Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/kfc0zPYbZoWds4hLWfAw8p77FWY.roa
File: kfc0zPYbZoWds4hLWfAw8p77FWY.roa (raw, json)
Hash identifier: Tx3WfVajLiYDiWmKN3AwB3hRMw1hChup8fTXoM9rrCA=
Subject key identifier: 91:F7:34:CC:F6:1B:66:85:9D:B3:88:4B:59:F0:30:F2:9E:FB:15:66
Certificate issuer: /CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Certificate serial: 01921B9F79CBBAC2600C37AB4B7DBE326AF8
Authority key identifier: 42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/kfc0zPYbZoWds4hLWfAw8p77FWY.roa
Signing time: Sun 22 Sep 2024 21:24:49 +0000
ROA not before: Sun 22 Sep 2024 21:24:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29386
IP address blocks: 5.0.128.0/21 maxlen: 21
5.0.136.0/21 maxlen: 21
5.0.144.0/21 maxlen: 21
5.0.152.0/21 maxlen: 21
5.0.160.0/21 maxlen: 21
5.0.168.0/21 maxlen: 21
5.0.176.0/21 maxlen: 21
5.0.184.0/21 maxlen: 21
5.155.128.0/21 maxlen: 21
5.155.136.0/21 maxlen: 21
5.155.144.0/21 maxlen: 21
5.155.152.0/21 maxlen: 21
5.155.160.0/21 maxlen: 21
5.155.168.0/21 maxlen: 21
5.155.176.0/21 maxlen: 21
5.155.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.mft
rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1b:9f:79:cb:ba:c2:60:0c:37:ab:4b:7d:be:32:6a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Validity
Not Before: Sep 22 21:24:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91f734ccf61b66859db3884b59f030f29efb1566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:75:61:b4:95:0b:85:6d:80:98:2f:4d:27:b8:
95:5d:0a:5e:b5:6d:14:ad:65:47:62:96:90:a7:82:
fa:d8:9b:f6:97:09:53:a6:32:f5:7f:a0:75:0b:4f:
66:52:71:0a:a9:8e:d0:b3:08:1a:d6:c4:6e:78:cc:
71:0d:f3:d2:09:14:c8:a5:6f:be:a2:fc:96:9c:4b:
45:2c:34:2b:d1:3b:13:01:3c:ae:7f:df:52:46:2f:
fc:9d:9a:5b:2b:aa:bd:e7:6e:15:09:35:05:6f:4f:
07:71:81:0e:2a:68:a3:25:1d:7a:da:a1:08:42:10:
6d:d7:61:3c:02:68:94:73:fc:5f:39:59:48:2f:1a:
15:5f:84:93:bf:0d:e6:58:bf:e3:1a:2e:da:1b:9c:
cd:07:03:48:98:c6:c4:d4:68:21:3b:ad:74:2e:03:
76:49:34:f8:2e:66:49:6c:02:98:62:81:4c:a6:9e:
b2:0d:9a:3f:b1:3a:5b:1f:82:a3:95:2a:df:18:6a:
cd:2a:4e:73:4a:fc:d7:80:c1:9a:8c:66:da:22:59:
e6:25:ef:ec:ca:5a:85:1a:87:e2:a0:22:dd:f7:c4:
f8:2d:00:8f:0c:e8:2f:22:1f:69:c6:a1:87:57:cc:
3f:3a:64:ea:57:96:8f:46:c9:2f:4e:22:1d:78:f7:
bc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F7:34:CC:F6:1B:66:85:9D:B3:88:4B:59:F0:30:F2:9E:FB:15:66
X509v3 Authority Key Identifier:
keyid:42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/kfc0zPYbZoWds4hLWfAw8p77FWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.0.128.0/18
5.155.128.0/18
Signature Algorithm: sha256WithRSAEncryption
7f:30:50:59:69:32:3d:94:dc:58:30:e5:ab:9f:a0:de:b8:9e:
2e:3c:d7:0c:57:08:6d:a8:fd:b9:80:b5:e3:71:c1:59:a5:87:
a8:c6:3f:7c:c0:58:a5:a8:64:64:7f:5c:ad:53:c2:bc:44:5e:
fb:50:3c:21:f1:99:b5:65:aa:57:de:15:f8:8f:b1:ba:39:d3:
f2:2c:66:39:20:12:67:1c:94:ac:4c:20:e6:ee:52:84:ff:30:
f1:df:b9:9f:5b:9a:0b:db:f2:b4:da:3e:cf:83:b1:69:31:79:
5c:9c:38:cf:e9:48:da:fd:93:bb:e9:aa:ed:c5:aa:4e:d7:ff:
b7:6f:47:9d:6e:a4:ee:78:14:43:5f:46:07:53:7d:00:91:35:
e6:1d:84:ad:fa:b0:14:9f:da:39:69:0f:82:c4:50:b1:c5:9e:
ea:70:09:d4:b5:d0:ef:0d:7c:a7:3d:f8:ff:f2:43:41:f0:0c:
79:11:72:45:11:7b:89:a5:df:ba:f5:d9:4a:f0:8d:a6:3e:3f:
96:b3:16:6a:70:8a:3a:d4:1f:e8:cf:3b:07:92:26:69:12:00:
19:80:3d:5e:43:ff:11:92:d7:a4:e3:8e:17:c5:b6:0e:b6:32:
69:8c:04:e1:ea:b9:89:e0:fa:a2:f4:da:d9:06:ab:0d:85:c8:
30:2d:ae:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIbn3nLusJgDDerS32+Mmr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODM2OTY3MTZkYmNjMzYwYjlhNjJlZjdkODRiNGQyOGY5
NThiZGQwHhcNMjQwOTIyMjEyNDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWY3MzRjY2Y2MWI2Njg1OWRiMzg4NGI1OWYwMzBmMjllZmIxNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXVhtJULhW2AmC9NJ7iVXQpetW0U
rWVHYpaQp4L62Jv2lwlTpjL1f6B1C09mUnEKqY7Qswga1sRueMxxDfPSCRTIpW++
ovyWnEtFLDQr0TsTATyuf99SRi/8nZpbK6q9524VCTUFb08HcYEOKmijJR162qEI
QhBt12E8AmiUc/xfOVlILxoVX4STvw3mWL/jGi7aG5zNBwNImMbE1GghO610LgN2
STT4LmZJbAKYYoFMpp6yDZo/sTpbH4KjlSrfGGrNKk5zSvzXgMGajGbaIlnmJe/s
ylqFGofioCLd98T4LQCPDOgvIh9pxqGHV8w/OmTqV5aPRskvTiIdePe8OwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJH3NMz2G2aFnbOIS1nwMPKe+xVmMB8GA1UdIwQY
MBaAFEKDaWcW28w2C5pi732EtNKPlYvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAt
OTI0MGQ5Zjc1YWU2LzEva2ZjMHpQWWJab1dkczRoTFdmQXc4cDc3RldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAtOTI0MGQ5Zjc1YWU2
LzEvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGBQCAAwQG
BZuAMA0GCSqGSIb3DQEBCwUAA4IBAQB/MFBZaTI9lNxYMOWrn6DeuJ4uPNcMVwht
qP25gLXjccFZpYeoxj98wFilqGRkf1ytU8K8RF77UDwh8Zm1ZapX3hX4j7G6OdPy
LGY5IBJnHJSsTCDm7lKE/zDx37mfW5oL2/K02j7Pg7FpMXlcnDjP6Uja/ZO76art
xapO1/+3b0edbqTueBRDX0YHU30AkTXmHYSt+rAUn9o5aQ+CxFCxxZ7qcAnUtdDv
DXynPfj/8kNB8Ax5EXJFEXuJpd+69dlK8I2mPj+WsxZqcIo61B/ozzsHkiZpEgAZ
gD1eQ/8Rktek444XxbYOtjJpjATh6rmJ4Pqi9NrZBqsNhcgwLa74
-----END CERTIFICATE-----
Generated at Fri Nov 15 22:21:37 2024 by rpki-client on console-fra.rpki-client.org