Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/2KTCYRJdYOoIvOzQDaUzmSVYfsY.roa
File: 2KTCYRJdYOoIvOzQDaUzmSVYfsY.roa (raw, json)
Hash identifier: 7nWVl4uJSq3zgrGuEwOo7r75AuNbi2De0O5T8SkQIaQ=
Subject key identifier: D8:A4:C2:61:12:5D:60:EA:08:BC:EC:D0:0D:A5:33:99:25:58:7E:C6
Certificate issuer: /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial: 018F2F8AFCF8946A5C2C7080851B482C2FCE
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/2KTCYRJdYOoIvOzQDaUzmSVYfsY.roa
Signing time: Tue 30 Apr 2024 15:06:28 +0000
ROA not before: Tue 30 Apr 2024 15:06:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41171
IP address blocks: 62.106.83.0/24 maxlen: 24
146.19.142.0/24 maxlen: 24
146.19.228.0/24 maxlen: 24
185.253.3.0/24 maxlen: 24
194.26.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.mft
rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:8a:fc:f8:94:6a:5c:2c:70:80:85:1b:48:2c:2f:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Validity
Not Before: Apr 30 15:06:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8a4c261125d60ea08bcecd00da5339925587ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8d:8d:8c:02:7e:90:16:0d:5f:f7:d5:36:fa:
94:d5:e2:aa:0d:72:be:ab:03:08:1f:e2:c3:92:27:
17:7e:7d:d2:80:e3:1f:23:e1:ef:e5:d9:d0:b4:df:
9c:6b:87:20:3b:2c:f0:8b:d1:f5:3d:ba:da:3a:56:
1b:78:2f:07:3c:d3:5c:d5:a7:29:0f:5c:cc:1f:02:
49:2d:b1:32:1a:83:36:1b:69:f4:ed:c5:83:91:de:
e5:20:71:5b:b1:45:48:09:2b:43:8e:1d:2c:36:ca:
a9:cb:a3:81:52:a3:51:ed:06:c4:58:b1:b7:e0:9e:
89:d4:05:1a:04:bd:69:e4:53:7b:a0:61:9e:ac:b8:
a1:84:b1:3d:1c:b7:56:0a:d6:8a:bc:5f:3b:9e:f9:
ea:ab:20:c4:06:78:c2:68:56:7a:7f:73:a1:5d:14:
03:7a:f9:55:96:f4:9a:c4:d5:34:17:ae:3c:30:ef:
1e:41:86:e4:25:50:c9:7d:35:eb:37:c9:7c:4b:18:
6e:3e:0d:74:f4:6a:db:ce:ff:8a:5e:ac:14:a4:2b:
7d:ce:d7:3d:68:c4:88:22:92:51:50:b6:7b:95:89:
3b:82:f1:5e:dc:36:0c:7b:e7:79:0c:cc:33:cc:fc:
d7:76:e6:a0:4e:44:82:98:e9:5d:a7:80:a3:f0:ec:
2c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A4:C2:61:12:5D:60:EA:08:BC:EC:D0:0D:A5:33:99:25:58:7E:C6
X509v3 Authority Key Identifier:
keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/2KTCYRJdYOoIvOzQDaUzmSVYfsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.83.0/24
146.19.142.0/24
146.19.228.0/24
185.253.3.0/24
194.26.218.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:56:14:01:68:bc:a8:27:83:ea:b6:e2:e7:68:4b:01:43:17:
69:0c:71:09:27:12:0d:08:5e:d2:48:0d:b1:7a:51:34:00:c4:
30:af:6d:29:b1:20:1f:d5:d7:ea:a8:13:ea:a3:42:50:ac:9d:
3d:b7:95:7b:27:3d:bc:cf:4f:bf:74:2e:96:4b:5e:60:91:f6:
a6:18:01:97:d3:0a:02:8c:21:c6:7c:6b:d3:f5:8d:76:47:7e:
10:b3:47:be:3a:d8:ce:af:8c:6f:8a:49:22:b5:c4:e8:d1:a4:
c1:35:22:8f:df:17:0c:26:65:54:d6:bf:c7:d0:9d:e8:90:bb:
9c:c2:33:78:ad:15:af:5a:b7:5e:e6:8d:35:66:a1:8d:96:b6:
7f:57:a5:ec:50:4d:78:c9:40:06:49:d2:1c:04:5c:97:82:a7:
f2:41:2c:75:88:eb:ec:cc:3c:db:4c:e7:f8:9e:75:80:3d:ec:
8c:71:d7:78:6d:25:17:b8:2f:69:a0:9c:9e:f5:d6:e0:6e:1b:
0c:98:7e:9d:83:eb:ed:59:cf:eb:12:1c:4d:f4:65:b6:d2:f4:
73:c5:9c:99:7e:b1:f8:fd:64:77:b1:fc:0d:56:58:36:00:7c:
ae:42:b1:a2:fb:4c:48:b0:ee:51:f1:96:44:80:a4:27:66:c7:
b1:de:2f:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8vivz4lGpcLHCAhRtILC/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjQwNDMwMTUwNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE0YzI2MTEyNWQ2MGVhMDhiY2VjZDAwZGE1MzM5OTI1NTg3ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzI2NjAJ+kBYNX/fVNvqU1eKqDXK+
qwMIH+LDkicXfn3SgOMfI+Hv5dnQtN+ca4cgOyzwi9H1PbraOlYbeC8HPNNc1acp
D1zMHwJJLbEyGoM2G2n07cWDkd7lIHFbsUVICStDjh0sNsqpy6OBUqNR7QbEWLG3
4J6J1AUaBL1p5FN7oGGerLihhLE9HLdWCtaKvF87nvnqqyDEBnjCaFZ6f3OhXRQD
evlVlvSaxNU0F648MO8eQYbkJVDJfTXrN8l8SxhuPg109Grbzv+KXqwUpCt9ztc9
aMSIIpJRULZ7lYk7gvFe3DYMe+d5DMwzzPzXduagTkSCmOldp4Cj8OwsSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNikwmESXWDqCLzs0A2lM5klWH7GMB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEvMktUQ1lSSmRZT29Jdk96UURhVXptU1ZZZnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPmpTAwQA
khOOAwQAkhPkAwQAuf0DAwQAwhraMA0GCSqGSIb3DQEBCwUAA4IBAQBuVhQBaLyo
J4PqtuLnaEsBQxdpDHEJJxINCF7SSA2xelE0AMQwr20psSAf1dfqqBPqo0JQrJ09
t5V7Jz28z0+/dC6WS15gkfamGAGX0woCjCHGfGvT9Y12R34Qs0e+OtjOr4xvikki
tcTo0aTBNSKP3xcMJmVU1r/H0J3okLucwjN4rRWvWrde5o01ZqGNlrZ/V6XsUE14
yUAGSdIcBFyXgqfyQSx1iOvszDzbTOf4nnWAPeyMcdd4bSUXuC9poJye9dbgbhsM
mH6dg+vtWc/rEhxN9GW20vRzxZyZfrH4/WR3sfwNVlg2AHyuQrGi+0xIsO5R8ZZE
gKQnZsex3i+v
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:51:46 2024 by rpki-client on console-ams.rpki-client.org