Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KvfwQeZqor2V48WY5eFfnP00_pc.roa
File: KvfwQeZqor2V48WY5eFfnP00_pc.roa (raw, json)
Hash identifier: zs3LDH1Uul5KupFAi0zg1jA7omZ7Q1YWxocgrYnnrUg=
Subject key identifier: 2A:F7:F0:41:E6:6A:A2:BD:95:E3:C5:98:E5:E1:5F:9C:FD:34:FE:97
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC802832508FE2A9B9F923F8525ADBDDE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KvfwQeZqor2V48WY5eFfnP00_pc.roa
Signing time: Tue 02 Jan 2024 02:30:57 +0000
ROA not before: Tue 02 Jan 2024 02:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62816
IP address blocks: 185.227.146.0/24 maxlen: 24
185.108.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:83:25:08:fe:2a:9b:9f:92:3f:85:25:ad:bd:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2af7f041e66aa2bd95e3c598e5e15f9cfd34fe97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:14:66:86:61:3c:a7:c4:dd:87:40:a4:94:df:
f1:2e:12:38:5f:23:1d:08:37:9d:1d:14:87:3c:8c:
a6:41:c6:7b:30:81:c7:95:d3:01:f8:65:f9:87:f9:
e6:74:73:d5:c7:63:94:b8:b1:bc:df:06:5f:d9:bf:
19:cf:ca:f7:ef:db:4a:43:bb:5a:dd:65:6b:ba:46:
99:c4:73:ca:7c:99:1e:ab:97:cf:cf:21:7a:16:50:
cf:c0:27:fb:0c:0a:7d:86:f1:be:8a:56:24:35:77:
00:fc:c2:c4:4c:81:df:02:db:86:91:26:1f:b8:c0:
77:fe:24:75:a8:00:15:0e:cf:17:e4:07:a8:17:1d:
df:64:d1:71:b3:23:91:71:93:50:3c:14:2d:67:af:
c7:b3:b1:4f:60:be:32:f3:d3:5e:cb:66:c0:88:ab:
e7:02:bb:c9:f7:f4:e9:38:80:3a:9e:24:4d:e1:f7:
fb:ab:db:ec:b5:e7:ad:52:1e:21:ff:f3:05:64:26:
7d:52:ef:6a:a0:e4:f0:6d:88:0e:ed:b6:30:ed:e2:
0c:b4:82:f0:ff:7f:a1:bf:83:d5:43:cd:60:cc:40:
4c:0f:40:d3:ad:f4:93:8d:c9:1b:04:cf:17:01:76:
ca:d0:50:30:a1:d5:ed:45:d0:e4:98:d7:3b:70:e1:
10:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F7:F0:41:E6:6A:A2:BD:95:E3:C5:98:E5:E1:5F:9C:FD:34:FE:97
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KvfwQeZqor2V48WY5eFfnP00_pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.204.0/24
185.227.146.0/24
Signature Algorithm: sha256WithRSAEncryption
71:85:44:df:04:4a:c0:fb:7a:13:b8:b6:85:5c:b9:5e:01:71:
fd:32:93:98:46:f6:50:3d:50:a2:f5:4d:17:25:d5:ac:e4:93:
7f:75:a5:d9:aa:37:98:39:0c:c3:65:73:91:3c:0b:78:93:5e:
c2:08:04:d5:75:f7:09:8c:02:17:21:7f:f9:e4:b6:ab:6a:68:
a1:b3:5f:19:98:80:cf:cc:fa:6e:ed:f0:dc:57:22:d6:fe:a8:
82:b7:3d:c7:6e:17:51:a5:1f:7b:83:00:b5:c1:a8:7e:56:b1:
9a:c8:9d:fb:3c:5a:f3:5f:55:c9:9f:82:c5:0a:5d:06:99:3c:
3e:a1:70:e9:21:08:86:a2:a5:6d:57:4b:4f:a9:47:40:99:55:
6d:14:86:bc:5e:61:41:f4:89:1a:e5:54:10:de:a7:fb:d9:0f:
52:fb:a8:10:c1:63:dd:9e:1a:cc:4b:e1:83:96:d2:0f:28:8b:
d3:de:1f:b1:00:7a:e1:62:ed:04:28:14:70:e9:46:53:83:a3:
08:46:86:49:be:c7:52:3e:29:fd:19:19:b5:1a:e3:00:c4:3c:
cb:f6:ea:0d:c4:bb:e2:e5:2b:a1:c5:e2:f2:6e:6c:39:94:13:
ef:40:69:78:9b:31:a5:b5:0b:c3:2b:9a:6e:f4:60:fc:58:24:
10:12:6a:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAoMlCP4qm5+SP4Ulrb3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWY3ZjA0MWU2NmFhMmJkOTVlM2M1OThlNWUxNWY5Y2ZkMzRmZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxRmhmE8p8Tdh0CklN/xLhI4XyMd
CDedHRSHPIymQcZ7MIHHldMB+GX5h/nmdHPVx2OUuLG83wZf2b8Zz8r379tKQ7ta
3WVrukaZxHPKfJkeq5fPzyF6FlDPwCf7DAp9hvG+ilYkNXcA/MLETIHfAtuGkSYf
uMB3/iR1qAAVDs8X5AeoFx3fZNFxsyORcZNQPBQtZ6/Hs7FPYL4y89Ney2bAiKvn
ArvJ9/TpOIA6niRN4ff7q9vsteetUh4h//MFZCZ9Uu9qoOTwbYgO7bYw7eIMtILw
/3+hv4PVQ81gzEBMD0DTrfSTjckbBM8XAXbK0FAwodXtRdDkmNc7cOEQgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCr38EHmaqK9lePFmOXhX5z9NP6XMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS3Zmd1FlWnFvcjJWNDhXWTVlRmZuUDAwX3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWzMAwQA
ueOSMA0GCSqGSIb3DQEBCwUAA4IBAQBxhUTfBErA+3oTuLaFXLleAXH9MpOYRvZQ
PVCi9U0XJdWs5JN/daXZqjeYOQzDZXORPAt4k17CCATVdfcJjAIXIX/55Laramih
s18ZmIDPzPpu7fDcVyLW/qiCtz3HbhdRpR97gwC1wah+VrGayJ37PFrzX1XJn4LF
Cl0GmTw+oXDpIQiGoqVtV0tPqUdAmVVtFIa8XmFB9Ika5VQQ3qf72Q9S+6gQwWPd
nhrMS+GDltIPKIvT3h+xAHrhYu0EKBRw6UZTg6MIRoZJvsdSPin9GRm1GuMAxDzL
9uoNxLvi5SuhxeLybmw5lBPvQGl4mzGltQvDK5pu9GD8WCQQEmpY
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:27:30 2024 by rpki-client on console-ams.rpki-client.org