Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/KBL-UGgqIp8xieCa_iVedhu5O2o.roa
File: KBL-UGgqIp8xieCa_iVedhu5O2o.roa (raw, json)
Hash identifier: G7IzmJyW+KVuz5iStR7RUpaMi94TOxhNSFdjjEStTpY=
Subject key identifier: 28:12:FE:50:68:2A:22:9F:31:89:E0:9A:FE:25:5E:76:1B:B9:3B:6A
Certificate issuer: /CN=60a851d59356ca95d4ae78fa6936ba1b8a2b1c7a
Certificate serial: 018CC5DBED1285310E661266CCA7205E0700
Authority key identifier: 60:A8:51:D5:93:56:CA:95:D4:AE:78:FA:69:36:BA:1B:8A:2B:1C:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKhR1ZNWypXUrnj6aTa6G4orHHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/KBL-UGgqIp8xieCa_iVedhu5O2o.roa
Signing time: Mon 01 Jan 2024 16:29:33 +0000
ROA not before: Mon 01 Jan 2024 16:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44973
IP address blocks: 185.130.8.0/22 maxlen: 22
93.88.224.0/22 maxlen: 22
2a02:218::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/YKhR1ZNWypXUrnj6aTa6G4orHHo.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/YKhR1ZNWypXUrnj6aTa6G4orHHo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YKhR1ZNWypXUrnj6aTa6G4orHHo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ed:12:85:31:0e:66:12:66:cc:a7:20:5e:07:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60a851d59356ca95d4ae78fa6936ba1b8a2b1c7a
Validity
Not Before: Jan 1 16:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2812fe50682a229f3189e09afe255e761bb93b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:de:03:c0:65:9a:d1:43:34:02:67:44:da:0c:
70:a3:28:08:7a:78:2b:d9:b0:af:b5:bd:12:8b:42:
e5:25:63:d7:02:3b:29:74:ff:26:6a:ea:0c:fc:22:
4f:87:db:f9:06:6c:b7:b4:6f:68:07:09:10:4c:ba:
81:8b:c2:37:f7:d3:ae:55:7f:71:8b:5e:40:8b:00:
27:be:d2:86:a2:c3:a1:fa:2f:9f:58:22:5d:d1:4b:
0c:cf:6d:41:d3:bc:34:4c:73:c9:12:7c:98:0e:3e:
e9:16:bf:cb:64:b5:71:e7:d2:65:c7:22:69:d8:a4:
1b:1e:89:9a:f0:35:ba:70:b7:5b:60:40:9b:2e:57:
40:01:08:2e:91:8a:29:fe:9c:b9:b9:61:9b:07:01:
03:3e:68:78:2a:ff:a0:9a:05:0b:5f:f0:38:89:bb:
59:d1:6e:44:a3:c1:0e:71:4c:18:6a:84:96:69:38:
cd:5f:7d:41:c1:c2:18:08:5f:1f:1d:b8:a0:b0:e2:
78:7e:c0:95:59:c6:f3:30:38:c6:c4:dd:1d:5c:62:
ba:11:6d:3e:fe:50:32:ae:24:82:61:9d:2f:03:95:
c9:5a:06:53:8c:cf:ec:4c:dc:4a:2a:e1:f9:0f:97:
66:3b:67:2e:3e:da:85:db:27:ea:f9:0f:0d:b7:32:
51:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:12:FE:50:68:2A:22:9F:31:89:E0:9A:FE:25:5E:76:1B:B9:3B:6A
X509v3 Authority Key Identifier:
keyid:60:A8:51:D5:93:56:CA:95:D4:AE:78:FA:69:36:BA:1B:8A:2B:1C:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKhR1ZNWypXUrnj6aTa6G4orHHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/KBL-UGgqIp8xieCa_iVedhu5O2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c97898-5e72-454a-be2f-548e7b7fa4e1/1/YKhR1ZNWypXUrnj6aTa6G4orHHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.224.0/22
185.130.8.0/22
IPv6:
2a02:218::/29
Signature Algorithm: sha256WithRSAEncryption
14:1b:89:63:12:53:01:ee:d9:66:dd:ef:ef:ec:56:7b:16:ac:
bb:48:2d:a8:18:9b:f9:5d:ff:11:75:0d:1f:9f:87:8b:47:3b:
f2:98:9a:6c:7a:23:fc:e6:ac:36:6b:31:43:76:b6:9e:fb:e9:
94:e3:bd:cf:63:77:0a:72:e4:63:d7:57:4b:bf:87:bb:44:8c:
1a:ff:e0:ef:16:3b:d1:89:45:14:0d:81:d4:bf:0b:0d:4c:6e:
cb:dd:45:39:d1:e4:ef:e8:3d:2e:48:72:81:c8:50:c6:36:30:
da:1d:4f:5e:cc:40:cf:43:8f:91:a4:59:d7:c1:ed:20:d3:00:
4b:3c:dd:21:2f:1e:9e:cf:58:91:46:67:8f:f3:a9:01:c1:4f:
1c:f9:b1:f9:d7:cd:c3:08:f4:58:f4:5f:f2:f2:83:cf:ea:15:
63:4d:d0:e2:4a:ff:ef:27:61:b4:22:8e:50:ee:69:6c:01:cb:
83:ba:8c:29:b3:89:8c:5e:01:b2:82:15:be:43:a4:7a:36:2d:
0d:cf:2c:fc:f0:f9:53:78:d3:8c:2e:61:81:94:e3:48:71:3a:
7b:fb:77:af:93:08:42:37:02:36:f0:5d:a3:d6:77:c4:29:da:
d1:c9:2c:40:75:7e:02:56:d5:ce:5d:d6:b3:f8:07:0f:c2:dc:
68:77:6b:d3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF2+0ShTEOZhJmzKcgXgcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTg1MWQ1OTM1NmNhOTVkNGFlNzhmYTY5MzZiYTFiOGEy
YjFjN2EwHhcNMjQwMTAxMTYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODEyZmU1MDY4MmEyMjlmMzE4OWUwOWFmZTI1NWU3NjFiYjkzYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt4DwGWa0UM0AmdE2gxwoygIengr
2bCvtb0Si0LlJWPXAjspdP8mauoM/CJPh9v5Bmy3tG9oBwkQTLqBi8I399OuVX9x
i15AiwAnvtKGosOh+i+fWCJd0UsMz21B07w0THPJEnyYDj7pFr/LZLVx59JlxyJp
2KQbHoma8DW6cLdbYECbLldAAQgukYop/py5uWGbBwEDPmh4Kv+gmgULX/A4ibtZ
0W5Eo8EOcUwYaoSWaTjNX31BwcIYCF8fHbigsOJ4fsCVWcbzMDjGxN0dXGK6EW0+
/lAyriSCYZ0vA5XJWgZTjM/sTNxKKuH5D5dmO2cuPtqF2yfq+Q8NtzJRrwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCgS/lBoKiKfMYngmv4lXnYbuTtqMB8GA1UdIwQY
MBaAFGCoUdWTVsqV1K54+mk2uhuKKxx6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtoUjFaTld5cFhVcm5qNmFUYTZHNG9ySEhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jOTc4OTgtNWU3Mi00NTRhLWJlMmYt
NTQ4ZTdiN2ZhNGUxLzEvS0JMLVVHZ3FJcDh4aWVDYV9pVmVkaHU1TzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jOTc4OTgtNWU3Mi00NTRhLWJlMmYtNTQ4ZTdiN2ZhNGUx
LzEvWUtoUjFaTld5cFhVcm5qNmFUYTZHNG9ySEhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCXVjgAwQC
uYIIMA0EAgACMAcDBQMqAgIYMA0GCSqGSIb3DQEBCwUAA4IBAQAUG4ljElMB7tlm
3e/v7FZ7Fqy7SC2oGJv5Xf8RdQ0fn4eLRzvymJpseiP85qw2azFDdrae++mU473P
Y3cKcuRj11dLv4e7RIwa/+DvFjvRiUUUDYHUvwsNTG7L3UU50eTv6D0uSHKByFDG
NjDaHU9ezEDPQ4+RpFnXwe0g0wBLPN0hLx6ez1iRRmeP86kBwU8c+bH5183DCPRY
9F/y8oPP6hVjTdDiSv/vJ2G0Io5Q7mlsAcuDuowps4mMXgGyghW+Q6R6Ni0Nzyz8
8PlTeNOMLmGBlONIcTp7+3evkwhCNwI28F2j1nfEKdrRySxAdX4CVtXOXdaz+AcP
wtxod2vT
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:02:42 2024 by rpki-client on console-fra.rpki-client.org