Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/KUBh-FtO4cB_0UBChIKMBYMikGc.roa
File: KUBh-FtO4cB_0UBChIKMBYMikGc.roa (raw, json)
Hash identifier: ko8kdic0wP1jWsyIuthqJrHLIoRgR5yrLuOPWaBeORE=
Subject key identifier: 29:40:61:F8:5B:4E:E1:C0:7F:D1:40:42:84:82:8C:05:83:22:90:67
Certificate issuer: /CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Certificate serial: 018CC94E3BE8AA5D4BE1A428C7A21A8179E8
Authority key identifier: 71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/KUBh-FtO4cB_0UBChIKMBYMikGc.roa
Signing time: Tue 02 Jan 2024 08:33:16 +0000
ROA not before: Tue 02 Jan 2024 08:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203210
IP address blocks: 91.196.49.0/24 maxlen: 24
91.196.48.0/22 maxlen: 22
91.196.50.0/24 maxlen: 24
91.196.48.0/24 maxlen: 24
91.196.51.0/24 maxlen: 24
77.87.74.0/24 maxlen: 24
77.87.73.0/24 maxlen: 24
195.22.125.0/24 maxlen: 24
195.22.124.0/24 maxlen: 24
195.22.124.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3b:e8:aa:5d:4b:e1:a4:28:c7:a2:1a:81:79:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Validity
Not Before: Jan 2 08:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=294061f85b4ee1c07fd1404284828c0583229067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a4:af:88:18:93:c8:49:d1:f2:99:02:80:31:
d0:13:16:52:d2:db:f3:4a:0b:1b:37:13:b4:03:8b:
1f:75:0c:d8:69:c1:fe:fb:ac:19:11:74:52:18:b7:
60:00:68:2a:46:d7:0b:81:cd:5d:e8:3a:28:94:bc:
d5:b6:f2:b3:02:a4:66:5d:20:e0:4c:23:2f:88:96:
bc:b0:28:e5:7a:dd:a2:ad:cb:c5:37:75:65:7c:be:
9c:15:27:7d:7f:63:d1:c1:59:a1:c2:8a:33:43:3a:
6a:89:84:6c:25:2e:b1:8b:34:36:6a:8b:c1:8f:2f:
ec:b7:a4:52:a3:89:fc:d3:95:d3:37:48:15:a8:2f:
2c:08:c3:59:a4:f6:ba:d0:12:66:9c:50:0e:84:23:
c6:6f:87:75:45:e6:a7:5a:97:35:b5:dc:5a:f9:b0:
d5:8f:08:85:85:19:8a:ff:07:38:45:ac:54:c6:db:
05:33:9a:2f:50:b8:d8:15:71:5e:df:30:2f:45:c4:
55:a3:bf:1a:92:f3:22:51:3f:4d:2d:93:9d:79:95:
0e:1b:bb:c9:65:6c:9f:04:d4:13:2c:4a:f1:38:9f:
7f:81:f2:69:f6:9d:3b:68:d1:a1:75:c9:2a:a0:df:
2e:8c:30:46:40:07:4b:18:93:3b:fe:cf:31:71:e7:
88:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:40:61:F8:5B:4E:E1:C0:7F:D1:40:42:84:82:8C:05:83:22:90:67
X509v3 Authority Key Identifier:
keyid:71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/KUBh-FtO4cB_0UBChIKMBYMikGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.73.0-77.87.74.255
91.196.48.0/22
195.22.124.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:2c:57:09:3c:d1:b7:dd:07:3b:cf:d1:4e:bb:6c:9e:5c:ff:
48:ad:ae:6a:6f:49:1b:e7:00:98:ad:09:a5:05:98:93:fa:d8:
57:21:79:87:2f:31:a0:f1:b8:2c:f9:c0:c4:46:c0:fe:e0:fa:
28:b9:51:db:c4:2c:a7:e7:0d:c0:38:c2:82:92:8f:b6:3a:76:
ab:91:5e:33:41:dd:f0:be:31:0b:82:f3:2f:0f:e0:99:5d:ba:
91:c6:12:0f:18:7f:59:b8:3c:ca:80:40:65:37:c2:5f:a8:ee:
dc:4c:fa:bc:b9:f6:0c:36:82:8b:10:82:eb:43:39:92:ee:d6:
3f:ce:3c:7b:c2:38:7e:13:45:7b:c9:79:22:56:8c:e5:b1:41:
94:4d:5e:ef:8a:0d:27:45:d7:23:d0:61:a3:67:46:9d:2a:e7:
4f:61:76:a2:14:00:47:1c:2d:5f:9a:7c:45:82:44:bd:4f:01:
c7:5b:13:47:e6:78:c6:99:0c:88:61:44:d7:33:c9:2b:02:22:
c9:52:9a:ad:37:66:f3:cb:c8:17:12:95:97:7f:d9:69:e7:89:
d5:a1:52:d5:e7:de:fb:fe:2f:8d:2c:2b:46:50:08:33:80:c0:
8e:61:57:ce:9c:8b:1e:83:73:1e:16:02:b7:48:55:6a:dc:ee:
df:14:60:8e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzJTjvoql1L4aQox6IagXnoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYzE2OTBlZjU3YWZjZmZhZTczYmRiOTkzNDMwOWY4Yjcw
ZWJiNjEwHhcNMjQwMTAyMDgzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQwNjFmODViNGVlMWMwN2ZkMTQwNDI4NDgyOGMwNTgzMjI5MDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KSviBiTyEnR8pkCgDHQExZS0tvz
SgsbNxO0A4sfdQzYacH++6wZEXRSGLdgAGgqRtcLgc1d6DoolLzVtvKzAqRmXSDg
TCMviJa8sCjlet2ircvFN3VlfL6cFSd9f2PRwVmhwoozQzpqiYRsJS6xizQ2aovB
jy/st6RSo4n805XTN0gVqC8sCMNZpPa60BJmnFAOhCPGb4d1ReanWpc1tdxa+bDV
jwiFhRmK/wc4RaxUxtsFM5ovULjYFXFe3zAvRcRVo78akvMiUT9NLZOdeZUOG7vJ
ZWyfBNQTLErxOJ9/gfJp9p07aNGhdckqoN8ujDBGQAdLGJM7/s8xceeIkQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFClAYfhbTuHAf9FAQoSCjAWDIpBnMB8GA1UdIwQY
MBaAFHHBaQ71evz/rnO9uZNDCfi3DrthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYt
MDA2ZTliYjhlZDU5LzEvS1VCaC1GdE80Y0JfMFVCQ2hJS01CWU1pa0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYtMDA2ZTliYjhlZDU5
LzEvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABNV0kD
BABNV0oDBAJbxDADBAHDFnwwDQYJKoZIhvcNAQELBQADggEBAH8sVwk80bfdBzvP
0U67bJ5c/0itrmpvSRvnAJitCaUFmJP62FcheYcvMaDxuCz5wMRGwP7g+ii5UdvE
LKfnDcA4woKSj7Y6dquRXjNB3fC+MQuC8y8P4JldupHGEg8Yf1m4PMqAQGU3wl+o
7txM+ry59gw2gosQgutDOZLu1j/OPHvCOH4TRXvJeSJWjOWxQZRNXu+KDSdF1yPQ
YaNnRp0q509hdqIUAEccLV+afEWCRL1PAcdbE0fmeMaZDIhhRNczySsCIslSmq03
ZvPLyBcSlZd/2WnnidWhUtXn3vv+L40sK0ZQCDOAwI5hV86cix6Dcx4WArdIVWrc
7t8UYI4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:42:14 2024 by rpki-client on console-ams.rpki-client.org