Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/KVGzhURun_Z2Cbls6jKq8-siUnI.roa
File: KVGzhURun_Z2Cbls6jKq8-siUnI.roa (raw, json)
Hash identifier: ICdbcaL6JuM+fFFA7u9Ui1orbNqbZysTahR0X2YtQkM=
Subject key identifier: 29:51:B3:85:44:6E:9F:F6:76:09:B9:6C:EA:32:AA:F3:EB:22:52:72
Certificate issuer: /CN=a07f6e2b60ca464700dd8e28fba0daadc2c40ced
Certificate serial: 0194258F4221C5CEAB68D39D01AB4D513D88
Authority key identifier: A0:7F:6E:2B:60:CA:46:47:00:DD:8E:28:FB:A0:DA:AD:C2:C4:0C:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oH9uK2DKRkcA3Y4o-6DarcLEDO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/KVGzhURun_Z2Cbls6jKq8-siUnI.roa
Signing time: Thu 02 Jan 2025 05:48:53 +0000
ROA not before: Thu 02 Jan 2025 05:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210752
IP address blocks: 193.17.90.0/24 maxlen: 24
2a0c:f680::/29 maxlen: 29
2a0c:f680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oH9uK2DKRkcA3Y4o-6DarcLEDO0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oH9uK2DKRkcA3Y4o-6DarcLEDO0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oH9uK2DKRkcA3Y4o-6DarcLEDO0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:42:21:c5:ce:ab:68:d3:9d:01:ab:4d:51:3d:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a07f6e2b60ca464700dd8e28fba0daadc2c40ced
Validity
Not Before: Jan 2 05:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2951b385446e9ff67609b96cea32aaf3eb225272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1c:b5:08:b7:f4:57:03:83:7b:57:d6:cb:b3:
95:c9:ff:66:15:e0:0c:71:82:f0:44:b2:08:ca:30:
58:4a:f5:62:97:03:4c:31:eb:86:22:bc:6d:29:a5:
61:59:f3:3b:c2:90:3f:56:42:6d:80:29:38:00:8b:
43:3e:1b:9b:e6:b2:57:12:c3:80:87:ed:ed:7d:a6:
f3:c3:2d:87:15:71:eb:a2:d3:f1:27:3a:23:65:9d:
a2:7e:2c:d8:e7:d7:01:52:b8:58:27:79:e6:d0:be:
eb:25:e9:03:fa:91:26:e7:52:de:63:65:5d:ce:8a:
ea:9e:42:a0:dc:70:9d:fa:45:dd:da:9f:b5:4e:30:
ae:74:d0:ce:97:e8:58:65:03:63:b5:df:f8:ea:41:
4f:d4:4d:6a:44:85:d8:bb:06:8b:a9:c0:d7:12:52:
10:8c:a6:c1:e1:c5:a5:9b:6e:cb:3b:58:8a:8a:2d:
88:fd:7a:af:cc:b1:7c:3e:27:20:30:23:2c:9f:bd:
6c:6e:22:e1:f6:11:9a:3d:c9:18:fd:01:f6:13:d6:
5b:3f:12:3b:ad:d2:a1:b6:95:b2:b7:c7:21:ef:76:
4d:4f:d0:b4:1b:18:59:96:5c:2d:7a:aa:83:b0:43:
6b:8d:67:0e:8d:f2:ee:2f:da:de:e7:82:8b:96:f2:
60:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:51:B3:85:44:6E:9F:F6:76:09:B9:6C:EA:32:AA:F3:EB:22:52:72
X509v3 Authority Key Identifier:
keyid:A0:7F:6E:2B:60:CA:46:47:00:DD:8E:28:FB:A0:DA:AD:C2:C4:0C:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oH9uK2DKRkcA3Y4o-6DarcLEDO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/KVGzhURun_Z2Cbls6jKq8-siUnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a7ce9e-10fc-4bda-838b-bcb724bc2684/1/oH9uK2DKRkcA3Y4o-6DarcLEDO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.90.0/24
IPv6:
2a0c:f680::/29
Signature Algorithm: sha256WithRSAEncryption
66:13:88:d6:57:f8:30:6a:ef:bf:59:da:8c:fa:b1:35:2b:94:
30:3a:ef:33:1e:79:3b:e2:85:46:a2:b3:96:e5:05:d2:b6:f1:
0b:ce:82:62:8e:01:34:b7:2b:7f:38:b2:d2:b6:c7:e5:8e:d6:
3a:71:c1:c5:dc:07:69:30:4d:82:ae:60:4f:7e:23:0d:2b:9a:
45:e9:49:bd:71:e1:4b:25:22:52:16:c7:83:df:cc:85:14:60:
35:fd:c9:51:2a:f0:77:38:09:b7:01:f6:30:c5:ee:e4:41:0a:
c8:62:61:1a:a8:68:0c:10:05:7e:bb:c8:5e:ef:8a:37:0e:8f:
21:89:a9:20:78:15:bf:a9:f2:05:45:43:25:cd:b4:58:d0:ef:
84:a9:5a:48:70:fa:20:2d:56:3c:e5:e1:8d:00:43:18:ae:f7:
3b:f8:1f:4d:52:d3:2a:74:b7:dc:df:a9:f2:38:fb:98:46:2c:
01:fe:93:1b:ca:cf:14:3a:fb:68:17:bc:12:35:96:cf:22:47:
ca:7b:bb:8b:2c:db:a7:9d:3a:8f:c1:ea:4b:a6:90:2f:5d:dc:
a8:dc:a8:24:fd:57:ff:07:ae:5e:ee:ce:f2:d0:d1:a2:b8:fc:
07:01:e3:a3:47:12:dd:80:7b:56:5f:60:6f:94:99:8d:03:d0:
17:c6:f0:8a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj0Ihxc6raNOdAatNUT2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwN2Y2ZTJiNjBjYTQ2NDcwMGRkOGUyOGZiYTBkYWFkYzJj
NDBjZWQwHhcNMjUwMTAyMDU0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTUxYjM4NTQ0NmU5ZmY2NzYwOWI5NmNlYTMyYWFmM2ViMjI1MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhy1CLf0VwODe1fWy7OVyf9mFeAM
cYLwRLIIyjBYSvVilwNMMeuGIrxtKaVhWfM7wpA/VkJtgCk4AItDPhub5rJXEsOA
h+3tfabzwy2HFXHrotPxJzojZZ2ifizY59cBUrhYJ3nm0L7rJekD+pEm51LeY2Vd
zorqnkKg3HCd+kXd2p+1TjCudNDOl+hYZQNjtd/46kFP1E1qRIXYuwaLqcDXElIQ
jKbB4cWlm27LO1iKii2I/XqvzLF8PicgMCMsn71sbiLh9hGaPckY/QH2E9ZbPxI7
rdKhtpWyt8ch73ZNT9C0GxhZllwteqqDsENrjWcOjfLuL9re54KLlvJgBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFClRs4VEbp/2dgm5bOoyqvPrIlJyMB8GA1UdIwQY
MBaAFKB/bitgykZHAN2OKPug2q3CxAztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0g5dUsyREtSa2NBM1k0by02RGFyY0xFRE8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hN2NlOWUtMTBmYy00YmRhLTgzOGIt
YmNiNzI0YmMyNjg0LzEvS1ZHemhVUnVuX1oyQ2JsczZqS3E4LXNpVW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hN2NlOWUtMTBmYy00YmRhLTgzOGItYmNiNzI0YmMyNjg0
LzEvb0g5dUsyREtSa2NBM1k0by02RGFyY0xFRE8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwRFaMA0E
AgACMAcDBQMqDPaAMA0GCSqGSIb3DQEBCwUAA4IBAQBmE4jWV/gwau+/WdqM+rE1
K5QwOu8zHnk74oVGorOW5QXStvELzoJijgE0tyt/OLLStsfljtY6ccHF3AdpME2C
rmBPfiMNK5pF6Um9ceFLJSJSFseD38yFFGA1/clRKvB3OAm3AfYwxe7kQQrIYmEa
qGgMEAV+u8he74o3Do8hiakgeBW/qfIFRUMlzbRY0O+EqVpIcPogLVY85eGNAEMY
rvc7+B9NUtMqdLfc36nyOPuYRiwB/pMbys8UOvtoF7wSNZbPIkfKe7uLLNunnTqP
wepLppAvXdyo3Kgk/Vf/B65e7s7y0NGiuPwHAeOjRxLdgHtWX2BvlJmNA9AXxvCK
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:52:52 2025 by rpki-client