Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/cca6c4-ec70-4405-a6a8-6eaa59b0d750/1/KmjbiHimHyCSJqDdxyTHZkugEG8.roa
File: KmjbiHimHyCSJqDdxyTHZkugEG8.roa (raw, json)
Hash identifier: Zrhax2xy9NJstkGQJu2b3a8/0keBQS8DGEbXxifWfvU=
Subject key identifier: 2A:68:DB:88:78:A6:1F:20:92:26:A0:DD:C7:24:C7:66:4B:A0:10:6F
Certificate issuer: /CN=e8464c8c167dd2c87aa3d88acbfae4c233ff77b0
Certificate serial: 019424B3C7E2F4C8126AEC17D685DA1D7929
Authority key identifier: E8:46:4C:8C:16:7D:D2:C8:7A:A3:D8:8A:CB:FA:E4:C2:33:FF:77:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EZMjBZ90sh6o9iKy_rkwjP_d7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/cca6c4-ec70-4405-a6a8-6eaa59b0d750/1/KmjbiHimHyCSJqDdxyTHZkugEG8.roa
Signing time: Thu 02 Jan 2025 01:49:09 +0000
ROA not before: Thu 02 Jan 2025 01:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8422
IP address blocks: 194.55.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/cca6c4-ec70-4405-a6a8-6eaa59b0d750/1/6EZMjBZ90sh6o9iKy_rkwjP_d7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/cca6c4-ec70-4405-a6a8-6eaa59b0d750/1/6EZMjBZ90sh6o9iKy_rkwjP_d7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/6EZMjBZ90sh6o9iKy_rkwjP_d7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c7:e2:f4:c8:12:6a:ec:17:d6:85:da:1d:79:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8464c8c167dd2c87aa3d88acbfae4c233ff77b0
Validity
Not Before: Jan 2 01:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a68db8878a61f209226a0ddc724c7664ba0106f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:56:c8:18:8f:b1:00:a3:09:e5:80:1a:d7:f2:
a1:1d:50:1b:90:4d:2d:bc:ec:cb:13:08:0d:fb:59:
1e:0b:0d:88:84:04:cd:d0:e9:0c:2b:03:91:2c:02:
c6:c3:f6:da:c3:72:27:73:67:5e:68:99:31:8d:85:
0d:15:4d:e0:19:37:16:06:1e:4c:e6:e4:2f:f1:2e:
9c:68:bc:fe:a2:3c:36:8c:65:90:60:d3:b2:29:9b:
37:9c:ed:3c:d8:f6:2a:ee:5e:86:aa:ed:1c:bd:c5:
db:fe:a9:e4:d8:1e:d2:af:69:99:07:64:4a:bf:69:
b8:e9:49:8f:fe:f7:b4:64:ee:3c:a9:31:ad:55:42:
e9:02:bf:bd:21:7b:e9:bd:86:b2:c1:dd:03:c2:64:
c0:3b:56:67:49:7d:e4:f5:35:5a:5b:4b:01:c7:52:
c3:20:47:96:c8:65:bf:ec:00:51:79:d0:80:53:4d:
96:4b:96:e2:ab:7f:44:bd:ba:44:f5:21:62:bd:0d:
46:67:5f:88:f1:75:d2:4a:24:23:d9:65:a9:3b:5a:
47:c1:b6:46:14:d0:1f:b8:ad:b3:fe:8a:44:bb:b2:
a6:f6:3d:fe:ba:f0:ad:11:bb:15:a1:24:3f:5a:69:
fc:31:e6:3c:2e:9c:95:6f:5a:31:4f:ae:5b:99:13:
b7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:68:DB:88:78:A6:1F:20:92:26:A0:DD:C7:24:C7:66:4B:A0:10:6F
X509v3 Authority Key Identifier:
keyid:E8:46:4C:8C:16:7D:D2:C8:7A:A3:D8:8A:CB:FA:E4:C2:33:FF:77:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EZMjBZ90sh6o9iKy_rkwjP_d7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/cca6c4-ec70-4405-a6a8-6eaa59b0d750/1/KmjbiHimHyCSJqDdxyTHZkugEG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/cca6c4-ec70-4405-a6a8-6eaa59b0d750/1/6EZMjBZ90sh6o9iKy_rkwjP_d7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.30.0/24
Signature Algorithm: sha256WithRSAEncryption
13:0c:72:51:6a:38:85:7d:3b:91:4c:51:db:de:62:83:2e:73:
d9:ed:54:43:d6:c2:60:ab:4b:6d:14:0f:b7:a0:c3:06:38:5b:
0b:a3:ba:6c:4a:9b:93:2a:c7:e1:1c:13:2b:56:a8:de:83:c1:
a7:10:18:8d:f1:d2:2f:50:08:a4:d6:cf:b5:ee:37:bc:ff:02:
a6:82:12:f7:65:a4:48:32:f9:19:8b:1c:a4:34:22:3c:da:89:
0d:59:22:a9:ac:53:50:0c:4f:3f:b7:a9:f0:a5:0f:f1:87:76:
6f:9e:f0:43:eb:c2:c1:a3:df:92:7a:04:47:c4:8b:09:1c:0e:
47:c0:14:f6:24:69:a3:00:49:d7:6c:09:28:e6:2a:fd:3d:f3:
a9:da:4d:1c:22:92:db:dd:c2:e3:9a:e8:99:88:ce:34:d7:15:
bf:d0:6c:4b:50:99:df:c8:2f:19:88:60:4b:4c:fa:aa:90:d1:
ba:97:cd:ae:f6:bb:0e:11:47:97:88:33:45:82:1c:01:ca:a7:
a7:9f:de:ed:3c:cd:b8:a9:bf:54:76:8e:70:97:09:f5:03:be:
23:65:42:01:51:67:75:21:12:52:f2:e2:05:07:20:af:ac:c4:
8d:cc:f1:62:24:db:98:2a:c6:68:15:d7:66:cb:1b:cc:4a:13:
e1:ef:be:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks8fi9MgSauwX1oXaHXkpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDY0YzhjMTY3ZGQyYzg3YWEzZDg4YWNiZmFlNGMyMzNm
Zjc3YjAwHhcNMjUwMTAyMDE0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY4ZGI4ODc4YTYxZjIwOTIyNmEwZGRjNzI0Yzc2NjRiYTAxMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFbIGI+xAKMJ5YAa1/KhHVAbkE0t
vOzLEwgN+1keCw2IhATN0OkMKwORLALGw/baw3Inc2deaJkxjYUNFU3gGTcWBh5M
5uQv8S6caLz+ojw2jGWQYNOyKZs3nO082PYq7l6Gqu0cvcXb/qnk2B7Sr2mZB2RK
v2m46UmP/ve0ZO48qTGtVULpAr+9IXvpvYaywd0DwmTAO1ZnSX3k9TVaW0sBx1LD
IEeWyGW/7ABRedCAU02WS5biq39EvbpE9SFivQ1GZ1+I8XXSSiQj2WWpO1pHwbZG
FNAfuK2z/opEu7Km9j3+uvCtEbsVoSQ/Wmn8MeY8LpyVb1oxT65bmRO38QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpo24h4ph8gkiag3cckx2ZLoBBvMB8GA1UdIwQY
MBaAFOhGTIwWfdLIeqPYisv65MIz/3ewMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVaTWpCWjkwc2g2bzlpS3lfcmt3alBfZDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jY2E2YzQtZWM3MC00NDA1LWE2YTgt
NmVhYTU5YjBkNzUwLzEvS21qYmlIaW1IeUNTSnFEZHh5VEhaa3VnRUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jY2E2YzQtZWM3MC00NDA1LWE2YTgtNmVhYTU5YjBkNzUw
LzEvNkVaTWpCWjkwc2g2bzlpS3lfcmt3alBfZDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjceMA0G
CSqGSIb3DQEBCwUAA4IBAQATDHJRajiFfTuRTFHb3mKDLnPZ7VRD1sJgq0ttFA+3
oMMGOFsLo7psSpuTKsfhHBMrVqjeg8GnEBiN8dIvUAik1s+17je8/wKmghL3ZaRI
MvkZixykNCI82okNWSKprFNQDE8/t6nwpQ/xh3ZvnvBD68LBo9+SegRHxIsJHA5H
wBT2JGmjAEnXbAko5ir9PfOp2k0cIpLb3cLjmuiZiM401xW/0GxLUJnfyC8ZiGBL
TPqqkNG6l82u9rsOEUeXiDNFghwByqenn97tPM24qb9Udo5wlwn1A74jZUIBUWd1
IRJS8uIFByCvrMSNzPFiJNuYKsZoFddmyxvMShPh776K
-----END CERTIFICATE-----
Generated at Sun Feb 2 14:56:37 2025 by rpki-client