Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/78fefc-e9c5-4c6b-9ecd-18723c841121/1/KBPaX26T74rF_b98D5vbCS4Nuz0.roa
File: KBPaX26T74rF_b98D5vbCS4Nuz0.roa (raw, json)
Hash identifier: nU2QowOmWztQQgJHXXYPFT8tIem+quPQmedvSFuZH+I=
Subject key identifier: 28:13:DA:5F:6E:93:EF:8A:C5:FD:BF:7C:0F:9B:DB:09:2E:0D:BB:3D
Certificate issuer: /CN=34859d8a26c8e888777f4e801b20b785dee654cf
Certificate serial: 0194252129406877C6D738FDCBB6764194C0
Authority key identifier: 34:85:9D:8A:26:C8:E8:88:77:7F:4E:80:1B:20:B7:85:DE:E6:54:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIWdiibI6Ih3f06AGyC3hd7mVM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/78fefc-e9c5-4c6b-9ecd-18723c841121/1/KBPaX26T74rF_b98D5vbCS4Nuz0.roa
Signing time: Thu 02 Jan 2025 03:48:37 +0000
ROA not before: Thu 02 Jan 2025 03:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48178
IP address blocks: 193.202.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/78fefc-e9c5-4c6b-9ecd-18723c841121/1/NIWdiibI6Ih3f06AGyC3hd7mVM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/78fefc-e9c5-4c6b-9ecd-18723c841121/1/NIWdiibI6Ih3f06AGyC3hd7mVM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/NIWdiibI6Ih3f06AGyC3hd7mVM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:29:40:68:77:c6:d7:38:fd:cb:b6:76:41:94:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34859d8a26c8e888777f4e801b20b785dee654cf
Validity
Not Before: Jan 2 03:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2813da5f6e93ef8ac5fdbf7c0f9bdb092e0dbb3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:dc:2a:b9:71:0a:6f:8f:12:70:69:6a:1a:f4:
ce:a7:a3:da:2a:11:fa:87:8d:1e:69:48:6f:7d:17:
84:65:30:c0:33:3b:82:ff:73:5e:c8:0c:f9:ce:c3:
1b:6d:8c:a0:90:16:a5:72:80:e3:d2:c6:70:15:64:
b3:6a:94:6f:81:a0:d1:69:64:63:bf:d7:26:79:11:
63:c5:2e:3f:27:49:9b:b3:6b:94:d4:af:1a:08:db:
83:df:82:8e:e7:c1:5c:7a:50:7a:2a:05:5b:6c:f7:
2a:24:90:6e:b7:0d:e6:fc:82:fc:6b:46:a6:19:91:
bb:6d:d9:5b:7a:f9:0b:ed:a2:a5:a0:32:3b:41:24:
ec:a9:ac:2c:f9:5b:09:7e:13:a1:62:56:44:c4:08:
a3:5c:be:22:ff:51:01:97:f2:47:cf:b3:f5:a3:53:
72:e2:97:1f:74:1a:34:d2:77:b8:48:a5:17:90:10:
63:07:d4:c1:49:78:2a:7f:df:a2:db:cb:1d:aa:9b:
54:ad:11:5c:d3:58:c3:70:b8:ff:e9:ac:46:6a:89:
c4:ba:22:bf:89:0a:f9:bb:4a:6a:cd:ef:9e:66:c8:
3a:11:39:51:d5:ed:0b:d8:ff:a4:aa:b2:a7:eb:11:
57:7b:2f:5e:bb:d9:04:9f:0c:25:95:7a:d0:e1:43:
ab:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:13:DA:5F:6E:93:EF:8A:C5:FD:BF:7C:0F:9B:DB:09:2E:0D:BB:3D
X509v3 Authority Key Identifier:
keyid:34:85:9D:8A:26:C8:E8:88:77:7F:4E:80:1B:20:B7:85:DE:E6:54:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIWdiibI6Ih3f06AGyC3hd7mVM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/78fefc-e9c5-4c6b-9ecd-18723c841121/1/KBPaX26T74rF_b98D5vbCS4Nuz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/78fefc-e9c5-4c6b-9ecd-18723c841121/1/NIWdiibI6Ih3f06AGyC3hd7mVM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.21.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:6c:00:6c:69:c4:47:65:35:fe:38:da:34:d8:a8:b3:b9:f0:
6b:64:de:2f:dc:3b:b7:e9:ba:c8:76:f9:1d:c2:a2:c9:fd:25:
63:fa:26:e3:e3:cb:d3:6e:4b:05:59:29:9f:b3:3f:5c:e8:76:
3e:e4:c2:95:6f:c6:1d:7a:89:bc:46:29:8b:3d:57:6e:4b:c1:
01:2c:a9:bb:62:cd:12:2b:cf:34:26:47:3a:4c:5b:a5:5b:c8:
79:84:5c:fd:ce:b1:44:91:13:6b:da:a0:e2:27:ef:68:80:f6:
cb:03:1c:3a:34:ea:d9:e7:4d:d3:a5:d8:49:36:b5:10:61:7c:
a1:17:99:67:ce:23:4e:49:ae:93:60:57:9a:ee:08:4e:0b:ce:
01:28:f1:61:05:e1:0e:5b:e7:87:f7:5e:f4:5f:d7:b5:4f:14:
c2:0a:28:17:d8:17:b7:d3:a9:87:52:6a:8d:aa:ef:31:e4:92:
b4:8a:be:15:42:4f:c6:87:49:f4:ce:bf:9a:a1:39:fe:08:f4:
82:c7:d0:e1:13:d7:04:26:06:38:d2:07:01:a2:03:07:6f:6e:
7e:23:99:56:f6:c9:9c:1b:51:e7:fa:d1:58:59:02:f2:fe:df:
1c:d0:28:66:69:31:09:58:fe:8c:99:30:40:5b:47:83:98:a3:
d3:75:0d:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlISlAaHfG1zj9y7Z2QZTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ODU5ZDhhMjZjOGU4ODg3NzdmNGU4MDFiMjBiNzg1ZGVl
NjU0Y2YwHhcNMjUwMTAyMDM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODEzZGE1ZjZlOTNlZjhhYzVmZGJmN2MwZjliZGIwOTJlMGRiYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdwquXEKb48ScGlqGvTOp6PaKhH6
h40eaUhvfReEZTDAMzuC/3NeyAz5zsMbbYygkBalcoDj0sZwFWSzapRvgaDRaWRj
v9cmeRFjxS4/J0mbs2uU1K8aCNuD34KO58FcelB6KgVbbPcqJJButw3m/IL8a0am
GZG7bdlbevkL7aKloDI7QSTsqaws+VsJfhOhYlZExAijXL4i/1EBl/JHz7P1o1Ny
4pcfdBo00ne4SKUXkBBjB9TBSXgqf9+i28sdqptUrRFc01jDcLj/6axGaonEuiK/
iQr5u0pqze+eZsg6ETlR1e0L2P+kqrKn6xFXey9eu9kEnwwllXrQ4UOrzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgT2l9uk++Kxf2/fA+b2wkuDbs9MB8GA1UdIwQY
MBaAFDSFnYomyOiId39OgBsgt4Xe5lTPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTklXZGlpYkk2SWgzZjA2QUd5QzNoZDdtVk04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83OGZlZmMtZTljNS00YzZiLTllY2Qt
MTg3MjNjODQxMTIxLzEvS0JQYVgyNlQ3NHJGX2I5OEQ1dmJDUzROdXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83OGZlZmMtZTljNS00YzZiLTllY2QtMTg3MjNjODQxMTIx
LzEvTklXZGlpYkk2SWgzZjA2QUd5QzNoZDdtVk04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcoVMA0G
CSqGSIb3DQEBCwUAA4IBAQC4bABsacRHZTX+ONo02KizufBrZN4v3Du36brIdvkd
wqLJ/SVj+ibj48vTbksFWSmfsz9c6HY+5MKVb8Ydeom8RimLPVduS8EBLKm7Ys0S
K880Jkc6TFulW8h5hFz9zrFEkRNr2qDiJ+9ogPbLAxw6NOrZ503TpdhJNrUQYXyh
F5lnziNOSa6TYFea7ghOC84BKPFhBeEOW+eH9170X9e1TxTCCigX2Be306mHUmqN
qu8x5JK0ir4VQk/Gh0n0zr+aoTn+CPSCx9DhE9cEJgY40gcBogMHb25+I5lW9smc
G1Hn+tFYWQLy/t8c0ChmaTEJWP6MmTBAW0eDmKPTdQ1y
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:57:29 2025 by rpki-client