Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/kb-KEA3ZQd2MnkxgOKCpwGpH7ac.roa
File: kb-KEA3ZQd2MnkxgOKCpwGpH7ac.roa (raw, json)
Hash identifier: PVNmYw7m9lOZowA6tdOLawiD6fJdAXnNIKgq+V8sW40=
Subject key identifier: 91:BF:8A:10:0D:D9:41:DD:8C:9E:4C:60:38:A0:A9:C0:6A:47:ED:A7
Certificate issuer: /CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Certificate serial: 01942368FC1100540C509D011E589D25CA5B
Authority key identifier: 88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/kb-KEA3ZQd2MnkxgOKCpwGpH7ac.roa
Signing time: Wed 01 Jan 2025 19:47:50 +0000
ROA not before: Wed 01 Jan 2025 19:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60855
IP address blocks: 143.196.14.0/24 maxlen: 24
143.196.22.0/23 maxlen: 23
143.196.22.0/24 maxlen: 24
143.196.23.0/24 maxlen: 24
143.196.146.0/23 maxlen: 23
143.196.146.0/24 maxlen: 24
143.196.147.0/24 maxlen: 24
143.196.148.0/24 maxlen: 24
143.196.172.0/24 maxlen: 24
143.196.175.0/24 maxlen: 24
143.196.176.0/24 maxlen: 24
143.196.187.0/24 maxlen: 24
143.196.192.0/24 maxlen: 24
143.196.199.0/24 maxlen: 24
143.196.200.0/24 maxlen: 24
143.196.207.0/24 maxlen: 24
143.196.208.0/24 maxlen: 24
143.196.215.0/24 maxlen: 24
143.196.224.0/24 maxlen: 24
143.196.231.0/24 maxlen: 24
143.196.251.0/24 maxlen: 24
143.196.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 04:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:fc:11:00:54:0c:50:9d:01:1e:58:9d:25:ca:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Validity
Not Before: Jan 1 19:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91bf8a100dd941dd8c9e4c6038a0a9c06a47eda7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ab:6b:ec:54:a7:87:a9:53:0e:0a:18:75:d6:
3a:9c:74:bf:84:20:66:f1:48:72:d7:7d:3b:77:87:
de:32:77:d6:3e:51:a0:b3:72:b8:eb:02:36:d6:f8:
0e:0a:bb:18:c4:6f:5e:8c:7a:64:dd:48:9d:8f:78:
40:17:8e:c2:10:e0:20:62:be:07:44:23:a6:bf:0b:
f0:ba:bd:6a:6b:f0:94:a0:be:7a:93:eb:02:52:93:
a6:15:4d:11:16:a3:5a:e4:eb:ed:79:9a:01:6e:8b:
44:46:3e:ef:e4:7b:7c:65:b1:04:a7:b1:32:e0:75:
5d:e5:16:82:9b:ae:46:b4:8b:97:c2:01:ad:d8:8e:
25:9f:1b:f3:47:d5:43:9f:ff:3c:c7:d2:03:f4:c3:
72:59:27:16:a0:fd:6e:63:3e:ce:93:57:02:ee:62:
e3:23:39:27:77:a7:dd:07:21:9a:5b:3f:3f:75:8b:
8e:66:da:dd:e8:6a:f0:16:70:2d:14:d1:9e:0b:5c:
31:a0:cf:cb:0a:f4:7b:3e:b3:e0:82:3f:04:b1:41:
28:2e:9c:51:9a:3d:e5:07:fe:61:b4:61:7a:c1:3b:
35:53:7c:05:fc:9b:52:a1:18:41:c6:68:21:fa:ab:
a0:00:47:1b:25:19:52:73:5f:db:fe:bb:f2:a5:93:
40:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:BF:8A:10:0D:D9:41:DD:8C:9E:4C:60:38:A0:A9:C0:6A:47:ED:A7
X509v3 Authority Key Identifier:
keyid:88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/kb-KEA3ZQd2MnkxgOKCpwGpH7ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.196.14.0/24
143.196.22.0/23
143.196.146.0-143.196.148.255
143.196.172.0/24
143.196.175.0-143.196.176.255
143.196.187.0/24
143.196.192.0/24
143.196.199.0-143.196.200.255
143.196.207.0-143.196.208.255
143.196.215.0/24
143.196.224.0/24
143.196.231.0/24
143.196.251.0/24
143.196.255.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:c9:60:19:18:40:12:32:34:d2:c2:21:25:e0:e7:cc:e5:71:
40:ab:6d:79:d7:11:18:af:90:be:4b:d6:65:f7:32:da:43:d0:
d7:8f:86:c1:ee:61:06:a0:41:d5:04:26:cc:7a:d0:cf:71:db:
4e:da:c9:b7:80:a8:5c:ef:31:68:2d:3f:81:34:a0:20:a1:00:
44:4d:f8:60:17:4e:62:ef:2c:22:45:d8:87:57:02:df:e3:eb:
7c:6d:07:c3:e7:7f:69:85:54:02:95:9b:73:77:0a:69:40:a4:
17:74:48:85:3c:a0:cb:51:3e:2c:b4:52:63:77:d7:38:11:87:
4f:df:42:d2:07:58:d5:7e:ff:76:06:3e:f2:78:f9:66:c5:a6:
0a:ed:15:bc:22:4b:1d:9f:a9:bf:93:8a:a5:b5:38:24:43:6e:
25:88:80:ad:d5:e2:68:21:c6:be:3b:34:98:96:c2:2c:5d:f8:
6d:dd:96:97:d0:e0:27:64:43:bb:45:d6:21:be:3b:4c:6c:bd:
db:44:d9:ba:6c:a8:05:25:54:f7:fd:18:91:6e:67:32:ac:f6:
0a:d9:d5:62:e5:62:70:7f:dc:81:8a:43:c9:f5:6e:3a:bd:d4:
06:b5:8b:26:68:e2:6c:9b:27:37:e7:09:b4:81:be:29:48:de:
45:4b:ed:11
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZQjaPwRAFQMUJ0BHlidJcpbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWJkMTQwMjkyNGVjMmE2NDRlOGY1NGU2OTk0Y2I0YWM4
ZTI0YTYwHhcNMjUwMTAxMTk0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWJmOGExMDBkZDk0MWRkOGM5ZTRjNjAzOGEwYTljMDZhNDdlZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqtr7FSnh6lTDgoYddY6nHS/hCBm
8Uhy1307d4feMnfWPlGgs3K46wI21vgOCrsYxG9ejHpk3Uidj3hAF47CEOAgYr4H
RCOmvwvwur1qa/CUoL56k+sCUpOmFU0RFqNa5OvteZoBbotERj7v5Ht8ZbEEp7Ey
4HVd5RaCm65GtIuXwgGt2I4lnxvzR9VDn/88x9ID9MNyWScWoP1uYz7Ok1cC7mLj
Izknd6fdByGaWz8/dYuOZtrd6GrwFnAtFNGeC1wxoM/LCvR7PrPggj8EsUEoLpxR
mj3lB/5htGF6wTs1U3wF/JtSoRhBxmgh+qugAEcbJRlSc1/b/rvypZNA8wIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFJG/ihAN2UHdjJ5MYDigqcBqR+2nMB8GA1UdIwQY
MBaAFIgb0UApJOwqZE6PVOaZTLSsjiSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMt
N2EwYjE0NWNmNjJiLzEva2ItS0VBM1pRZDJNbmt4Z09LQ3B3R3BIN2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMtN2EwYjE0NWNmNjJi
LzEvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAI/EDgME
AY/EFjAMAwQBj8SSAwQAj8SUAwQAj8SsMAwDBACPxK8DBACPxLADBACPxLsDBACP
xMAwDAMEAI/ExwMEAI/EyDAMAwQAj8TPAwQAj8TQAwQAj8TXAwQAj8TgAwQAj8Tn
AwQAj8T7AwQAj8T/MA0GCSqGSIb3DQEBCwUAA4IBAQAbyWAZGEASMjTSwiEl4OfM
5XFAq2151xEYr5C+S9Zl9zLaQ9DXj4bB7mEGoEHVBCbMetDPcdtO2sm3gKhc7zFo
LT+BNKAgoQBETfhgF05i7ywiRdiHVwLf4+t8bQfD539phVQClZtzdwppQKQXdEiF
PKDLUT4stFJjd9c4EYdP30LSB1jVfv92Bj7yePlmxaYK7RW8Iksdn6m/k4qltTgk
Q24liICt1eJoIca+OzSYlsIsXfht3ZaX0OAnZEO7RdYhvjtMbL3bRNm6bKgFJVT3
/RiRbmcyrPYK2dVi5WJwf9yBikPJ9W46vdQGtYsmaOJsmyc35wm0gb4pSN5FS+0R
-----END CERTIFICATE-----
Generated at Mon Apr 14 14:34:56 2025 by rpki-client