Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KZQs-rpi04JAnLZAHKbaQOwLreI.roa
File: KZQs-rpi04JAnLZAHKbaQOwLreI.roa (raw, json)
Hash identifier: 7GeyNa0yVP1JTdau23b/LwOjbDsVCuts8V8Xvv6nPH8=
Subject key identifier: 29:94:2C:FA:BA:62:D3:82:40:9C:B6:40:1C:A6:DA:40:EC:0B:AD:E2
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018F0564460A9D3EA1F16D3D4C9722841ACA
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KZQs-rpi04JAnLZAHKbaQOwLreI.roa
Signing time: Mon 22 Apr 2024 10:40:08 +0000
ROA not before: Mon 22 Apr 2024 10:40:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 85.204.127.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 09:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:64:46:0a:9d:3e:a1:f1:6d:3d:4c:97:22:84:1a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Apr 22 10:40:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29942cfaba62d382409cb6401ca6da40ec0bade2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:48:10:2e:5b:9f:28:ae:6a:e8:e4:fc:97:71:
dd:f0:bc:fd:8f:9b:b1:63:5e:5d:e3:10:b8:d4:53:
a9:7e:c6:7d:cc:b6:d4:f6:06:95:ca:71:63:89:74:
f8:bb:0f:32:f4:95:d0:a2:9d:2b:ba:9b:56:f3:2b:
a9:eb:d9:e4:a7:52:e0:e0:26:fb:3e:7d:5a:e2:d8:
30:98:3c:58:b9:cd:90:05:69:06:24:e0:d7:4c:ca:
8c:4a:e5:8b:88:45:09:d9:06:47:05:23:4f:6f:81:
90:98:8f:21:e8:cd:76:c2:40:ab:43:4a:e8:cc:74:
c3:8a:1d:4f:40:52:a2:9f:1b:ef:67:16:ef:80:e3:
52:a1:b3:bd:74:a5:34:83:8a:13:83:a3:1c:57:8f:
49:7c:5d:76:aa:80:c9:fe:a5:e4:de:f5:cb:da:34:
47:20:4a:a8:df:ec:7c:50:df:82:6c:3e:2f:90:3f:
bf:84:dc:f4:e5:72:6c:73:84:d4:0d:a7:85:39:77:
84:3c:f8:b8:89:23:c9:cd:73:2c:c7:b3:1e:8f:a1:
c7:97:40:37:fa:5d:00:54:45:b2:50:b2:d0:68:31:
25:23:36:ad:16:72:c4:e1:a6:f8:6b:7f:b3:db:62:
f4:1e:a7:3b:fa:9d:9f:3b:da:40:6f:ba:c9:60:72:
78:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:94:2C:FA:BA:62:D3:82:40:9C:B6:40:1C:A6:DA:40:EC:0B:AD:E2
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KZQs-rpi04JAnLZAHKbaQOwLreI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.127.0/24
89.33.163.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:5e:1e:77:cf:8d:0e:26:32:cb:75:d8:24:55:9d:28:fa:95:
27:77:a4:87:0c:41:be:9a:03:83:96:51:1a:cc:96:5d:da:07:
db:d5:ae:db:df:eb:65:b7:d6:d3:a0:bb:ad:f2:e4:42:35:f1:
71:cf:32:dc:06:48:92:6f:ff:c2:23:cf:6c:88:20:2b:9b:9c:
bf:6f:7c:80:93:62:1e:3d:4b:78:b3:5a:2c:3e:a1:13:81:89:
61:07:d3:4b:e1:40:4f:5e:df:90:1a:54:41:eb:d3:9b:00:06:
6a:1b:34:cd:7e:5f:a4:e8:8f:d4:dd:2b:97:8e:04:a9:2b:71:
17:b8:96:54:40:f4:9a:21:20:08:3b:f2:00:93:70:b0:35:51:
45:c4:c6:1c:48:ae:d1:98:63:94:ba:c1:7f:f3:5b:fd:09:25:
79:e9:4d:6a:0d:1d:29:3e:b4:f0:8d:a2:f2:73:d9:ed:51:f0:
97:29:a3:bb:40:8e:cc:7e:05:3c:74:bc:c5:04:71:f1:a5:89:
04:95:6f:a9:99:ef:1b:b7:70:39:95:f8:24:b0:e3:a4:40:d5:
d9:3d:48:8e:ae:11:eb:ee:8d:7f:32:9f:ef:e6:0e:ec:9e:ea:
42:61:24:ec:9e:e0:3a:61:ea:3a:19:75:2e:60:47:f7:a2:1e:
ec:2e:7d:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8FZEYKnT6h8W09TJcihBrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwNDIyMTA0MDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk0MmNmYWJhNjJkMzgyNDA5Y2I2NDAxY2E2ZGE0MGVjMGJhZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUgQLlufKK5q6OT8l3Hd8Lz9j5ux
Y15d4xC41FOpfsZ9zLbU9gaVynFjiXT4uw8y9JXQop0ruptW8yup69nkp1Lg4Cb7
Pn1a4tgwmDxYuc2QBWkGJODXTMqMSuWLiEUJ2QZHBSNPb4GQmI8h6M12wkCrQ0ro
zHTDih1PQFKinxvvZxbvgONSobO9dKU0g4oTg6McV49JfF12qoDJ/qXk3vXL2jRH
IEqo3+x8UN+CbD4vkD+/hNz05XJsc4TUDaeFOXeEPPi4iSPJzXMsx7Mej6HHl0A3
+l0AVEWyULLQaDElIzatFnLE4ab4a3+z22L0Hqc7+p2fO9pAb7rJYHJ4LQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCmULPq6YtOCQJy2QBym2kDsC63iMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvS1pRcy1ycGkwNEpBbkxaQUhLYmFRT3dMcmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcx/AwQA
WSGjMA0GCSqGSIb3DQEBCwUAA4IBAQCnXh53z40OJjLLddgkVZ0o+pUnd6SHDEG+
mgODllEazJZd2gfb1a7b3+tlt9bToLut8uRCNfFxzzLcBkiSb//CI89siCArm5y/
b3yAk2IePUt4s1osPqETgYlhB9NL4UBPXt+QGlRB69ObAAZqGzTNfl+k6I/U3SuX
jgSpK3EXuJZUQPSaISAIO/IAk3CwNVFFxMYcSK7RmGOUusF/81v9CSV56U1qDR0p
PrTwjaLyc9ntUfCXKaO7QI7MfgU8dLzFBHHxpYkElW+pme8bt3A5lfgksOOkQNXZ
PUiOrhHr7o1/Mp/v5g7snupCYSTsnuA6Yeo6GXUuYEf3oh7sLn1u
-----END CERTIFICATE-----
Generated at Sat May 18 13:42:45 2024 by rpki-client on console-fra.rpki-client.org