Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/kZYJ81QGoNR3KIT-L8jKOyTKOUw.roa
File: kZYJ81QGoNR3KIT-L8jKOyTKOUw.roa (raw, json)
Hash identifier: 2ay0q2Mp0qxDnRzAGJbJVXlPHjAIoSZ1YGvcEdmIecY=
Subject key identifier: 91:96:09:F3:54:06:A0:D4:77:28:84:FE:2F:C8:CA:3B:24:CA:39:4C
Certificate issuer: /CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
Certificate serial: 018CC794A98C5D8C355AFD164D0410383819
Authority key identifier: 1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/kZYJ81QGoNR3KIT-L8jKOyTKOUw.roa
Signing time: Tue 02 Jan 2024 00:30:57 +0000
ROA not before: Tue 02 Jan 2024 00:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39657
IP address blocks: 185.63.12.0/22 maxlen: 24
81.93.32.0/20 maxlen: 24
81.93.32.0/21 maxlen: 21
81.93.32.0/22 maxlen: 24
81.93.36.0/22 maxlen: 24
81.93.40.0/22 maxlen: 24
81.93.40.0/21 maxlen: 21
81.93.44.0/22 maxlen: 24
93.88.32.0/22 maxlen: 24
93.88.32.0/20 maxlen: 24
93.88.36.0/22 maxlen: 24
93.88.40.0/22 maxlen: 24
93.88.44.0/22 maxlen: 24
81.30.16.0/20 maxlen: 20
81.30.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/GuHHqgs5XgYS7EI_4H-wOJqqQAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/GuHHqgs5XgYS7EI_4H-wOJqqQAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 21:56:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:a9:8c:5d:8c:35:5a:fd:16:4d:04:10:38:38:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
Validity
Not Before: Jan 2 00:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=919609f35406a0d4772884fe2fc8ca3b24ca394c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:16:37:2f:fd:2c:da:37:53:79:9b:e0:07:f9:
3c:b7:70:a8:8b:a9:c5:b6:d8:05:da:b7:62:c8:d7:
32:f0:32:14:46:d6:ea:73:ef:bc:09:fb:42:ab:bf:
6b:e2:a0:23:fb:8b:2c:1e:61:e5:a0:ad:09:15:aa:
3c:bb:98:8a:39:61:4e:c1:d1:ca:f4:f7:6b:e1:26:
4e:31:d5:95:1e:5f:27:ff:26:a8:7f:30:db:07:af:
a9:b2:4f:bc:20:b6:cb:98:2f:ed:e1:f0:93:f5:48:
9b:32:6a:b6:fa:b8:87:16:14:40:cd:0d:94:f9:2a:
0b:c9:f1:47:40:b4:4b:1f:c5:91:31:0e:01:24:32:
2e:26:aa:9e:a8:05:6b:87:29:4c:c1:14:7f:a6:6f:
69:44:0e:6b:42:a5:ee:1e:b5:f8:e2:d2:e8:75:b7:
1e:85:08:a1:a7:a2:bf:7f:15:76:ad:b5:d2:78:3f:
9f:b3:35:67:6e:01:6b:ce:04:3a:bb:44:d4:fd:75:
73:8f:ce:e8:1c:bd:e2:dd:6b:44:a2:d9:c1:7e:ad:
e3:22:84:85:ae:bc:a1:e9:c3:8a:17:64:fb:0f:6b:
e3:36:80:b7:d8:e5:96:a7:cb:3d:0d:4a:34:93:02:
30:41:b4:6e:58:4e:eb:11:11:c3:6f:01:f1:3a:6a:
77:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:96:09:F3:54:06:A0:D4:77:28:84:FE:2F:C8:CA:3B:24:CA:39:4C
X509v3 Authority Key Identifier:
keyid:1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/kZYJ81QGoNR3KIT-L8jKOyTKOUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/GuHHqgs5XgYS7EI_4H-wOJqqQAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.16.0/20
81.93.32.0/20
93.88.32.0/20
185.63.12.0/22
Signature Algorithm: sha256WithRSAEncryption
24:77:ac:06:63:bb:ba:a0:ef:31:f8:ce:db:99:e0:d9:4e:e6:
f4:b2:ca:9b:51:52:cd:ff:2b:44:d0:29:f7:0d:25:64:13:cc:
01:cf:1d:55:b8:cf:89:0c:5c:4e:5b:d2:d1:e4:c2:c6:65:34:
8a:78:9d:f5:71:16:f3:76:33:45:1d:fc:ca:3b:37:8f:e4:b9:
d6:32:f7:b6:9e:f9:49:e7:f1:6d:90:83:a9:23:55:ff:c7:db:
6e:81:dc:bb:ab:d5:f3:73:ff:39:c4:68:4c:a4:b9:b3:c2:39:
cb:70:bc:ea:e2:81:64:ea:f9:4e:69:e0:aa:fd:da:63:65:53:
75:ab:c2:79:69:af:d9:73:aa:2e:5b:22:3a:ea:81:20:aa:20:
7f:88:b3:c8:81:ae:3c:e6:52:78:3a:a5:f3:01:2d:68:4f:5e:
03:54:c7:37:d5:12:02:5b:60:39:56:33:77:cb:bc:84:05:43:
c9:e0:42:17:f4:cf:44:33:74:4c:74:23:8e:20:c0:c5:a4:46:
ec:13:92:9b:47:47:7b:68:a8:f8:06:58:6a:ce:75:0d:dd:db:
3d:70:bc:a4:9d:6f:40:e1:1d:f5:e4:6a:17:59:67:1c:1e:ad:
36:61:07:fc:ff:71:ad:f9:85:9d:5a:92:b7:81:1a:b3:4c:bb:
e9:76:58:25
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlKmMXYw1Wv0WTQQQODgZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZTFjN2FhMGIzOTVlMDYxMmVjNDIzZmUwN2ZiMDM4OWFh
YTQwMDMwHhcNMjQwMTAyMDAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTk2MDlmMzU0MDZhMGQ0NzcyODg0ZmUyZmM4Y2EzYjI0Y2EzOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRY3L/0s2jdTeZvgB/k8t3Coi6nF
ttgF2rdiyNcy8DIURtbqc++8CftCq79r4qAj+4ssHmHloK0JFao8u5iKOWFOwdHK
9Pdr4SZOMdWVHl8n/yaofzDbB6+psk+8ILbLmC/t4fCT9UibMmq2+riHFhRAzQ2U
+SoLyfFHQLRLH8WRMQ4BJDIuJqqeqAVrhylMwRR/pm9pRA5rQqXuHrX44tLodbce
hQihp6K/fxV2rbXSeD+fszVnbgFrzgQ6u0TU/XVzj87oHL3i3WtEotnBfq3jIoSF
rryh6cOKF2T7D2vjNoC32OWWp8s9DUo0kwIwQbRuWE7rERHDbwHxOmp3yQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJGWCfNUBqDUdyiE/i/IyjskyjlMMB8GA1UdIwQY
MBaAFBrhx6oLOV4GEuxCP+B/sDiaqkADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3VISHFnczVYZ1lTN0VJXzRILXdPSnFxUUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9hYmU2MjgtZmNlNy00NDdlLTg1M2Ut
OTRmZGM5ZmJkY2FjLzEva1pZSjgxUUdvTlIzS0lULUw4aktPeVRLT1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9hYmU2MjgtZmNlNy00NDdlLTg1M2UtOTRmZGM5ZmJkY2Fj
LzEvR3VISHFnczVYZ1lTN0VJXzRILXdPSnFxUUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEUR4QAwQE
UV0gAwQEXVggAwQCuT8MMA0GCSqGSIb3DQEBCwUAA4IBAQAkd6wGY7u6oO8x+M7b
meDZTub0ssqbUVLN/ytE0Cn3DSVkE8wBzx1VuM+JDFxOW9LR5MLGZTSKeJ31cRbz
djNFHfzKOzeP5LnWMve2nvlJ5/FtkIOpI1X/x9tugdy7q9Xzc/85xGhMpLmzwjnL
cLzq4oFk6vlOaeCq/dpjZVN1q8J5aa/Zc6ouWyI66oEgqiB/iLPIga485lJ4OqXz
AS1oT14DVMc31RICW2A5VjN3y7yEBUPJ4EIX9M9EM3RMdCOOIMDFpEbsE5KbR0d7
aKj4BlhqznUN3ds9cLyknW9A4R315GoXWWccHq02YQf8/3Gt+YWdWpK3gRqzTLvp
dlgl
-----END CERTIFICATE-----
Generated at Wed Dec 4 07:03:56 2024 by rpki-client on console-ams.rpki-client.org