Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/KOgnCQq2e_EiOqSOCIumPoYtzNE.roa
File: KOgnCQq2e_EiOqSOCIumPoYtzNE.roa (raw, json)
Hash identifier: alVXywodtTLvU07tkVFVGj6Rb2PrhdJcOLjb0+ZAIkU=
Subject key identifier: 28:E8:27:09:0A:B6:7B:F1:22:3A:A4:8E:08:8B:A6:3E:86:2D:CC:D1
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 018CC2DAEA7E8F7BAB3CCC11444427FB4C31
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/KOgnCQq2e_EiOqSOCIumPoYtzNE.roa
Signing time: Mon 01 Jan 2024 02:29:35 +0000
ROA not before: Mon 01 Jan 2024 02:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 185.85.76.0/22 maxlen: 22
91.190.168.0/21 maxlen: 21
5.63.24.0/21 maxlen: 21
2a02:798::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 04:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ea:7e:8f:7b:ab:3c:cc:11:44:44:27:fb:4c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jan 1 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28e827090ab67bf1223aa48e088ba63e862dccd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e8:2f:d8:83:58:f9:b3:7d:ae:c3:5c:c2:a5:
a0:f3:8d:1e:ce:3b:2e:d8:04:84:68:10:f0:77:91:
5d:52:b0:87:c5:f5:24:ca:e2:87:78:89:bf:44:d2:
93:62:65:a6:c2:e7:c9:44:3d:e1:5b:49:88:17:86:
32:57:08:c3:a6:69:b6:65:1a:50:b1:fa:27:99:1f:
b4:c9:83:66:14:71:a2:af:7b:03:88:61:79:ba:25:
2e:d1:e6:78:eb:8d:b6:4c:f8:9c:74:2c:76:e4:de:
fb:b7:0e:2e:db:3f:93:fa:95:57:95:28:73:6b:07:
23:d2:fc:c7:43:c4:09:b2:79:5b:6e:be:38:6d:48:
6a:6d:ae:ab:b0:0b:b5:0b:a8:7b:72:e6:d0:80:de:
9f:af:37:a0:2b:00:8d:8f:f2:e0:74:d2:8c:7d:dc:
99:3d:69:12:35:b5:52:4f:33:8f:46:cf:76:1a:f0:
eb:10:38:7b:ed:a7:16:60:cd:87:5e:86:b9:1f:f8:
eb:61:04:56:2e:2a:68:06:94:a4:0f:87:e1:c5:6e:
61:0f:62:ae:54:08:e5:1c:c3:7e:82:52:8c:bf:3d:
35:ee:cb:77:74:de:f7:7f:08:d5:a8:ba:17:05:62:
0e:30:fa:97:34:a2:97:eb:d8:61:61:97:55:44:79:
e2:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E8:27:09:0A:B6:7B:F1:22:3A:A4:8E:08:8B:A6:3E:86:2D:CC:D1
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/KOgnCQq2e_EiOqSOCIumPoYtzNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0/21
91.190.168.0/21
185.85.76.0/22
IPv6:
2a02:798::/32
Signature Algorithm: sha256WithRSAEncryption
6a:9e:a2:76:56:b2:d6:62:03:70:0e:36:b4:16:db:20:1a:42:
ee:b9:cb:fe:98:e4:8e:b0:58:54:9d:30:4e:8e:b2:8b:f2:bb:
7e:84:52:36:94:a2:44:84:78:5c:30:b7:f0:6c:41:49:cd:15:
26:c2:2b:6d:16:3d:00:08:04:c6:f4:f9:9e:b9:57:88:b3:65:
d0:d8:9c:f1:70:08:ef:5c:d7:c0:9e:c7:24:1c:1d:d9:cf:63:
bc:95:ee:69:a9:76:9e:d7:ae:c6:3a:24:e9:f3:8c:45:f3:f1:
87:4b:9b:25:e0:93:31:7f:de:0f:97:d8:ea:4a:4d:38:69:c1:
30:7c:cf:9c:fb:3f:9b:bf:9a:1a:16:c4:f5:a0:13:3c:78:18:
0b:b2:ca:b3:dd:a0:36:6c:8a:f5:29:82:07:08:b1:03:5b:e7:
ee:58:cc:b0:ea:75:9f:94:c3:13:23:e4:9d:b9:cb:c6:6d:fc:
63:7a:3c:7a:77:a1:d2:29:3d:23:a7:6d:11:e8:3b:f7:9a:ae:
48:d4:0e:f9:2f:44:93:c3:4d:40:4d:d1:2d:5a:d2:0e:a7:93:
11:ac:ef:20:c9:36:57:0a:b8:c5:8c:ad:46:f0:d6:28:ee:11:
fb:1e:c5:15:75:76:9d:26:8a:9c:af:0b:fd:df:f7:16:dd:45:
9d:72:1d:11
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2up+j3urPMwRREQn+0wxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjQwMTAxMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGU4MjcwOTBhYjY3YmYxMjIzYWE0OGUwODhiYTYzZTg2MmRjY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxegv2INY+bN9rsNcwqWg840ezjsu
2ASEaBDwd5FdUrCHxfUkyuKHeIm/RNKTYmWmwufJRD3hW0mIF4YyVwjDpmm2ZRpQ
sfonmR+0yYNmFHGir3sDiGF5uiUu0eZ46422TPicdCx25N77tw4u2z+T+pVXlShz
awcj0vzHQ8QJsnlbbr44bUhqba6rsAu1C6h7cubQgN6frzegKwCNj/LgdNKMfdyZ
PWkSNbVSTzOPRs92GvDrEDh77acWYM2HXoa5H/jrYQRWLipoBpSkD4fhxW5hD2Ku
VAjlHMN+glKMvz017st3dN73fwjVqLoXBWIOMPqXNKKX69hhYZdVRHniUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCjoJwkKtnvxIjqkjgiLpj6GLczRMB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvS09nbkNRcTJlX0VpT3FTT0NJdW1Qb1l0ek5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBT8YAwQD
W76oAwQCuVVMMA0EAgACMAcDBQAqAgeYMA0GCSqGSIb3DQEBCwUAA4IBAQBqnqJ2
VrLWYgNwDja0FtsgGkLuucv+mOSOsFhUnTBOjrKL8rt+hFI2lKJEhHhcMLfwbEFJ
zRUmwittFj0ACATG9PmeuVeIs2XQ2JzxcAjvXNfAnsckHB3Zz2O8le5pqXae167G
OiTp84xF8/GHS5sl4JMxf94Pl9jqSk04acEwfM+c+z+bv5oaFsT1oBM8eBgLssqz
3aA2bIr1KYIHCLEDW+fuWMyw6nWflMMTI+SducvGbfxjejx6d6HSKT0jp20R6Dv3
mq5I1A75L0STw01ATdEtWtIOp5MRrO8gyTZXCrjFjK1G8NYo7hH7HsUVdXadJoqc
rwv93/cW3UWdch0R
-----END CERTIFICATE-----
Generated at Mon Jun 3 11:44:24 2024 by rpki-client on console-ams.rpki-client.org