Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/KK7CBMWEBoRztK8tYv0zCXRtP28.roa
File: KK7CBMWEBoRztK8tYv0zCXRtP28.roa (raw, json)
Hash identifier: aOOBfKCctJdT0y9dLEXCT5bSrNHSxRr41cwVhsJ9Ov0=
Subject key identifier: 28:AE:C2:04:C5:84:06:84:73:B4:AF:2D:62:FD:33:09:74:6D:3F:6F
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018F76BA13C3FAF2CBC185BA4E1966D6BA7E
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/KK7CBMWEBoRztK8tYv0zCXRtP28.roa
Signing time: Tue 14 May 2024 10:50:57 +0000
ROA not before: Tue 14 May 2024 10:50:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 91.210.68.0/24 maxlen: 24
2a11:68c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.mft
rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:ba:13:c3:fa:f2:cb:c1:85:ba:4e:19:66:d6:ba:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: May 14 10:50:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28aec204c584068473b4af2d62fd3309746d3f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:68:92:59:ea:86:23:ca:74:9c:1d:c3:fd:b3:
a3:0c:2f:d3:88:72:36:97:6d:72:6d:e8:1c:77:46:
25:8c:53:b3:9f:03:61:19:65:61:a4:8e:58:2b:d4:
3c:af:e7:36:ea:d1:d9:dc:35:70:20:a6:bc:f5:96:
c7:3d:a7:74:d0:c3:53:3f:cc:a6:f7:c4:41:f6:af:
b2:55:ed:e4:ba:76:fb:2a:fc:6e:ad:b6:2b:6d:0f:
fd:88:42:ed:95:00:ef:d3:fb:ec:d9:f0:9c:1d:55:
8d:37:e7:d1:c5:77:84:8c:08:02:dc:3e:e2:2f:25:
a5:ae:37:83:23:5a:f5:aa:c3:20:3c:02:fd:84:47:
2f:96:d0:be:27:e6:84:6d:f3:04:c5:3f:ca:19:15:
b3:b6:b0:35:c5:0c:e8:d4:08:47:42:6f:8f:af:0d:
21:7e:fa:f0:0d:be:04:0e:ea:02:e5:5d:5a:70:1d:
c6:65:57:d2:b6:23:5a:87:4b:c2:98:f1:20:fe:ed:
03:3a:5c:2d:f1:98:86:a8:03:d3:4d:1a:a9:43:58:
0d:7d:eb:58:0a:28:18:a0:53:1b:90:30:a4:84:b5:
ef:83:f9:65:78:d8:7b:7b:31:ce:6c:1f:6c:2c:6d:
50:a5:da:a7:4b:94:27:63:b4:8d:fc:be:1e:26:8d:
45:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:AE:C2:04:C5:84:06:84:73:B4:AF:2D:62:FD:33:09:74:6D:3F:6F
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/KK7CBMWEBoRztK8tYv0zCXRtP28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.68.0/24
IPv6:
2a11:68c3::/32
Signature Algorithm: sha256WithRSAEncryption
9d:15:b0:d4:d9:1d:db:ae:c5:97:fe:42:e9:33:11:70:21:04:
d3:1d:99:27:52:a4:42:6f:9b:66:49:8c:83:3c:dc:43:77:32:
27:ea:75:aa:b5:68:c7:66:4a:cf:e3:e1:a8:81:66:29:53:5d:
ad:83:3e:33:1c:38:80:27:a2:c2:60:19:b2:71:9d:0a:aa:37:
e0:32:dd:86:2a:f1:ad:74:6f:33:89:c4:8c:4c:b9:21:8f:1c:
53:5b:80:92:72:24:28:20:91:4e:94:1c:aa:e4:2c:1f:0b:20:
bf:72:b6:f5:a7:47:c4:10:0e:05:48:70:ce:8c:fc:43:a3:9c:
ab:3b:f1:fa:ea:58:3d:c5:ef:f5:d6:95:fb:31:e1:fc:7f:5d:
56:ba:36:8e:c4:28:33:90:b1:8f:98:2b:c3:65:41:ef:f1:34:
af:9a:a9:e6:31:2f:81:f9:c4:27:90:a2:cb:d2:c2:c5:8f:60:
00:b3:27:41:77:3c:0b:fc:53:12:88:db:03:02:81:ce:15:c7:
94:84:b9:f8:24:e9:c7:a5:cd:4a:f0:ef:a6:7f:95:31:af:a4:
18:9d:f0:b4:1d:19:88:73:84:23:30:2a:2f:3d:66:c3:7a:b1:
a6:48:fb:af:0f:9f:e6:db:27:ad:ca:24:d5:7e:6c:a7:a4:e2:
b3:79:45:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY92uhPD+vLLwYW6Thlm1rp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjQwNTE0MTA1MDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGFlYzIwNGM1ODQwNjg0NzNiNGFmMmQ2MmZkMzMwOTc0NmQzZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2iSWeqGI8p0nB3D/bOjDC/TiHI2
l21ybegcd0YljFOznwNhGWVhpI5YK9Q8r+c26tHZ3DVwIKa89ZbHPad00MNTP8ym
98RB9q+yVe3kunb7KvxurbYrbQ/9iELtlQDv0/vs2fCcHVWNN+fRxXeEjAgC3D7i
LyWlrjeDI1r1qsMgPAL9hEcvltC+J+aEbfMExT/KGRWztrA1xQzo1AhHQm+Prw0h
fvrwDb4EDuoC5V1acB3GZVfStiNah0vCmPEg/u0DOlwt8ZiGqAPTTRqpQ1gNfetY
CigYoFMbkDCkhLXvg/lleNh7ezHObB9sLG1QpdqnS5QnY7SN/L4eJo1F5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCiuwgTFhAaEc7SvLWL9Mwl0bT9vMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvS0s3Q0JNV0VCb1J6dEs4dFl2MHpDWFJ0UDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9JEMA0E
AgACMAcDBQAqEWjDMA0GCSqGSIb3DQEBCwUAA4IBAQCdFbDU2R3brsWX/kLpMxFw
IQTTHZknUqRCb5tmSYyDPNxDdzIn6nWqtWjHZkrP4+GogWYpU12tgz4zHDiAJ6LC
YBmycZ0KqjfgMt2GKvGtdG8zicSMTLkhjxxTW4CSciQoIJFOlByq5CwfCyC/crb1
p0fEEA4FSHDOjPxDo5yrO/H66lg9xe/11pX7MeH8f11WujaOxCgzkLGPmCvDZUHv
8TSvmqnmMS+B+cQnkKLL0sLFj2AAsydBdzwL/FMSiNsDAoHOFceUhLn4JOnHpc1K
8O+mf5Uxr6QYnfC0HRmIc4QjMCovPWbDerGmSPuvD5/m2yetyiTVfmynpOKzeUWv
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:34:12 2024 by rpki-client on console-ams.rpki-client.org