Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/kg-X3vXZg48bU6ImsIztKmS_FzE.roa
File: kg-X3vXZg48bU6ImsIztKmS_FzE.roa (raw, json)
Hash identifier: nRM7rXh74ZxW2a1memTAGXkFe+xQ7LRRqBUOffrqzOw=
Subject key identifier: 92:0F:97:DE:F5:D9:83:8F:1B:53:A2:26:B0:8C:ED:2A:64:BF:17:31
Certificate issuer: /CN=bbe026ef26920909d931ea4dac9d9390486b4153
Certificate serial: 018CC86F70285036BA8F764A76BCA09F259D
Authority key identifier: BB:E0:26:EF:26:92:09:09:D9:31:EA:4D:AC:9D:93:90:48:6B:41:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u-Am7yaSCQnZMepNrJ2TkEhrQVM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/kg-X3vXZg48bU6ImsIztKmS_FzE.roa
Signing time: Tue 02 Jan 2024 04:29:55 +0000
ROA not before: Tue 02 Jan 2024 04:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1680
IP address blocks: 2a10:640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/u-Am7yaSCQnZMepNrJ2TkEhrQVM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/u-Am7yaSCQnZMepNrJ2TkEhrQVM.mft
rsync://rpki.ripe.net/repository/DEFAULT/u-Am7yaSCQnZMepNrJ2TkEhrQVM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:70:28:50:36:ba:8f:76:4a:76:bc:a0:9f:25:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbe026ef26920909d931ea4dac9d9390486b4153
Validity
Not Before: Jan 2 04:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=920f97def5d9838f1b53a226b08ced2a64bf1731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4f:66:b0:31:38:e2:03:2b:4e:55:19:f4:00:
74:f6:ee:b3:5a:15:0d:c0:7e:2a:f6:4f:ec:6c:6b:
11:9d:e3:7d:c7:2a:39:6f:df:52:95:eb:c6:56:78:
47:42:3d:ab:4d:3c:72:83:bd:09:f2:5a:bd:f3:18:
66:b9:d6:f8:30:90:e9:d7:ec:26:56:9d:7c:03:f7:
ce:60:6f:d9:00:7c:81:6e:dd:d1:8a:b5:44:6f:49:
d6:6d:90:48:4a:17:06:d3:a0:b1:a7:34:e1:f4:df:
23:bf:de:88:16:8c:31:2b:73:26:8e:d1:da:e9:85:
4b:d3:73:10:ea:a5:23:79:aa:89:da:59:5a:66:52:
5e:8c:41:6a:1c:6a:c7:38:04:58:dc:ea:4d:cf:77:
53:0d:67:30:6e:54:ad:97:11:1f:e4:9f:d5:90:f5:
ab:47:0f:1d:a5:41:03:4b:36:a2:29:44:c9:03:69:
c1:31:49:7f:76:a7:93:e1:13:18:3f:66:2b:f9:d3:
6e:30:2c:e3:47:78:af:d6:bd:13:26:a5:23:42:b1:
84:e7:a0:06:56:5c:68:a1:96:38:74:00:db:55:5a:
89:66:6c:b2:33:cd:dc:d4:2e:c9:c2:54:43:89:ef:
b6:ac:6c:05:10:3b:d9:24:41:06:b5:03:f8:25:20:
5a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0F:97:DE:F5:D9:83:8F:1B:53:A2:26:B0:8C:ED:2A:64:BF:17:31
X509v3 Authority Key Identifier:
keyid:BB:E0:26:EF:26:92:09:09:D9:31:EA:4D:AC:9D:93:90:48:6B:41:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u-Am7yaSCQnZMepNrJ2TkEhrQVM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/kg-X3vXZg48bU6ImsIztKmS_FzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/b73add-ea0f-4c22-980e-059bab015cc3/1/u-Am7yaSCQnZMepNrJ2TkEhrQVM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:640::/32
Signature Algorithm: sha256WithRSAEncryption
3c:7a:0d:f6:d6:5a:a1:5c:9e:2d:92:c0:75:d5:87:39:39:94:
59:54:ff:55:a6:23:38:23:21:72:a2:14:c4:01:dd:d3:29:b3:
30:ac:20:fd:0d:c9:40:4d:5b:4b:c0:9a:de:65:24:c9:8d:5d:
32:1b:7c:68:64:93:11:2e:29:90:51:9e:7f:a1:3f:59:1b:f5:
cf:35:dc:c6:1b:d9:33:d5:86:f0:d9:2a:4e:ca:35:ba:52:03:
2b:14:25:4d:6c:bf:de:14:21:f2:8e:ef:c0:ee:d4:5c:cf:53:
5e:0d:19:c8:16:d6:35:67:49:06:9d:ac:22:54:da:1f:bb:21:
ab:2a:6f:91:85:08:89:24:05:4b:45:39:88:e7:f2:e0:96:75:
a9:43:c6:95:7b:37:88:16:b5:6c:c7:50:46:fa:c9:11:ee:cc:
e0:25:c8:bf:09:ff:37:44:fe:17:9a:5f:20:be:2b:a7:b7:73:
e1:ef:49:19:48:de:37:00:6a:ca:a8:8d:eb:3b:f8:2d:a8:34:
6f:ef:93:0d:75:95:3f:3d:f9:2b:0f:21:49:72:03:9f:c7:e9:
61:57:9c:3d:2c:a2:0c:ae:b5:78:0c:5f:34:88:c7:82:d7:9b:
f8:64:08:7f:c7:f5:a6:8a:e5:b2:5d:0d:c3:2a:4d:58:e2:be:
c0:44:01:65
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIb3AoUDa6j3ZKdrygnyWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZTAyNmVmMjY5MjA5MDlkOTMxZWE0ZGFjOWQ5MzkwNDg2
YjQxNTMwHhcNMjQwMTAyMDQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjBmOTdkZWY1ZDk4MzhmMWI1M2EyMjZiMDhjZWQyYTY0YmYxNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU9msDE44gMrTlUZ9AB09u6zWhUN
wH4q9k/sbGsRneN9xyo5b99SlevGVnhHQj2rTTxyg70J8lq98xhmudb4MJDp1+wm
Vp18A/fOYG/ZAHyBbt3RirVEb0nWbZBIShcG06CxpzTh9N8jv96IFowxK3MmjtHa
6YVL03MQ6qUjeaqJ2llaZlJejEFqHGrHOARY3OpNz3dTDWcwblStlxEf5J/VkPWr
Rw8dpUEDSzaiKUTJA2nBMUl/dqeT4RMYP2Yr+dNuMCzjR3iv1r0TJqUjQrGE56AG
VlxooZY4dADbVVqJZmyyM83c1C7JwlRDie+2rGwFEDvZJEEGtQP4JSBaAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJIPl9712YOPG1OiJrCM7SpkvxcxMB8GA1UdIwQY
MBaAFLvgJu8mkgkJ2THqTaydk5BIa0FTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdS1BbTd5YVNDUW5aTWVwTnJKMlRrRWhyUVZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9iNzNhZGQtZWEwZi00YzIyLTk4MGUt
MDU5YmFiMDE1Y2MzLzEva2ctWDN2WFpnNDhiVTZJbXNJenRLbVNfRnpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9iNzNhZGQtZWEwZi00YzIyLTk4MGUtMDU5YmFiMDE1Y2Mz
LzEvdS1BbTd5YVNDUW5aTWVwTnJKMlRrRWhyUVZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhAGQDAN
BgkqhkiG9w0BAQsFAAOCAQEAPHoN9tZaoVyeLZLAddWHOTmUWVT/VaYjOCMhcqIU
xAHd0ymzMKwg/Q3JQE1bS8Ca3mUkyY1dMht8aGSTES4pkFGef6E/WRv1zzXcxhvZ
M9WG8NkqTso1ulIDKxQlTWy/3hQh8o7vwO7UXM9TXg0ZyBbWNWdJBp2sIlTaH7sh
qypvkYUIiSQFS0U5iOfy4JZ1qUPGlXs3iBa1bMdQRvrJEe7M4CXIvwn/N0T+F5pf
IL4rp7dz4e9JGUjeNwBqyqiN6zv4Lag0b++TDXWVPz35Kw8hSXIDn8fpYVecPSyi
DK61eAxfNIjHgteb+GQIf8f1porlsl0NwypNWOK+wEQBZQ==
-----END CERTIFICATE-----
Generated at Sat Jun 8 01:54:32 2024 by rpki-client on console-fra.rpki-client.org