Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/4b9353-b70d-408b-a8b7-ec50daad82f7/1/kkvLn3EUQKWDyIanocJHxS3rnso.roa
File: kkvLn3EUQKWDyIanocJHxS3rnso.roa (raw, json)
Hash identifier: C7Wgn7QxsYBeqv0rtKQnYzEKV0/dVS95MRkcasxyi2o=
Subject key identifier: 92:4B:CB:9F:71:14:40:A5:83:C8:86:A7:A1:C2:47:C5:2D:EB:9E:CA
Certificate issuer: /CN=437d280cb4eae8156a77dfe7a3ffc5fd4b4dbfaa
Certificate serial: 018CC64B6390DCB21BBC76625A3309702C79
Authority key identifier: 43:7D:28:0C:B4:EA:E8:15:6A:77:DF:E7:A3:FF:C5:FD:4B:4D:BF:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q30oDLTq6BVqd9_no__F_UtNv6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/4b9353-b70d-408b-a8b7-ec50daad82f7/1/kkvLn3EUQKWDyIanocJHxS3rnso.roa
Signing time: Mon 01 Jan 2024 18:31:18 +0000
ROA not before: Mon 01 Jan 2024 18:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200645
IP address blocks: 193.104.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/4b9353-b70d-408b-a8b7-ec50daad82f7/1/Q30oDLTq6BVqd9_no__F_UtNv6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/4b9353-b70d-408b-a8b7-ec50daad82f7/1/Q30oDLTq6BVqd9_no__F_UtNv6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q30oDLTq6BVqd9_no__F_UtNv6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:63:90:dc:b2:1b:bc:76:62:5a:33:09:70:2c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=437d280cb4eae8156a77dfe7a3ffc5fd4b4dbfaa
Validity
Not Before: Jan 1 18:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=924bcb9f711440a583c886a7a1c247c52deb9eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:94:69:98:2f:67:4f:e2:11:04:60:c2:4a:
56:c6:65:ca:7e:99:66:63:78:26:53:f8:11:74:0f:
1e:3e:be:47:81:1c:41:34:74:09:5a:8d:44:3d:b6:
8c:76:c3:8b:9d:37:0c:d1:73:d3:01:0b:85:4e:ec:
2b:47:f6:72:d7:c0:63:26:f4:dc:b0:2e:7f:65:6f:
65:c1:bc:d1:6e:7f:80:33:32:5d:74:66:8d:45:50:
5b:f0:46:82:b5:ba:da:85:37:4c:22:59:04:30:11:
6e:5c:d8:53:39:5a:e8:b4:e6:be:30:14:8b:5c:b8:
40:7a:a0:79:04:c8:c9:10:e3:f5:a0:d1:d4:7b:16:
80:35:c2:e6:cb:73:99:8b:02:04:c6:b2:9f:75:43:
b4:9d:a2:57:b1:2b:55:8d:0d:9b:64:6e:a1:bc:9b:
b2:98:0a:64:aa:42:92:75:65:53:35:5a:7b:eb:c3:
81:9d:a9:b5:23:9c:6d:83:7d:17:e7:cd:06:d2:85:
c9:ea:ce:3d:59:76:15:e5:4c:4c:b8:4c:0a:7c:60:
42:95:d3:0b:fb:3a:ba:94:6b:a4:75:54:d9:45:15:
fd:26:c5:23:32:55:95:fa:06:df:e5:c0:84:36:73:
f3:cd:1c:88:f9:ba:1f:ee:45:24:31:4e:e1:a4:98:
09:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:4B:CB:9F:71:14:40:A5:83:C8:86:A7:A1:C2:47:C5:2D:EB:9E:CA
X509v3 Authority Key Identifier:
keyid:43:7D:28:0C:B4:EA:E8:15:6A:77:DF:E7:A3:FF:C5:FD:4B:4D:BF:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q30oDLTq6BVqd9_no__F_UtNv6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4b9353-b70d-408b-a8b7-ec50daad82f7/1/kkvLn3EUQKWDyIanocJHxS3rnso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4b9353-b70d-408b-a8b7-ec50daad82f7/1/Q30oDLTq6BVqd9_no__F_UtNv6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.29.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f6:7f:21:e2:5d:c6:25:5f:87:32:d8:b6:8d:dd:e6:7a:88:
e4:d7:b1:fc:30:f5:42:92:fa:0d:93:1e:68:95:95:86:24:a8:
d6:c4:4c:fb:f1:08:ca:7b:4f:43:ef:ed:d2:47:92:21:f5:ec:
f3:6e:1a:d0:61:7f:2f:e1:45:02:2e:7e:90:9a:91:3f:55:c9:
0b:ae:22:86:34:e0:a3:cf:8b:ad:2e:56:ff:8c:29:c2:13:9b:
8c:b4:83:52:cf:1d:5a:92:26:85:82:22:88:4f:8c:fd:be:fd:
e7:1c:35:62:da:46:f2:fb:6c:7a:e4:d8:d1:d6:0a:38:cf:df:
59:35:83:08:3c:59:07:6e:4d:ec:d2:5c:62:22:4f:ba:c9:31:
92:85:e9:f8:93:c7:69:c0:bf:8e:18:b8:25:15:06:02:85:2f:
e8:e6:2e:84:61:28:b7:0c:2d:7c:18:95:63:61:6a:43:24:5f:
ba:1c:12:7c:f1:bc:0b:8a:5c:1c:43:65:4a:1d:bf:3e:1a:7c:
c6:ec:4b:e9:7a:12:c6:f1:6f:b6:0a:07:b1:4a:57:e9:ce:68:
ef:91:51:64:bf:8f:85:18:1f:d1:4c:99:51:74:e8:da:e7:4a:
ad:5e:fb:92:10:60:d4:b3:dc:c4:d1:66:8e:c9:85:cc:74:61:
ed:fc:95:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS2OQ3LIbvHZiWjMJcCx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzN2QyODBjYjRlYWU4MTU2YTc3ZGZlN2EzZmZjNWZkNGI0
ZGJmYWEwHhcNMjQwMTAxMTgzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjRiY2I5ZjcxMTQ0MGE1ODNjODg2YTdhMWMyNDdjNTJkZWI5ZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA2UaZgvZ0/iEQRgwkpWxmXKfplm
Y3gmU/gRdA8ePr5HgRxBNHQJWo1EPbaMdsOLnTcM0XPTAQuFTuwrR/Zy18BjJvTc
sC5/ZW9lwbzRbn+AMzJddGaNRVBb8EaCtbrahTdMIlkEMBFuXNhTOVrotOa+MBSL
XLhAeqB5BMjJEOP1oNHUexaANcLmy3OZiwIExrKfdUO0naJXsStVjQ2bZG6hvJuy
mApkqkKSdWVTNVp768OBnam1I5xtg30X580G0oXJ6s49WXYV5UxMuEwKfGBCldML
+zq6lGukdVTZRRX9JsUjMlWV+gbf5cCENnPzzRyI+bof7kUkMU7hpJgJYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJLy59xFEClg8iGp6HCR8Ut657KMB8GA1UdIwQY
MBaAFEN9KAy06ugVanff56P/xf1LTb+qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTMwb0RMVHE2QlZxZDlfbm9fX0ZfVXROdjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80YjkzNTMtYjcwZC00MDhiLWE4Yjct
ZWM1MGRhYWQ4MmY3LzEva2t2TG4zRVVRS1dEeUlhbm9jSkh4UzNybnNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80YjkzNTMtYjcwZC00MDhiLWE4YjctZWM1MGRhYWQ4MmY3
LzEvUTMwb0RMVHE2QlZxZDlfbm9fX0ZfVXROdjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWgdMA0G
CSqGSIb3DQEBCwUAA4IBAQAg9n8h4l3GJV+HMti2jd3meojk17H8MPVCkvoNkx5o
lZWGJKjWxEz78QjKe09D7+3SR5Ih9ezzbhrQYX8v4UUCLn6QmpE/VckLriKGNOCj
z4utLlb/jCnCE5uMtINSzx1akiaFgiKIT4z9vv3nHDVi2kby+2x65NjR1go4z99Z
NYMIPFkHbk3s0lxiIk+6yTGShen4k8dpwL+OGLglFQYChS/o5i6EYSi3DC18GJVj
YWpDJF+6HBJ88bwLilwcQ2VKHb8+GnzG7EvpehLG8W+2CgexSlfpzmjvkVFkv4+F
GB/RTJlRdOja50qtXvuSEGDUs9zE0WaOyYXMdGHt/JWt
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:43:16 2024 by rpki-client on console-ams.rpki-client.org