Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kmps_wc-AB0wVobjsGYS1D_jeNI.roa
File: kmps_wc-AB0wVobjsGYS1D_jeNI.roa (raw, json)
Hash identifier: /kX2b2yK3ycxvbAMXjF5yIEdjsEkyhBOAnzs4rcWumU=
Subject key identifier: 92:6A:6C:FF:07:3E:00:1D:30:56:86:E3:B0:66:12:D4:3F:E3:78:D2
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B73C0ACEC7EC42A00307E285FA40DB
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kmps_wc-AB0wVobjsGYS1D_jeNI.roa
Signing time: Mon 01 Jan 2024 06:30:14 +0000
ROA not before: Mon 01 Jan 2024 06:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198855
IP address blocks: 90.83.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3c:0a:ce:c7:ec:42:a0:03:07:e2:85:fa:40:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=926a6cff073e001d305686e3b06612d43fe378d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:68:10:44:c2:6e:90:14:34:ca:af:f6:20:9c:
12:82:87:df:b6:76:7a:14:bc:df:2c:b7:16:e7:bc:
3a:66:9d:39:84:07:b6:d2:47:3b:d6:e7:e7:31:8b:
0e:3c:8e:3f:79:82:4e:16:02:47:8d:4e:60:29:9e:
55:da:70:60:ab:9d:e5:15:44:b6:93:14:ef:5e:f2:
c4:02:29:05:3d:0e:4f:5e:cc:80:2e:25:e3:7e:77:
f4:5f:fd:7a:8a:44:de:1c:0e:8a:89:4d:0d:c9:d5:
ab:8a:97:2c:e2:dc:3b:d5:96:28:b7:84:bc:1b:6e:
53:e6:6b:ac:7a:80:91:3b:85:b9:5a:71:34:9f:9c:
66:9e:21:25:e6:7b:26:3f:d7:8c:81:bd:0e:7d:4b:
9f:75:ee:32:a6:70:f1:50:ce:9e:d0:9e:1a:c3:5e:
7b:a2:2f:0a:15:1c:44:60:92:c6:fd:06:8a:7e:cb:
be:ff:41:a1:46:28:2b:63:ca:65:3d:cd:cf:79:ba:
cd:09:e7:be:7b:c3:fc:9c:56:3a:28:66:50:36:13:
5b:39:88:7c:d4:ca:99:6c:e9:2f:5c:94:6f:2f:b2:
9c:7b:2a:7d:6a:72:3f:16:dd:46:f9:40:38:6a:b4:
49:9d:54:39:13:85:4b:4c:ef:86:98:9f:39:e8:10:
49:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:6A:6C:FF:07:3E:00:1D:30:56:86:E3:B0:66:12:D4:3F:E3:78:D2
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/kmps_wc-AB0wVobjsGYS1D_jeNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.83.124.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:58:c3:02:89:10:f7:b9:78:35:37:ce:a8:04:52:0e:1b:ea:
40:78:a2:0d:30:b5:cd:0f:22:35:f4:9a:f6:5e:02:42:59:b0:
32:7b:8f:1f:3c:36:38:6b:5e:ff:b1:7c:78:64:88:09:cc:34:
69:88:74:bc:c1:08:32:09:8f:a9:76:4c:31:16:34:34:e8:fb:
95:86:d8:45:ab:b3:c0:95:ed:74:c2:cf:cc:00:46:45:10:45:
58:eb:21:86:10:9d:7f:f8:ab:59:a4:b9:95:7c:37:2c:6e:c8:
98:0a:af:82:80:2e:52:39:86:81:22:9c:cb:6c:d2:4f:0e:48:
a1:4a:50:4f:4c:b8:c3:4a:d7:f9:55:3d:47:42:72:5e:01:15:
ba:b0:f9:56:4d:99:88:b3:d0:37:38:cc:5c:9d:7b:fa:da:1a:
32:e8:d6:e2:6c:cf:f2:c9:30:77:4b:c7:49:ee:29:48:c0:b2:
4c:99:91:a0:bc:02:f2:4b:c3:34:db:31:5e:9a:af:c2:0a:f1:
79:3b:a4:db:e6:37:09:a8:f4:e1:ba:21:6f:a6:17:22:dd:ea:
c9:dc:0f:da:e6:81:7f:39:0d:a4:8d:10:2c:6a:a6:31:0f:16:
72:ab:4e:d7:3b:3f:24:1a:81:c2:6a:85:5d:d1:9f:94:0d:ba:
7d:a4:3b:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtzwKzsfsQqADB+KF+kDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjZhNmNmZjA3M2UwMDFkMzA1Njg2ZTNiMDY2MTJkNDNmZTM3OGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWgQRMJukBQ0yq/2IJwSgofftnZ6
FLzfLLcW57w6Zp05hAe20kc71ufnMYsOPI4/eYJOFgJHjU5gKZ5V2nBgq53lFUS2
kxTvXvLEAikFPQ5PXsyALiXjfnf0X/16ikTeHA6KiU0NydWripcs4tw71ZYot4S8
G25T5museoCRO4W5WnE0n5xmniEl5nsmP9eMgb0OfUufde4ypnDxUM6e0J4aw157
oi8KFRxEYJLG/QaKfsu+/0GhRigrY8plPc3PebrNCee+e8P8nFY6KGZQNhNbOYh8
1MqZbOkvXJRvL7Kceyp9anI/Ft1G+UA4arRJnVQ5E4VLTO+GmJ856BBJPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJqbP8HPgAdMFaG47BmEtQ/43jSMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEva21wc193Yy1BQjB3Vm9ianNHWVMxRF9qZU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWlN8MA0G
CSqGSIb3DQEBCwUAA4IBAQBfWMMCiRD3uXg1N86oBFIOG+pAeKINMLXNDyI19Jr2
XgJCWbAye48fPDY4a17/sXx4ZIgJzDRpiHS8wQgyCY+pdkwxFjQ06PuVhthFq7PA
le10ws/MAEZFEEVY6yGGEJ1/+KtZpLmVfDcsbsiYCq+CgC5SOYaBIpzLbNJPDkih
SlBPTLjDStf5VT1HQnJeARW6sPlWTZmIs9A3OMxcnXv62hoy6NbibM/yyTB3S8dJ
7ilIwLJMmZGgvALyS8M02zFemq/CCvF5O6Tb5jcJqPThuiFvphci3erJ3A/a5oF/
OQ2kjRAsaqYxDxZyq07XOz8kGoHCaoVd0Z+UDbp9pDsn
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:27:40 2024 by rpki-client on console-ams.rpki-client.org