Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/Kna09USdsFO1Iw16b28StSU9-MU.roa
File: Kna09USdsFO1Iw16b28StSU9-MU.roa (raw, json)
Hash identifier: roQQyGrvDon/ELbDt8ct2wOLsmKz5ddiz3szNeRcRp0=
Subject key identifier: 2A:76:B4:F5:44:9D:B0:53:B5:23:0D:7A:6F:6F:12:B5:25:3D:F8:C5
Certificate issuer: /CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Certificate serial: 0191927982EEB7DBFF94134DCF4FBBFDC8C6
Authority key identifier: 84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/Kna09USdsFO1Iw16b28StSU9-MU.roa
Signing time: Tue 27 Aug 2024 06:15:22 +0000
ROA not before: Tue 27 Aug 2024 06:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 46.235.88.0/21 maxlen: 24
62.204.48.0/24 maxlen: 24
77.75.224.0/24 maxlen: 24
79.110.229.0/24 maxlen: 24
88.85.224.0/19 maxlen: 24
146.19.71.0/24 maxlen: 24
176.98.32.0/22 maxlen: 24
176.241.184.0/21 maxlen: 24
178.20.144.0/21 maxlen: 24
185.10.112.0/22 maxlen: 24
193.105.25.0/24 maxlen: 24
193.242.127.0/24 maxlen: 24
194.104.226.0/24 maxlen: 24
212.12.160.0/19 maxlen: 24
212.12.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:92:79:82:ee:b7:db:ff:94:13:4d:cf:4f:bb:fd:c8:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Validity
Not Before: Aug 27 06:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a76b4f5449db053b5230d7a6f6f12b5253df8c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f0:3e:c1:f2:7b:34:45:9b:70:01:41:d1:e0:
0b:83:7e:f3:ae:e9:d2:1c:75:fa:ed:71:cb:8f:f0:
c3:97:f3:9f:81:ae:a2:39:cb:3e:2f:d5:a7:a7:a4:
a0:95:6a:20:fb:8b:8d:46:9a:9a:8c:91:e5:28:63:
9b:70:a3:bc:b2:fc:a7:69:4f:40:a0:c3:e7:bb:f1:
b8:d4:de:e2:ff:8b:31:99:ee:16:fa:05:38:2f:01:
a8:ef:ff:5b:3c:2e:d9:cb:0c:fa:ac:f3:47:2b:da:
15:59:f2:25:f2:fe:17:c3:79:61:08:44:90:50:33:
63:a9:71:93:3c:2f:23:b7:12:6c:c5:01:fd:1c:9c:
c5:20:40:03:96:db:b9:4f:6f:2a:fe:e7:46:55:54:
40:09:5f:3d:78:5d:46:59:b2:d2:d9:6b:ce:a5:6a:
eb:59:a5:1a:e8:ce:48:12:69:0a:87:31:c6:75:ef:
97:04:c7:59:34:5a:09:c7:1e:31:94:f8:08:71:24:
de:53:bb:52:78:26:b4:94:bd:58:bc:0d:0e:3e:cf:
a3:07:fa:6b:67:5c:e3:43:0d:bc:3c:79:45:a0:36:
1d:b6:4b:ed:a2:d0:d6:14:3e:eb:8a:c6:fc:6e:6a:
35:b4:9d:e5:30:4e:f8:a5:4d:7e:cd:e5:95:54:fb:
40:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:76:B4:F5:44:9D:B0:53:B5:23:0D:7A:6F:6F:12:B5:25:3D:F8:C5
X509v3 Authority Key Identifier:
keyid:84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/Kna09USdsFO1Iw16b28StSU9-MU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.88.0/21
62.204.48.0/24
77.75.224.0/24
79.110.229.0/24
88.85.224.0/19
146.19.71.0/24
176.98.32.0/22
176.241.184.0/21
178.20.144.0/21
185.10.112.0/22
193.105.25.0/24
193.242.127.0/24
194.104.226.0/24
212.12.160.0/19
Signature Algorithm: sha256WithRSAEncryption
33:3b:0c:bc:1a:70:39:18:ab:c7:2e:7e:29:53:d1:0d:46:ac:
26:e4:cc:73:19:12:08:d6:d9:6d:62:7e:99:8b:5d:83:a9:d1:
9d:5d:36:e8:51:25:01:f0:67:77:48:cb:33:a4:eb:15:1f:e2:
46:e8:ac:f4:80:01:05:3d:21:bb:47:a9:2f:3f:c5:7a:d0:b1:
ab:fe:58:e9:37:54:45:32:b9:4f:88:39:4a:bd:56:ca:98:0b:
e9:83:63:ee:ea:58:b9:b1:d5:64:09:b8:68:db:49:97:08:8f:
46:e7:b1:d4:85:34:87:60:d0:c5:11:18:c5:0d:03:16:ed:c3:
ef:43:ce:9d:7c:c4:7c:ea:12:0b:5d:ae:11:12:a5:54:65:0c:
cd:ab:3f:20:d1:a3:2c:6a:df:f5:63:3e:5b:20:ca:ed:58:43:
1d:84:55:ab:7c:19:64:43:66:da:3d:9e:93:32:ec:e7:21:93:
fa:65:e3:a1:ad:a4:41:be:e8:ff:18:d0:d9:ec:7e:46:4d:31:
cd:37:5f:5f:69:7e:a6:e8:0e:d2:cd:55:d8:05:de:4f:9a:6d:
d9:88:17:75:4e:ce:8e:df:a0:27:8d:b2:4b:7c:7c:ca:51:85:
7b:54:93:7b:14:e1:fe:47:c2:0c:35:b9:6f:8f:79:93:4a:19:
91:50:de:00
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZGSeYLut9v/lBNNz0+7/cjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDQ5MmRiOWNiYjBhMGViNmJmNjljMjVjODY5NjFmNDkx
ODNjOWIwHhcNMjQwODI3MDYxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTc2YjRmNTQ0OWRiMDUzYjUyMzBkN2E2ZjZmMTJiNTI1M2RmOGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvA+wfJ7NEWbcAFB0eALg37zrunS
HHX67XHLj/DDl/Ofga6iOcs+L9Wnp6SglWog+4uNRpqajJHlKGObcKO8svynaU9A
oMPnu/G41N7i/4sxme4W+gU4LwGo7/9bPC7Zywz6rPNHK9oVWfIl8v4Xw3lhCESQ
UDNjqXGTPC8jtxJsxQH9HJzFIEADltu5T28q/udGVVRACV89eF1GWbLS2WvOpWrr
WaUa6M5IEmkKhzHGde+XBMdZNFoJxx4xlPgIcSTeU7tSeCa0lL1YvA0OPs+jB/pr
Z1zjQw28PHlFoDYdtkvtotDWFD7risb8bmo1tJ3lME74pU1+zeWVVPtA3wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCp2tPVEnbBTtSMNem9vErUlPfjFMB8GA1UdIwQY
MBaAFIREktucuwoOtr9pwlyGlh9JGDybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTct
YTFlMGRiMWExN2RmLzEvS25hMDlVU2RzRk8xSXcxNmIyOFN0U1U5LU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTctYTFlMGRiMWExN2Rm
LzEvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQDLutYAwQA
PswwAwQATUvgAwQAT27lAwQFWFXgAwQAkhNHAwQCsGIgAwQDsPG4AwQDshSQAwQC
uQpwAwQAwWkZAwQAwfJ/AwQAwmjiAwQF1AygMA0GCSqGSIb3DQEBCwUAA4IBAQAz
Owy8GnA5GKvHLn4pU9ENRqwm5MxzGRII1tltYn6Zi12DqdGdXTboUSUB8Gd3SMsz
pOsVH+JG6Kz0gAEFPSG7R6kvP8V60LGr/ljpN1RFMrlPiDlKvVbKmAvpg2Pu6li5
sdVkCbho20mXCI9G57HUhTSHYNDFERjFDQMW7cPvQ86dfMR86hILXa4REqVUZQzN
qz8g0aMsat/1Yz5bIMrtWEMdhFWrfBlkQ2baPZ6TMuznIZP6ZeOhraRBvuj/GNDZ
7H5GTTHNN19faX6m6A7SzVXYBd5Pmm3ZiBd1Ts6O36AnjbJLfHzKUYV7VJN7FOH+
R8IMNblvj3mTShmRUN4A
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:02:31 2024 by rpki-client on console-ams.rpki-client.org