Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/b5f177-bbdd-40cf-87e5-b0b4c4f2fd90/1/KqMxRckrH6WOT1C93pHEVg-lLYk.roa
File: KqMxRckrH6WOT1C93pHEVg-lLYk.roa (raw, json)
Hash identifier: 3qHSSUSEIC5E1zxT8rJpxovBhRPgIYS/dngYzHibgho=
Subject key identifier: 2A:A3:31:45:C9:2B:1F:A5:8E:4F:50:BD:DE:91:C4:56:0F:A5:2D:89
Certificate issuer: /CN=47662f9ff6b643c467a2b434b76f825ebb66fed4
Certificate serial: 018D334C8E14F727BE5791FF4206ACAAC094
Authority key identifier: 47:66:2F:9F:F6:B6:43:C4:67:A2:B4:34:B7:6F:82:5E:BB:66:FE:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R2Yvn_a2Q8RnorQ0t2-CXrtm_tQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/b5f177-bbdd-40cf-87e5-b0b4c4f2fd90/1/KqMxRckrH6WOT1C93pHEVg-lLYk.roa
Signing time: Mon 22 Jan 2024 22:31:11 +0000
ROA not before: Mon 22 Jan 2024 22:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42344
IP address blocks: 91.142.32.0/20 maxlen: 20
185.18.144.0/22 maxlen: 22
185.107.8.0/22 maxlen: 22
2a01:418::/32 maxlen: 32
2a06:3fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/b5f177-bbdd-40cf-87e5-b0b4c4f2fd90/1/R2Yvn_a2Q8RnorQ0t2-CXrtm_tQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/b5f177-bbdd-40cf-87e5-b0b4c4f2fd90/1/R2Yvn_a2Q8RnorQ0t2-CXrtm_tQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/R2Yvn_a2Q8RnorQ0t2-CXrtm_tQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:33:4c:8e:14:f7:27:be:57:91:ff:42:06:ac:aa:c0:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47662f9ff6b643c467a2b434b76f825ebb66fed4
Validity
Not Before: Jan 22 22:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2aa33145c92b1fa58e4f50bdde91c4560fa52d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:30:1e:ca:1e:d4:4b:ab:e8:88:1b:bb:81:aa:
3d:ec:10:c2:df:4a:d6:98:0e:8e:2f:d7:f4:64:ce:
23:47:86:96:01:53:d8:c6:d3:3c:49:21:ff:02:64:
2b:44:1a:86:fe:aa:02:0d:e3:27:cd:dc:77:db:b7:
99:8b:6c:b3:cc:c1:22:cc:2d:a0:a5:7e:af:55:e0:
b3:4d:0f:ca:62:d0:98:79:1d:4b:c4:bb:8d:22:3a:
3c:87:ba:3b:1f:c9:c8:d3:ec:64:95:3a:b8:e5:b0:
cc:e0:aa:43:b9:0d:ed:4e:bb:a0:c4:50:18:df:87:
97:61:5d:c9:81:b3:3f:93:89:ad:d5:eb:6b:ee:0a:
23:8a:e1:82:be:bc:e8:3c:9a:40:64:62:fd:6a:5e:
5c:5c:36:1f:9d:05:d8:6b:1a:b0:40:90:46:20:07:
eb:20:07:d9:17:eb:88:fc:1c:6a:03:1c:2c:7d:db:
0d:b1:d0:a0:3b:2b:7d:16:14:88:70:4a:b7:00:ab:
79:cd:6e:b5:5f:6e:39:7d:90:06:68:e7:c1:bb:f5:
b0:ed:67:27:08:fe:fd:b5:48:13:b3:40:eb:b4:ed:
12:30:e3:9a:25:57:fa:b0:c7:6e:49:1c:44:e2:22:
02:e9:b0:3e:c2:de:ef:3c:19:fc:c0:2e:06:1c:dd:
80:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A3:31:45:C9:2B:1F:A5:8E:4F:50:BD:DE:91:C4:56:0F:A5:2D:89
X509v3 Authority Key Identifier:
keyid:47:66:2F:9F:F6:B6:43:C4:67:A2:B4:34:B7:6F:82:5E:BB:66:FE:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R2Yvn_a2Q8RnorQ0t2-CXrtm_tQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/b5f177-bbdd-40cf-87e5-b0b4c4f2fd90/1/KqMxRckrH6WOT1C93pHEVg-lLYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/b5f177-bbdd-40cf-87e5-b0b4c4f2fd90/1/R2Yvn_a2Q8RnorQ0t2-CXrtm_tQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.32.0/20
185.18.144.0/22
185.107.8.0/22
IPv6:
2a01:418::/32
2a06:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:42:5b:1f:dc:4f:21:a1:6c:07:24:24:46:5a:33:ad:5b:a5:
46:5b:0a:61:e4:13:5a:1b:e9:07:e7:ce:37:5a:b7:59:56:5d:
db:75:1d:26:13:2a:6d:f6:c8:c6:54:94:23:5c:4c:3c:32:40:
18:23:1a:0a:e2:58:b2:fc:42:12:58:33:c8:09:4d:1d:ef:ce:
40:60:86:f0:6a:63:44:9f:56:5f:06:9c:ab:86:36:c2:48:60:
ce:42:48:11:6c:4b:20:ff:35:62:64:94:e3:34:0b:51:6c:e4:
13:f0:28:c4:20:44:ac:19:b0:e5:7d:ac:23:12:52:6a:18:4c:
a6:7a:11:cc:d2:60:95:30:02:cd:9e:71:88:ed:25:d5:41:88:
75:52:ab:1b:c2:4d:18:62:2f:6c:f8:f6:a6:e7:5e:f4:4f:8c:
89:b2:0b:2a:58:4d:7e:d6:ff:72:98:b1:85:72:2f:2a:81:18:
20:b5:88:62:28:aa:a5:5d:46:cb:86:85:f8:32:f5:15:5a:6c:
6e:4d:0d:8a:cc:04:b7:cd:56:a9:d3:26:0b:c9:b7:a0:85:e3:
2f:c2:cd:ae:cd:c4:bc:fc:07:0d:af:17:e9:21:b1:2d:2d:63:
e6:45:33:cf:4e:1c:50:96:01:f0:b1:38:ec:ea:fd:14:74:3a:
0e:d9:fa:23
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY0zTI4U9ye+V5H/QgasqsCUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NjYyZjlmZjZiNjQzYzQ2N2EyYjQzNGI3NmY4MjVlYmI2
NmZlZDQwHhcNMjQwMTIyMjIzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWEzMzE0NWM5MmIxZmE1OGU0ZjUwYmRkZTkxYzQ1NjBmYTUyZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzAeyh7US6voiBu7gao97BDC30rW
mA6OL9f0ZM4jR4aWAVPYxtM8SSH/AmQrRBqG/qoCDeMnzdx327eZi2yzzMEizC2g
pX6vVeCzTQ/KYtCYeR1LxLuNIjo8h7o7H8nI0+xklTq45bDM4KpDuQ3tTrugxFAY
34eXYV3JgbM/k4mt1etr7gojiuGCvrzoPJpAZGL9al5cXDYfnQXYaxqwQJBGIAfr
IAfZF+uI/BxqAxwsfdsNsdCgOyt9FhSIcEq3AKt5zW61X245fZAGaOfBu/Ww7Wcn
CP79tUgTs0DrtO0SMOOaJVf6sMduSRxE4iIC6bA+wt7vPBn8wC4GHN2AeQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCqjMUXJKx+ljk9Qvd6RxFYPpS2JMB8GA1UdIwQY
MBaAFEdmL5/2tkPEZ6K0NLdvgl67Zv7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjJZdm5fYTJROFJub3JRMHQyLUNYcnRtX3RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9iNWYxNzctYmJkZC00MGNmLTg3ZTUt
YjBiNGM0ZjJmZDkwLzEvS3FNeFJja3JINldPVDFDOTNwSEVWZy1sTFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9iNWYxNzctYmJkZC00MGNmLTg3ZTUtYjBiNGM0ZjJmZDkw
LzEvUjJZdm5fYTJROFJub3JRMHQyLUNYcnRtX3RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQEW44gAwQC
uRKQAwQCuWsIMBQEAgACMA4DBQAqAQQYAwUDKgY/wDANBgkqhkiG9w0BAQsFAAOC
AQEAfUJbH9xPIaFsByQkRlozrVulRlsKYeQTWhvpB+fON1q3WVZd23UdJhMqbfbI
xlSUI1xMPDJAGCMaCuJYsvxCElgzyAlNHe/OQGCG8GpjRJ9WXwacq4Y2wkhgzkJI
EWxLIP81YmSU4zQLUWzkE/AoxCBErBmw5X2sIxJSahhMpnoRzNJglTACzZ5xiO0l
1UGIdVKrG8JNGGIvbPj2pude9E+MibILKlhNftb/cpixhXIvKoEYILWIYiiqpV1G
y4aF+DL1FVpsbk0NiswEt81WqdMmC8m3oIXjL8LNrs3EvPwHDa8X6SGxLS1j5kUz
z04cUJYB8LE47Or9FHQ6Dtn6Iw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:57 2024 by rpki-client on console-ams.rpki-client.org