Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/KRywnzAog4HnhIqiT9uX8i9gQGs.roa
File: KRywnzAog4HnhIqiT9uX8i9gQGs.roa (raw, json)
Hash identifier: 4XHE0nXpYF2SciXat9edbOOvqlNbeAsq7PjzxGvLEW0=
Subject key identifier: 29:1C:B0:9F:30:28:83:81:E7:84:8A:A2:4F:DB:97:F2:2F:60:40:6B
Certificate issuer: /CN=d0ca3c0b196fde0ba74c1487bdcb9c5fa053664b
Certificate serial: 018CC3492D194804EBCFDDE5605C4338F4F3
Authority key identifier: D0:CA:3C:0B:19:6F:DE:0B:A7:4C:14:87:BD:CB:9C:5F:A0:53:66:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Mo8Cxlv3gunTBSHvcucX6BTZks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/KRywnzAog4HnhIqiT9uX8i9gQGs.roa
Signing time: Mon 01 Jan 2024 04:30:01 +0000
ROA not before: Mon 01 Jan 2024 04:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8637
IP address blocks: 5.180.229.0/24 maxlen: 24
5.180.228.0/24 maxlen: 24
5.180.228.0/22 maxlen: 24
2a0b:c800:1::/48 maxlen: 48
2a0b:c800:4::/48 maxlen: 48
2a0b:c800:2::/48 maxlen: 48
2a0b:c800:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/0Mo8Cxlv3gunTBSHvcucX6BTZks.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/0Mo8Cxlv3gunTBSHvcucX6BTZks.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Mo8Cxlv3gunTBSHvcucX6BTZks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:2d:19:48:04:eb:cf:dd:e5:60:5c:43:38:f4:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0ca3c0b196fde0ba74c1487bdcb9c5fa053664b
Validity
Not Before: Jan 1 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=291cb09f30288381e7848aa24fdb97f22f60406b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fa:25:c3:94:3b:9e:36:cc:ff:d0:77:47:ed:
62:7a:bd:70:0b:40:87:2d:8c:28:f9:b0:b5:5b:a4:
e7:6a:cd:2a:0e:16:cc:59:ec:97:79:47:53:78:56:
7f:4c:03:a0:fa:5c:44:ee:01:1d:f7:09:8f:da:b9:
7c:25:6c:cf:45:90:a7:36:79:ef:dd:1b:70:9a:15:
ee:b3:0d:59:58:3e:c3:6f:51:28:29:e5:0d:a5:24:
12:c6:74:d0:87:07:d2:13:eb:28:41:ab:6b:f9:54:
05:8d:08:6e:82:d4:1d:fd:5f:a3:e5:ae:ea:63:2c:
e0:6c:e7:1e:57:95:90:16:85:66:05:a2:dd:3a:fc:
03:cb:d6:33:75:b7:03:7d:9a:df:28:96:30:8f:b0:
b0:2b:d7:4e:5e:90:be:32:f2:7c:8c:ac:97:a2:0f:
4a:b7:b5:f2:fb:38:8d:5d:e3:c0:15:42:3d:50:47:
2a:5d:8d:a8:38:30:bd:24:49:25:68:58:f6:03:e5:
6d:7a:71:cf:66:d2:48:c8:b6:aa:5f:27:f7:52:35:
a2:2c:65:e2:43:17:da:7e:fb:f5:fc:b1:a7:d1:c9:
6c:41:bc:6b:a5:d5:89:a6:8b:e6:10:0c:ef:aa:7c:
48:dc:4f:5e:49:43:2d:17:de:38:09:a1:af:26:58:
4b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1C:B0:9F:30:28:83:81:E7:84:8A:A2:4F:DB:97:F2:2F:60:40:6B
X509v3 Authority Key Identifier:
keyid:D0:CA:3C:0B:19:6F:DE:0B:A7:4C:14:87:BD:CB:9C:5F:A0:53:66:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Mo8Cxlv3gunTBSHvcucX6BTZks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/KRywnzAog4HnhIqiT9uX8i9gQGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/81024f-5171-47c4-b5ca-6b63331eff02/1/0Mo8Cxlv3gunTBSHvcucX6BTZks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.228.0/22
IPv6:
2a0b:c800:1::-2a0b:c800:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7a:83:d6:1d:01:86:f6:9a:91:00:5b:29:7c:5e:57:8d:9e:36:
5d:97:d8:69:5c:46:cc:f6:26:60:1d:1a:19:7d:5c:36:26:7c:
ca:db:47:2c:d9:0f:a9:03:bd:d6:dc:b4:67:01:b9:34:84:fd:
9d:02:4a:ff:a2:41:33:cd:c6:ac:2f:1d:75:7e:1d:1c:56:38:
b8:3d:ab:3e:7d:d0:8e:94:0d:46:d8:15:c6:5f:0c:1a:32:14:
4f:46:aa:e2:1c:4c:f9:c9:57:24:7f:60:b0:e2:d5:61:de:19:
21:3b:71:ba:1d:a4:8d:11:b7:ba:97:6a:e7:6d:56:94:3e:5f:
57:a6:05:e9:03:71:d0:f8:76:a6:b5:79:db:f9:1b:13:9c:c8:
a8:06:85:e3:33:30:bc:71:70:96:c5:ce:64:c2:75:fd:b9:f4:
38:82:75:40:bf:a3:ca:f3:51:d6:4d:40:02:08:7d:0d:6c:12:
f2:57:56:1a:41:fe:19:3c:30:21:da:d9:36:8d:20:70:db:76:
1d:b1:1d:3c:1b:c8:01:ee:79:43:01:50:37:59:73:f1:7a:df:
8a:64:31:57:16:60:68:ef:a6:20:4a:f7:11:2c:53:d4:15:75:
f3:e8:05:43:d8:45:9d:d1:91:27:9e:67:27:66:65:01:53:ee:
ae:9d:9c:da
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDSS0ZSATrz93lYFxDOPTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwY2EzYzBiMTk2ZmRlMGJhNzRjMTQ4N2JkY2I5YzVmYTA1
MzY2NGIwHhcNMjQwMTAxMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTFjYjA5ZjMwMjg4MzgxZTc4NDhhYTI0ZmRiOTdmMjJmNjA0MDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/olw5Q7njbM/9B3R+1ier1wC0CH
LYwo+bC1W6Tnas0qDhbMWeyXeUdTeFZ/TAOg+lxE7gEd9wmP2rl8JWzPRZCnNnnv
3RtwmhXusw1ZWD7Db1EoKeUNpSQSxnTQhwfSE+soQatr+VQFjQhugtQd/V+j5a7q
YyzgbOceV5WQFoVmBaLdOvwDy9YzdbcDfZrfKJYwj7CwK9dOXpC+MvJ8jKyXog9K
t7Xy+ziNXePAFUI9UEcqXY2oODC9JEklaFj2A+VtenHPZtJIyLaqXyf3UjWiLGXi
Qxfafvv1/LGn0clsQbxrpdWJpovmEAzvqnxI3E9eSUMtF944CaGvJlhLMwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCkcsJ8wKIOB54SKok/bl/IvYEBrMB8GA1UdIwQY
MBaAFNDKPAsZb94Lp0wUh73LnF+gU2ZLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME1vOEN4bHYzZ3VuVEJTSHZjdWNYNkJUWmtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi84MTAyNGYtNTE3MS00N2M0LWI1Y2Et
NmI2MzMzMWVmZjAyLzEvS1J5d256QW9nNEhuaElxaVQ5dVg4aTlnUUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi84MTAyNGYtNTE3MS00N2M0LWI1Y2EtNmI2MzMzMWVmZjAy
LzEvME1vOEN4bHYzZ3VuVEJTSHZjdWNYNkJUWmtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCBbTkMBoE
AgACMBQwEgMHACoLyAAAAQMHACoLyAAABDANBgkqhkiG9w0BAQsFAAOCAQEAeoPW
HQGG9pqRAFspfF5XjZ42XZfYaVxGzPYmYB0aGX1cNiZ8yttHLNkPqQO91ty0ZwG5
NIT9nQJK/6JBM83GrC8ddX4dHFY4uD2rPn3QjpQNRtgVxl8MGjIUT0aq4hxM+clX
JH9gsOLVYd4ZITtxuh2kjRG3updq521WlD5fV6YF6QNx0Ph2prV52/kbE5zIqAaF
4zMwvHFwlsXOZMJ1/bn0OIJ1QL+jyvNR1k1AAgh9DWwS8ldWGkH+GTwwIdrZNo0g
cNt2HbEdPBvIAe55QwFQN1lz8XrfimQxVxZgaO+mIEr3ESxT1BV18+gFQ9hFndGR
J55nJ2ZlAVPurp2c2g==
-----END CERTIFICATE-----
Generated at Tue Nov 26 20:12:40 2024 by rpki-client on console-ams.rpki-client.org