Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/eb4fc7-b414-4798-b756-1a0e5048632a/1/KiVi9esuKQre5axQw7t6ad55TmQ.roa
File: KiVi9esuKQre5axQw7t6ad55TmQ.roa (raw, json)
Hash identifier: hSeCGFVM+EGLhBB7d3zoZKnm35XwuR7/h6G68mhRDcw=
Subject key identifier: 2A:25:62:F5:EB:2E:29:0A:DE:E5:AC:50:C3:BB:7A:69:DE:79:4E:64
Certificate issuer: /CN=8a48ac3ef7279c0f6bc3908f27edb091b5a65ac5
Certificate serial: 018CC3B67B4DCF878DC4F96393785865427B
Authority key identifier: 8A:48:AC:3E:F7:27:9C:0F:6B:C3:90:8F:27:ED:B0:91:B5:A6:5A:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ikisPvcnnA9rw5CPJ-2wkbWmWsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/eb4fc7-b414-4798-b756-1a0e5048632a/1/KiVi9esuKQre5axQw7t6ad55TmQ.roa
Signing time: Mon 01 Jan 2024 06:29:25 +0000
ROA not before: Mon 01 Jan 2024 06:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41960
IP address blocks: 185.76.124.0/22 maxlen: 24
185.126.56.0/22 maxlen: 24
185.210.120.0/22 maxlen: 24
2a0b:56c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/eb4fc7-b414-4798-b756-1a0e5048632a/1/ikisPvcnnA9rw5CPJ-2wkbWmWsU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/eb4fc7-b414-4798-b756-1a0e5048632a/1/ikisPvcnnA9rw5CPJ-2wkbWmWsU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ikisPvcnnA9rw5CPJ-2wkbWmWsU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7b:4d:cf:87:8d:c4:f9:63:93:78:58:65:42:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a48ac3ef7279c0f6bc3908f27edb091b5a65ac5
Validity
Not Before: Jan 1 06:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a2562f5eb2e290adee5ac50c3bb7a69de794e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b8:18:f1:e3:52:ca:c2:d6:3d:69:30:95:b3:
03:7a:c6:ad:3e:e9:b5:24:02:19:8b:26:01:73:c9:
49:70:65:78:64:98:9f:6d:de:fc:a0:e3:45:41:ad:
37:9e:09:3e:c4:9b:55:e1:c3:37:b5:d8:cc:de:99:
01:c9:f8:9c:42:40:f5:0e:d0:3b:e3:e7:2b:8e:9c:
82:ed:a5:fd:78:2c:98:39:11:a3:4a:ac:9d:d2:1b:
10:c3:89:0a:0a:36:81:36:63:dc:51:d7:34:84:3d:
39:e1:84:06:23:9d:be:1b:6a:80:85:76:7d:6d:e6:
39:ac:e5:a7:9d:c2:a8:f6:4b:15:8b:c7:df:00:6d:
6f:22:e3:a1:46:b4:f7:7c:01:73:1c:cd:67:87:29:
79:9c:4b:85:67:d2:fd:8e:b1:fc:03:27:54:98:1b:
30:7f:ed:c7:a0:39:fa:11:b2:d8:af:1b:85:65:ba:
7e:ab:52:a7:23:48:9a:45:c5:49:67:eb:a8:c0:18:
aa:4b:ea:a2:0b:42:d6:05:b5:8b:66:ce:2f:35:ed:
1d:dd:01:a8:d9:6b:b6:70:c1:3d:4d:2c:d5:45:f3:
77:85:3d:b2:23:db:f2:00:de:93:92:20:d1:cb:88:
4e:d4:06:a2:02:a7:d6:ad:c6:1c:f0:c0:1a:b8:b9:
8b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:25:62:F5:EB:2E:29:0A:DE:E5:AC:50:C3:BB:7A:69:DE:79:4E:64
X509v3 Authority Key Identifier:
keyid:8A:48:AC:3E:F7:27:9C:0F:6B:C3:90:8F:27:ED:B0:91:B5:A6:5A:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ikisPvcnnA9rw5CPJ-2wkbWmWsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/eb4fc7-b414-4798-b756-1a0e5048632a/1/KiVi9esuKQre5axQw7t6ad55TmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/eb4fc7-b414-4798-b756-1a0e5048632a/1/ikisPvcnnA9rw5CPJ-2wkbWmWsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.124.0/22
185.126.56.0/22
185.210.120.0/22
IPv6:
2a0b:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:0d:af:48:9c:fb:1f:2a:5f:4e:c7:f5:8e:a6:2b:cf:3d:12:
ed:1c:12:c3:f5:5a:7c:05:aa:d6:21:ea:89:1e:da:41:2c:fd:
72:d0:8d:20:17:e0:87:34:df:ad:5e:0d:b6:41:20:e8:6b:76:
a4:45:f7:db:0a:5b:f3:e4:3b:45:48:e7:83:5c:7d:47:ac:35:
be:8e:68:15:d7:74:02:eb:16:b1:ee:7b:84:fc:ed:85:fc:c4:
03:8b:f8:6c:14:a7:3a:85:7e:12:83:34:71:7a:53:0e:6c:87:
38:00:7b:6d:0d:1e:62:84:f0:30:5a:88:f9:23:37:c9:5c:2a:
5e:e3:fc:ff:98:ee:2d:87:e5:27:d0:63:7a:10:1b:56:bf:7f:
5b:75:4d:9a:9d:e8:ea:85:a0:50:36:e4:98:76:6e:f2:f8:6d:
65:74:ff:d8:9c:6a:f0:2c:c5:8f:a8:ca:ca:58:fa:65:01:84:
d8:01:72:4b:b3:a8:56:6e:0c:74:27:7a:82:31:5c:82:7f:29:
e7:fa:de:50:f1:7d:1a:32:6f:bd:53:48:45:b0:be:c7:cc:8e:
50:ce:8a:64:7e:51:2c:81:ae:57:fc:6d:92:4e:f9:bb:62:0a:
26:4e:ec:90:7a:1a:b6:cb:86:37:e8:12:98:54:90:83:8e:fc:
d1:4f:be:2c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtntNz4eNxPljk3hYZUJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNDhhYzNlZjcyNzljMGY2YmMzOTA4ZjI3ZWRiMDkxYjVh
NjVhYzUwHhcNMjQwMTAxMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTI1NjJmNWViMmUyOTBhZGVlNWFjNTBjM2JiN2E2OWRlNzk0ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLgY8eNSysLWPWkwlbMDesatPum1
JAIZiyYBc8lJcGV4ZJifbd78oONFQa03ngk+xJtV4cM3tdjM3pkByficQkD1DtA7
4+crjpyC7aX9eCyYORGjSqyd0hsQw4kKCjaBNmPcUdc0hD054YQGI52+G2qAhXZ9
beY5rOWnncKo9ksVi8ffAG1vIuOhRrT3fAFzHM1nhyl5nEuFZ9L9jrH8AydUmBsw
f+3HoDn6EbLYrxuFZbp+q1KnI0iaRcVJZ+uowBiqS+qiC0LWBbWLZs4vNe0d3QGo
2Wu2cME9TSzVRfN3hT2yI9vyAN6TkiDRy4hO1AaiAqfWrcYc8MAauLmL2wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFColYvXrLikK3uWsUMO7emneeU5kMB8GA1UdIwQY
MBaAFIpIrD73J5wPa8OQjyftsJG1plrFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWtpc1B2Y25uQTlydzVDUEotMndrYldtV3NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9lYjRmYzctYjQxNC00Nzk4LWI3NTYt
MWEwZTUwNDg2MzJhLzEvS2lWaTllc3VLUXJlNWF4UXc3dDZhZDU1VG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9lYjRmYzctYjQxNC00Nzk4LWI3NTYtMWEwZTUwNDg2MzJh
LzEvaWtpc1B2Y25uQTlydzVDUEotMndrYldtV3NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUx8AwQC
uX44AwQCudJ4MA0EAgACMAcDBQMqC1bAMA0GCSqGSIb3DQEBCwUAA4IBAQBeDa9I
nPsfKl9Ox/WOpivPPRLtHBLD9Vp8BarWIeqJHtpBLP1y0I0gF+CHNN+tXg22QSDo
a3akRffbClvz5DtFSOeDXH1HrDW+jmgV13QC6xax7nuE/O2F/MQDi/hsFKc6hX4S
gzRxelMObIc4AHttDR5ihPAwWoj5IzfJXCpe4/z/mO4th+Un0GN6EBtWv39bdU2a
nejqhaBQNuSYdm7y+G1ldP/YnGrwLMWPqMrKWPplAYTYAXJLs6hWbgx0J3qCMVyC
fynn+t5Q8X0aMm+9U0hFsL7HzI5QzopkflEsga5X/G2STvm7YgomTuyQehq2y4Y3
6BKYVJCDjvzRT74s
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:55:41 2024 by rpki-client on console-fra.rpki-client.org