Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/KLNCRlEExutbS3q1d1kNvhBBXZw.roa
File: KLNCRlEExutbS3q1d1kNvhBBXZw.roa (raw, json)
Hash identifier: xfPtWUxppI6uGXCRj5L0037Vk3Pf60fWa+IekYbygk8=
Subject key identifier: 28:B3:42:46:51:04:C6:EB:5B:4B:7A:B5:77:59:0D:BE:10:41:5D:9C
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8D71BD81AD0011D14612CB796C5CD
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/KLNCRlEExutbS3q1d1kNvhBBXZw.roa
Signing time: Mon 01 Jan 2024 20:30:51 +0000
ROA not before: Mon 01 Jan 2024 20:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49367
IP address blocks: 2a0c:9a40:8083::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:d7:1b:d8:1a:d0:01:1d:14:61:2c:b7:96:c5:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28b342465104c6eb5b4b7ab577590dbe10415d9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cb:2b:9d:da:78:49:69:90:08:e4:ea:8a:b8:
af:3e:14:68:ca:31:9f:9a:a6:df:1c:6a:dc:c4:5f:
b1:fa:a0:5a:64:07:a7:cc:e8:81:f4:39:e6:dc:8a:
41:ce:55:41:8e:ef:11:fa:c5:e2:f2:b6:31:5b:4b:
be:e1:8c:32:b3:8e:c5:3c:e6:ce:09:4b:91:a6:f9:
8d:93:a9:dd:cf:92:04:7c:36:66:47:92:f7:2d:0c:
42:5f:97:e7:09:a6:49:13:cd:78:33:bf:97:4a:2f:
02:87:4d:3a:7e:7f:2f:6d:7b:4a:ce:31:33:6c:b0:
45:fb:40:db:26:44:39:3a:9b:1c:42:89:76:a9:b7:
93:d4:e7:d8:d0:f6:b2:40:6d:16:1c:02:e2:90:ac:
43:a7:52:41:46:92:e6:89:b0:66:86:d6:14:48:9b:
69:2c:9c:15:fd:4c:b1:bc:d4:84:c0:9f:76:0b:d8:
54:ea:3a:ed:0e:4d:07:02:c3:9d:66:66:60:b4:b1:
3d:ab:6c:5c:db:da:fc:de:0e:5b:e2:fe:d5:06:8e:
66:98:45:6f:88:fa:22:0f:84:b6:1b:9d:b9:d8:c6:
5d:32:52:78:34:cc:12:19:c1:83:49:1c:73:ff:8a:
c1:ca:13:39:76:5a:1a:a9:0d:47:28:94:4b:64:c0:
e6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B3:42:46:51:04:C6:EB:5B:4B:7A:B5:77:59:0D:BE:10:41:5D:9C
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/KLNCRlEExutbS3q1d1kNvhBBXZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8083::/48
Signature Algorithm: sha256WithRSAEncryption
3f:f0:20:06:c0:13:12:96:5a:ae:8c:ec:21:05:57:a5:52:6a:
2e:50:75:7f:7f:36:54:ba:31:24:82:aa:14:37:23:34:96:c4:
f6:e5:3b:f4:6f:22:dc:45:ca:ff:9d:b3:76:37:0c:16:00:dd:
4b:3d:6d:73:f2:2c:4d:1c:ef:c6:28:0d:4b:fa:44:ad:01:c4:
30:ab:da:27:f6:32:4b:06:34:a3:40:8a:14:c3:bd:77:5f:0c:
36:b9:9f:85:7e:41:a5:f2:31:3d:a5:56:04:40:ce:74:1a:82:
0c:e7:74:56:6d:13:a1:2e:be:c9:3a:c1:d1:d8:d1:72:2f:a0:
d4:8a:95:09:52:5f:46:7b:d8:38:be:c9:95:05:87:45:4c:77:
cc:30:d6:e1:96:70:cd:03:cd:58:da:bd:58:08:bf:48:ee:70:
4e:0d:b4:9e:b8:6c:3a:29:f2:56:64:92:0e:9a:10:a7:f2:0a:
cc:f0:ea:b3:5e:40:cc:cb:5c:10:e6:7b:60:30:15:08:df:0b:
f7:f2:19:73:35:cb:d4:7a:61:0f:30:52:dc:2c:8e:12:84:cc:
7f:15:97:d1:da:62:93:35:aa:e6:19:1f:1f:1d:1f:4d:d5:54:
a4:16:73:77:33:1a:b5:72:85:dd:6b:e4:80:58:4b:af:10:44:
89:3d:1e:eb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuNcb2BrQAR0UYSy3lsXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGIzNDI0NjUxMDRjNmViNWI0YjdhYjU3NzU5MGRiZTEwNDE1ZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8srndp4SWmQCOTqirivPhRoyjGf
mqbfHGrcxF+x+qBaZAenzOiB9Dnm3IpBzlVBju8R+sXi8rYxW0u+4Ywys47FPObO
CUuRpvmNk6ndz5IEfDZmR5L3LQxCX5fnCaZJE814M7+XSi8Ch006fn8vbXtKzjEz
bLBF+0DbJkQ5OpscQol2qbeT1OfY0PayQG0WHALikKxDp1JBRpLmibBmhtYUSJtp
LJwV/UyxvNSEwJ92C9hU6jrtDk0HAsOdZmZgtLE9q2xc29r83g5b4v7VBo5mmEVv
iPoiD4S2G5252MZdMlJ4NMwSGcGDSRxz/4rByhM5dloaqQ1HKJRLZMDmnwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCizQkZRBMbrW0t6tXdZDb4QQV2cMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvS0xOQ1JsRUV4dXRiUzNxMWQxa052aEJCWFp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICD
MA0GCSqGSIb3DQEBCwUAA4IBAQA/8CAGwBMSllqujOwhBVelUmouUHV/fzZUujEk
gqoUNyM0lsT25Tv0byLcRcr/nbN2NwwWAN1LPW1z8ixNHO/GKA1L+kStAcQwq9on
9jJLBjSjQIoUw713Xww2uZ+FfkGl8jE9pVYEQM50GoIM53RWbROhLr7JOsHR2NFy
L6DUipUJUl9Ge9g4vsmVBYdFTHfMMNbhlnDNA81Y2r1YCL9I7nBODbSeuGw6KfJW
ZJIOmhCn8grM8OqzXkDMy1wQ5ntgMBUI3wv38hlzNcvUemEPMFLcLI4ShMx/FZfR
2mKTNarmGR8fHR9N1VSkFnN3Mxq1coXda+SAWEuvEESJPR7r
-----END CERTIFICATE-----
Generated at Fri May 17 08:17:09 2024 by rpki-client on console-fra.rpki-client.org