Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/kt8Gj0LD3Up81gFJLXr23Tcldws.roa
File: kt8Gj0LD3Up81gFJLXr23Tcldws.roa (raw, json)
Hash identifier: 3fLjbNYGfZ+qp5+7a3l4wNCheurJaR7R058uMGcUIwg=
Subject key identifier: 92:DF:06:8F:42:C3:DD:4A:7C:D6:01:49:2D:7A:F6:DD:37:25:77:0B
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0193568C375A5AD75CBA71008644B9903702
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/kt8Gj0LD3Up81gFJLXr23Tcldws.roa
Signing time: Sat 23 Nov 2024 01:04:09 +0000
ROA not before: Sat 23 Nov 2024 01:04:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 262287
IP address blocks: 149.126.12.0/24 maxlen: 24
192.145.70.0/24 maxlen: 24
2a0a:8f40:4::/48 maxlen: 48
2a0a:8f40:5::/48 maxlen: 48
2a0a:8f40:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:56:8c:37:5a:5a:d7:5c:ba:71:00:86:44:b9:90:37:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Nov 23 01:04:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92df068f42c3dd4a7cd601492d7af6dd3725770b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:af:14:6f:64:2d:a7:e1:6c:3f:e9:f6:09:c9:
4e:14:6e:ea:fd:0f:99:3d:03:5d:2f:fe:15:cc:a9:
a0:28:50:0a:c2:8d:ac:cb:2e:0b:14:f2:4f:66:e0:
bd:8c:1a:e4:40:22:b3:c5:b0:67:04:80:90:c2:d2:
22:bb:33:a6:be:a2:73:1a:c1:7d:58:eb:27:33:66:
b4:1e:b3:60:69:05:3f:4b:24:e9:e3:5f:f4:5d:10:
57:13:7f:7e:d4:d8:ec:9a:11:18:a8:57:49:e6:83:
57:2c:6e:bc:47:34:1b:3b:e2:3e:6b:6e:3c:ca:4b:
49:3c:85:30:f5:83:cf:b8:88:89:73:4e:73:02:5a:
02:3b:07:94:50:4f:45:24:8c:fd:ba:bf:5d:20:ae:
ae:fd:75:b4:fa:d0:3d:d9:67:c0:59:1c:33:b0:24:
c8:30:53:01:cf:ee:5c:48:86:6f:7f:16:d4:17:c3:
53:ec:d2:71:3b:e0:fb:b3:25:18:35:79:18:6d:b4:
d8:b8:1c:ad:53:9a:a3:40:02:7d:e4:22:2b:17:90:
83:43:0e:2c:ce:b6:7f:73:03:70:c3:e3:21:db:a1:
a5:f9:16:59:7d:01:16:65:99:bc:6b:58:b4:32:ca:
8b:74:52:b3:a2:56:b2:4c:75:e5:1c:01:cc:fe:7c:
22:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DF:06:8F:42:C3:DD:4A:7C:D6:01:49:2D:7A:F6:DD:37:25:77:0B
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/kt8Gj0LD3Up81gFJLXr23Tcldws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.126.12.0/24
192.145.70.0/24
IPv6:
2a0a:8f40:4::-2a0a:8f40:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
43:61:e5:ab:95:22:e3:91:46:b7:e7:b2:53:5d:d7:a4:7f:3a:
73:cf:61:2e:ff:af:11:16:8a:f4:8e:52:22:6c:bb:a5:e4:5e:
3e:01:90:b7:c5:09:63:d5:77:eb:b7:55:34:9f:db:47:68:38:
ae:7f:53:48:16:9d:b5:84:c2:e1:57:f8:07:43:7b:53:93:db:
b3:d1:24:33:15:1c:00:e8:83:70:37:41:0b:65:e5:d0:b3:79:
7a:0c:2c:5e:48:8f:3c:81:7a:5e:fa:cd:73:56:59:1b:c6:94:
75:2b:f9:d4:2c:62:f2:93:22:92:7d:57:1e:f1:26:fb:d2:86:
ce:8b:31:cb:dc:70:a0:45:c0:8b:0a:e7:fe:41:34:4f:91:d1:
37:2f:88:b7:df:04:fa:58:6b:81:3a:b4:4b:5b:c5:3d:a4:58:
bd:98:de:ec:e6:9a:0b:90:cc:5b:18:19:34:47:71:d9:15:da:
f3:3c:52:a3:dc:f0:00:d4:ef:01:6c:0d:9f:aa:7e:32:36:bf:
64:17:d2:f5:60:ef:17:63:ae:95:e2:da:e3:1d:66:3f:7a:7a:
59:94:e3:6d:07:5d:ab:8a:c1:73:1a:db:e7:52:cc:3c:92:84:
a6:d3:a6:db:94:81:e2:03:b2:6e:42:94:f0:e9:02:d0:48:e8:
e0:9c:14:e1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZNWjDdaWtdcunEAhkS5kDcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQxMTIzMDEwNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRmMDY4ZjQyYzNkZDRhN2NkNjAxNDkyZDdhZjZkZDM3MjU3NzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla8Ub2Qtp+FsP+n2CclOFG7q/Q+Z
PQNdL/4VzKmgKFAKwo2syy4LFPJPZuC9jBrkQCKzxbBnBICQwtIiuzOmvqJzGsF9
WOsnM2a0HrNgaQU/SyTp41/0XRBXE39+1NjsmhEYqFdJ5oNXLG68RzQbO+I+a248
yktJPIUw9YPPuIiJc05zAloCOweUUE9FJIz9ur9dIK6u/XW0+tA92WfAWRwzsCTI
MFMBz+5cSIZvfxbUF8NT7NJxO+D7syUYNXkYbbTYuBytU5qjQAJ95CIrF5CDQw4s
zrZ/cwNww+Mh26Gl+RZZfQEWZZm8a1i0MsqLdFKzolayTHXlHAHM/nwiTQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJLfBo9Cw91KfNYBSS169t03JXcLMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEva3Q4R2owTEQzVXA4MWdGSkxYcjIzVGNsZHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQAlX4MAwQA
wJFGMBoEAgACMBQwEgMHAioKj0AABAMHACoKj0AABjANBgkqhkiG9w0BAQsFAAOC
AQEAQ2Hlq5Ui45FGt+eyU13XpH86c89hLv+vERaK9I5SImy7peRePgGQt8UJY9V3
67dVNJ/bR2g4rn9TSBadtYTC4Vf4B0N7U5Pbs9EkMxUcAOiDcDdBC2Xl0LN5egws
XkiPPIF6XvrNc1ZZG8aUdSv51Cxi8pMikn1XHvEm+9KGzosxy9xwoEXAiwrn/kE0
T5HRNy+It98E+lhrgTq0S1vFPaRYvZje7OaaC5DMWxgZNEdx2RXa8zxSo9zwANTv
AWwNn6p+Mja/ZBfS9WDvF2OuleLa4x1mP3p6WZTjbQddq4rBcxrb51LMPJKEptOm
25SB4gOybkKU8OkC0Ejo4JwU4Q==
-----END CERTIFICATE-----
Generated at Sun Nov 24 16:43:14 2024 by rpki-client on console-ams.rpki-client.org