Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/km3qblrC6UOPGcyZiw6FaB6oRWQ.roa
File: km3qblrC6UOPGcyZiw6FaB6oRWQ.roa (raw, json)
Hash identifier: HIVHw+Nm+1/jyf7rnHCyN8y6xriOD7ZiXi+qwCCTE58=
Subject key identifier: 92:6D:EA:6E:5A:C2:E9:43:8F:19:CC:99:8B:0E:85:68:1E:A8:45:64
Certificate issuer: /CN=e0a0106cd2857ef13234867cb7f16a23a93faa93
Certificate serial: 018CC86FE185194A4F169F08BA7558F3292C
Authority key identifier: E0:A0:10:6C:D2:85:7E:F1:32:34:86:7C:B7:F1:6A:23:A9:3F:AA:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/km3qblrC6UOPGcyZiw6FaB6oRWQ.roa
Signing time: Tue 02 Jan 2024 04:30:24 +0000
ROA not before: Tue 02 Jan 2024 04:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48885
IP address blocks: 37.252.128.0/24 maxlen: 24
37.252.128.0/19 maxlen: 19
217.146.51.0/24 maxlen: 24
217.146.50.0/24 maxlen: 24
217.146.49.0/24 maxlen: 24
217.146.48.0/24 maxlen: 24
217.146.48.0/20 maxlen: 24
217.146.52.0/24 maxlen: 24
217.146.63.0/24 maxlen: 24
2a00:dbc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 13:02:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:e1:85:19:4a:4f:16:9f:08:ba:75:58:f3:29:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0a0106cd2857ef13234867cb7f16a23a93faa93
Validity
Not Before: Jan 2 04:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=926dea6e5ac2e9438f19cc998b0e85681ea84564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c4:4b:09:61:2f:99:c0:f8:ae:7e:46:b7:bb:
54:43:0f:e4:6c:9f:f4:cf:a8:49:a2:a3:37:4f:6a:
c2:d0:33:67:52:70:96:eb:e3:97:fe:bd:ca:f2:08:
e0:a8:bc:7a:cf:00:58:8a:7f:f1:c2:02:0c:46:23:
ee:4b:24:83:6c:15:fe:9b:3c:56:86:49:dd:02:e8:
40:e9:d7:62:e9:a3:8a:82:2d:2a:1a:e5:79:6f:46:
2f:39:74:a0:fb:4d:cb:c2:fc:01:a3:97:ca:ef:a3:
ff:d3:0a:f1:69:30:22:1d:f8:f0:1c:d2:88:ef:2d:
e7:87:8b:39:8d:69:25:97:b9:c0:6a:6c:8e:13:a7:
04:60:cb:ba:42:60:40:95:9f:00:f9:83:a9:02:ac:
c3:50:d2:e7:81:27:dc:43:5a:0e:24:1a:8c:fa:24:
e8:5f:c6:ac:f6:1f:6e:ab:fe:19:c7:02:22:9f:5b:
ec:51:36:3f:34:3c:a3:44:3e:f9:41:39:b4:ae:4b:
7e:92:f2:d7:1d:23:a5:fd:4e:24:a2:68:db:ab:1f:
55:99:5a:24:c4:3c:3c:90:c3:65:9a:a0:aa:09:66:
37:b3:e0:fd:4a:b8:fd:8f:c1:79:0c:f4:14:58:89:
7a:2a:d5:07:d8:77:ce:83:12:1e:05:54:fa:70:b0:
f2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:6D:EA:6E:5A:C2:E9:43:8F:19:CC:99:8B:0E:85:68:1E:A8:45:64
X509v3 Authority Key Identifier:
keyid:E0:A0:10:6C:D2:85:7E:F1:32:34:86:7C:B7:F1:6A:23:A9:3F:AA:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/km3qblrC6UOPGcyZiw6FaB6oRWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.128.0/19
217.146.48.0/20
IPv6:
2a00:dbc0::/32
Signature Algorithm: sha256WithRSAEncryption
1a:07:57:52:94:67:cc:90:08:8d:5b:e9:ad:52:18:21:ec:c6:
08:23:3a:3c:04:fe:58:d6:dc:93:fd:46:ef:91:af:b4:d7:91:
99:89:12:81:3d:a5:0e:f2:ee:68:56:76:41:49:81:15:f4:33:
ab:64:4e:0b:a3:16:df:06:8f:a0:7f:b8:be:40:64:47:6b:27:
c2:c7:d6:17:d5:52:16:e3:67:ec:a7:3e:78:73:20:93:8b:90:
52:b5:b2:f7:5e:01:ac:65:4e:81:08:ea:1b:57:60:d8:da:1e:
ac:00:40:f7:1b:58:5f:1e:7e:2d:42:08:71:ba:10:13:66:3f:
33:78:4b:82:f3:ed:98:43:5e:31:a4:e4:f5:46:76:a8:e4:49:
58:fe:76:1f:94:d9:95:49:ce:9a:60:c9:d0:1b:31:96:cb:9b:
4e:61:50:68:f5:dd:5c:53:54:cf:33:f9:e4:7b:69:53:95:3d:
da:af:32:8e:18:b6:6e:ba:01:19:a9:7b:00:f6:12:80:dd:5c:
66:d2:e5:69:05:e7:4b:80:7e:cf:0b:27:7e:07:77:f3:94:68:
1a:83:7a:a5:9a:6a:4b:e4:b7:e9:14:e9:a2:89:9f:6d:85:5e:
1f:dc:00:65:f1:5b:bd:94:f1:c6:7f:1f:ef:ad:62:3e:ef:98:
c8:82:2f:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIb+GFGUpPFp8IunVY8yksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYTAxMDZjZDI4NTdlZjEzMjM0ODY3Y2I3ZjE2YTIzYTkz
ZmFhOTMwHhcNMjQwMTAyMDQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjZkZWE2ZTVhYzJlOTQzOGYxOWNjOTk4YjBlODU2ODFlYTg0NTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcRLCWEvmcD4rn5Gt7tUQw/kbJ/0
z6hJoqM3T2rC0DNnUnCW6+OX/r3K8gjgqLx6zwBYin/xwgIMRiPuSySDbBX+mzxW
hkndAuhA6ddi6aOKgi0qGuV5b0YvOXSg+03LwvwBo5fK76P/0wrxaTAiHfjwHNKI
7y3nh4s5jWkll7nAamyOE6cEYMu6QmBAlZ8A+YOpAqzDUNLngSfcQ1oOJBqM+iTo
X8as9h9uq/4ZxwIin1vsUTY/NDyjRD75QTm0rkt+kvLXHSOl/U4komjbqx9VmVok
xDw8kMNlmqCqCWY3s+D9Srj9j8F5DPQUWIl6KtUH2HfOgxIeBVT6cLDyxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJJt6m5awulDjxnMmYsOhWgeqEVkMB8GA1UdIwQY
MBaAFOCgEGzShX7xMjSGfLfxaiOpP6qTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtBUWJOS0ZmdkV5TklaOHRfRnFJNmtfcXBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi80NmYxNDctMTczZi00MjYwLWFhN2It
M2E2YmY4OTBhMDFkLzEva20zcWJsckM2VU9QR2N5Wml3NkZhQjZvUldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi80NmYxNDctMTczZi00MjYwLWFhN2ItM2E2YmY4OTBhMDFk
LzEvNEtBUWJOS0ZmdkV5TklaOHRfRnFJNmtfcXBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFJfyAAwQE
2ZIwMA0EAgACMAcDBQAqANvAMA0GCSqGSIb3DQEBCwUAA4IBAQAaB1dSlGfMkAiN
W+mtUhgh7MYIIzo8BP5Y1tyT/Ubvka+015GZiRKBPaUO8u5oVnZBSYEV9DOrZE4L
oxbfBo+gf7i+QGRHayfCx9YX1VIW42fspz54cyCTi5BStbL3XgGsZU6BCOobV2DY
2h6sAED3G1hfHn4tQghxuhATZj8zeEuC8+2YQ14xpOT1Rnao5ElY/nYflNmVSc6a
YMnQGzGWy5tOYVBo9d1cU1TPM/nke2lTlT3arzKOGLZuugEZqXsA9hKA3Vxm0uVp
BedLgH7PCyd+B3fzlGgag3qlmmpL5LfpFOmiiZ9thV4f3ABl8Vu9lPHGfx/vrWI+
75jIgi/j
-----END CERTIFICATE-----
Generated at Wed May 22 18:14:57 2024 by rpki-client on console-ams.rpki-client.org