Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bb1396-9c05-4e17-bbc5-77660501c478/1/KvmJrD9DEzMcZL3AHb7rXENgqyk.roa
File: KvmJrD9DEzMcZL3AHb7rXENgqyk.roa (raw, json)
Hash identifier: 2Y7wcao3/3E8sNQgm9cew3N1KpBiHml6SbSd4ejT9qc=
Subject key identifier: 2A:F9:89:AC:3F:43:13:33:1C:64:BD:C0:1D:BE:EB:5C:43:60:AB:29
Certificate issuer: /CN=dedf9a671bcf1789c1b5ac3630c741be560dada0
Certificate serial: 018CC64B13E7325CFD72385105C214D420AC
Authority key identifier: DE:DF:9A:67:1B:CF:17:89:C1:B5:AC:36:30:C7:41:BE:56:0D:AD:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3t-aZxvPF4nBtaw2MMdBvlYNraA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bb1396-9c05-4e17-bbc5-77660501c478/1/KvmJrD9DEzMcZL3AHb7rXENgqyk.roa
Signing time: Mon 01 Jan 2024 18:30:58 +0000
ROA not before: Mon 01 Jan 2024 18:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31497
IP address blocks: 193.16.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/bb1396-9c05-4e17-bbc5-77660501c478/1/3t-aZxvPF4nBtaw2MMdBvlYNraA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/bb1396-9c05-4e17-bbc5-77660501c478/1/3t-aZxvPF4nBtaw2MMdBvlYNraA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3t-aZxvPF4nBtaw2MMdBvlYNraA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:13:e7:32:5c:fd:72:38:51:05:c2:14:d4:20:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dedf9a671bcf1789c1b5ac3630c741be560dada0
Validity
Not Before: Jan 1 18:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2af989ac3f4313331c64bdc01dbeeb5c4360ab29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:41:9b:3f:c5:94:1a:04:eb:5a:9f:f9:42:7c:
f8:32:30:49:b1:aa:49:10:34:bd:03:72:97:7e:ec:
23:19:5f:25:99:c6:3e:c7:1e:4f:0a:8f:b9:e5:bb:
45:ed:06:d8:b4:3b:08:55:a3:28:1c:4f:e3:f6:e4:
04:a3:29:d9:61:94:0c:d6:cb:b2:5b:97:70:90:94:
27:a1:f1:65:78:35:b2:31:69:43:50:04:5f:a3:74:
fd:2c:65:a8:0b:71:e0:2d:c4:77:95:89:83:57:fa:
25:bd:97:c6:40:fe:a3:eb:45:67:36:30:5b:31:63:
63:b3:89:3e:d6:7d:a8:69:39:a9:65:ec:97:5e:5d:
fc:d3:ad:13:46:4a:01:9f:2a:1e:f0:cf:b0:e8:59:
64:3a:bc:9c:69:a7:30:3c:f3:de:6c:b0:35:61:ed:
6d:e5:a1:27:9c:36:10:e0:4b:84:86:e2:a1:c1:eb:
34:9e:75:6e:cd:b6:1e:c6:81:de:39:d2:f0:7a:e1:
e9:2d:9d:ed:ce:6c:0e:27:97:27:43:d7:52:45:26:
fc:49:36:f4:23:71:3f:0c:33:b3:17:66:b3:9a:bb:
15:16:75:f6:b8:e3:85:48:91:47:80:07:41:7d:f5:
6f:51:ca:59:da:bf:64:2d:ce:1a:81:c9:d4:6d:95:
03:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F9:89:AC:3F:43:13:33:1C:64:BD:C0:1D:BE:EB:5C:43:60:AB:29
X509v3 Authority Key Identifier:
keyid:DE:DF:9A:67:1B:CF:17:89:C1:B5:AC:36:30:C7:41:BE:56:0D:AD:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3t-aZxvPF4nBtaw2MMdBvlYNraA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bb1396-9c05-4e17-bbc5-77660501c478/1/KvmJrD9DEzMcZL3AHb7rXENgqyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bb1396-9c05-4e17-bbc5-77660501c478/1/3t-aZxvPF4nBtaw2MMdBvlYNraA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.103.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:48:a4:1e:ac:54:5e:fc:d3:70:aa:0b:0e:46:d7:91:a2:0f:
47:a8:b6:b2:83:16:6f:11:fd:66:64:71:e6:3a:19:04:c1:4e:
12:54:c7:2d:5e:71:a4:17:ac:a1:1d:69:84:35:d5:e2:ab:18:
c1:fb:16:fb:a0:ab:76:8b:22:25:65:6b:93:98:ed:a2:7d:e3:
0c:b0:e0:7b:b0:5a:3a:fc:33:28:33:4d:e3:a6:6f:75:ad:55:
c3:bc:ba:4f:22:dd:ae:0a:0c:91:72:b7:52:2e:e8:85:30:4b:
63:3d:b1:86:18:53:22:f8:9e:3b:34:9b:16:d6:a6:6f:18:5a:
e0:aa:8c:07:05:8c:0e:66:89:f3:c4:15:c7:ee:21:9c:d3:cd:
ce:67:f4:1e:70:94:8c:af:d5:46:64:c0:ec:46:90:0f:22:b5:
0d:70:ab:f6:17:69:bb:80:40:ce:64:f0:81:43:b7:fb:88:fa:
7c:5b:b0:ba:0c:b2:fe:d1:99:09:20:99:04:03:17:92:2c:fb:
f8:4b:33:97:8c:f2:6e:af:7e:d0:cf:84:1a:c3:3c:e1:c9:26:
ba:a5:52:58:09:4e:1e:f8:c6:f4:57:e5:9f:f0:6d:a5:bd:a4:
4b:49:c4:76:18:d2:f8:d8:17:e1:49:bc:f1:49:3a:6a:24:0f:
04:fc:90:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSxPnMlz9cjhRBcIU1CCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGY5YTY3MWJjZjE3ODljMWI1YWMzNjMwYzc0MWJlNTYw
ZGFkYTAwHhcNMjQwMTAxMTgzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWY5ODlhYzNmNDMxMzMzMWM2NGJkYzAxZGJlZWI1YzQzNjBhYjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0GbP8WUGgTrWp/5Qnz4MjBJsapJ
EDS9A3KXfuwjGV8lmcY+xx5PCo+55btF7QbYtDsIVaMoHE/j9uQEoynZYZQM1suy
W5dwkJQnofFleDWyMWlDUARfo3T9LGWoC3HgLcR3lYmDV/olvZfGQP6j60VnNjBb
MWNjs4k+1n2oaTmpZeyXXl38060TRkoBnyoe8M+w6FlkOrycaacwPPPebLA1Ye1t
5aEnnDYQ4EuEhuKhwes0nnVuzbYexoHeOdLweuHpLZ3tzmwOJ5cnQ9dSRSb8STb0
I3E/DDOzF2azmrsVFnX2uOOFSJFHgAdBffVvUcpZ2r9kLc4agcnUbZUDHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCr5iaw/QxMzHGS9wB2+61xDYKspMB8GA1UdIwQY
MBaAFN7fmmcbzxeJwbWsNjDHQb5WDa2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3QtYVp4dlBGNG5CdGF3Mk1NZEJ2bFlOcmFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iYjEzOTYtOWMwNS00ZTE3LWJiYzUt
Nzc2NjA1MDFjNDc4LzEvS3ZtSnJEOURFek1jWkwzQUhiN3JYRU5ncXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iYjEzOTYtOWMwNS00ZTE3LWJiYzUtNzc2NjA1MDFjNDc4
LzEvM3QtYVp4dlBGNG5CdGF3Mk1NZEJ2bFlOcmFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRBnMA0G
CSqGSIb3DQEBCwUAA4IBAQDESKQerFRe/NNwqgsORteRog9HqLaygxZvEf1mZHHm
OhkEwU4SVMctXnGkF6yhHWmENdXiqxjB+xb7oKt2iyIlZWuTmO2ifeMMsOB7sFo6
/DMoM03jpm91rVXDvLpPIt2uCgyRcrdSLuiFMEtjPbGGGFMi+J47NJsW1qZvGFrg
qowHBYwOZonzxBXH7iGc083OZ/QecJSMr9VGZMDsRpAPIrUNcKv2F2m7gEDOZPCB
Q7f7iPp8W7C6DLL+0ZkJIJkEAxeSLPv4SzOXjPJur37Qz4QawzzhySa6pVJYCU4e
+Mb0V+Wf8G2lvaRLScR2GNL42BfhSbzxSTpqJA8E/JD8
-----END CERTIFICATE-----
Generated at Sat Dec 28 02:58:14 2024 by rpki-client on console-ams.rpki-client.org