Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/KdT94Mxx6OgPbUdXnO586zv_Q9Y.roa
File: KdT94Mxx6OgPbUdXnO586zv_Q9Y.roa (raw, json)
Hash identifier: MDtB0wBu1iUcdqO1yVAIjYe1TbJ+APqkT9wrtCcX/CM=
Subject key identifier: 29:D4:FD:E0:CC:71:E8:E8:0F:6D:47:57:9C:EE:7C:EB:3B:FF:43:D6
Certificate issuer: /CN=6fe561f84c5bab17d503bf93d3c3d325c2a2252e
Certificate serial: 018CC4938E538B4BE7664272387BC8256AB2
Authority key identifier: 6F:E5:61:F8:4C:5B:AB:17:D5:03:BF:93:D3:C3:D3:25:C2:A2:25:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-Vh-ExbqxfVA7-T08PTJcKiJS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/KdT94Mxx6OgPbUdXnO586zv_Q9Y.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21032
IP address blocks: 185.133.112.0/22 maxlen: 24
188.209.160.0/19 maxlen: 24
109.226.128.0/18 maxlen: 24
2a0d:c80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/b-Vh-ExbqxfVA7-T08PTJcKiJS4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/b-Vh-ExbqxfVA7-T08PTJcKiJS4.mft
rsync://rpki.ripe.net/repository/DEFAULT/b-Vh-ExbqxfVA7-T08PTJcKiJS4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8e:53:8b:4b:e7:66:42:72:38:7b:c8:25:6a:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fe561f84c5bab17d503bf93d3c3d325c2a2252e
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29d4fde0cc71e8e80f6d47579cee7ceb3bff43d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:24:0b:be:ad:3e:d9:cc:e2:58:92:3d:c9:e0:
5b:be:f4:d8:35:28:d1:31:0b:9f:a4:2d:ca:d4:86:
a1:29:77:eb:9a:82:b8:12:5e:54:5c:6b:50:64:a5:
10:83:f5:df:2a:6b:2a:ce:b3:b3:10:7f:28:f5:33:
e7:d5:f6:49:22:40:00:43:72:3a:4c:90:34:60:64:
9d:52:a7:b9:54:59:94:78:19:60:8d:6f:2e:a1:7f:
0b:ce:0a:3f:e8:ad:77:54:d1:61:92:cc:d6:7b:29:
db:73:40:6d:ea:ff:74:f9:2c:61:bb:1f:4b:90:88:
90:bb:3b:da:e6:b4:a2:b8:0c:9d:33:9e:f5:c3:1e:
32:95:c1:ea:2d:be:d9:ad:1e:5d:5a:cd:cf:de:cb:
ad:cc:b8:7a:c2:92:51:6a:8b:13:93:c1:73:53:bf:
9b:d5:f3:c8:5d:3d:d5:8b:ff:0e:f7:1a:c6:e9:94:
a8:d3:f8:5f:3f:aa:12:21:77:07:e2:19:07:da:3d:
38:f2:72:c0:6a:2d:5d:7f:8c:1f:f4:9a:cb:7e:27:
b5:16:a2:be:0c:36:42:84:6d:67:6a:f0:cf:78:9f:
05:b8:d2:29:9c:bf:2a:40:a8:0b:6e:ef:a2:9c:62:
5d:03:bf:68:16:e3:a7:3c:30:f9:a3:f5:5f:dd:c5:
69:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D4:FD:E0:CC:71:E8:E8:0F:6D:47:57:9C:EE:7C:EB:3B:FF:43:D6
X509v3 Authority Key Identifier:
keyid:6F:E5:61:F8:4C:5B:AB:17:D5:03:BF:93:D3:C3:D3:25:C2:A2:25:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-Vh-ExbqxfVA7-T08PTJcKiJS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/KdT94Mxx6OgPbUdXnO586zv_Q9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/b-Vh-ExbqxfVA7-T08PTJcKiJS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.128.0/18
185.133.112.0/22
188.209.160.0/19
IPv6:
2a0d:c80::/29
Signature Algorithm: sha256WithRSAEncryption
ab:26:ed:4a:58:ff:c2:08:aa:c9:cd:09:91:3e:fd:40:49:d2:
23:2f:fb:05:ad:b8:e3:7d:d2:92:aa:77:18:23:40:7e:21:49:
8c:1f:e8:ed:84:38:af:eb:b6:4a:14:26:c4:25:55:f4:1e:fd:
f2:c6:eb:c7:61:b4:0e:84:2c:79:72:48:bd:eb:f5:0f:f0:54:
d6:e9:7d:9d:e4:61:fe:5c:39:3f:86:e2:8c:fb:99:1c:60:b3:
72:8a:54:a6:59:27:5d:62:0c:ea:ec:e7:7d:af:d2:ca:18:04:
f7:bd:7d:f9:59:63:c3:ef:6e:6b:61:8c:0e:b5:e4:3f:2c:7b:
d6:79:9a:bd:62:4b:51:1f:37:0c:aa:9c:41:41:ea:20:01:24:
17:01:65:f2:91:b0:51:87:37:44:98:3a:93:f6:d4:ee:61:22:
53:84:9d:98:44:89:6b:61:e7:f4:5e:b9:d9:14:c1:69:b2:86:
88:43:c1:fb:c0:a0:7c:f1:5b:35:7e:35:9d:c5:46:b6:11:15:
8e:92:0d:9d:a9:1a:ee:42:ac:5e:d9:20:eb:5f:6e:12:dc:35:
46:58:0c:b1:35:64:a4:cd:9a:93:54:f8:fa:04:30:79:37:13:
1d:2f:3f:7c:f1:f5:5f:df:0a:ea:e8:ba:1e:88:bc:47:4c:31:
a0:c7:29:67
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEk45Ti0vnZkJyOHvIJWqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZTU2MWY4NGM1YmFiMTdkNTAzYmY5M2QzYzNkMzI1YzJh
MjI1MmUwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ0ZmRlMGNjNzFlOGU4MGY2ZDQ3NTc5Y2VlN2NlYjNiZmY0M2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCQLvq0+2cziWJI9yeBbvvTYNSjR
MQufpC3K1IahKXfrmoK4El5UXGtQZKUQg/XfKmsqzrOzEH8o9TPn1fZJIkAAQ3I6
TJA0YGSdUqe5VFmUeBlgjW8uoX8Lzgo/6K13VNFhkszWeynbc0Bt6v90+Sxhux9L
kIiQuzva5rSiuAydM571wx4ylcHqLb7ZrR5dWs3P3sutzLh6wpJRaosTk8FzU7+b
1fPIXT3Vi/8O9xrG6ZSo0/hfP6oSIXcH4hkH2j048nLAai1df4wf9JrLfie1FqK+
DDZChG1navDPeJ8FuNIpnL8qQKgLbu+inGJdA79oFuOnPDD5o/Vf3cVpNQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCnU/eDMcejoD21HV5zufOs7/0PWMB8GA1UdIwQY
MBaAFG/lYfhMW6sX1QO/k9PD0yXCoiUuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi1WaC1FeGJxeGZWQTctVDA4UFRKY0tpSlM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82MjY2YWYtZmZiYi00NDYyLWJhYTYt
NTczOWVkODNjNjkxLzEvS2RUOTRNeHg2T2dQYlVkWG5PNTg2enZfUTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82MjY2YWYtZmZiYi00NDYyLWJhYTYtNTczOWVkODNjNjkx
LzEvYi1WaC1FeGJxeGZWQTctVDA4UFRKY0tpSlM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGbeKAAwQC
uYVwAwQFvNGgMA0EAgACMAcDBQMqDQyAMA0GCSqGSIb3DQEBCwUAA4IBAQCrJu1K
WP/CCKrJzQmRPv1ASdIjL/sFrbjjfdKSqncYI0B+IUmMH+jthDiv67ZKFCbEJVX0
Hv3yxuvHYbQOhCx5cki96/UP8FTW6X2d5GH+XDk/huKM+5kcYLNyilSmWSddYgzq
7Od9r9LKGAT3vX35WWPD725rYYwOteQ/LHvWeZq9YktRHzcMqpxBQeogASQXAWXy
kbBRhzdEmDqT9tTuYSJThJ2YRIlrYef0XrnZFMFpsoaIQ8H7wKB88Vs1fjWdxUa2
ERWOkg2dqRruQqxe2SDrX24S3DVGWAyxNWSkzZqTVPj6BDB5NxMdLz988fVf3wrq
6LoeiLxHTDGgxyln
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:37:30 2024 by rpki-client on console-ams.rpki-client.org