Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/KcCU5xo7DnXoSAcYBjJ2ued1knA.roa
File: KcCU5xo7DnXoSAcYBjJ2ued1knA.roa (raw, json)
Hash identifier: TFjQ15MzhldLSvK1ROaK1lpt0fZPXiU4DMZL1NEt3pU=
Subject key identifier: 29:C0:94:E7:1A:3B:0E:75:E8:48:07:18:06:32:76:B9:E7:75:92:70
Certificate issuer: /CN=8562f4a8936593cdec6dad7e2ecf1b79bf65c05a
Certificate serial: 01930CED0A3A4E8EA778D16BF92DC19DE14C
Authority key identifier: 85:62:F4:A8:93:65:93:CD:EC:6D:AD:7E:2E:CF:1B:79:BF:65:C0:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWL0qJNlk83sba1-Ls8beb9lwFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/KcCU5xo7DnXoSAcYBjJ2ued1knA.roa
Signing time: Fri 08 Nov 2024 17:58:01 +0000
ROA not before: Fri 08 Nov 2024 17:58:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60405
IP address blocks: 185.172.32.0/24 maxlen: 24
185.172.33.0/24 maxlen: 24
185.172.34.0/24 maxlen: 24
185.172.35.0/24 maxlen: 24
2a0b:b8c0::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/hWL0qJNlk83sba1-Ls8beb9lwFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/hWL0qJNlk83sba1-Ls8beb9lwFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hWL0qJNlk83sba1-Ls8beb9lwFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0c:ed:0a:3a:4e:8e:a7:78:d1:6b:f9:2d:c1:9d:e1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8562f4a8936593cdec6dad7e2ecf1b79bf65c05a
Validity
Not Before: Nov 8 17:58:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29c094e71a3b0e75e8480718063276b9e7759270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e9:8f:94:fd:0d:fc:c5:77:7b:0c:5e:80:a6:
38:a7:5c:1a:cc:11:27:a8:03:56:12:a0:77:f4:47:
86:83:59:b9:7d:33:be:d1:fe:93:92:c2:28:de:11:
60:a7:a1:ba:46:76:b2:99:44:30:67:5c:43:95:be:
26:5a:d4:02:37:9e:a3:a1:13:14:3f:8a:16:b4:1c:
34:e7:23:df:83:59:99:9f:70:90:a1:8b:14:76:cb:
5b:93:99:75:eb:7f:e9:c4:20:20:1a:e3:3f:8b:b0:
bd:2d:1e:6b:b4:3e:e8:15:27:8e:8a:10:6a:c3:4d:
67:47:e2:cd:98:71:e1:97:5f:aa:9e:32:62:ad:b2:
87:ec:f6:6b:72:f4:db:79:e7:cf:c8:f4:bd:c8:97:
03:fd:fe:d4:0e:03:23:20:52:20:d3:cd:54:6a:6b:
38:01:0a:09:b3:e8:1d:5b:d9:83:85:88:12:93:02:
0b:1e:06:d3:5c:3f:7d:84:f6:2d:b7:43:8f:72:b2:
97:31:e8:46:18:c0:50:8b:4b:cb:08:4f:a0:27:ec:
5d:32:d9:4e:8a:bd:4f:21:28:49:f8:16:f5:7b:1a:
d3:cd:ba:61:e1:8e:b8:3f:65:a7:40:a9:1d:a3:12:
80:8f:1c:96:ab:bb:3a:ab:d5:0d:63:18:83:34:c4:
00:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C0:94:E7:1A:3B:0E:75:E8:48:07:18:06:32:76:B9:E7:75:92:70
X509v3 Authority Key Identifier:
keyid:85:62:F4:A8:93:65:93:CD:EC:6D:AD:7E:2E:CF:1B:79:BF:65:C0:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWL0qJNlk83sba1-Ls8beb9lwFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/KcCU5xo7DnXoSAcYBjJ2ued1knA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/01e70b-945c-4817-8189-7e179466298c/1/hWL0qJNlk83sba1-Ls8beb9lwFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.32.0/22
IPv6:
2a0b:b8c0::/31
Signature Algorithm: sha256WithRSAEncryption
3a:0d:eb:c9:c4:6a:80:07:5f:f0:0c:04:58:bc:a4:bd:2f:b8:
db:4c:b4:6d:00:89:5c:cb:f3:73:f1:d7:a8:a9:9e:40:01:2d:
cd:4c:13:45:af:71:13:ee:33:d8:e8:56:98:6a:a6:95:e5:c9:
b7:f4:15:e5:06:6f:ff:12:60:23:8e:61:e8:97:09:d7:01:3c:
5e:aa:5b:9d:0b:de:2c:0f:28:98:f9:85:2e:d0:b5:3d:8e:1a:
17:6c:63:72:19:d0:eb:a0:81:ac:f4:26:5d:97:e9:20:a1:72:
9e:dc:3d:13:1b:3e:ad:d0:33:17:67:c1:84:05:b1:62:46:50:
3c:69:6c:ac:7b:65:35:71:ac:8e:09:93:76:41:6b:b9:6d:e3:
46:b8:e6:42:7c:ea:5e:63:e1:97:e3:8c:ed:64:48:9d:3b:13:
85:b4:c6:23:28:ce:f7:b5:95:93:72:8c:28:24:7f:7c:e1:bb:
eb:cb:9e:01:14:8f:f2:3d:a7:3a:77:63:30:f9:74:30:d3:aa:
a1:c6:a9:f5:6b:f5:f8:25:2a:7c:c3:8c:86:81:f2:d0:5b:ad:
bb:69:b9:3d:0a:64:08:9d:87:32:4f:a1:b0:51:91:eb:8f:fa:
e0:88:c3:97:2d:c5:96:ec:1b:ea:75:7b:7d:0f:fd:39:ee:92:
cc:8b:43:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMM7Qo6To6neNFr+S3BneFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NjJmNGE4OTM2NTkzY2RlYzZkYWQ3ZTJlY2YxYjc5YmY2
NWMwNWEwHhcNMjQxMTA4MTc1ODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWMwOTRlNzFhM2IwZTc1ZTg0ODA3MTgwNjMyNzZiOWU3NzU5MjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvemPlP0N/MV3ewxegKY4p1wazBEn
qANWEqB39EeGg1m5fTO+0f6TksIo3hFgp6G6RnaymUQwZ1xDlb4mWtQCN56joRMU
P4oWtBw05yPfg1mZn3CQoYsUdstbk5l163/pxCAgGuM/i7C9LR5rtD7oFSeOihBq
w01nR+LNmHHhl1+qnjJirbKH7PZrcvTbeefPyPS9yJcD/f7UDgMjIFIg081Uams4
AQoJs+gdW9mDhYgSkwILHgbTXD99hPYtt0OPcrKXMehGGMBQi0vLCE+gJ+xdMtlO
ir1PIShJ+Bb1exrTzbph4Y64P2WnQKkdoxKAjxyWq7s6q9UNYxiDNMQAwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCnAlOcaOw516EgHGAYydrnndZJwMB8GA1UdIwQY
MBaAFIVi9KiTZZPN7G2tfi7PG3m/ZcBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdMMHFKTmxrODNzYmExLUxzOGJlYjlsd0ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wMWU3MGItOTQ1Yy00ODE3LTgxODkt
N2UxNzk0NjYyOThjLzEvS2NDVTV4bzdEblhvU0FjWUJqSjJ1ZWQxa25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wMWU3MGItOTQ1Yy00ODE3LTgxODktN2UxNzk0NjYyOThj
LzEvaFdMMHFKTmxrODNzYmExLUxzOGJlYjlsd0ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuawgMA0E
AgACMAcDBQEqC7jAMA0GCSqGSIb3DQEBCwUAA4IBAQA6DevJxGqAB1/wDARYvKS9
L7jbTLRtAIlcy/Nz8deoqZ5AAS3NTBNFr3ET7jPY6FaYaqaV5cm39BXlBm//EmAj
jmHolwnXATxeqludC94sDyiY+YUu0LU9jhoXbGNyGdDroIGs9CZdl+kgoXKe3D0T
Gz6t0DMXZ8GEBbFiRlA8aWyse2U1cayOCZN2QWu5beNGuOZCfOpeY+GX44ztZEid
OxOFtMYjKM73tZWTcowoJH984bvry54BFI/yPac6d2Mw+XQw06qhxqn1a/X4JSp8
w4yGgfLQW627abk9CmQInYcyT6GwUZHrj/rgiMOXLcWW7BvqdXt9D/057pLMi0P2
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:42:34 2024 by rpki-client on console-fra.rpki-client.org