Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/KFFA_gPkDLwQTldVO5wkU8JXzig.roa
File: KFFA_gPkDLwQTldVO5wkU8JXzig.roa (raw, json)
Hash identifier: LpzWagRlyPLbV0aIFWEtnWhixb71IpWsIFreOHJ4OiA=
Subject key identifier: 28:51:40:FE:03:E4:0C:BC:10:4E:57:55:3B:9C:24:53:C2:57:CE:28
Certificate issuer: /CN=6e15a4336d2f5e1bd60737de957968992a7470e9
Certificate serial: 018CCA99C88087F06A91C59D398A61FAE04F
Authority key identifier: 6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/KFFA_gPkDLwQTldVO5wkU8JXzig.roa
Signing time: Tue 02 Jan 2024 14:35:25 +0000
ROA not before: Tue 02 Jan 2024 14:35:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34944
IP address blocks: 91.201.84.0/23 maxlen: 23
2001:678:9d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.mft
rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:c8:80:87:f0:6a:91:c5:9d:39:8a:61:fa:e0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e15a4336d2f5e1bd60737de957968992a7470e9
Validity
Not Before: Jan 2 14:35:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=285140fe03e40cbc104e57553b9c2453c257ce28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:74:9e:bf:ad:84:2e:e9:28:4c:a0:61:df:9f:
16:35:c0:d0:79:c3:e5:91:17:d5:99:e3:e3:d9:dd:
38:11:c0:65:64:94:9a:c2:75:f0:a2:93:0c:7b:ba:
db:e8:9d:84:43:2b:ee:36:de:3e:c6:1a:f6:07:11:
cc:2d:25:dd:4c:7e:35:82:78:28:c8:22:d9:6a:32:
dd:3e:10:83:df:d7:8b:a2:e7:b0:71:c7:bd:59:7c:
3c:10:f0:7a:ee:ce:e0:38:a1:7f:08:3c:ae:d9:cf:
8b:87:64:1c:94:36:b1:bf:58:74:ca:77:31:3a:ed:
0b:3a:fa:43:00:48:f8:bd:35:4e:d1:0a:96:e6:2f:
54:6a:7c:51:a7:52:8d:6b:ad:f6:a8:24:d0:54:e0:
a3:ee:e8:2b:ad:35:b1:15:2c:ba:7d:39:8a:f9:0a:
1a:41:10:0a:52:af:fb:15:bc:39:1f:f5:45:73:5d:
c5:aa:ff:55:81:76:fd:20:4d:5d:11:85:e4:33:7a:
41:b4:c2:f6:62:48:e8:dc:cf:29:a8:0a:8f:98:59:
af:cc:09:17:c2:a4:84:76:af:80:bc:3a:50:59:c7:
25:29:ca:2b:9f:7c:b3:6e:3a:50:cc:6b:ea:16:ed:
22:19:02:83:21:34:14:29:83:5c:fd:fe:60:58:9e:
16:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:51:40:FE:03:E4:0C:BC:10:4E:57:55:3B:9C:24:53:C2:57:CE:28
X509v3 Authority Key Identifier:
keyid:6E:15:A4:33:6D:2F:5E:1B:D6:07:37:DE:95:79:68:99:2A:74:70:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bhWkM20vXhvWBzfelXlomSp0cOk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/KFFA_gPkDLwQTldVO5wkU8JXzig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/893850-a855-4a54-b5d0-8d5246a20245/1/bhWkM20vXhvWBzfelXlomSp0cOk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.84.0/23
IPv6:
2001:678:9d0::/48
Signature Algorithm: sha256WithRSAEncryption
67:f9:81:1c:b9:5a:a3:9c:fe:d3:e6:08:65:c7:af:b2:d2:fc:
e2:c6:55:56:20:ba:05:8e:da:86:e4:59:51:2c:b8:f5:b9:b7:
f9:99:8d:cf:bb:60:74:af:08:06:9a:5b:8a:0c:6e:eb:52:be:
08:a5:f2:a5:23:18:73:bd:12:cc:67:7c:60:50:47:69:c5:fd:
33:3e:f9:02:33:54:de:af:19:e5:f6:f6:f8:ed:39:5c:51:6c:
c8:43:e2:99:63:6f:99:c9:e8:a7:ec:83:6b:bb:e5:3c:58:bf:
9c:a3:e6:9b:65:2e:2d:85:88:0e:1a:4b:18:6e:50:da:0f:12:
2a:9d:40:83:43:99:f4:13:11:c6:da:e3:01:15:50:e6:e1:d4:
ad:90:8e:19:88:22:7c:c0:d6:25:e2:21:19:33:ec:b5:01:41:
56:eb:59:c8:f1:ef:ce:8f:91:86:f9:98:2a:34:df:a3:91:ae:
f2:5e:d0:ba:b9:09:c6:e6:45:06:17:68:fe:72:0f:d0:fb:9e:
29:eb:d6:01:0f:1b:92:d7:9a:0b:87:a3:0f:ab:e0:73:16:a9:
dc:7f:83:02:c7:b1:06:08:04:bb:63:ef:6a:83:8f:0b:84:7d:
08:77:2d:61:81:5d:f5:2c:3f:bb:c4:b7:0a:ef:6e:02:4f:d7:
e2:11:15:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKmciAh/BqkcWdOYph+uBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMTVhNDMzNmQyZjVlMWJkNjA3MzdkZTk1Nzk2ODk5MmE3
NDcwZTkwHhcNMjQwMTAyMTQzNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODUxNDBmZTAzZTQwY2JjMTA0ZTU3NTUzYjljMjQ1M2MyNTdjZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXSev62ELukoTKBh358WNcDQecPl
kRfVmePj2d04EcBlZJSawnXwopMMe7rb6J2EQyvuNt4+xhr2BxHMLSXdTH41gngo
yCLZajLdPhCD39eLouewcce9WXw8EPB67s7gOKF/CDyu2c+Lh2QclDaxv1h0yncx
Ou0LOvpDAEj4vTVO0QqW5i9UanxRp1KNa632qCTQVOCj7ugrrTWxFSy6fTmK+Qoa
QRAKUq/7Fbw5H/VFc13Fqv9VgXb9IE1dEYXkM3pBtML2Ykjo3M8pqAqPmFmvzAkX
wqSEdq+AvDpQWcclKcorn3yzbjpQzGvqFu0iGQKDITQUKYNc/f5gWJ4WVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFChRQP4D5Ay8EE5XVTucJFPCV84oMB8GA1UdIwQY
MBaAFG4VpDNtL14b1gc33pV5aJkqdHDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAt
OGQ1MjQ2YTIwMjQ1LzEvS0ZGQV9nUGtETHdRVGxkVk81d2tVOEpYemlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny84OTM4NTAtYTg1NS00YTU0LWI1ZDAtOGQ1MjQ2YTIwMjQ1
LzEvYmhXa00yMHZYaHZXQnpmZWxYbG9tU3AwY09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8lUMA8E
AgACMAkDBwAgAQZ4CdAwDQYJKoZIhvcNAQELBQADggEBAGf5gRy5WqOc/tPmCGXH
r7LS/OLGVVYgugWO2obkWVEsuPW5t/mZjc+7YHSvCAaaW4oMbutSvgil8qUjGHO9
EsxnfGBQR2nF/TM++QIzVN6vGeX29vjtOVxRbMhD4pljb5nJ6Kfsg2u75TxYv5yj
5ptlLi2FiA4aSxhuUNoPEiqdQINDmfQTEcba4wEVUObh1K2QjhmIInzA1iXiIRkz
7LUBQVbrWcjx786PkYb5mCo036ORrvJe0Lq5CcbmRQYXaP5yD9D7ninr1gEPG5LX
mguHow+r4HMWqdx/gwLHsQYIBLtj72qDjwuEfQh3LWGBXfUsP7vEtwrvbgJP1+IR
Fc8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:13:29 2024 by rpki-client on console-fra.rpki-client.org