Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969c12-5263-4026-bfcd-0890b8051d85/1/KPqUtW9e4qCBH0gKhDX9Uhwk84k.roa
File: KPqUtW9e4qCBH0gKhDX9Uhwk84k.roa (raw, json)
Hash identifier: WI5X4J9CdxeN2W3rKhwlHqAbUJpx2a3wwsmzXXGQl9Q=
Subject key identifier: 28:FA:94:B5:6F:5E:E2:A0:81:1F:48:0A:84:35:FD:52:1C:24:F3:89
Certificate issuer: /CN=f9c4acc67a4b0013557a74ece6641f4f9475ff2d
Certificate serial: 018CC8DFA21DC31D836EFD916E72A7C9001C
Authority key identifier: F9:C4:AC:C6:7A:4B:00:13:55:7A:74:EC:E6:64:1F:4F:94:75:FF:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-cSsxnpLABNVenTs5mQfT5R1_y0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969c12-5263-4026-bfcd-0890b8051d85/1/KPqUtW9e4qCBH0gKhDX9Uhwk84k.roa
Signing time: Tue 02 Jan 2024 06:32:28 +0000
ROA not before: Tue 02 Jan 2024 06:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62099
IP address blocks: 185.47.220.0/22 maxlen: 22
185.91.168.0/22 maxlen: 22
2a01:9420::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969c12-5263-4026-bfcd-0890b8051d85/1/1-cSsxnpLABNVenTs5mQfT5R1_y0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/969c12-5263-4026-bfcd-0890b8051d85/1/1-cSsxnpLABNVenTs5mQfT5R1_y0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-cSsxnpLABNVenTs5mQfT5R1_y0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 00:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a2:1d:c3:1d:83:6e:fd:91:6e:72:a7:c9:00:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9c4acc67a4b0013557a74ece6641f4f9475ff2d
Validity
Not Before: Jan 2 06:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28fa94b56f5ee2a0811f480a8435fd521c24f389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b4:cd:df:69:5c:c6:b0:6e:91:b0:bf:43:c3:
94:ac:b5:ff:00:f8:6a:f7:69:48:a8:a8:6b:32:19:
18:6a:53:b4:31:d9:a0:46:9a:05:f7:86:c2:eb:7a:
5b:a4:a3:36:f1:14:23:15:12:a6:fb:d7:4c:ee:10:
d5:68:59:1c:9f:a6:04:de:94:be:d8:17:7d:27:30:
71:02:8d:8a:19:a8:3d:76:23:6f:cd:73:9d:75:84:
95:be:f9:4e:b2:01:f9:88:e2:82:ae:25:c3:06:45:
b5:be:1e:43:75:f5:5c:bf:8b:76:53:7e:f2:56:f0:
8b:ac:0f:0e:30:72:27:50:a0:20:76:c7:b6:f1:4d:
74:9d:09:47:37:f9:d9:98:00:02:c0:58:6a:be:c7:
6d:57:45:a5:e2:74:6a:48:59:d0:e6:f6:1b:01:24:
13:38:3e:cf:8b:ae:2b:58:64:f2:42:03:65:28:38:
4e:97:59:2f:50:d6:c7:40:8c:a3:90:ac:76:92:9d:
8e:9d:e5:b1:5f:89:be:22:3e:a7:65:3b:b1:e5:70:
8c:3b:b1:c2:e9:4d:5e:c1:9a:0c:6a:35:0d:de:36:
c3:14:80:e1:a8:fc:54:63:d6:67:c9:40:4d:77:5f:
7a:e6:b8:fd:b7:df:9d:6e:47:fd:73:cc:6c:c7:1c:
97:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FA:94:B5:6F:5E:E2:A0:81:1F:48:0A:84:35:FD:52:1C:24:F3:89
X509v3 Authority Key Identifier:
keyid:F9:C4:AC:C6:7A:4B:00:13:55:7A:74:EC:E6:64:1F:4F:94:75:FF:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-cSsxnpLABNVenTs5mQfT5R1_y0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969c12-5263-4026-bfcd-0890b8051d85/1/KPqUtW9e4qCBH0gKhDX9Uhwk84k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969c12-5263-4026-bfcd-0890b8051d85/1/1-cSsxnpLABNVenTs5mQfT5R1_y0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.220.0/22
185.91.168.0/22
IPv6:
2a01:9420::/32
Signature Algorithm: sha256WithRSAEncryption
c1:48:19:1e:0a:ad:ad:13:18:86:d9:8e:36:a4:b0:4b:14:51:
b6:25:1f:da:87:88:23:63:6e:87:cf:c8:ee:3c:f5:5f:59:dc:
26:61:81:58:e0:0e:74:d0:61:64:aa:eb:5f:b1:8e:14:33:97:
9e:66:02:3b:b7:4c:ee:af:5f:17:2a:c6:d3:d8:b5:f3:d1:de:
f4:1f:15:32:24:08:cb:5d:ec:fc:91:b2:90:7d:80:70:c0:ca:
49:bd:94:b9:8f:d7:52:8f:7a:53:cc:7b:d3:33:e4:f8:d2:f4:
61:0f:e9:c2:63:22:4d:d7:b3:03:f9:98:dc:71:62:d3:9f:b5:
70:fd:21:a2:58:c8:d9:b2:ec:96:da:d6:03:0c:f6:53:f8:d0:
bb:5f:ee:81:9b:44:02:51:43:13:25:d8:9f:de:5e:cf:80:61:
2b:6b:77:ab:29:ed:ba:1f:93:ed:bc:3f:ac:0b:1b:76:e8:9d:
bc:fc:39:9e:87:bc:84:8f:55:9f:0e:15:b3:1a:2f:a8:b4:68:
56:2f:c6:83:56:93:b0:4f:d6:2e:b5:66:6f:d0:be:ff:e2:68:
2b:1d:75:c9:b0:6e:4d:46:1e:63:38:0f:95:c0:3a:50:d0:4f:
31:d6:f6:fd:48:6e:99:ce:1a:1f:f8:60:d3:7f:8b:28:c5:4a:
4a:6b:0b:83
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzI36Idwx2Dbv2RbnKnyQAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5YzRhY2M2N2E0YjAwMTM1NTdhNzRlY2U2NjQxZjRmOTQ3
NWZmMmQwHhcNMjQwMTAyMDYzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGZhOTRiNTZmNWVlMmEwODExZjQ4MGE4NDM1ZmQ1MjFjMjRmMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubTN32lcxrBukbC/Q8OUrLX/APhq
92lIqKhrMhkYalO0MdmgRpoF94bC63pbpKM28RQjFRKm+9dM7hDVaFkcn6YE3pS+
2Bd9JzBxAo2KGag9diNvzXOddYSVvvlOsgH5iOKCriXDBkW1vh5DdfVcv4t2U37y
VvCLrA8OMHInUKAgdse28U10nQlHN/nZmAACwFhqvsdtV0Wl4nRqSFnQ5vYbASQT
OD7Pi64rWGTyQgNlKDhOl1kvUNbHQIyjkKx2kp2OneWxX4m+Ij6nZTux5XCMO7HC
6U1ewZoMajUN3jbDFIDhqPxUY9ZnyUBNd1965rj9t9+dbkf9c8xsxxyXTwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCj6lLVvXuKggR9ICoQ1/VIcJPOJMB8GA1UdIwQY
MBaAFPnErMZ6SwATVXp07OZkH0+Udf8tMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1jU3N4bnBMQUJOVmVuVHM1bVFmVDVSMV95MC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2EvOTY5YzEyLTUyNjMtNDAyNi1iZmNk
LTA4OTBiODA1MWQ4NS8xL0tQcVV0VzllNHFDQkgwZ0toRFg5VWh3azg0ay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvOTY5YzEyLTUyNjMtNDAyNi1iZmNkLTA4OTBiODA1MWQ4
NS8xLzEtY1NzeG5wTEFCTlZlblRzNW1RZlQ1UjFfeTAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5L9wD
BAK5W6gwDQQCAAIwBwMFACoBlCAwDQYJKoZIhvcNAQELBQADggEBAMFIGR4Kra0T
GIbZjjaksEsUUbYlH9qHiCNjbofPyO489V9Z3CZhgVjgDnTQYWSq61+xjhQzl55m
Aju3TO6vXxcqxtPYtfPR3vQfFTIkCMtd7PyRspB9gHDAykm9lLmP11KPelPMe9Mz
5PjS9GEP6cJjIk3XswP5mNxxYtOftXD9IaJYyNmy7Jba1gMM9lP40Ltf7oGbRAJR
QxMl2J/eXs+AYStrd6sp7bofk+28P6wLG3bonbz8OZ6HvISPVZ8OFbMaL6i0aFYv
xoNWk7BP1i61Zm/Qvv/iaCsddcmwbk1GHmM4D5XAOlDQTzHW9v1IbpnOGh/4YNN/
iyjFSkprC4M=
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:33:09 2024 by rpki-client on console-ams.rpki-client.org