Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/KkxG-vsKJu3wobWGzkkGbFOxl-I.roa
File: KkxG-vsKJu3wobWGzkkGbFOxl-I.roa (raw, json)
Hash identifier: hGRYG9TPpwDCBm2sbUH0Z+hXvCzK7k7ZgsDyCLLU/20=
Subject key identifier: 2A:4C:46:FA:FB:0A:26:ED:F0:A1:B5:86:CE:49:06:6C:53:B1:97:E2
Certificate issuer: /CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
Certificate serial: 018CC4244EC2012D1D87279C5FE1D65F6EED
Authority key identifier: 2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/KkxG-vsKJu3wobWGzkkGbFOxl-I.roa
Signing time: Mon 01 Jan 2024 08:29:22 +0000
ROA not before: Mon 01 Jan 2024 08:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202090
IP address blocks: 178.159.44.0/24 maxlen: 24
178.159.44.0/22 maxlen: 22
178.159.46.0/24 maxlen: 24
178.159.47.0/24 maxlen: 24
178.159.45.0/24 maxlen: 24
185.99.142.0/23 maxlen: 24
185.99.142.0/24 maxlen: 24
185.99.143.0/24 maxlen: 24
185.65.137.0/24 maxlen: 24
193.176.180.0/24 maxlen: 24
193.176.181.0/24 maxlen: 24
193.176.180.0/22 maxlen: 22
193.176.183.0/24 maxlen: 24
193.176.182.0/24 maxlen: 24
81.91.191.0/24 maxlen: 24
81.91.190.0/24 maxlen: 24
185.47.152.0/23 maxlen: 23
2a0c:b1c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/K577WHjTs2NNwcy5CsSOC4nRyHk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/K577WHjTs2NNwcy5CsSOC4nRyHk.mft
rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:4e:c2:01:2d:1d:87:27:9c:5f:e1:d6:5f:6e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
Validity
Not Before: Jan 1 08:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a4c46fafb0a26edf0a1b586ce49066c53b197e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:62:1f:43:40:87:8f:ee:cb:d8:c1:2d:cf:59:
cb:bd:90:f3:4a:cb:7f:61:e4:fa:fe:89:37:61:f5:
a3:4e:94:72:f4:c2:cf:67:e5:0a:28:0f:c0:e3:1a:
f5:61:90:91:bb:4d:17:dc:bf:a1:60:58:f0:7d:2e:
76:d9:2e:b5:0d:90:aa:d5:f5:b6:1a:7a:ad:c2:ad:
fc:84:af:46:56:58:d3:05:64:ef:6e:a5:35:24:29:
0b:bd:3a:5c:36:60:69:a5:96:4a:e5:0f:8f:32:22:
d1:03:72:d0:16:c0:f9:34:a1:02:02:73:f8:f1:d0:
c6:04:59:98:92:c2:95:06:7c:a2:22:d0:a9:59:3c:
d7:69:7f:49:69:56:7b:1b:1b:fe:4e:f7:e9:78:04:
d1:6b:19:4d:09:34:ad:4f:15:3f:73:61:38:64:2d:
c4:50:56:8f:42:1c:39:e2:4d:3a:67:a9:f1:f6:e1:
33:29:ad:86:10:8d:08:63:67:e9:e0:af:2f:84:27:
c3:bf:6b:36:d7:fe:13:21:64:0c:1f:1d:e8:37:35:
69:06:ca:41:ab:e3:61:45:0a:3b:b9:6d:d9:f1:be:
7c:fd:f1:76:b9:9c:46:25:3f:a7:71:47:4c:7a:2e:
0f:ec:f6:62:26:8b:05:e7:ce:a2:47:99:a1:a9:e8:
13:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:4C:46:FA:FB:0A:26:ED:F0:A1:B5:86:CE:49:06:6C:53:B1:97:E2
X509v3 Authority Key Identifier:
keyid:2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/KkxG-vsKJu3wobWGzkkGbFOxl-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/K577WHjTs2NNwcy5CsSOC4nRyHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.190.0/23
178.159.44.0/22
185.47.152.0/23
185.65.137.0/24
185.99.142.0/23
193.176.180.0/22
IPv6:
2a0c:b1c0::/32
Signature Algorithm: sha256WithRSAEncryption
01:bb:c0:e6:ae:c9:ed:96:f2:1c:d3:db:78:20:6a:bd:b9:2b:
d6:e1:10:a5:a5:ac:ad:97:b9:83:20:bd:ed:2a:8a:7f:e6:d0:
d7:de:cc:26:94:c6:ab:8a:fb:54:51:8e:6e:ba:85:cc:e6:65:
e0:93:d3:33:52:09:64:9e:bd:66:83:82:90:d3:23:de:13:ba:
3a:61:34:a7:95:a2:be:c6:17:51:de:2e:e4:8d:06:74:8b:c1:
e4:9a:e4:fb:85:c1:68:b6:03:26:ee:84:60:4f:0c:50:df:0d:
21:35:ce:4a:3a:0a:50:fe:06:71:ab:00:a0:29:64:2b:ee:d6:
cf:c3:e5:12:e0:79:e1:3a:f0:0d:1c:32:fa:ee:48:da:3b:44:
e6:f3:50:65:d9:31:22:ad:cb:45:f8:7a:6d:f2:be:1a:ea:a6:
f3:cd:ed:f2:97:fc:8d:f0:90:59:75:3f:67:ce:36:de:cf:12:
a3:af:b4:e5:de:31:26:45:05:bc:d1:3a:96:a9:76:b8:c2:93:
7c:50:b4:4d:fa:98:48:cd:0f:02:b3:cf:1f:2c:98:97:02:bb:
09:aa:ae:a4:36:ce:51:43:09:5c:89:03:f0:77:cb:8e:29:74:
92:06:65:7b:02:c0:d7:a9:dc:92:5d:3f:2f:f4:ff:fe:d9:ac:
2e:6a:92:32
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzEJE7CAS0dhyecX+HWX27tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOWVmYjU4NzhkM2IzNjM0ZGMxY2NiOTBhYzQ4ZTBiODlk
MWM4NzkwHhcNMjQwMTAxMDgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTRjNDZmYWZiMGEyNmVkZjBhMWI1ODZjZTQ5MDY2YzUzYjE5N2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGIfQ0CHj+7L2MEtz1nLvZDzSst/
YeT6/ok3YfWjTpRy9MLPZ+UKKA/A4xr1YZCRu00X3L+hYFjwfS522S61DZCq1fW2
Gnqtwq38hK9GVljTBWTvbqU1JCkLvTpcNmBppZZK5Q+PMiLRA3LQFsD5NKECAnP4
8dDGBFmYksKVBnyiItCpWTzXaX9JaVZ7Gxv+TvfpeATRaxlNCTStTxU/c2E4ZC3E
UFaPQhw54k06Z6nx9uEzKa2GEI0IY2fp4K8vhCfDv2s21/4TIWQMHx3oNzVpBspB
q+NhRQo7uW3Z8b58/fF2uZxGJT+ncUdMei4P7PZiJosF586iR5mhqegTqQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCpMRvr7Cibt8KG1hs5JBmxTsZfiMB8GA1UdIwQY
MBaAFCue+1h407NjTcHMuQrEjguJ0ch5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzU3N1dIalRzMk5Od2N5NUNzU09DNG5SeUhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kMDM2MDgtM2M2Ny00MjNkLWIxOGQt
NGJjZDNkNTg0NjNhLzEvS2t4Ry12c0tKdTN3b2JXR3pra0diRk94bC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kMDM2MDgtM2M2Ny00MjNkLWIxOGQtNGJjZDNkNTg0NjNh
LzEvSzU3N1dIalRzMk5Od2N5NUNzU09DNG5SeUhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBUVu+AwQC
sp8sAwQBuS+YAwQAuUGJAwQBuWOOAwQCwbC0MA0EAgACMAcDBQAqDLHAMA0GCSqG
SIb3DQEBCwUAA4IBAQABu8DmrsntlvIc09t4IGq9uSvW4RClpaytl7mDIL3tKop/
5tDX3swmlMarivtUUY5uuoXM5mXgk9MzUglknr1mg4KQ0yPeE7o6YTSnlaK+xhdR
3i7kjQZ0i8HkmuT7hcFotgMm7oRgTwxQ3w0hNc5KOgpQ/gZxqwCgKWQr7tbPw+US
4HnhOvANHDL67kjaO0Tm81Bl2TEirctF+Hpt8r4a6qbzze3yl/yN8JBZdT9nzjbe
zxKjr7Tl3jEmRQW80TqWqXa4wpN8ULRN+phIzQ8Cs88fLJiXArsJqq6kNs5RQwlc
iQPwd8uOKXSSBmV7AsDXqdySXT8v9P/+2awuapIy
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:17:25 2024 by rpki-client on console-ams.rpki-client.org