Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/6ec66d-d6b6-430f-8fcb-e70a911a1c7b/1/KvTnsIcL8m_pQPoNHudO5mxyd6I.roa
File: KvTnsIcL8m_pQPoNHudO5mxyd6I.roa (raw, json)
Hash identifier: LQX5cYypJwp0YO63rbhroJGzv3tgP3X96RXpqlbq7V0=
Subject key identifier: 2A:F4:E7:B0:87:0B:F2:6F:E9:40:FA:0D:1E:E7:4E:E6:6C:72:77:A2
Certificate issuer: /CN=c3dcb23dea58f97fad5a797b457741d5bfe6b1b0
Certificate serial: 019424B40292ED5516325935CFF22EA1950D
Authority key identifier: C3:DC:B2:3D:EA:58:F9:7F:AD:5A:79:7B:45:77:41:D5:BF:E6:B1:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w9yyPepY-X-tWnl7RXdB1b_msbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/6ec66d-d6b6-430f-8fcb-e70a911a1c7b/1/KvTnsIcL8m_pQPoNHudO5mxyd6I.roa
Signing time: Thu 02 Jan 2025 01:49:24 +0000
ROA not before: Thu 02 Jan 2025 01:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204570
IP address blocks: 185.246.148.0/22 maxlen: 24
2a0d:8680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/6ec66d-d6b6-430f-8fcb-e70a911a1c7b/1/w9yyPepY-X-tWnl7RXdB1b_msbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/6ec66d-d6b6-430f-8fcb-e70a911a1c7b/1/w9yyPepY-X-tWnl7RXdB1b_msbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/w9yyPepY-X-tWnl7RXdB1b_msbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b4:02:92:ed:55:16:32:59:35:cf:f2:2e:a1:95:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3dcb23dea58f97fad5a797b457741d5bfe6b1b0
Validity
Not Before: Jan 2 01:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2af4e7b0870bf26fe940fa0d1ee74ee66c7277a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:61:22:32:19:1c:88:b2:98:21:ab:e5:4a:45:
2e:23:17:4d:27:aa:4b:e9:73:5c:c3:08:35:01:08:
2a:a2:47:20:7c:39:d2:55:1a:10:94:5d:5b:47:6f:
1d:a0:c9:77:49:6c:3c:35:10:73:c1:02:e3:37:28:
a4:cb:49:85:49:0b:93:c2:27:3b:ac:ca:34:c2:0a:
b7:08:54:3d:33:90:d6:ac:97:b0:30:f1:ef:5e:74:
5d:3c:d5:55:49:2f:4b:fe:c8:bd:7d:f0:23:55:b3:
4c:f3:ec:2c:00:9e:c9:f0:a6:52:fb:d7:90:0a:10:
c0:6c:b1:85:07:bc:6a:36:00:07:84:de:73:bf:b5:
74:cd:8d:b6:06:d9:5b:94:25:97:63:0f:5c:57:89:
10:31:39:bf:37:64:2b:63:d0:a4:ea:10:06:be:a4:
79:4b:7c:33:7e:0a:a7:37:41:06:9d:a3:b5:a0:59:
3d:47:e0:bc:af:43:b9:ee:f9:db:a1:df:f6:ec:97:
59:47:cb:01:1a:df:b9:22:25:d5:da:f0:61:ce:90:
b4:59:d5:1a:71:5b:07:d9:71:5c:85:3e:f9:89:cc:
50:20:9a:13:a6:86:bd:81:23:90:51:8d:6c:ba:d4:
f6:07:b8:32:1b:56:83:fd:0a:54:d5:a4:4b:6c:12:
5b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F4:E7:B0:87:0B:F2:6F:E9:40:FA:0D:1E:E7:4E:E6:6C:72:77:A2
X509v3 Authority Key Identifier:
keyid:C3:DC:B2:3D:EA:58:F9:7F:AD:5A:79:7B:45:77:41:D5:BF:E6:B1:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w9yyPepY-X-tWnl7RXdB1b_msbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/6ec66d-d6b6-430f-8fcb-e70a911a1c7b/1/KvTnsIcL8m_pQPoNHudO5mxyd6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/6ec66d-d6b6-430f-8fcb-e70a911a1c7b/1/w9yyPepY-X-tWnl7RXdB1b_msbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.148.0/22
IPv6:
2a0d:8680::/32
Signature Algorithm: sha256WithRSAEncryption
79:98:41:69:58:ae:a9:54:78:63:6d:b2:21:65:64:fb:d5:e3:
ab:4c:57:3d:59:f6:fc:28:37:2a:95:d8:3f:c6:a1:a9:96:b0:
47:82:41:14:46:48:56:22:6e:50:5c:fe:9a:97:69:9a:67:bb:
10:e1:89:cc:87:5b:79:79:f5:5b:a8:26:ee:27:ff:f0:03:a4:
42:54:d9:79:c3:12:7d:2d:b6:b1:50:99:d0:31:a4:9b:c2:89:
0b:78:6e:d0:31:40:b9:5d:cc:69:6e:a2:d2:36:ab:16:42:e5:
df:dc:54:5c:3b:8a:cb:41:d4:69:ba:2d:fa:e4:2d:a6:87:31:
a3:e2:6b:e2:d0:ed:89:9a:87:a0:3b:2c:ef:09:00:23:9e:23:
5d:3f:a2:a4:30:5e:ae:df:e2:94:d6:72:68:69:96:02:73:4d:
cb:71:a8:3c:4d:12:c4:f9:24:43:96:f8:c6:13:4a:e2:59:a1:
a6:b9:9d:7f:a7:b5:be:29:6c:af:00:1a:09:96:08:fa:b5:4f:
9f:95:b7:c2:6a:50:57:2b:13:d4:4f:5a:99:cc:ed:7a:b9:01:
ad:aa:3b:30:89:fc:d0:4a:e9:cd:14:4c:71:51:de:e5:de:50:
36:69:27:9d:8f:ae:e9:05:4e:e8:3a:03:de:e6:c1:f1:75:16:
8a:27:d2:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQktAKS7VUWMlk1z/IuoZUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZGNiMjNkZWE1OGY5N2ZhZDVhNzk3YjQ1Nzc0MWQ1YmZl
NmIxYjAwHhcNMjUwMTAyMDE0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWY0ZTdiMDg3MGJmMjZmZTk0MGZhMGQxZWU3NGVlNjZjNzI3N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmEiMhkciLKYIavlSkUuIxdNJ6pL
6XNcwwg1AQgqokcgfDnSVRoQlF1bR28doMl3SWw8NRBzwQLjNyiky0mFSQuTwic7
rMo0wgq3CFQ9M5DWrJewMPHvXnRdPNVVSS9L/si9ffAjVbNM8+wsAJ7J8KZS+9eQ
ChDAbLGFB7xqNgAHhN5zv7V0zY22BtlblCWXYw9cV4kQMTm/N2QrY9Ck6hAGvqR5
S3wzfgqnN0EGnaO1oFk9R+C8r0O57vnbod/27JdZR8sBGt+5IiXV2vBhzpC0WdUa
cVsH2XFchT75icxQIJoTpoa9gSOQUY1sutT2B7gyG1aD/QpU1aRLbBJbUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCr057CHC/Jv6UD6DR7nTuZscneiMB8GA1UdIwQY
MBaAFMPcsj3qWPl/rVp5e0V3QdW/5rGwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzl5eVBlcFktWC10V25sN1JYZEIxYl9tc2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ZWM2NmQtZDZiNi00MzBmLThmY2It
ZTcwYTkxMWExYzdiLzEvS3ZUbnNJY0w4bV9wUVBvTkh1ZE81bXh5ZDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ZWM2NmQtZDZiNi00MzBmLThmY2ItZTcwYTkxMWExYzdi
LzEvdzl5eVBlcFktWC10V25sN1JYZEIxYl9tc2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufaUMA0E
AgACMAcDBQAqDYaAMA0GCSqGSIb3DQEBCwUAA4IBAQB5mEFpWK6pVHhjbbIhZWT7
1eOrTFc9Wfb8KDcqldg/xqGplrBHgkEURkhWIm5QXP6al2maZ7sQ4YnMh1t5efVb
qCbuJ//wA6RCVNl5wxJ9LbaxUJnQMaSbwokLeG7QMUC5XcxpbqLSNqsWQuXf3FRc
O4rLQdRpui365C2mhzGj4mvi0O2JmoegOyzvCQAjniNdP6KkMF6u3+KU1nJoaZYC
c03Lcag8TRLE+SRDlvjGE0riWaGmuZ1/p7W+KWyvABoJlgj6tU+flbfCalBXKxPU
T1qZzO16uQGtqjswifzQSunNFExxUd7l3lA2aSedj67pBU7oOgPe5sHxdRaKJ9Ib
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:57:52 2025 by rpki-client