Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/K_3IVe5L0tXIV163oDqL8Y3B5hI.roa
File: K_3IVe5L0tXIV163oDqL8Y3B5hI.roa (raw, json)
Hash identifier: CPaqOfLgWpKs9U+riNxntjiUGDTOMlckxg1No45/fvo=
Subject key identifier: 2B:FD:C8:55:EE:4B:D2:D5:C8:57:5E:B7:A0:3A:8B:F1:8D:C1:E6:12
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018CC802C9B8C67ECA6657C186F2A7A2D443
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/K_3IVe5L0tXIV163oDqL8Y3B5hI.roa
Signing time: Tue 02 Jan 2024 02:31:15 +0000
ROA not before: Tue 02 Jan 2024 02:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48874
IP address blocks: 85.204.116.0/24 maxlen: 24
89.40.73.0/24 maxlen: 24
86.104.194.0/24 maxlen: 24
86.104.10.0/24 maxlen: 24
89.32.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:c9:b8:c6:7e:ca:66:57:c1:86:f2:a7:a2:d4:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 2 02:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bfdc855ee4bd2d5c8575eb7a03a8bf18dc1e612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3d:40:77:12:38:7e:15:4a:8a:57:fc:03:9d:
e6:71:29:4c:c3:04:d2:7c:0a:0e:f5:0f:3a:b4:11:
6b:18:0c:92:a9:cd:d2:58:15:70:31:59:9b:4c:29:
29:5b:13:e1:bb:57:05:8d:83:73:3a:78:54:43:2b:
e5:46:58:2f:29:c9:d2:fa:70:e8:04:d0:93:65:c1:
ac:14:47:62:84:43:e2:bf:9e:a5:8f:e1:97:6c:ff:
9e:15:cc:c3:19:f7:9f:21:01:88:d2:db:a8:10:1e:
93:df:19:0f:b9:a1:d9:59:bc:f6:df:d3:16:87:17:
fb:bd:a7:87:fc:82:52:b7:ac:ae:40:9b:07:44:eb:
81:00:ca:c6:a9:20:a5:77:7b:78:15:d6:10:c4:10:
94:42:66:37:83:9e:19:28:cb:a2:f8:b9:de:e2:64:
16:d1:f2:40:e3:a6:79:5a:8b:d4:f7:66:7a:76:31:
0f:ab:71:9f:c0:6f:5c:5e:ac:ba:96:8b:60:82:43:
fc:61:2b:80:a5:20:5a:0e:a6:a1:21:f6:18:4c:22:
54:bb:98:74:16:d9:b7:6b:34:88:7d:d1:49:95:c8:
9d:65:f0:70:7e:ec:42:12:b3:bb:8b:97:d0:77:97:
dc:cb:26:2d:bf:16:a6:89:50:a2:2f:ef:3b:3f:9d:
34:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FD:C8:55:EE:4B:D2:D5:C8:57:5E:B7:A0:3A:8B:F1:8D:C1:E6:12
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/K_3IVe5L0tXIV163oDqL8Y3B5hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.116.0/24
86.104.10.0/24
86.104.194.0/24
89.32.41.0/24
89.40.73.0/24
Signature Algorithm: sha256WithRSAEncryption
35:36:41:5a:10:6a:bc:32:b7:ba:84:bb:4a:6a:c8:f8:8e:2a:
53:f2:9d:1f:9f:9c:2a:be:63:e4:f0:13:c8:dd:ec:7c:b9:2a:
42:d4:bf:39:7e:18:89:ed:50:4f:0f:58:0c:50:dc:f3:80:21:
ea:00:81:ee:fc:74:59:23:90:27:28:78:34:7d:ec:63:a2:51:
8d:fc:52:1a:79:89:48:38:17:28:0e:7d:87:de:b7:f4:15:54:
c2:f5:6a:09:e4:71:0e:aa:14:24:77:b2:95:c3:b0:18:83:70:
24:a8:33:fd:12:36:93:f4:c3:4b:08:67:de:bd:58:9e:07:b1:
0d:f1:28:0b:39:07:e0:4c:3e:b8:42:a7:53:76:43:e1:af:73:
f7:0b:40:a8:c7:98:0e:95:67:f7:1b:07:e7:16:7a:44:86:77:
60:4f:4e:10:0c:48:75:1f:60:f8:58:1e:c7:a7:2c:da:d2:4c:
bc:67:f7:e6:e6:20:9e:05:1c:d1:0a:48:1d:cd:78:84:6c:41:
07:ae:e3:90:84:64:e3:db:11:9a:ec:ce:f3:1d:d0:97:3e:29:
34:a9:18:89:ed:65:0a:82:f3:47:65:67:88:ab:02:04:e0:ae:
3d:8d:5a:d9:45:0b:ec:29:e3:3e:90:a7:41:26:7b:c3:14:e7:
f0:74:3a:a3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIAsm4xn7KZlfBhvKnotRDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmZkYzg1NWVlNGJkMmQ1Yzg1NzVlYjdhMDNhOGJmMThkYzFlNjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz1AdxI4fhVKilf8A53mcSlMwwTS
fAoO9Q86tBFrGAySqc3SWBVwMVmbTCkpWxPhu1cFjYNzOnhUQyvlRlgvKcnS+nDo
BNCTZcGsFEdihEPiv56lj+GXbP+eFczDGfefIQGI0tuoEB6T3xkPuaHZWbz239MW
hxf7vaeH/IJSt6yuQJsHROuBAMrGqSCld3t4FdYQxBCUQmY3g54ZKMui+Lne4mQW
0fJA46Z5WovU92Z6djEPq3GfwG9cXqy6lotggkP8YSuApSBaDqahIfYYTCJUu5h0
Ftm3azSIfdFJlcidZfBwfuxCErO7i5fQd5fcyyYtvxamiVCiL+87P500vwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCv9yFXuS9LVyFdet6A6i/GNweYSMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvS18zSVZlNUwwdFhJVjE2M29EcUw4WTNCNWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVcx0AwQA
VmgKAwQAVmjCAwQAWSApAwQAWShJMA0GCSqGSIb3DQEBCwUAA4IBAQA1NkFaEGq8
Mre6hLtKasj4jipT8p0fn5wqvmPk8BPI3ex8uSpC1L85fhiJ7VBPD1gMUNzzgCHq
AIHu/HRZI5AnKHg0fexjolGN/FIaeYlIOBcoDn2H3rf0FVTC9WoJ5HEOqhQkd7KV
w7AYg3AkqDP9EjaT9MNLCGfevVieB7EN8SgLOQfgTD64QqdTdkPhr3P3C0Cox5gO
lWf3GwfnFnpEhndgT04QDEh1H2D4WB7Hpyza0ky8Z/fm5iCeBRzRCkgdzXiEbEEH
ruOQhGTj2xGa7M7zHdCXPik0qRiJ7WUKgvNHZWeIqwIE4K49jVrZRQvsKeM+kKdB
JnvDFOfwdDqj
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:29 2024 by rpki-client on console-ams.rpki-client.org