Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/kPq5mHyAwtRZgkVRIU2ztGZn3DU.roa
File: kPq5mHyAwtRZgkVRIU2ztGZn3DU.roa (raw, json)
Hash identifier: 3Uj8/Yiw4HIPOzjr6m5kOfTZ0UdyB58yW1QjoqA3oRY=
Subject key identifier: 90:FA:B9:98:7C:80:C2:D4:59:82:45:51:21:4D:B3:B4:66:67:DC:35
Certificate issuer: /CN=36fe3a91263e2e8319c2a678e629851d09e77f0d
Certificate serial: 018CC424E8EBE5698A667B67569EFA541A40
Authority key identifier: 36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/kPq5mHyAwtRZgkVRIU2ztGZn3DU.roa
Signing time: Mon 01 Jan 2024 08:30:02 +0000
ROA not before: Mon 01 Jan 2024 08:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199319
IP address blocks: 185.228.140.0/22 maxlen: 22
185.38.224.0/22 maxlen: 22
2a00:fb20:8000::/33 maxlen: 33
2a00:fb20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:e8:eb:e5:69:8a:66:7b:67:56:9e:fa:54:1a:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36fe3a91263e2e8319c2a678e629851d09e77f0d
Validity
Not Before: Jan 1 08:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90fab9987c80c2d459824551214db3b46667dc35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:12:de:91:9d:a2:73:9e:2f:6a:f3:b0:f1:89:
8c:79:33:b1:82:8f:f4:48:dd:69:79:32:10:61:99:
da:19:7e:21:9a:83:cf:a6:65:35:4f:e1:1a:91:cf:
ee:41:ba:42:32:02:cd:aa:35:ca:64:f1:94:90:62:
48:c4:24:9f:8a:d7:34:71:65:8b:84:a4:59:cc:6d:
74:86:b5:a9:21:8a:ca:f2:f8:ac:36:63:a5:d6:72:
ea:3b:20:a7:a3:80:93:b6:21:c1:6f:9d:b8:13:ee:
5c:73:45:5e:b3:0e:1b:23:b5:b0:a4:66:78:58:2b:
a3:a9:14:8f:88:fd:9c:e9:f1:b7:76:aa:5d:b6:a2:
cf:22:67:13:84:4f:52:18:0f:43:f2:9d:a9:46:50:
02:8a:89:ff:ec:fe:03:cd:7d:bb:9d:47:08:8e:57:
20:47:95:bc:a8:ab:59:d9:dc:f4:f1:e9:a2:e4:e4:
38:22:7e:81:60:89:e6:e8:40:da:0a:29:51:c5:c3:
78:03:56:21:68:dc:18:11:af:09:3a:80:60:b8:07:
de:bf:89:ab:74:c4:bf:35:b3:19:41:84:7f:c8:da:
32:30:aa:0d:24:04:ee:92:15:fe:94:68:07:7e:54:
7f:bc:b3:38:3b:42:67:d5:82:0b:b1:16:f6:71:a3:
66:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FA:B9:98:7C:80:C2:D4:59:82:45:51:21:4D:B3:B4:66:67:DC:35
X509v3 Authority Key Identifier:
keyid:36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/kPq5mHyAwtRZgkVRIU2ztGZn3DU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.224.0/22
185.228.140.0/22
IPv6:
2a00:fb20::/32
Signature Algorithm: sha256WithRSAEncryption
1a:57:16:cd:4a:a7:cd:14:ef:b3:a6:31:f5:fb:90:ad:6c:2c:
84:ca:fa:8b:9e:a6:a4:4c:91:e1:de:43:9b:ca:66:65:4a:02:
ca:1e:fa:43:63:44:7f:7e:33:04:b4:1b:56:7d:58:9c:2a:32:
af:dd:90:5f:be:77:9e:85:1c:14:c1:43:be:8d:41:c0:7b:4f:
97:07:81:95:dd:24:87:a5:58:9a:d8:82:bd:e9:05:6b:ac:74:
0d:db:5d:7a:44:94:5f:5f:53:b8:65:b3:db:64:b0:6e:2c:4b:
6d:51:3a:9b:54:ef:ce:4e:24:cf:cc:ac:41:90:93:01:86:cd:
d3:e3:aa:a1:14:22:f7:90:1c:3f:5f:4f:89:50:b5:7b:91:39:
e8:5c:ad:84:5c:c0:96:04:cb:fd:72:b7:ae:cc:b4:27:33:44:
e8:8f:fa:c7:22:8f:12:d3:65:6a:3a:b8:0f:f4:2c:c3:db:3c:
97:58:70:e8:11:1f:40:60:dd:b3:61:16:6b:3c:b6:8a:b2:18:
9e:f7:ba:20:ca:13:f8:b9:de:82:d7:5b:3f:ac:49:e3:0d:0c:
59:32:f7:45:67:b5:d0:9e:bf:a5:91:e3:0e:ad:48:bb:d0:96:
13:55:8e:5f:64:88:ec:42:c7:10:55:00:f4:02:11:6a:33:10:
ef:9a:1e:71
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEJOjr5WmKZntnVp76VBpAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZmUzYTkxMjYzZTJlODMxOWMyYTY3OGU2Mjk4NTFkMDll
NzdmMGQwHhcNMjQwMTAxMDgzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGZhYjk5ODdjODBjMmQ0NTk4MjQ1NTEyMTRkYjNiNDY2NjdkYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRLekZ2ic54vavOw8YmMeTOxgo/0
SN1peTIQYZnaGX4hmoPPpmU1T+Eakc/uQbpCMgLNqjXKZPGUkGJIxCSfitc0cWWL
hKRZzG10hrWpIYrK8visNmOl1nLqOyCno4CTtiHBb524E+5cc0Vesw4bI7WwpGZ4
WCujqRSPiP2c6fG3dqpdtqLPImcThE9SGA9D8p2pRlACion/7P4DzX27nUcIjlcg
R5W8qKtZ2dz08emi5OQ4In6BYInm6EDaCilRxcN4A1YhaNwYEa8JOoBguAfev4mr
dMS/NbMZQYR/yNoyMKoNJATukhX+lGgHflR/vLM4O0Jn1YILsRb2caNmpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJD6uZh8gMLUWYJFUSFNs7RmZ9w1MB8GA1UdIwQY
MBaAFDb+OpEmPi6DGcKmeOYphR0J538NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYt
ZmEzZTA5MDFmMjQwLzEva1BxNW1IeUF3dFJaZ2tWUklVMnp0R1puM0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYtZmEzZTA5MDFmMjQw
LzEvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSbgAwQC
ueSMMA0EAgACMAcDBQAqAPsgMA0GCSqGSIb3DQEBCwUAA4IBAQAaVxbNSqfNFO+z
pjH1+5CtbCyEyvqLnqakTJHh3kObymZlSgLKHvpDY0R/fjMEtBtWfVicKjKv3ZBf
vneehRwUwUO+jUHAe0+XB4GV3SSHpVia2IK96QVrrHQN2116RJRfX1O4ZbPbZLBu
LEttUTqbVO/OTiTPzKxBkJMBhs3T46qhFCL3kBw/X0+JULV7kTnoXK2EXMCWBMv9
creuzLQnM0Toj/rHIo8S02VqOrgP9CzD2zyXWHDoER9AYN2zYRZrPLaKshie97og
yhP4ud6C11s/rEnjDQxZMvdFZ7XQnr+lkeMOrUi70JYTVY5fZIjsQscQVQD0AhFq
MxDvmh5x
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:10:58 2024 by rpki-client on console-ams.rpki-client.org