Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6285f1-8c1d-4844-be0e-be8e651c51f6/1/KZF7nutfuUg5-YzRYz3twqYDF1I.roa
File: KZF7nutfuUg5-YzRYz3twqYDF1I.roa (raw, json)
Hash identifier: OKL2jGxl+5iRZQTpfuc851ODoSAmpXlUOJxvIRgbQuk=
Subject key identifier: 29:91:7B:9E:EB:5F:B9:48:39:F9:8C:D1:63:3D:ED:C2:A6:03:17:52
Certificate issuer: /CN=5eafc60f4d3409fb46c8a5bf95d3981f14a143b0
Certificate serial: 018CC5010E48D2BA1D683F665B21A87C1575
Authority key identifier: 5E:AF:C6:0F:4D:34:09:FB:46:C8:A5:BF:95:D3:98:1F:14:A1:43:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq_GD000CftGyKW_ldOYHxShQ7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/6285f1-8c1d-4844-be0e-be8e651c51f6/1/KZF7nutfuUg5-YzRYz3twqYDF1I.roa
Signing time: Mon 01 Jan 2024 12:30:29 +0000
ROA not before: Mon 01 Jan 2024 12:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206460
IP address blocks: 185.186.71.0/24 maxlen: 24
185.186.69.0/24 maxlen: 24
185.186.70.0/24 maxlen: 24
185.186.68.0/24 maxlen: 24
185.186.68.0/22 maxlen: 22
109.205.16.0/24 maxlen: 24
109.205.16.0/21 maxlen: 21
109.205.17.0/24 maxlen: 24
109.205.18.0/24 maxlen: 24
109.205.19.0/24 maxlen: 24
109.205.20.0/24 maxlen: 24
185.201.186.0/24 maxlen: 24
185.201.184.0/22 maxlen: 22
109.205.23.0/24 maxlen: 24
185.201.185.0/24 maxlen: 24
109.205.21.0/24 maxlen: 24
185.201.184.0/24 maxlen: 24
109.205.22.0/24 maxlen: 24
185.201.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/6285f1-8c1d-4844-be0e-be8e651c51f6/1/Xq_GD000CftGyKW_ldOYHxShQ7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/6285f1-8c1d-4844-be0e-be8e651c51f6/1/Xq_GD000CftGyKW_ldOYHxShQ7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xq_GD000CftGyKW_ldOYHxShQ7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0e:48:d2:ba:1d:68:3f:66:5b:21:a8:7c:15:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eafc60f4d3409fb46c8a5bf95d3981f14a143b0
Validity
Not Before: Jan 1 12:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29917b9eeb5fb94839f98cd1633dedc2a6031752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bd:da:d2:93:9c:a0:e4:43:66:cc:0f:40:6f:
4e:c0:c6:36:d1:f1:5c:42:b2:32:76:e1:31:f5:2f:
e0:61:5b:19:86:b7:60:42:e1:1a:7a:62:1d:61:0a:
2e:3d:4f:13:66:54:26:58:74:b1:4a:9d:80:5a:19:
89:15:cb:e2:49:1c:72:24:e3:d8:00:d0:2b:28:b0:
9d:17:14:68:c9:d9:e5:a5:3f:9b:2f:9e:e0:b6:24:
77:40:e5:ed:ae:2a:25:9b:6a:f8:73:cd:40:ea:b8:
c5:88:1b:ca:35:34:b0:3b:a8:ef:c3:ca:a2:8d:2d:
e8:06:a7:58:7a:82:d9:f5:70:0e:15:87:fe:42:4a:
6b:a3:95:5c:31:f4:58:34:3e:67:b6:82:3b:36:6c:
5e:c7:07:8d:71:bb:c7:7a:8c:99:ee:c7:a6:de:18:
c4:57:b3:60:2a:83:fe:b8:92:5c:63:f4:71:af:d7:
b4:1a:2d:50:1f:20:77:33:c9:03:54:f0:a7:3e:8c:
af:44:52:ec:b7:99:14:64:3a:2b:a2:ed:37:02:e8:
33:4f:03:29:71:49:82:9e:10:98:f0:46:18:dc:a5:
63:3c:6f:6c:5c:cb:2a:7f:04:c9:fb:68:53:9f:72:
e3:52:0d:98:3e:c6:fb:f1:3b:41:c1:74:48:b9:96:
72:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:91:7B:9E:EB:5F:B9:48:39:F9:8C:D1:63:3D:ED:C2:A6:03:17:52
X509v3 Authority Key Identifier:
keyid:5E:AF:C6:0F:4D:34:09:FB:46:C8:A5:BF:95:D3:98:1F:14:A1:43:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq_GD000CftGyKW_ldOYHxShQ7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6285f1-8c1d-4844-be0e-be8e651c51f6/1/KZF7nutfuUg5-YzRYz3twqYDF1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6285f1-8c1d-4844-be0e-be8e651c51f6/1/Xq_GD000CftGyKW_ldOYHxShQ7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.16.0/21
185.186.68.0/22
185.201.184.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:dc:c7:9b:9d:39:15:46:af:35:ef:96:d6:d7:1a:75:22:af:
31:bf:b0:05:9d:f9:01:17:01:70:ff:2b:2c:0e:53:70:d8:26:
00:7b:0c:48:73:44:78:1d:96:f4:53:74:ff:f2:c8:ff:07:ce:
dd:33:ff:1f:41:c4:dc:98:8b:9b:83:e8:8e:ed:80:8b:b9:63:
d9:ed:b0:10:a3:77:63:bf:0d:ed:78:61:35:38:6c:54:e2:93:
70:4f:c1:25:7c:0b:a2:c6:6f:51:4d:d0:2f:dd:01:f8:31:2c:
46:cc:08:3e:43:cf:75:af:bc:98:eb:ff:96:8a:1c:8b:d8:07:
ca:e0:44:75:bb:51:08:5b:3a:af:3c:18:e4:48:19:a0:d5:49:
ca:e0:66:a8:9f:b1:11:77:90:92:c1:c4:f1:8b:bf:16:d6:4f:
97:bb:56:34:2b:62:fb:bb:f0:fd:f4:83:fd:db:7d:9e:25:42:
0f:6d:95:fa:d1:14:5b:69:2f:fc:88:77:1f:51:1b:f3:56:0a:
86:2c:b2:cb:e7:45:59:19:95:ca:91:f6:e1:ec:63:35:0b:21:
88:3a:f0:d0:22:df:be:0f:94:78:e9:20:b5:89:97:b7:98:0f:
27:59:a7:cc:13:c8:74:02:4d:20:30:fc:5f:3c:9b:4d:98:fe:
b2:3f:4b:33
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFAQ5I0rodaD9mWyGofBV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYWZjNjBmNGQzNDA5ZmI0NmM4YTViZjk1ZDM5ODFmMTRh
MTQzYjAwHhcNMjQwMTAxMTIzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTkxN2I5ZWViNWZiOTQ4MzlmOThjZDE2MzNkZWRjMmE2MDMxNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL3a0pOcoORDZswPQG9OwMY20fFc
QrIyduEx9S/gYVsZhrdgQuEaemIdYQouPU8TZlQmWHSxSp2AWhmJFcviSRxyJOPY
ANArKLCdFxRoydnlpT+bL57gtiR3QOXtriolm2r4c81A6rjFiBvKNTSwO6jvw8qi
jS3oBqdYeoLZ9XAOFYf+Qkpro5VcMfRYND5ntoI7NmxexweNcbvHeoyZ7sem3hjE
V7NgKoP+uJJcY/Rxr9e0Gi1QHyB3M8kDVPCnPoyvRFLst5kUZDorou03AugzTwMp
cUmCnhCY8EYY3KVjPG9sXMsqfwTJ+2hTn3LjUg2YPsb78TtBwXRIuZZy7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCmRe57rX7lIOfmM0WM97cKmAxdSMB8GA1UdIwQY
MBaAFF6vxg9NNAn7Rsilv5XTmB8UoUOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFfR0QwMDBDZnRHeUtXX2xkT1lIeFNoUTdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82Mjg1ZjEtOGMxZC00ODQ0LWJlMGUt
YmU4ZTY1MWM1MWY2LzEvS1pGN251dGZ1VWc1LVl6Ull6M3R3cVlERjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82Mjg1ZjEtOGMxZC00ODQ0LWJlMGUtYmU4ZTY1MWM1MWY2
LzEvWHFfR0QwMDBDZnRHeUtXX2xkT1lIeFNoUTdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDbc0QAwQC
ubpEAwQCucm4MA0GCSqGSIb3DQEBCwUAA4IBAQAN3MebnTkVRq8175bW1xp1Iq8x
v7AFnfkBFwFw/yssDlNw2CYAewxIc0R4HZb0U3T/8sj/B87dM/8fQcTcmIubg+iO
7YCLuWPZ7bAQo3djvw3teGE1OGxU4pNwT8ElfAuixm9RTdAv3QH4MSxGzAg+Q891
r7yY6/+WihyL2AfK4ER1u1EIWzqvPBjkSBmg1UnK4Gaon7ERd5CSwcTxi78W1k+X
u1Y0K2L7u/D99IP9232eJUIPbZX60RRbaS/8iHcfURvzVgqGLLLL50VZGZXKkfbh
7GM1CyGIOvDQIt++D5R46SC1iZe3mA8nWafME8h0Ak0gMPxfPJtNmP6yP0sz
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:18:39 2024 by rpki-client on console-fra.rpki-client.org