Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/0b0c1c-e5ea-4558-bbdd-199e056a6800/1/KBNP_aX1ZMDHHxXviik6zRQbRlU.roa
File: KBNP_aX1ZMDHHxXviik6zRQbRlU.roa (raw, json)
Hash identifier: ernLTnCJ2sF6KL9+yko9XJyEyeHNKyi2S9R/ACM8LHw=
Subject key identifier: 28:13:4F:FD:A5:F5:64:C0:C7:1F:15:EF:8A:29:3A:CD:14:1B:46:55
Certificate issuer: /CN=c67e9de8e826cdee0e65f622583434b81cf37bad
Certificate serial: 0194266BC84C33402697E550436B0298751E
Authority key identifier: C6:7E:9D:E8:E8:26:CD:EE:0E:65:F6:22:58:34:34:B8:1C:F3:7B:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn6d6Ogmze4OZfYiWDQ0uBzze60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/0b0c1c-e5ea-4558-bbdd-199e056a6800/1/KBNP_aX1ZMDHHxXviik6zRQbRlU.roa
Signing time: Thu 02 Jan 2025 09:49:45 +0000
ROA not before: Thu 02 Jan 2025 09:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1136
IP address blocks: 193.177.140.0/24 maxlen: 24
193.177.141.0/24 maxlen: 24
193.177.142.0/23 maxlen: 23
193.177.144.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/0b0c1c-e5ea-4558-bbdd-199e056a6800/1/xn6d6Ogmze4OZfYiWDQ0uBzze60.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/0b0c1c-e5ea-4558-bbdd-199e056a6800/1/xn6d6Ogmze4OZfYiWDQ0uBzze60.mft
rsync://rpki.ripe.net/repository/DEFAULT/xn6d6Ogmze4OZfYiWDQ0uBzze60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 14:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c8:4c:33:40:26:97:e5:50:43:6b:02:98:75:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e9de8e826cdee0e65f622583434b81cf37bad
Validity
Not Before: Jan 2 09:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28134ffda5f564c0c71f15ef8a293acd141b4655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:30:db:69:c0:86:4c:f0:20:14:35:d1:da:7d:
c1:66:da:93:35:c0:46:05:9e:cf:67:32:d9:e2:75:
0e:5c:ff:cd:23:24:96:a9:b2:34:d7:20:fb:c2:68:
a4:9c:5d:26:49:64:f7:b1:ac:dd:b5:8c:23:e7:0c:
31:51:e1:3b:0a:5b:77:75:67:9f:84:41:8c:b7:3b:
31:02:aa:31:02:be:78:6f:4e:a3:04:98:86:53:c4:
3f:c2:4b:e9:3e:37:a3:bd:8c:d5:92:3e:13:55:28:
d6:e9:e3:d4:a9:94:22:6a:bd:69:e8:5e:36:30:63:
46:71:d9:4f:42:43:5e:82:90:68:53:4a:fa:8d:2c:
61:6e:87:c6:19:09:20:ee:96:a1:27:aa:97:d6:02:
75:3d:9f:cb:e4:b5:48:24:6c:af:5f:93:a1:60:c8:
c4:a3:ca:fd:5c:97:e5:36:a2:aa:8f:9c:63:29:2c:
e4:b0:d2:cf:76:0c:fa:36:ca:bb:53:fc:2c:0b:f1:
8c:67:1f:dc:6e:00:62:59:c8:e9:e8:3b:cf:25:c5:
8a:4a:e4:f6:fe:06:fd:43:af:4c:e3:b2:65:c9:bb:
11:20:b9:83:7b:b2:b3:35:34:7b:7a:d8:ac:ed:09:
8c:17:d4:5f:dd:37:1f:90:cd:f7:26:af:51:e3:f7:
eb:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:13:4F:FD:A5:F5:64:C0:C7:1F:15:EF:8A:29:3A:CD:14:1B:46:55
X509v3 Authority Key Identifier:
keyid:C6:7E:9D:E8:E8:26:CD:EE:0E:65:F6:22:58:34:34:B8:1C:F3:7B:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn6d6Ogmze4OZfYiWDQ0uBzze60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/0b0c1c-e5ea-4558-bbdd-199e056a6800/1/KBNP_aX1ZMDHHxXviik6zRQbRlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/0b0c1c-e5ea-4558-bbdd-199e056a6800/1/xn6d6Ogmze4OZfYiWDQ0uBzze60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.177.140.0-193.177.147.255
Signature Algorithm: sha256WithRSAEncryption
9b:63:45:44:14:f9:ed:89:19:07:02:8d:9f:b9:6c:70:78:47:
49:1b:a3:48:e2:1c:ea:72:93:e2:7e:f7:f4:70:ac:c4:df:8f:
e5:5b:2a:0b:35:76:f7:60:cc:92:a3:7f:88:5e:aa:ba:44:de:
0f:0d:ee:6c:96:21:e3:d4:55:01:c7:1b:19:6e:41:d1:66:44:
a9:ff:9d:c5:de:0e:67:f2:35:00:77:b9:7a:e8:9c:81:b2:f9:
49:d8:61:c1:66:6b:ef:f3:16:44:f1:d5:50:b0:b0:ec:30:bc:
5f:65:00:8f:d3:39:5e:20:03:16:e4:42:80:9c:52:09:89:d6:
0b:57:34:c0:d4:c2:ed:fc:b8:bc:97:5c:b1:33:bf:8c:79:8f:
90:46:9b:76:ae:76:3a:71:76:86:29:39:cd:12:03:62:e9:ee:
3b:fd:9e:f7:80:9d:98:e4:73:da:ac:7f:c6:1c:b8:ea:1d:13:
d2:d3:66:55:98:c9:a2:f4:28:3f:ca:f3:64:b4:2d:a7:4a:24:
53:16:ce:2e:6e:9b:9f:82:8a:1a:ac:ca:20:5c:e7:55:d9:3a:
8e:d9:ed:e7:c8:8d:c8:40:62:27:2a:22:d8:b2:8c:a3:4d:0c:
3d:ca:81:2a:b2:3b:88:c5:aa:72:09:0a:59:42:36:e5:e8:06:
76:2e:57:7b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQma8hMM0Aml+VQQ2sCmHUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2U5ZGU4ZTgyNmNkZWUwZTY1ZjYyMjU4MzQzNGI4MWNm
MzdiYWQwHhcNMjUwMTAyMDk0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODEzNGZmZGE1ZjU2NGMwYzcxZjE1ZWY4YTI5M2FjZDE0MWI0NjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjDbacCGTPAgFDXR2n3BZtqTNcBG
BZ7PZzLZ4nUOXP/NIySWqbI01yD7wmiknF0mSWT3sazdtYwj5wwxUeE7Clt3dWef
hEGMtzsxAqoxAr54b06jBJiGU8Q/wkvpPjejvYzVkj4TVSjW6ePUqZQiar1p6F42
MGNGcdlPQkNegpBoU0r6jSxhbofGGQkg7pahJ6qX1gJ1PZ/L5LVIJGyvX5OhYMjE
o8r9XJflNqKqj5xjKSzksNLPdgz6Nsq7U/wsC/GMZx/cbgBiWcjp6DvPJcWKSuT2
/gb9Q69M47JlybsRILmDe7KzNTR7etis7QmMF9Rf3TcfkM33Jq9R4/fraQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCgTT/2l9WTAxx8V74opOs0UG0ZVMB8GA1UdIwQY
MBaAFMZ+nejoJs3uDmX2Ilg0NLgc83utMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG42ZDZPZ216ZTRPWmZZaVdEUTB1Qnp6ZTYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wYjBjMWMtZTVlYS00NTU4LWJiZGQt
MTk5ZTA1NmE2ODAwLzEvS0JOUF9hWDFaTURISHhYdmlpazZ6UlFiUmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wYjBjMWMtZTVlYS00NTU4LWJiZGQtMTk5ZTA1NmE2ODAw
LzEveG42ZDZPZ216ZTRPWmZZaVdEUTB1Qnp6ZTYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALBsYwD
BALBsZAwDQYJKoZIhvcNAQELBQADggEBAJtjRUQU+e2JGQcCjZ+5bHB4R0kbo0ji
HOpyk+J+9/RwrMTfj+VbKgs1dvdgzJKjf4heqrpE3g8N7myWIePUVQHHGxluQdFm
RKn/ncXeDmfyNQB3uXronIGy+UnYYcFma+/zFkTx1VCwsOwwvF9lAI/TOV4gAxbk
QoCcUgmJ1gtXNMDUwu38uLyXXLEzv4x5j5BGm3audjpxdoYpOc0SA2Lp7jv9nveA
nZjkc9qsf8YcuOodE9LTZlWYyaL0KD/K82S0LadKJFMWzi5um5+CihqsyiBc51XZ
Oo7Z7efIjchAYicqItiyjKNNDD3KgSqyO4jFqnIJCllCNuXoBnYuV3s=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:31:56 2025 by rpki-client