Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/kbc-IxGpssdAHUT1uPBj0BbfVlg.roa
File: kbc-IxGpssdAHUT1uPBj0BbfVlg.roa (raw, json)
Hash identifier: ky5EATG11/GeHWO2ELx46SoADBV+MW9LHbbZ7Xk1A08=
Subject key identifier: 91:B7:3E:23:11:A9:B2:C7:40:1D:44:F5:B8:F0:63:D0:16:DF:56:58
Certificate issuer: /CN=a7a538aac33778460e19701aab5952c7aa25f05c
Certificate serial: 018D9795D51E29AE3753D4F19418D9EBACFD
Authority key identifier: A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/kbc-IxGpssdAHUT1uPBj0BbfVlg.roa
Signing time: Sun 11 Feb 2024 09:53:15 +0000
ROA not before: Sun 11 Feb 2024 09:53:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 194.147.33.0/24 maxlen: 24
194.147.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.mft
rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:97:95:d5:1e:29:ae:37:53:d4:f1:94:18:d9:eb:ac:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a538aac33778460e19701aab5952c7aa25f05c
Validity
Not Before: Feb 11 09:53:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91b73e2311a9b2c7401d44f5b8f063d016df5658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:62:c8:80:bc:85:fc:1a:a9:33:34:9c:16:e7:
29:3c:39:7c:77:bb:a6:64:79:ed:91:41:88:b3:f8:
2d:8b:1b:a2:13:7d:9a:83:d7:ba:22:34:97:82:56:
38:6c:b5:c2:71:cb:fd:b6:e0:53:ee:46:8b:13:44:
cd:50:b3:a9:2c:f1:86:16:34:05:25:0d:8b:68:47:
1b:f5:79:e5:aa:e1:ca:f7:83:12:c5:cd:94:77:3f:
f0:7f:5b:4c:fb:9c:a4:db:f8:91:a9:7b:82:c2:9b:
a5:63:66:fd:ee:8f:a7:33:36:28:c9:71:0a:60:ec:
17:c6:ac:2d:8b:22:0e:45:ad:b3:d8:29:79:8a:d4:
2c:83:3d:ce:db:45:9f:8b:aa:bf:82:84:e8:c0:20:
91:16:b6:3e:27:a4:bf:72:f7:23:30:aa:65:73:fa:
f6:49:4a:77:e1:5f:d5:3e:63:b7:49:c8:53:1f:a2:
4f:fa:1a:99:4e:3c:50:ee:d5:37:9f:55:f7:f9:5f:
0e:84:7a:18:ee:0c:13:2c:f1:ed:17:b3:6e:eb:66:
a7:40:a6:53:ac:3e:16:af:bd:c0:d1:ee:3c:59:7b:
de:98:fe:29:e2:4b:fe:a6:96:22:0c:b9:33:cf:d9:
09:25:32:50:8f:84:43:10:8f:4f:15:20:55:3b:5a:
7b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B7:3E:23:11:A9:B2:C7:40:1D:44:F5:B8:F0:63:D0:16:DF:56:58
X509v3 Authority Key Identifier:
keyid:A7:A5:38:AA:C3:37:78:46:0E:19:70:1A:AB:59:52:C7:AA:25:F0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/kbc-IxGpssdAHUT1uPBj0BbfVlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a83337-6e16-4cd9-921a-87b010ea6235/1/p6U4qsM3eEYOGXAaq1lSx6ol8Fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.33.0/24
194.147.35.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:87:32:49:94:10:0c:3d:6a:c5:0f:58:19:35:95:d0:11:ce:
3f:24:cd:b5:db:13:86:17:ad:a8:71:31:ff:5d:ce:a1:c8:5d:
4b:0a:58:e8:37:4e:cd:e7:11:8c:2d:44:7f:22:1e:92:61:f9:
cb:58:b5:5e:96:1a:91:29:04:57:64:c7:ee:05:fb:12:a7:57:
71:04:5d:49:aa:41:25:7d:e9:8c:aa:fd:4b:32:55:67:9b:50:
a2:42:04:00:5a:a2:5a:c8:a3:bd:ca:05:ba:87:f0:f0:92:b7:
11:37:21:74:42:71:df:2a:51:6f:9b:3b:72:06:94:27:f5:ad:
f1:f5:2e:b6:07:11:f9:41:82:ea:99:71:52:03:14:49:eb:cf:
91:8a:9a:1f:a0:f4:9e:ae:2a:40:62:77:dc:06:b5:a2:07:47:
46:99:46:28:c7:f6:99:e0:ed:71:8c:e0:28:c3:99:c6:8b:99:
b9:13:df:5e:9b:c7:bb:6e:4a:75:0b:60:1a:9d:b9:53:ba:f3:
a7:fc:f2:fd:5d:7c:41:6b:53:bd:9a:99:a7:94:03:c2:dd:2b:
96:4a:32:3c:06:e0:10:e1:f3:6b:d4:42:fc:ca:b1:2a:a3:78:
9d:55:e0:62:82:3e:5b:72:c9:24:12:b1:b7:bc:37:e5:d9:3e:
56:e8:b4:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2XldUeKa43U9TxlBjZ66z9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTUzOGFhYzMzNzc4NDYwZTE5NzAxYWFiNTk1MmM3YWEy
NWYwNWMwHhcNMjQwMjExMDk1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWI3M2UyMzExYTliMmM3NDAxZDQ0ZjViOGYwNjNkMDE2ZGY1NjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGLIgLyF/BqpMzScFucpPDl8d7um
ZHntkUGIs/gtixuiE32ag9e6IjSXglY4bLXCccv9tuBT7kaLE0TNULOpLPGGFjQF
JQ2LaEcb9XnlquHK94MSxc2Udz/wf1tM+5yk2/iRqXuCwpulY2b97o+nMzYoyXEK
YOwXxqwtiyIORa2z2Cl5itQsgz3O20Wfi6q/goTowCCRFrY+J6S/cvcjMKplc/r2
SUp34V/VPmO3SchTH6JP+hqZTjxQ7tU3n1X3+V8OhHoY7gwTLPHtF7Nu62anQKZT
rD4Wr73A0e48WXvemP4p4kv+ppYiDLkzz9kJJTJQj4RDEI9PFSBVO1p7swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJG3PiMRqbLHQB1E9bjwY9AW31ZYMB8GA1UdIwQY
MBaAFKelOKrDN3hGDhlwGqtZUseqJfBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZVNHFzTTNlRVlPR1hBYXExbFN4Nm9sOEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hODMzMzctNmUxNi00Y2Q5LTkyMWEt
ODdiMDEwZWE2MjM1LzEva2JjLUl4R3Bzc2RBSFVUMXVQQmowQmJmVmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hODMzMzctNmUxNi00Y2Q5LTkyMWEtODdiMDEwZWE2MjM1
LzEvcDZVNHFzTTNlRVlPR1hBYXExbFN4Nm9sOEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwpMhAwQA
wpMjMA0GCSqGSIb3DQEBCwUAA4IBAQBLhzJJlBAMPWrFD1gZNZXQEc4/JM212xOG
F62ocTH/Xc6hyF1LCljoN07N5xGMLUR/Ih6SYfnLWLVelhqRKQRXZMfuBfsSp1dx
BF1JqkElfemMqv1LMlVnm1CiQgQAWqJayKO9ygW6h/DwkrcRNyF0QnHfKlFvmzty
BpQn9a3x9S62BxH5QYLqmXFSAxRJ68+RipofoPSeripAYnfcBrWiB0dGmUYox/aZ
4O1xjOAow5nGi5m5E99em8e7bkp1C2AanblTuvOn/PL9XXxBa1O9mpmnlAPC3SuW
SjI8BuAQ4fNr1EL8yrEqo3idVeBigj5bcskkErG3vDfl2T5W6LR8
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:39 2024 by rpki-client on console-ams.rpki-client.org