Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KGBLnva5ARvlTLBSnmRFC4IAyUI.roa
File: KGBLnva5ARvlTLBSnmRFC4IAyUI.roa (raw, json)
Hash identifier: Rwy27//niGDT/nhip0lFyFMBKJj6gkq1XpSIJf0SfFE=
Subject key identifier: 28:60:4B:9E:F6:B9:01:1B:E5:4C:B0:52:9E:64:45:0B:82:00:C9:42
Certificate issuer: /CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Certificate serial: 018CC2DB18980648AAB5AE0E85204E5C3EB7
Authority key identifier: 29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KGBLnva5ARvlTLBSnmRFC4IAyUI.roa
Signing time: Mon 01 Jan 2024 02:29:47 +0000
ROA not before: Mon 01 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202590
IP address blocks: 2a04:5d00:70::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:18:98:06:48:aa:b5:ae:0e:85:20:4e:5c:3e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Validity
Not Before: Jan 1 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28604b9ef6b9011be54cb0529e64450b8200c942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:17:7d:42:64:fe:c0:79:e2:63:7e:f8:a2:fa:
3e:84:8b:25:f3:26:78:ee:3b:59:27:18:09:fe:a0:
57:64:ab:9a:40:7e:4d:95:64:89:b4:d6:ac:0a:1a:
7e:c7:0f:af:09:81:e5:11:81:ee:ba:f3:c3:84:6d:
ba:1b:5f:16:d2:8f:ef:0a:84:96:62:b3:ee:6a:ce:
3f:58:ae:37:ac:11:88:98:b3:95:02:ce:57:b7:5a:
21:a5:37:5a:da:4b:93:8b:dc:5f:ce:75:21:32:74:
8e:fd:f0:7c:f4:cd:ba:60:91:0e:d7:ca:2a:4a:56:
f2:ea:f2:5d:49:94:9c:2f:85:55:5b:6b:2c:66:f6:
cf:5c:72:74:28:9c:d5:1e:d6:85:9f:5f:86:f2:0e:
e9:b5:d9:df:ea:9d:65:c6:4f:6e:85:cb:d9:48:09:
19:64:96:b6:dd:64:e5:0d:bb:d9:87:dc:f2:ce:9f:
05:05:d9:ab:6a:a9:0b:62:3b:95:4f:2d:ad:b7:f0:
b6:85:0d:2f:e6:8d:d0:f0:8b:2c:a4:91:95:ef:fb:
6d:05:44:14:40:d1:e3:43:3a:89:70:80:96:c4:fd:
da:57:f8:88:79:68:81:66:bc:3f:58:36:e2:d4:61:
b5:7f:e3:9c:4b:47:cb:86:59:59:d9:a8:5c:39:04:
31:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:60:4B:9E:F6:B9:01:1B:E5:4C:B0:52:9E:64:45:0B:82:00:C9:42
X509v3 Authority Key Identifier:
keyid:29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KGBLnva5ARvlTLBSnmRFC4IAyUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5d00:70::/48
Signature Algorithm: sha256WithRSAEncryption
1a:11:d4:80:c5:5c:6b:81:31:f2:2e:be:73:d9:ae:d4:76:65:
a0:4c:7d:36:62:0c:19:3e:31:aa:fd:ce:13:53:50:16:6c:18:
0f:05:b7:1a:40:b0:c2:79:f1:3a:64:ce:3b:5a:7f:b7:cc:6b:
93:ef:1d:ee:4a:99:24:f4:77:02:c1:9e:81:e9:45:e5:e0:4b:
3f:41:4f:6f:e5:fe:a7:c3:57:8e:d2:c2:a9:5c:36:2d:fd:e6:
eb:0e:81:ed:45:d3:a5:c9:5c:ff:e6:76:eb:7b:fa:50:28:25:
e6:b7:fc:54:c7:1c:b3:80:0a:c7:29:28:9a:03:18:78:89:50:
df:ab:6b:f7:b7:66:a7:11:0d:d7:6d:8d:6c:e8:30:ae:35:01:
20:35:d4:ab:bc:8b:6d:5c:79:a4:81:91:9e:d3:8a:d2:b8:ad:
cd:c2:4d:9d:a6:cb:37:ab:aa:fe:31:9a:5c:8d:29:af:2d:ba:
a1:cc:91:65:13:0e:a4:6c:eb:39:9f:69:17:f0:97:56:13:e4:
1e:6b:9e:78:50:a5:76:2e:5e:94:ed:1f:54:3c:d0:27:61:49:
8d:bd:f4:d2:c4:18:f7:50:8c:25:ae:98:8e:f5:ab:dd:b9:ec:
13:78:4a:82:02:1e:18:f8:43:59:70:7c:f6:56:f3:c0:43:15:
b0:50:2d:6a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2xiYBkiqta4OhSBOXD63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MWYwYjczZTY3ZDYzYzVhNGM5MDQ2ODE0MTY2YTllMjE2
MjVmMjgwHhcNMjQwMTAxMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODYwNGI5ZWY2YjkwMTFiZTU0Y2IwNTI5ZTY0NDUwYjgyMDBjOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxd9QmT+wHniY374ovo+hIsl8yZ4
7jtZJxgJ/qBXZKuaQH5NlWSJtNasChp+xw+vCYHlEYHuuvPDhG26G18W0o/vCoSW
YrPuas4/WK43rBGImLOVAs5Xt1ohpTda2kuTi9xfznUhMnSO/fB89M26YJEO18oq
Slby6vJdSZScL4VVW2ssZvbPXHJ0KJzVHtaFn1+G8g7ptdnf6p1lxk9uhcvZSAkZ
ZJa23WTlDbvZh9zyzp8FBdmraqkLYjuVTy2tt/C2hQ0v5o3Q8IsspJGV7/ttBUQU
QNHjQzqJcICWxP3aV/iIeWiBZrw/WDbi1GG1f+OcS0fLhllZ2ahcOQQxTQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFChgS572uQEb5UywUp5kRQuCAMlCMB8GA1UdIwQY
MBaAFCkfC3PmfWPFpMkEaBQWap4hYl8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQt
MzhlZThmZDY0ZTdkLzEvS0dCTG52YTVBUnZsVExCU25tUkZDNElBeVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQtMzhlZThmZDY0ZTdk
LzEvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgRdAABw
MA0GCSqGSIb3DQEBCwUAA4IBAQAaEdSAxVxrgTHyLr5z2a7UdmWgTH02YgwZPjGq
/c4TU1AWbBgPBbcaQLDCefE6ZM47Wn+3zGuT7x3uSpkk9HcCwZ6B6UXl4Es/QU9v
5f6nw1eO0sKpXDYt/ebrDoHtRdOlyVz/5nbre/pQKCXmt/xUxxyzgArHKSiaAxh4
iVDfq2v3t2anEQ3XbY1s6DCuNQEgNdSrvIttXHmkgZGe04rSuK3Nwk2dpss3q6r+
MZpcjSmvLbqhzJFlEw6kbOs5n2kX8JdWE+Qea554UKV2Ll6U7R9UPNAnYUmNvfTS
xBj3UIwlrpiO9avduewTeEqCAh4Y+ENZcHz2VvPAQxWwUC1q
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:09 2024 by rpki-client on console-fra.rpki-client.org