Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/KVt_no_lfHWTZhzNwemlJDM2ftE.roa
File: KVt_no_lfHWTZhzNwemlJDM2ftE.roa (raw, json)
Hash identifier: Ov1wEZbxMW0tXUjppWm22mwdnVcmSbVO0/ASdOTvEqc=
Subject key identifier: 29:5B:7F:9E:8F:E5:7C:75:93:66:1C:CD:C1:E9:A5:24:33:36:7E:D1
Certificate issuer: /CN=b443914a48e5dae5a756b1e3b8fbe437ee0d8b0c
Certificate serial: 018E5B69D19BECC8738AB0D9825AD0A715D3
Authority key identifier: B4:43:91:4A:48:E5:DA:E5:A7:56:B1:E3:B8:FB:E4:37:EE:0D:8B:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEORSkjl2uWnVrHjuPvkN-4Niww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/KVt_no_lfHWTZhzNwemlJDM2ftE.roa
Signing time: Wed 20 Mar 2024 10:30:45 +0000
ROA not before: Wed 20 Mar 2024 10:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21239
IP address blocks: 193.109.126.0/24 maxlen: 24
194.0.6.0/24 maxlen: 24
195.22.138.0/23 maxlen: 24
2a02:6e0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/tEORSkjl2uWnVrHjuPvkN-4Niww.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/tEORSkjl2uWnVrHjuPvkN-4Niww.mft
rsync://rpki.ripe.net/repository/DEFAULT/tEORSkjl2uWnVrHjuPvkN-4Niww.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:69:d1:9b:ec:c8:73:8a:b0:d9:82:5a:d0:a7:15:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b443914a48e5dae5a756b1e3b8fbe437ee0d8b0c
Validity
Not Before: Mar 20 10:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=295b7f9e8fe57c7593661ccdc1e9a52433367ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e7:20:6d:0f:bd:93:83:72:db:fe:b4:38:73:
7c:cc:42:98:f2:71:1f:c1:c7:d0:01:f8:f8:ce:c6:
2f:55:c4:39:28:63:77:27:2f:5b:40:0f:37:69:1b:
a3:0a:d9:d4:3f:88:f8:57:e3:50:b1:fb:88:6d:37:
4f:3a:11:2d:8c:5d:e2:7a:41:c8:a9:d3:a1:81:6d:
6c:9e:49:6f:bc:53:95:42:cd:73:cf:90:1f:e8:44:
df:56:5b:9f:4f:c1:98:49:6c:cf:c8:84:bf:7b:39:
b1:fb:ea:53:2b:81:d3:04:61:4b:9f:2d:a5:9b:67:
65:46:ff:de:3c:97:7d:73:97:e6:3a:00:a4:b7:d4:
8f:3f:fd:dc:fb:dd:7d:e1:51:d2:03:02:dd:d0:45:
6d:b5:6b:b0:09:b8:08:fc:33:7d:02:b4:53:d8:7e:
e3:11:70:be:8c:ea:cc:9e:a2:68:55:ce:10:a5:47:
9c:e0:e5:31:78:0f:3c:15:32:b7:5e:b4:b4:cc:cc:
62:d8:92:bc:67:1c:20:5a:eb:0f:6f:0a:53:9d:e9:
ba:0a:c7:e6:24:2e:9a:46:f6:e4:3e:96:ad:9c:95:
d6:f1:8c:f6:55:30:7a:3c:e6:de:ec:7a:42:0c:cc:
8d:69:07:f4:5c:6a:69:d3:39:b5:2f:65:ca:ba:29:
ac:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5B:7F:9E:8F:E5:7C:75:93:66:1C:CD:C1:E9:A5:24:33:36:7E:D1
X509v3 Authority Key Identifier:
keyid:B4:43:91:4A:48:E5:DA:E5:A7:56:B1:E3:B8:FB:E4:37:EE:0D:8B:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEORSkjl2uWnVrHjuPvkN-4Niww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/KVt_no_lfHWTZhzNwemlJDM2ftE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/6920d2-a7a6-41a5-96e0-314ef746d8a6/1/tEORSkjl2uWnVrHjuPvkN-4Niww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.126.0/24
194.0.6.0/24
195.22.138.0/23
IPv6:
2a02:6e0::/32
Signature Algorithm: sha256WithRSAEncryption
61:58:5b:ca:a2:43:9e:86:34:7c:21:b4:05:43:7f:69:91:fd:
04:dd:82:3e:7b:83:70:2d:55:64:f3:bf:b1:d6:6f:65:37:9a:
2d:8a:e7:dc:db:06:9f:3f:21:bc:ec:74:64:ac:40:fd:53:47:
33:04:39:d2:a1:fb:ce:4e:00:e4:fc:3a:a3:e4:f0:af:40:c4:
75:d6:31:e2:d2:f8:b4:aa:3f:65:67:bb:c2:3c:00:73:d3:12:
e6:24:3c:e1:fe:e6:bd:23:c0:5c:21:bc:2e:c0:da:28:73:db:
38:10:e2:dd:a5:f9:b2:c1:57:35:4d:04:01:55:c9:e7:68:d3:
b8:17:32:4e:8e:bc:f5:56:5d:a4:60:95:26:82:3b:cb:5b:14:
37:00:5a:88:97:6f:16:16:15:bb:c4:74:de:8c:98:f1:07:e5:
00:ae:9e:82:59:36:54:de:38:e8:3c:bf:48:d3:72:d0:23:08:
e3:c3:19:67:b6:b6:8a:9c:43:15:98:a5:61:1f:a5:cf:74:fa:
73:4c:a6:df:7f:f7:3d:96:05:4a:f0:a8:f7:86:10:7e:0b:49:
29:88:32:f2:c5:fe:af:76:2d:02:f5:d9:24:08:70:29:a1:fa:
b3:46:e3:df:38:cc:fb:c2:8c:96:c0:38:7d:39:af:24:1f:d8:
ce:48:45:1f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY5badGb7MhzirDZglrQpxXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NDM5MTRhNDhlNWRhZTVhNzU2YjFlM2I4ZmJlNDM3ZWUw
ZDhiMGMwHhcNMjQwMzIwMTAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTViN2Y5ZThmZTU3Yzc1OTM2NjFjY2RjMWU5YTUyNDMzMzY3ZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgucgbQ+9k4Ny2/60OHN8zEKY8nEf
wcfQAfj4zsYvVcQ5KGN3Jy9bQA83aRujCtnUP4j4V+NQsfuIbTdPOhEtjF3iekHI
qdOhgW1snklvvFOVQs1zz5Af6ETfVlufT8GYSWzPyIS/ezmx++pTK4HTBGFLny2l
m2dlRv/ePJd9c5fmOgCkt9SPP/3c+9194VHSAwLd0EVttWuwCbgI/DN9ArRT2H7j
EXC+jOrMnqJoVc4QpUec4OUxeA88FTK3XrS0zMxi2JK8ZxwgWusPbwpTnem6Csfm
JC6aRvbkPpatnJXW8Yz2VTB6PObe7HpCDMyNaQf0XGpp0zm1L2XKuimsEQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFClbf56P5Xx1k2YczcHppSQzNn7RMB8GA1UdIwQY
MBaAFLRDkUpI5drlp1ax47j75DfuDYsMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEVPUlNramwydVduVnJIanVQdmtOLTROaXd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC82OTIwZDItYTdhNi00MWE1LTk2ZTAt
MzE0ZWY3NDZkOGE2LzEvS1Z0X25vX2xmSFdUWmh6TndlbWxKRE0yZnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC82OTIwZDItYTdhNi00MWE1LTk2ZTAtMzE0ZWY3NDZkOGE2
LzEvdEVPUlNramwydVduVnJIanVQdmtOLTROaXd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwW1+AwQA
wgAGAwQBwxaKMA0EAgACMAcDBQAqAgbgMA0GCSqGSIb3DQEBCwUAA4IBAQBhWFvK
okOehjR8IbQFQ39pkf0E3YI+e4NwLVVk87+x1m9lN5otiufc2wafPyG87HRkrED9
U0czBDnSofvOTgDk/Dqj5PCvQMR11jHi0vi0qj9lZ7vCPABz0xLmJDzh/ua9I8Bc
IbwuwNooc9s4EOLdpfmywVc1TQQBVcnnaNO4FzJOjrz1Vl2kYJUmgjvLWxQ3AFqI
l28WFhW7xHTejJjxB+UArp6CWTZU3jjoPL9I03LQIwjjwxlntraKnEMVmKVhH6XP
dPpzTKbff/c9lgVK8Kj3hhB+C0kpiDLyxf6vdi0C9dkkCHApofqzRuPfOMz7woyW
wDh9Oa8kH9jOSEUf
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:26:34 2024 by rpki-client on console-ams.rpki-client.org