Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/4a3d8a-529d-4d91-9f25-2254bc2ca6c0/1/KgyFNC7NtSDcpU6bxF1Knxln2xY.roa
File: KgyFNC7NtSDcpU6bxF1Knxln2xY.roa (raw, json)
Hash identifier: yMgMF1E+HdZWhT3pUnMdaXdT2DodPPKJ0/39MvqCJYY=
Subject key identifier: 2A:0C:85:34:2E:CD:B5:20:DC:A5:4E:9B:C4:5D:4A:9F:19:67:DB:16
Certificate issuer: /CN=d7805e1cffc1392e7d1768f8f0554a1c7f6344ad
Certificate serial: 018CC9BC62C111EAA8CA5D51076F612B101E
Authority key identifier: D7:80:5E:1C:FF:C1:39:2E:7D:17:68:F8:F0:55:4A:1C:7F:63:44:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/14BeHP_BOS59F2j48FVKHH9jRK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/4a3d8a-529d-4d91-9f25-2254bc2ca6c0/1/KgyFNC7NtSDcpU6bxF1Knxln2xY.roa
Signing time: Tue 02 Jan 2024 10:33:35 +0000
ROA not before: Tue 02 Jan 2024 10:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44484
IP address blocks: 91.201.228.0/24 maxlen: 24
91.201.228.0/22 maxlen: 22
91.201.229.0/24 maxlen: 24
91.201.230.0/24 maxlen: 24
91.201.231.0/24 maxlen: 24
176.117.192.0/21 maxlen: 21
176.117.192.0/19 maxlen: 19
176.117.204.0/24 maxlen: 24
176.117.205.0/24 maxlen: 24
176.117.210.0/24 maxlen: 24
176.117.211.0/24 maxlen: 24
176.117.212.0/24 maxlen: 24
176.117.213.0/24 maxlen: 24
176.117.207.0/24 maxlen: 24
176.117.208.0/24 maxlen: 24
176.117.209.0/24 maxlen: 24
176.117.214.0/24 maxlen: 24
176.117.215.0/24 maxlen: 24
176.117.216.0/24 maxlen: 24
176.117.217.0/24 maxlen: 24
176.117.218.0/24 maxlen: 24
176.117.219.0/24 maxlen: 24
176.117.221.0/24 maxlen: 24
176.117.222.0/24 maxlen: 24
176.117.223.0/24 maxlen: 24
176.117.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/4a3d8a-529d-4d91-9f25-2254bc2ca6c0/1/14BeHP_BOS59F2j48FVKHH9jRK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/4a3d8a-529d-4d91-9f25-2254bc2ca6c0/1/14BeHP_BOS59F2j48FVKHH9jRK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/14BeHP_BOS59F2j48FVKHH9jRK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:62:c1:11:ea:a8:ca:5d:51:07:6f:61:2b:10:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7805e1cffc1392e7d1768f8f0554a1c7f6344ad
Validity
Not Before: Jan 2 10:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a0c85342ecdb520dca54e9bc45d4a9f1967db16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8a:f9:4f:22:36:5b:0d:b4:89:a8:d9:29:57:
6d:7f:fb:eb:52:76:ee:0a:12:ef:12:f0:ee:f2:c6:
02:46:fa:e2:85:43:e3:a4:f1:1f:de:b3:b8:8b:eb:
43:de:26:d7:87:9d:47:a9:41:a7:a2:06:9e:64:49:
1e:5c:70:2d:d4:a0:50:9f:09:92:83:b5:01:1f:71:
43:fc:0a:f3:06:e8:96:8c:56:ac:db:0d:e8:c5:e7:
cd:8e:b2:99:36:ce:b2:a1:3b:6f:8b:1b:e7:3e:45:
b7:6a:ae:98:7b:dd:57:4a:f9:c6:16:63:23:0b:99:
00:cb:53:98:47:21:8a:53:16:dc:3a:f3:e5:ac:6d:
32:b9:0b:57:ec:f5:99:5c:de:ae:85:52:65:11:d8:
3a:c8:e6:6f:e2:9d:6d:37:38:45:4b:cb:70:50:0b:
31:dc:76:fb:1f:b6:0b:34:6f:3b:3d:e5:5b:06:b4:
56:14:0c:5b:6f:fb:88:51:25:cd:46:f0:90:39:4b:
5e:09:da:d5:fc:7c:d9:16:5f:0e:d3:43:ee:32:9c:
71:5a:42:df:87:9c:4c:1c:89:e6:94:1a:2c:e0:f2:
b2:11:68:38:5b:d1:96:bf:ce:63:5c:74:43:dc:32:
b0:ca:8c:1b:fd:64:a0:ff:41:69:62:6a:71:93:8e:
3b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0C:85:34:2E:CD:B5:20:DC:A5:4E:9B:C4:5D:4A:9F:19:67:DB:16
X509v3 Authority Key Identifier:
keyid:D7:80:5E:1C:FF:C1:39:2E:7D:17:68:F8:F0:55:4A:1C:7F:63:44:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/14BeHP_BOS59F2j48FVKHH9jRK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4a3d8a-529d-4d91-9f25-2254bc2ca6c0/1/KgyFNC7NtSDcpU6bxF1Knxln2xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4a3d8a-529d-4d91-9f25-2254bc2ca6c0/1/14BeHP_BOS59F2j48FVKHH9jRK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.228.0/22
176.117.192.0/19
Signature Algorithm: sha256WithRSAEncryption
68:4a:93:cc:37:fc:d9:1b:44:ec:30:da:69:97:95:e5:e0:83:
c8:eb:fb:d8:fd:64:d9:ec:c0:6f:17:d7:c3:7f:e4:79:f6:52:
29:db:08:c9:9f:e2:9f:2c:23:d7:a3:81:0b:3c:74:d4:c6:50:
7c:66:eb:79:68:34:0a:bd:fd:a8:d4:1d:81:c2:fb:9d:e8:be:
9a:60:19:9f:0c:3a:4e:f9:08:e3:99:2c:26:14:4d:88:0e:5d:
ec:7f:9a:f1:96:14:79:8d:c6:3e:35:bf:0f:b1:f7:54:66:fc:
50:92:58:b9:48:e5:91:f7:af:36:33:50:17:ec:b3:9e:8c:4f:
f9:94:89:a0:7e:4c:0c:ec:21:58:4b:4e:33:b1:46:e5:95:02:
9c:54:64:cb:e6:84:ab:9d:be:e4:fd:6d:79:76:1a:f5:5b:c9:
2c:4d:b1:61:65:44:c4:a5:f6:a3:af:95:92:bc:75:46:8b:25:
e2:79:72:3f:9d:3c:6f:ad:6c:fe:4e:1a:8b:0d:a5:bd:bb:7b:
f5:68:b2:34:b1:66:cc:79:14:ee:c0:ff:b1:ef:4a:d0:94:cd:
d6:f9:77:4d:d2:c3:b0:97:ac:de:6d:1b:ac:c7:b3:9c:0b:be:
af:92:70:a1:b3:62:05:bf:ab:29:68:d4:dc:8f:f9:f8:c6:cd:
4a:00:b4:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvGLBEeqoyl1RB29hKxAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ODA1ZTFjZmZjMTM5MmU3ZDE3NjhmOGYwNTU0YTFjN2Y2
MzQ0YWQwHhcNMjQwMTAyMTAzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBjODUzNDJlY2RiNTIwZGNhNTRlOWJjNDVkNGE5ZjE5NjdkYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4r5TyI2Ww20iajZKVdtf/vrUnbu
ChLvEvDu8sYCRvrihUPjpPEf3rO4i+tD3ibXh51HqUGnogaeZEkeXHAt1KBQnwmS
g7UBH3FD/ArzBuiWjFas2w3oxefNjrKZNs6yoTtvixvnPkW3aq6Ye91XSvnGFmMj
C5kAy1OYRyGKUxbcOvPlrG0yuQtX7PWZXN6uhVJlEdg6yOZv4p1tNzhFS8twUAsx
3Hb7H7YLNG87PeVbBrRWFAxbb/uIUSXNRvCQOUteCdrV/HzZFl8O00PuMpxxWkLf
h5xMHInmlBos4PKyEWg4W9GWv85jXHRD3DKwyowb/WSg/0FpYmpxk4477wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCoMhTQuzbUg3KVOm8RdSp8ZZ9sWMB8GA1UdIwQY
MBaAFNeAXhz/wTkufRdo+PBVShx/Y0StMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTRCZUhQX0JPUzU5RjJqNDhGVktISDlqUkswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80YTNkOGEtNTI5ZC00ZDkxLTlmMjUt
MjI1NGJjMmNhNmMwLzEvS2d5Rk5DN050U0RjcFU2YnhGMUtueGxuMnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80YTNkOGEtNTI5ZC00ZDkxLTlmMjUtMjI1NGJjMmNhNmMw
LzEvMTRCZUhQX0JPUzU5RjJqNDhGVktISDlqUkswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8nkAwQF
sHXAMA0GCSqGSIb3DQEBCwUAA4IBAQBoSpPMN/zZG0TsMNppl5Xl4IPI6/vY/WTZ
7MBvF9fDf+R59lIp2wjJn+KfLCPXo4ELPHTUxlB8Zut5aDQKvf2o1B2Bwvud6L6a
YBmfDDpO+QjjmSwmFE2IDl3sf5rxlhR5jcY+Nb8PsfdUZvxQkli5SOWR9682M1AX
7LOejE/5lImgfkwM7CFYS04zsUbllQKcVGTL5oSrnb7k/W15dhr1W8ksTbFhZUTE
pfajr5WSvHVGiyXieXI/nTxvrWz+ThqLDaW9u3v1aLI0sWbMeRTuwP+x70rQlM3W
+XdN0sOwl6zebRusx7OcC76vknChs2IFv6spaNTcj/n4xs1KALSh
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:52:44 2024 by rpki-client on console-fra.rpki-client.org