuDNXSBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMTAxMDc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBkZDI5ODAzNDNlYjY0MGJkZmU0ODM0MjdmODg0NTY0ZWE2Zjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Wbo+0adyKYdcAgo4N54+mGY8aGz
cIEXpBvYacHkyVsbUEtCGFCmIcOb2CIIxAxLwQxba+G/DcUyJ+Ra01VDf8+CEyxb
ZElJIvQOcrLUIVJnSOm+BnSZ/DDEFFmPxjzkIyn8cOx+ud2r8X1AMiii3us8Vt9n
pFJzh3qSICH6SALHg5jhoJ6i0bIrJ4tDddouMxhi+TKJcsD3o5IbRKC2OORFX8NK
i86umloSL5GxBAPVNG5+AFqqZbkUH6s9ckc0bIixzq8y9pPbL54jdLjK78Otc5uj
gGJd2JWn5CdRtZIA9dgRlzNrlwqKAAlaQOK6gHIzpSFuj/aMzwGCs3RR0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoN0pgDQ+tkC9/kg0J/iEVk6m+VMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvS2czU21BTkQ2MlFMMy1TRFFuLUlSV1RxYjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTd/WMA0G
CSqGSIb3DQEBCwUAA4IBAQAXE+7CN3+tEmKoSlSUnmziH+heVTq25V1Hm8Bmkup/
18F4Tnpt1/8X6KSGTfVLDVXx/HU6QLC6KQYlVj577gjUlHf2wGxEyl5MlsJ5tb2o
g8K7gVtcNK3YeX4zdMhrmcjLUy8bWCzSPgC9j/eKQwONbsEFGdypnIgJImm7uzDi
8+M8tOvwaK0dJsIndBzQMcLgEHN73UYeiQkokPbeQTHsG8Pr+02GWeDfumstcAno
sb7C+uMTCPHMSv5qsEEi2+zmhahm0gvDTGSXwCmqv7G4ebUZ69CuELVT5m/9RTie
2J8jG+2UjLQFU+EBpyxzis9SWPwOJeqovSy1YxeB3JZg
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:57:25 2025 by rpki-client