Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/kurgNmqcBurULnaWCBubYRCirGM.roa
File: kurgNmqcBurULnaWCBubYRCirGM.roa (raw, json)
Hash identifier: DGj+1ristiRafvrhC3ozT/BlgU2VkopyVX0F/FwV3TA=
Subject key identifier: 92:EA:E0:36:6A:9C:06:EA:D4:2E:76:96:08:1B:9B:61:10:A2:AC:63
Certificate issuer: /CN=3a0429b5aecac8364544bf623f94f163afdce561
Certificate serial: 018E5B12D6DB4BD9BB4DF8CF03E2CC2B8FFB
Authority key identifier: 3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/kurgNmqcBurULnaWCBubYRCirGM.roa
Signing time: Wed 20 Mar 2024 08:55:45 +0000
ROA not before: Wed 20 Mar 2024 08:55:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 146.0.0.0/24 maxlen: 24
146.0.1.0/24 maxlen: 24
146.0.2.0/24 maxlen: 24
146.0.5.0/24 maxlen: 24
146.0.8.0/24 maxlen: 24
146.0.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:12:d6:db:4b:d9:bb:4d:f8:cf:03:e2:cc:2b:8f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0429b5aecac8364544bf623f94f163afdce561
Validity
Not Before: Mar 20 08:55:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92eae0366a9c06ead42e7696081b9b6110a2ac63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2e:85:3d:a6:41:de:3b:f7:e5:f5:1a:55:b5:
fb:f6:fc:22:fb:1b:a3:d8:84:91:a0:4f:19:23:5a:
30:f7:ea:ec:26:33:f1:0d:99:0b:91:67:fb:45:9b:
ce:dd:bb:04:3b:3e:8a:9f:9c:13:29:b7:cb:ad:88:
7d:d4:63:a4:9c:7f:52:86:3c:d3:f2:a5:78:9d:ce:
9d:69:f5:ca:1b:3d:a9:e6:92:8e:13:c8:96:38:51:
6b:a3:85:b6:23:2b:79:96:c1:8b:4c:da:c2:79:eb:
9f:ff:26:7d:77:91:29:7b:ed:39:e9:c7:bc:12:76:
65:8e:2f:21:aa:b8:c7:6d:83:b7:6d:4c:78:7f:4a:
94:65:e2:27:e8:f7:f5:ca:32:d7:b6:b3:4f:fd:eb:
7d:03:48:cf:00:33:5b:50:ee:22:e6:0a:35:9e:31:
cd:34:e1:a7:90:c5:81:2e:11:ef:3e:aa:e3:18:b1:
d0:82:dd:26:1c:8d:ce:8d:cb:79:02:c6:08:51:9f:
5e:27:62:c1:f0:d5:2a:9e:5b:47:7b:13:96:36:6a:
ee:40:f4:ad:a0:c6:b3:5e:83:df:3b:19:81:38:21:
2e:28:a4:93:c7:13:c1:03:8e:4f:38:18:0a:c5:22:
cb:14:fa:5b:bc:2a:11:b8:f1:a6:78:da:63:fe:90:
83:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:EA:E0:36:6A:9C:06:EA:D4:2E:76:96:08:1B:9B:61:10:A2:AC:63
X509v3 Authority Key Identifier:
keyid:3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/kurgNmqcBurULnaWCBubYRCirGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.0.0-146.0.2.255
146.0.5.0/24
146.0.8.0/24
146.0.15.0/24
Signature Algorithm: sha256WithRSAEncryption
53:b9:77:aa:a8:da:79:49:e9:cb:82:48:77:ff:be:22:f8:9f:
3e:f1:52:b7:2a:43:f1:1c:05:a5:f6:d5:6d:f5:bf:00:e5:28:
48:31:5e:df:ea:8a:3b:7a:a9:c2:f0:13:0f:66:a3:22:db:0f:
aa:63:1d:00:61:d1:f5:64:b6:f0:4e:c5:a3:b6:f0:97:e8:d0:
bc:c6:59:5b:b1:97:a7:0b:2b:bf:49:46:80:02:33:17:a6:3b:
e7:d0:07:c1:ad:36:77:ec:59:41:6e:1e:5a:f3:52:85:5b:91:
5d:0c:f8:69:11:ab:0c:23:e2:66:0f:60:73:db:b8:d3:b3:a0:
da:64:73:35:67:2c:8a:ce:07:15:34:ae:de:18:18:e5:79:4d:
c6:e0:3a:9b:e1:ae:53:5e:b7:6c:85:1a:a7:59:f7:fd:52:1e:
6a:58:4b:c5:87:15:71:ca:13:d3:44:02:22:52:06:49:c6:e8:
d7:0e:0a:09:d0:40:4a:59:3c:63:c0:31:58:5d:8b:94:87:93:
0c:a9:69:8f:8b:b7:d6:7a:0a:49:b7:51:ba:46:53:21:d5:24:
fc:fc:23:c3:82:7f:0a:f8:0c:59:a5:50:8d:48:22:41:a8:b7:
08:3f:03:98:6e:b4:57:a3:4e:32:b9:5f:1d:e6:ad:0a:a5:b4:
e7:a8:5b:43
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY5bEtbbS9m7TfjPA+LMK4/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDQyOWI1YWVjYWM4MzY0NTQ0YmY2MjNmOTRmMTYzYWZk
Y2U1NjEwHhcNMjQwMzIwMDg1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmVhZTAzNjZhOWMwNmVhZDQyZTc2OTYwODFiOWI2MTEwYTJhYzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzi6FPaZB3jv35fUaVbX79vwi+xuj
2ISRoE8ZI1ow9+rsJjPxDZkLkWf7RZvO3bsEOz6Kn5wTKbfLrYh91GOknH9ShjzT
8qV4nc6dafXKGz2p5pKOE8iWOFFro4W2Iyt5lsGLTNrCeeuf/yZ9d5Epe+056ce8
EnZlji8hqrjHbYO3bUx4f0qUZeIn6Pf1yjLXtrNP/et9A0jPADNbUO4i5go1njHN
NOGnkMWBLhHvPqrjGLHQgt0mHI3Ojct5AsYIUZ9eJ2LB8NUqnltHexOWNmruQPSt
oMazXoPfOxmBOCEuKKSTxxPBA45POBgKxSLLFPpbvCoRuPGmeNpj/pCDuwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJLq4DZqnAbq1C52lggbm2EQoqxjMB8GA1UdIwQY
MBaAFDoEKbWuysg2RUS/Yj+U8WOv3OVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEt
ODQ3MTJjOWYzNDY0LzEva3VyZ05tcWNCdXJVTG5hV0NCdWJZUkNpckdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEtODQ3MTJjOWYzNDY0
LzEvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeMAoDAgGSAwQA
kgACAwQAkgAFAwQAkgAIAwQAkgAPMA0GCSqGSIb3DQEBCwUAA4IBAQBTuXeqqNp5
SenLgkh3/74i+J8+8VK3KkPxHAWl9tVt9b8A5ShIMV7f6oo7eqnC8BMPZqMi2w+q
Yx0AYdH1ZLbwTsWjtvCX6NC8xllbsZenCyu/SUaAAjMXpjvn0AfBrTZ37FlBbh5a
81KFW5FdDPhpEasMI+JmD2Bz27jTs6DaZHM1ZyyKzgcVNK7eGBjleU3G4Dqb4a5T
XrdshRqnWff9Uh5qWEvFhxVxyhPTRAIiUgZJxujXDgoJ0EBKWTxjwDFYXYuUh5MM
qWmPi7fWegpJt1G6RlMh1ST8/CPDgn8K+AxZpVCNSCJBqLcIPwOYbrRXo04yuV8d
5q0KpbTnqFtD
-----END CERTIFICATE-----
Generated at Thu May 2 18:33:48 2024 by rpki-client on console-ams.rpki-client.org