Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/bc51f4-61f2-4faa-a02a-602936539405/1/KB9UhSj_h7lkuBjacCUOTjaQCGQ.roa
File: KB9UhSj_h7lkuBjacCUOTjaQCGQ.roa (raw, json)
Hash identifier: 3Fel7hpWUulTzOFc7+BhjdkleXmKqzJc6PKnXLG2mok=
Subject key identifier: 28:1F:54:85:28:FF:87:B9:64:B8:18:DA:70:25:0E:4E:36:90:08:64
Certificate issuer: /CN=916033dd557447965bdaef8b4724a5e77d3c05ae
Certificate serial: 018CC2DB582CE024D6DA3CB23FD7D241DC4C
Authority key identifier: 91:60:33:DD:55:74:47:96:5B:DA:EF:8B:47:24:A5:E7:7D:3C:05:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kWAz3VV0R5Zb2u-LRySl5308Ba4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/bc51f4-61f2-4faa-a02a-602936539405/1/KB9UhSj_h7lkuBjacCUOTjaQCGQ.roa
Signing time: Mon 01 Jan 2024 02:30:03 +0000
ROA not before: Mon 01 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29574
IP address blocks: 194.146.140.0/24 maxlen: 24
194.146.143.0/24 maxlen: 24
194.146.142.0/24 maxlen: 24
194.146.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/bc51f4-61f2-4faa-a02a-602936539405/1/kWAz3VV0R5Zb2u-LRySl5308Ba4.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/bc51f4-61f2-4faa-a02a-602936539405/1/kWAz3VV0R5Zb2u-LRySl5308Ba4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kWAz3VV0R5Zb2u-LRySl5308Ba4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:58:2c:e0:24:d6:da:3c:b2:3f:d7:d2:41:dc:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=916033dd557447965bdaef8b4724a5e77d3c05ae
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=281f548528ff87b964b818da70250e4e36900864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1f:8f:23:62:b6:63:b5:fa:c1:6e:a9:3f:75:
ad:db:84:86:a6:21:28:39:31:e9:53:ed:7f:e1:e9:
4e:75:0d:c3:2c:ab:bc:13:53:62:8c:3c:16:57:18:
4f:07:c1:88:52:bb:eb:d9:96:2e:ae:cf:32:f3:46:
b2:53:b5:e8:27:3b:45:17:9c:eb:74:80:95:e3:53:
71:ad:f5:98:1b:04:35:12:dc:5c:a7:af:0a:ba:aa:
99:61:3e:6b:98:9d:3e:59:f1:98:20:ac:a0:dc:5d:
94:9b:7d:2a:5d:53:5d:f3:2a:1b:79:11:7b:04:16:
94:41:5e:d1:46:32:56:80:d4:39:fb:17:68:21:4c:
d6:d0:79:50:6d:d8:a7:08:ca:b8:ae:2f:67:0e:42:
4d:70:ec:e2:3a:3d:f5:fe:84:dc:25:d8:c1:2b:0b:
99:5e:91:4f:5d:85:31:7e:06:d1:31:48:22:9b:47:
02:52:0e:c9:12:9c:6b:bb:43:22:23:9a:98:c8:6f:
3b:e9:02:d2:cf:c8:33:6c:ae:47:7a:82:d0:8d:13:
f5:51:44:48:b8:84:75:02:62:5d:4f:7d:9e:f5:e9:
c4:4e:1e:78:6b:e6:32:38:c1:9a:b2:3c:9f:9f:ee:
20:f6:bb:59:91:18:25:62:a7:a3:a7:96:f5:8d:dc:
f0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:1F:54:85:28:FF:87:B9:64:B8:18:DA:70:25:0E:4E:36:90:08:64
X509v3 Authority Key Identifier:
keyid:91:60:33:DD:55:74:47:96:5B:DA:EF:8B:47:24:A5:E7:7D:3C:05:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kWAz3VV0R5Zb2u-LRySl5308Ba4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bc51f4-61f2-4faa-a02a-602936539405/1/KB9UhSj_h7lkuBjacCUOTjaQCGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bc51f4-61f2-4faa-a02a-602936539405/1/kWAz3VV0R5Zb2u-LRySl5308Ba4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.140.0/22
Signature Algorithm: sha256WithRSAEncryption
80:e1:d2:a6:d2:b5:a7:38:42:ed:8f:8d:e3:6d:b5:80:60:bf:
44:5e:c4:a1:5d:15:88:20:49:06:a1:ee:6a:17:78:c4:3e:af:
9f:56:8d:0f:47:ac:0c:ec:b8:03:c9:75:b7:3b:ce:21:3d:8a:
7a:b5:e0:d9:bf:70:53:e0:b8:37:62:d3:bf:f3:86:16:6c:bc:
d3:04:07:ab:14:0a:f1:29:52:81:d3:61:95:bb:e9:61:20:d8:
e8:fc:65:7d:41:65:50:bd:3e:24:10:81:27:8d:a1:8b:6e:cc:
67:d3:ec:65:c4:61:a7:f2:87:80:49:73:76:6f:bc:66:72:b9:
0d:03:00:0e:16:ca:57:53:0e:60:e9:74:d1:ae:93:f2:92:9f:
44:91:f0:f6:e2:be:b4:24:d7:64:a4:c2:93:2e:e6:87:19:dd:
55:41:e7:13:6a:4c:39:ae:6b:85:47:f2:8d:4f:46:c0:a4:82:
fa:b3:4f:01:6f:d2:0c:c0:24:dd:21:85:01:6b:78:f5:28:b2:
99:2c:6d:7d:e1:34:43:17:85:bf:5d:83:20:d0:73:4f:f9:13:
d9:c6:e6:06:4b:a5:fc:7d:48:e0:de:a7:dc:1f:3f:c0:1c:9f:
b2:14:3f:05:64:1d:71:c6:a5:15:15:b6:61:7f:a8:49:0c:b0:
ed:48:9d:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC21gs4CTW2jyyP9fSQdxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNjAzM2RkNTU3NDQ3OTY1YmRhZWY4YjQ3MjRhNWU3N2Qz
YzA1YWUwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODFmNTQ4NTI4ZmY4N2I5NjRiODE4ZGE3MDI1MGU0ZTM2OTAwODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih+PI2K2Y7X6wW6pP3Wt24SGpiEo
OTHpU+1/4elOdQ3DLKu8E1NijDwWVxhPB8GIUrvr2ZYurs8y80ayU7XoJztFF5zr
dICV41NxrfWYGwQ1Etxcp68KuqqZYT5rmJ0+WfGYIKyg3F2Um30qXVNd8yobeRF7
BBaUQV7RRjJWgNQ5+xdoIUzW0HlQbdinCMq4ri9nDkJNcOziOj31/oTcJdjBKwuZ
XpFPXYUxfgbRMUgim0cCUg7JEpxru0MiI5qYyG876QLSz8gzbK5HeoLQjRP1UURI
uIR1AmJdT32e9enETh54a+YyOMGasjyfn+4g9rtZkRglYqejp5b1jdzw2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgfVIUo/4e5ZLgY2nAlDk42kAhkMB8GA1UdIwQY
MBaAFJFgM91VdEeWW9rvi0ckped9PAWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1dBejNWVjBSNVpiMnUtTFJ5U2w1MzA4QmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9iYzUxZjQtNjFmMi00ZmFhLWEwMmEt
NjAyOTM2NTM5NDA1LzEvS0I5VWhTal9oN2xrdUJqYWNDVU9UamFRQ0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9iYzUxZjQtNjFmMi00ZmFhLWEwMmEtNjAyOTM2NTM5NDA1
LzEva1dBejNWVjBSNVpiMnUtTFJ5U2w1MzA4QmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpKMMA0G
CSqGSIb3DQEBCwUAA4IBAQCA4dKm0rWnOELtj43jbbWAYL9EXsShXRWIIEkGoe5q
F3jEPq+fVo0PR6wM7LgDyXW3O84hPYp6teDZv3BT4Lg3YtO/84YWbLzTBAerFArx
KVKB02GVu+lhINjo/GV9QWVQvT4kEIEnjaGLbsxn0+xlxGGn8oeASXN2b7xmcrkN
AwAOFspXUw5g6XTRrpPykp9EkfD24r60JNdkpMKTLuaHGd1VQecTakw5rmuFR/KN
T0bApIL6s08Bb9IMwCTdIYUBa3j1KLKZLG194TRDF4W/XYMg0HNP+RPZxuYGS6X8
fUjg3qfcHz/AHJ+yFD8FZB1xxqUVFbZhf6hJDLDtSJ2M
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:25:53 2024 by rpki-client on console-ams.rpki-client.org