Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/kQiKrZ4CPYno7W0d17hgYHghh9w.roa
File: kQiKrZ4CPYno7W0d17hgYHghh9w.roa (raw, json)
Hash identifier: +YR/MUlS8+m0I2hgbjVsHaU3qqxEJoU4d3Yyij82Gf4=
Subject key identifier: 91:08:8A:AD:9E:02:3D:89:E8:ED:6D:1D:D7:B8:60:60:78:21:87:DC
Certificate issuer: /CN=11ab177e4a4ffeeb9ea1fd35766c3b8a87311de8
Certificate serial: 018E1E9513D35D501B633CA4C22891528EB5
Authority key identifier: 11:AB:17:7E:4A:4F:FE:EB:9E:A1:FD:35:76:6C:3B:8A:87:31:1D:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EasXfkpP_uueof01dmw7iocxHeg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/kQiKrZ4CPYno7W0d17hgYHghh9w.roa
Signing time: Fri 08 Mar 2024 15:01:10 +0000
ROA not before: Fri 08 Mar 2024 15:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209429
IP address blocks: 45.66.72.0/22 maxlen: 22
2a09:6540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/EasXfkpP_uueof01dmw7iocxHeg.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/EasXfkpP_uueof01dmw7iocxHeg.mft
rsync://rpki.ripe.net/repository/DEFAULT/EasXfkpP_uueof01dmw7iocxHeg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1e:95:13:d3:5d:50:1b:63:3c:a4:c2:28:91:52:8e:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11ab177e4a4ffeeb9ea1fd35766c3b8a87311de8
Validity
Not Before: Mar 8 15:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91088aad9e023d89e8ed6d1dd7b86060782187dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8b:01:a8:3f:a1:25:03:a3:12:66:20:72:c3:
0d:64:30:45:5f:d1:4b:22:00:03:fa:66:98:ac:5f:
d2:52:83:47:d3:ea:06:93:f4:07:11:43:63:7f:2b:
d5:1c:8f:8c:a1:d7:4d:bb:b5:69:fa:54:9f:39:ae:
ea:65:2d:e0:2a:30:b2:ae:33:6b:7a:b7:9f:21:29:
78:6b:ba:43:6f:35:e5:a9:57:6f:3e:5e:91:ac:8b:
85:c6:ca:db:35:cd:9f:a4:2c:98:30:6f:39:5b:a8:
78:43:1a:6d:f0:8a:e6:86:b0:5b:20:a9:84:c0:4f:
ff:62:e0:17:9a:79:06:57:5d:e7:14:93:6f:57:07:
d8:80:46:75:77:0d:52:72:3a:05:17:ad:62:cb:27:
a4:69:e7:c1:99:cc:89:d5:85:db:f1:68:28:97:39:
37:8f:60:bf:e6:78:0c:ee:d0:ec:96:dc:3a:36:fd:
aa:49:33:ee:43:0f:12:75:3c:4c:04:99:04:b7:08:
33:87:f2:cf:6a:dd:e0:ee:f4:b5:b8:17:dc:49:34:
98:17:d0:50:ec:f5:6e:96:e4:d5:9e:1b:e7:8e:48:
ef:b5:db:8c:67:44:15:c6:74:fc:cd:f3:7c:a2:6b:
8a:9a:d3:f1:07:23:75:db:99:e9:d8:4e:a6:ad:31:
65:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:08:8A:AD:9E:02:3D:89:E8:ED:6D:1D:D7:B8:60:60:78:21:87:DC
X509v3 Authority Key Identifier:
keyid:11:AB:17:7E:4A:4F:FE:EB:9E:A1:FD:35:76:6C:3B:8A:87:31:1D:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EasXfkpP_uueof01dmw7iocxHeg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/kQiKrZ4CPYno7W0d17hgYHghh9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/EasXfkpP_uueof01dmw7iocxHeg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.72.0/22
IPv6:
2a09:6540::/29
Signature Algorithm: sha256WithRSAEncryption
8d:43:71:a0:1a:a0:e4:4c:bd:b1:64:7f:f7:56:4d:16:fd:7c:
9f:e2:a7:74:bc:e8:c0:a1:f7:c1:a3:20:93:23:59:0f:ef:47:
cf:ca:c8:d8:b6:30:0d:07:28:bb:70:c7:5b:90:04:66:3c:13:
69:53:74:a5:cc:98:af:fb:ce:50:dd:72:ca:cf:fd:76:10:cc:
bd:1c:6d:e2:4e:94:9d:8d:ed:37:6f:e0:cf:2a:63:61:cc:59:
40:14:9d:5f:2e:04:cb:eb:a6:39:e4:c9:e5:90:a7:c5:2b:79:
d2:dc:9e:64:20:50:ca:d2:e0:00:f7:be:26:db:9d:d1:f6:df:
7f:3f:cd:1a:1d:2b:5d:6f:d9:0c:49:3c:35:98:17:8d:5e:12:
eb:4f:73:0d:7f:a0:31:52:7d:75:1a:04:78:12:d1:63:c8:57:
c1:07:24:c7:a3:6e:89:00:91:c1:c7:2c:bf:31:e4:37:20:32:
35:3a:e4:a1:a4:0f:18:fc:d6:f1:f4:02:dd:d2:d2:95:13:9d:
fd:ef:5a:dd:78:18:7c:92:34:41:3b:31:d0:cd:62:00:3c:c5:
b7:4b:1d:ef:1c:2d:47:07:d8:aa:78:8f:54:b9:b1:c3:ea:61:
8d:07:bc:9b:6f:c8:4d:12:49:13:0a:2d:c4:0c:38:bb:71:61:
b4:d6:dd:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY4elRPTXVAbYzykwiiRUo61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYWIxNzdlNGE0ZmZlZWI5ZWExZmQzNTc2NmMzYjhhODcz
MTFkZTgwHhcNMjQwMzA4MTUwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTA4OGFhZDllMDIzZDg5ZThlZDZkMWRkN2I4NjA2MDc4MjE4N2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYsBqD+hJQOjEmYgcsMNZDBFX9FL
IgAD+maYrF/SUoNH0+oGk/QHEUNjfyvVHI+ModdNu7Vp+lSfOa7qZS3gKjCyrjNr
erefISl4a7pDbzXlqVdvPl6RrIuFxsrbNc2fpCyYMG85W6h4Qxpt8IrmhrBbIKmE
wE//YuAXmnkGV13nFJNvVwfYgEZ1dw1ScjoFF61iyyekaefBmcyJ1YXb8Wgolzk3
j2C/5ngM7tDsltw6Nv2qSTPuQw8SdTxMBJkEtwgzh/LPat3g7vS1uBfcSTSYF9BQ
7PVuluTVnhvnjkjvtduMZ0QVxnT8zfN8omuKmtPxByN125np2E6mrTFlFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJEIiq2eAj2J6O1tHde4YGB4IYfcMB8GA1UdIwQY
MBaAFBGrF35KT/7rnqH9NXZsO4qHMR3oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFzWGZrcFBfdXVlb2YwMWRtdzdpb2N4SGVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yMjlkM2QtYzBlYS00ZTExLTk1MDkt
NWViNGE1NWYwMTE5LzEva1FpS3JaNENQWW5vN1cwZDE3aGdZSGdoaDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yMjlkM2QtYzBlYS00ZTExLTk1MDktNWViNGE1NWYwMTE5
LzEvRWFzWGZrcFBfdXVlb2YwMWRtdzdpb2N4SGVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUJIMA0E
AgACMAcDBQMqCWVAMA0GCSqGSIb3DQEBCwUAA4IBAQCNQ3GgGqDkTL2xZH/3Vk0W
/Xyf4qd0vOjAoffBoyCTI1kP70fPysjYtjANByi7cMdbkARmPBNpU3SlzJiv+85Q
3XLKz/12EMy9HG3iTpSdje03b+DPKmNhzFlAFJ1fLgTL66Y55MnlkKfFK3nS3J5k
IFDK0uAA974m253R9t9/P80aHStdb9kMSTw1mBeNXhLrT3MNf6AxUn11GgR4EtFj
yFfBByTHo26JAJHBxyy/MeQ3IDI1OuShpA8Y/Nbx9ALd0tKVE53971rdeBh8kjRB
OzHQzWIAPMW3Sx3vHC1HB9iqeI9UubHD6mGNB7ybb8hNEkkTCi3EDDi7cWG01t0k
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:35 2024 by rpki-client on console-fra.rpki-client.org