Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/KaWMZs_VEDtNp9t4wihjWuCLAz8.roa
File: KaWMZs_VEDtNp9t4wihjWuCLAz8.roa (raw, json)
Hash identifier: wP8iqbDVrPzxQ7Nvf8B/K2yzFOQmDJ6pu+n239mzRjk=
Subject key identifier: 29:A5:8C:66:CF:D5:10:3B:4D:A7:DB:78:C2:28:63:5A:E0:8B:03:3F
Certificate issuer: /CN=f01c8997a354bc7d4e5a60a9f42438a182fa998a
Certificate serial: 018CC64A401F6990814943F7D7F602D09146
Authority key identifier: F0:1C:89:97:A3:54:BC:7D:4E:5A:60:A9:F4:24:38:A1:82:FA:99:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/KaWMZs_VEDtNp9t4wihjWuCLAz8.roa
Signing time: Mon 01 Jan 2024 18:30:03 +0000
ROA not before: Mon 01 Jan 2024 18:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43957
IP address blocks: 79.170.208.0/21 maxlen: 21
185.52.20.0/22 maxlen: 22
46.245.200.0/21 maxlen: 21
185.31.28.0/22 maxlen: 22
185.93.214.0/23 maxlen: 23
92.63.144.0/20 maxlen: 20
94.102.96.0/20 maxlen: 20
92.61.48.0/21 maxlen: 21
92.61.56.0/22 maxlen: 22
2a02:4140:4::/48 maxlen: 48
2a02:4140::/32 maxlen: 32
2a00:b220::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 22:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:40:1f:69:90:81:49:43:f7:d7:f6:02:d0:91:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f01c8997a354bc7d4e5a60a9f42438a182fa998a
Validity
Not Before: Jan 1 18:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29a58c66cfd5103b4da7db78c228635ae08b033f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6f:5b:ca:80:ca:48:c6:ec:4c:9f:45:59:bc:
d9:40:a1:88:4e:c9:e7:e9:f6:22:72:d0:a2:62:2b:
c8:72:72:8c:db:60:00:06:75:87:7f:51:71:af:f9:
5d:76:cb:4b:96:3c:cf:61:e8:ef:85:16:5c:7e:9e:
3d:00:e8:71:19:06:87:42:1b:c8:be:b7:f2:82:62:
c5:8e:8b:20:fb:41:64:c7:bd:d0:85:87:47:2b:aa:
e7:82:0c:17:08:6d:69:b8:ce:7d:be:44:90:ce:93:
1a:a6:9c:7b:e2:e8:b0:19:5c:be:96:b7:d0:75:64:
89:0f:50:78:7d:dc:e2:6b:d8:91:36:5d:ff:31:e0:
87:0b:a3:9e:fd:6c:d0:33:89:57:b7:ca:55:c9:06:
4a:c1:9a:aa:4d:06:71:57:b2:de:b6:1d:df:5d:d0:
ce:7d:69:cb:f2:96:0d:55:c4:a2:2c:90:31:0a:cc:
32:42:e2:46:2d:6e:84:65:88:a2:2f:0a:a2:c4:46:
55:9e:d4:75:79:37:59:a6:c1:d7:d3:ad:e7:c8:07:
b4:25:51:4d:19:03:71:b9:75:48:e3:97:7c:7d:92:
0e:03:26:76:67:b0:b7:fe:90:b5:4f:6d:e7:9a:d2:
4e:ae:65:4f:b5:79:1c:ac:67:ce:78:ac:ff:d8:1c:
8e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A5:8C:66:CF:D5:10:3B:4D:A7:DB:78:C2:28:63:5A:E0:8B:03:3F
X509v3 Authority Key Identifier:
keyid:F0:1C:89:97:A3:54:BC:7D:4E:5A:60:A9:F4:24:38:A1:82:FA:99:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/KaWMZs_VEDtNp9t4wihjWuCLAz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.200.0/21
79.170.208.0/21
92.61.48.0-92.61.59.255
92.63.144.0/20
94.102.96.0/20
185.31.28.0/22
185.52.20.0/22
185.93.214.0/23
IPv6:
2a00:b220::/32
2a02:4140::/32
Signature Algorithm: sha256WithRSAEncryption
48:77:0f:ee:70:87:98:b5:81:54:be:92:8f:36:97:d3:cb:db:
59:45:36:7e:c0:46:04:49:61:55:82:67:3a:bc:dc:bd:c8:f8:
f9:a1:f2:bc:bf:cd:24:de:11:94:ed:d4:24:0e:39:f2:f6:0b:
aa:00:89:bd:d4:22:eb:4e:78:33:e5:4c:9d:e5:87:b9:7f:bf:
28:32:f9:5d:a3:49:0a:44:07:f0:87:33:a6:a6:00:08:da:d6:
74:e5:7c:0e:2a:cc:56:54:d3:26:8e:3d:2f:9e:29:78:a3:94:
1a:05:1a:31:80:d8:1d:06:2f:ba:ac:f1:a4:3a:ca:a2:61:e1:
5a:10:47:e2:36:1d:b5:08:4c:33:f0:aa:ae:cc:d1:66:b8:6e:
20:b9:03:35:a7:0b:a4:b7:18:ae:44:a8:5f:0c:9f:df:de:32:
a8:f6:18:b1:07:e7:d0:c6:80:12:51:4a:29:b9:b4:8e:1d:9b:
08:cb:30:a3:1b:9b:d3:ff:56:79:3e:6e:2f:a3:ea:4f:4b:31:
a5:73:93:52:0e:71:c6:ff:b5:18:31:7b:d8:7c:97:d6:62:4f:
96:4a:61:0b:bf:a6:bd:5d:08:ba:13:00:37:97:b7:c7:04:55:
42:42:0f:72:35:2e:94:77:5c:cb:75:8e:b5:c7:42:cb:64:6f:
f9:ac:0e:09
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzGSkAfaZCBSUP31/YC0JFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMWM4OTk3YTM1NGJjN2Q0ZTVhNjBhOWY0MjQzOGExODJm
YTk5OGEwHhcNMjQwMTAxMTgzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE1OGM2NmNmZDUxMDNiNGRhN2RiNzhjMjI4NjM1YWUwOGIwMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhG9byoDKSMbsTJ9FWbzZQKGITsnn
6fYictCiYivIcnKM22AABnWHf1Fxr/lddstLljzPYejvhRZcfp49AOhxGQaHQhvI
vrfygmLFjosg+0Fkx73QhYdHK6rnggwXCG1puM59vkSQzpMappx74uiwGVy+lrfQ
dWSJD1B4fdzia9iRNl3/MeCHC6Oe/WzQM4lXt8pVyQZKwZqqTQZxV7Leth3fXdDO
fWnL8pYNVcSiLJAxCswyQuJGLW6EZYiiLwqixEZVntR1eTdZpsHX063nyAe0JVFN
GQNxuXVI45d8fZIOAyZ2Z7C3/pC1T23nmtJOrmVPtXkcrGfOeKz/2ByOewIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFCmljGbP1RA7TafbeMIoY1rgiwM/MB8GA1UdIwQY
MBaAFPAciZejVLx9TlpgqfQkOKGC+pmKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEJ5Smw2TlV2SDFPV21DcDlDUTRvWUw2bVlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mYWE5NWYtM2IzMi00MWZlLWFiZTMt
YzI3YzRhNjEwYmQzLzEvS2FXTVpzX1ZFRHROcDl0NHdpaGpXdUNMQXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mYWE5NWYtM2IzMi00MWZlLWFiZTMtYzI3YzRhNjEwYmQz
LzEvOEJ5Smw2TlV2SDFPV21DcDlDUTRvWUw2bVlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQDLvXIAwQD
T6rQMAwDBARcPTADBAJcPTgDBARcP5ADBAReZmADBAK5HxwDBAK5NBQDBAG5XdYw
FAQCAAIwDgMFACoAsiADBQAqAkFAMA0GCSqGSIb3DQEBCwUAA4IBAQBIdw/ucIeY
tYFUvpKPNpfTy9tZRTZ+wEYESWFVgmc6vNy9yPj5ofK8v80k3hGU7dQkDjny9guq
AIm91CLrTngz5Uyd5Ye5f78oMvldo0kKRAfwhzOmpgAI2tZ05XwOKsxWVNMmjj0v
nil4o5QaBRoxgNgdBi+6rPGkOsqiYeFaEEfiNh21CEwz8KquzNFmuG4guQM1pwuk
txiuRKhfDJ/f3jKo9hixB+fQxoASUUopubSOHZsIyzCjG5vT/1Z5Pm4vo+pPSzGl
c5NSDnHG/7UYMXvYfJfWYk+WSmELv6a9XQi6EwA3l7fHBFVCQg9yNS6Ud1zLdY61
x0LLZG/5rA4J
-----END CERTIFICATE-----
Generated at Wed May 29 09:03:38 2024 by rpki-client on console-ams.rpki-client.org