Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KBD-708NE-bI3R1OrAiIsWXGaU4.roa
File: KBD-708NE-bI3R1OrAiIsWXGaU4.roa (raw, json)
Hash identifier: UrXTY+XPkJbJtklMAGHu3gWYCpDpaDVpmgFk7IYoHCs=
Subject key identifier: 28:10:FE:EF:4F:0D:13:E6:C8:DD:1D:4E:AC:08:88:B1:65:C6:69:4E
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019348E2E6F22FE6CBC38465D3BA9AE6A5E4
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KBD-708NE-bI3R1OrAiIsWXGaU4.roa
Signing time: Wed 20 Nov 2024 09:24:10 +0000
ROA not before: Wed 20 Nov 2024 09:24:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 45.8.211.0/24 maxlen: 24
45.142.120.0/24 maxlen: 24
185.174.138.0/24 maxlen: 24
185.221.160.0/24 maxlen: 24
194.53.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:48:e2:e6:f2:2f:e6:cb:c3:84:65:d3:ba:9a:e6:a5:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Nov 20 09:24:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2810feef4f0d13e6c8dd1d4eac0888b165c6694e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:78:3b:18:f0:f0:2e:d1:5c:45:ac:23:27:4d:
1b:b2:1f:78:79:7c:24:2f:a8:23:2d:a6:9e:e5:e5:
a9:57:42:30:88:9f:80:d2:50:91:a1:f3:8e:bf:27:
d9:93:fe:d2:87:4d:24:ca:b1:d8:74:41:b9:3c:c2:
d4:4c:00:e6:b1:89:b2:98:cf:d1:e6:4c:b0:2a:81:
51:10:b9:75:cb:08:7f:6c:92:31:d2:5b:1d:42:b1:
a3:a7:14:69:d0:c2:76:d3:77:02:de:3f:8f:31:b3:
65:6c:b4:42:9f:45:d1:01:0b:ba:91:9e:09:57:9b:
99:3b:c6:29:72:e6:66:72:22:c2:f8:b1:44:9b:61:
12:e3:54:03:e1:b5:83:1c:ce:1c:73:22:94:2a:ab:
24:c6:9b:36:9c:d4:4c:40:85:73:43:34:bd:dc:6b:
72:83:16:8e:b4:ec:d0:41:9b:ef:75:7d:49:c8:9c:
9e:6e:42:f6:65:d5:5b:5a:b9:34:93:6c:bd:c0:e8:
60:73:8c:29:2d:c4:41:d0:7f:79:e7:ca:1a:c3:85:
41:21:8e:55:c2:8b:da:21:ed:ad:17:4f:02:ff:8a:
fe:d9:ca:5d:bf:1c:11:eb:fe:37:39:a0:29:02:e7:
f5:fd:a2:6a:53:a0:c3:8a:18:73:9d:16:1a:3b:03:
62:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:10:FE:EF:4F:0D:13:E6:C8:DD:1D:4E:AC:08:88:B1:65:C6:69:4E
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KBD-708NE-bI3R1OrAiIsWXGaU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.211.0/24
45.142.120.0/24
185.174.138.0/24
185.221.160.0/24
194.53.53.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:c7:06:e2:16:e2:08:75:f8:f5:94:87:bf:c9:5c:e7:f5:42:
73:4e:f2:1d:91:3d:c5:00:80:5f:08:24:76:02:e0:7c:af:55:
08:cb:70:f1:96:45:1f:05:67:89:6f:05:26:dc:3e:ab:2e:02:
5c:dd:72:4a:1e:75:b5:e7:8f:f7:cd:77:74:39:c2:e0:b5:82:
f9:0c:ba:19:ca:63:b7:fe:06:ba:6c:31:36:65:52:9b:30:c3:
b3:d3:17:81:fe:64:01:8a:1a:d3:7d:14:28:1d:9f:2a:25:b4:
59:35:52:93:b6:93:0d:94:5a:c9:9f:0b:66:47:03:22:ed:07:
d7:89:d5:5c:d7:9a:d6:34:24:7c:91:e3:fa:ce:c8:d5:26:80:
2c:9e:4b:72:0e:21:d9:53:62:0a:77:84:69:97:f3:3b:9b:56:
af:0e:80:e2:a1:a4:d1:7c:f7:8b:3d:a9:29:64:52:7b:68:c8:
62:da:b1:2f:04:a4:10:ea:76:d2:2c:be:49:35:5e:21:13:41:
ed:b5:56:48:24:42:86:7d:09:da:e7:bc:55:36:19:bd:31:3c:
5c:dd:5c:6f:44:9a:85:2a:5d:4e:f2:8f:60:96:da:4d:8c:4d:
3d:ba:20:a9:2e:aa:30:98:ab:05:01:45:c7:e7:73:ac:f8:e5:
55:3d:50:3f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZNI4ubyL+bLw4Rl07qa5qXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQxMTIwMDkyNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODEwZmVlZjRmMGQxM2U2YzhkZDFkNGVhYzA4ODhiMTY1YzY2OTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXg7GPDwLtFcRawjJ00bsh94eXwk
L6gjLaae5eWpV0IwiJ+A0lCRofOOvyfZk/7Sh00kyrHYdEG5PMLUTADmsYmymM/R
5kywKoFRELl1ywh/bJIx0lsdQrGjpxRp0MJ203cC3j+PMbNlbLRCn0XRAQu6kZ4J
V5uZO8YpcuZmciLC+LFEm2ES41QD4bWDHM4ccyKUKqskxps2nNRMQIVzQzS93Gty
gxaOtOzQQZvvdX1JyJyebkL2ZdVbWrk0k2y9wOhgc4wpLcRB0H9558oaw4VBIY5V
wovaIe2tF08C/4r+2cpdvxwR6/43OaApAuf1/aJqU6DDihhznRYaOwNi6wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCgQ/u9PDRPmyN0dTqwIiLFlxmlOMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvS0JELTcwOE5FLWJJM1IxT3JBaUlzV1hHYVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQjTAwQA
LY54AwQAua6KAwQAud2gAwQAwjU1MA0GCSqGSIb3DQEBCwUAA4IBAQCbxwbiFuII
dfj1lIe/yVzn9UJzTvIdkT3FAIBfCCR2AuB8r1UIy3DxlkUfBWeJbwUm3D6rLgJc
3XJKHnW154/3zXd0OcLgtYL5DLoZymO3/ga6bDE2ZVKbMMOz0xeB/mQBihrTfRQo
HZ8qJbRZNVKTtpMNlFrJnwtmRwMi7QfXidVc15rWNCR8keP6zsjVJoAsnktyDiHZ
U2IKd4Rpl/M7m1avDoDioaTRfPeLPakpZFJ7aMhi2rEvBKQQ6nbSLL5JNV4hE0Ht
tVZIJEKGfQna57xVNhm9MTxc3VxvRJqFKl1O8o9gltpNjE09uiCpLqowmKsFAUXH
53Os+OVVPVA/
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:40:27 2024 by rpki-client on console-fra.rpki-client.org