Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/KP2_oc8mgsgfljoO1nuvZhPkZ0Y.roa
File: KP2_oc8mgsgfljoO1nuvZhPkZ0Y.roa (raw, json)
Hash identifier: PSZpKzA/dVK4VjiYCM36fNdW8Sa7IO0CzoAwBYd8p8Q=
Subject key identifier: 28:FD:BF:A1:CF:26:82:C8:1F:96:3A:0E:D6:7B:AF:66:13:E4:67:46
Certificate issuer: /CN=73e373fee780eeab2a90422d0ad514e084a8d611
Certificate serial: 01946E6D57B1BD90D8F1F8A5F83BE1B7186A
Authority key identifier: 73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/KP2_oc8mgsgfljoO1nuvZhPkZ0Y.roa
Signing time: Thu 16 Jan 2025 09:24:06 +0000
ROA not before: Thu 16 Jan 2025 09:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200994
IP address blocks: 88.83.96.0/19 maxlen: 24
185.89.120.0/22 maxlen: 24
185.93.5.0/24 maxlen: 24
195.80.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.mft
rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:6d:57:b1:bd:90:d8:f1:f8:a5:f8:3b:e1:b7:18:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e373fee780eeab2a90422d0ad514e084a8d611
Validity
Not Before: Jan 16 09:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28fdbfa1cf2682c81f963a0ed67baf6613e46746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:65:46:8b:98:ef:34:56:dc:6e:2d:16:81:c9:
c3:29:42:3c:f7:4b:c8:5e:ca:23:72:5d:19:c4:1b:
05:62:03:db:c3:51:d8:80:3d:24:a0:72:3b:99:be:
32:35:49:66:0c:20:7f:63:1e:14:d6:31:2a:1f:04:
a9:0d:10:34:7f:f7:34:e3:97:9b:dd:d4:51:ed:19:
76:34:d7:b3:51:78:6a:bb:2e:84:7a:1b:e0:d9:b1:
54:0f:27:73:71:ba:34:10:65:bf:e2:65:b0:7a:03:
d4:f6:4d:17:c7:8e:ab:ef:70:27:41:6f:7c:85:85:
a8:c4:f9:a8:3a:18:b3:70:29:13:62:7e:50:03:e3:
32:75:90:63:37:f1:12:88:aa:f9:c1:fc:c8:4a:44:
c8:9f:c4:37:fd:23:5e:e0:f0:39:2d:9a:f2:50:bc:
6e:e8:13:27:8b:bc:89:8f:64:29:b0:c1:77:e2:a1:
de:8e:7f:f6:44:da:e4:2d:8e:b2:06:e7:b7:0d:41:
44:47:28:81:6f:40:cd:e3:58:f9:89:cf:93:86:5b:
cd:b5:8c:47:aa:f4:63:89:9a:6a:4e:35:14:89:94:
63:7a:56:e9:d3:94:11:b5:ff:c5:5b:b2:52:da:58:
a8:09:6f:6e:93:34:a8:cb:06:23:12:5a:92:4e:3c:
c2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FD:BF:A1:CF:26:82:C8:1F:96:3A:0E:D6:7B:AF:66:13:E4:67:46
X509v3 Authority Key Identifier:
keyid:73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/KP2_oc8mgsgfljoO1nuvZhPkZ0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.83.96.0/19
185.89.120.0/22
185.93.5.0/24
195.80.0.0/19
Signature Algorithm: sha256WithRSAEncryption
c0:74:b3:59:e4:3a:df:dd:bb:01:dd:08:c9:53:57:27:ca:b7:
26:36:e8:c5:e2:fc:60:a9:ab:b3:63:12:3e:9b:9b:0a:6d:62:
fd:c2:b4:0a:8d:2b:c6:4a:2c:89:9d:de:19:0e:a7:95:23:5d:
a6:3d:0e:62:fd:71:26:c3:b1:24:35:a1:90:89:7b:74:23:d4:
ee:36:2c:63:43:d1:6e:aa:af:e8:97:3e:68:35:ba:cb:d0:37:
c5:51:12:25:85:e0:75:ef:15:be:92:79:75:a0:bd:1a:b0:5e:
9e:f9:13:2c:13:5c:0e:86:d1:8b:cd:cd:eb:99:2d:c2:7c:4e:
ce:22:ea:7e:d8:b0:ec:8e:cf:b0:60:5a:5c:84:eb:4b:e6:d8:
1f:0e:e4:93:4b:bf:91:44:d4:60:21:69:e9:d8:33:52:7f:9d:
a0:6f:b3:13:a2:07:71:a6:c7:28:0d:d6:8e:a6:78:96:de:31:
45:6d:f2:2f:2d:3a:4a:27:6b:ea:87:22:54:ac:5c:a9:99:3c:
8d:08:8f:b4:9a:d6:a6:34:e2:cc:ed:b7:8d:6c:c7:8c:3a:12:
d0:2c:5b:7d:40:9e:f9:05:ab:db:7a:93:bc:6d:62:e9:71:27:
81:83:74:c6:35:07:9f:ce:c1:4a:51:dc:ab:12:46:7f:e8:01:
91:4f:a1:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRubVexvZDY8fil+DvhtxhqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTM3M2ZlZTc4MGVlYWIyYTkwNDIyZDBhZDUxNGUwODRh
OGQ2MTEwHhcNMjUwMTE2MDkyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGZkYmZhMWNmMjY4MmM4MWY5NjNhMGVkNjdiYWY2NjEzZTQ2NzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mVGi5jvNFbcbi0WgcnDKUI890vI
Xsojcl0ZxBsFYgPbw1HYgD0koHI7mb4yNUlmDCB/Yx4U1jEqHwSpDRA0f/c045eb
3dRR7Rl2NNezUXhquy6Eehvg2bFUDydzcbo0EGW/4mWwegPU9k0Xx46r73AnQW98
hYWoxPmoOhizcCkTYn5QA+MydZBjN/ESiKr5wfzISkTIn8Q3/SNe4PA5LZryULxu
6BMni7yJj2QpsMF34qHejn/2RNrkLY6yBue3DUFERyiBb0DN41j5ic+ThlvNtYxH
qvRjiZpqTjUUiZRjelbp05QRtf/FW7JS2lioCW9ukzSoywYjElqSTjzCPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCj9v6HPJoLIH5Y6DtZ7r2YT5GdGMB8GA1UdIwQY
MBaAFHPjc/7ngO6rKpBCLQrVFOCEqNYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTIt
MDQxZmQ0YzZmZmQ0LzEvS1AyX29jOG1nc2dmbGpvTzFudXZaaFBrWjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTItMDQxZmQ0YzZmZmQ0
LzEvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFWFNgAwQC
uVl4AwQAuV0FAwQFw1AAMA0GCSqGSIb3DQEBCwUAA4IBAQDAdLNZ5Drf3bsB3QjJ
U1cnyrcmNujF4vxgqauzYxI+m5sKbWL9wrQKjSvGSiyJnd4ZDqeVI12mPQ5i/XEm
w7EkNaGQiXt0I9TuNixjQ9Fuqq/olz5oNbrL0DfFURIlheB17xW+knl1oL0asF6e
+RMsE1wOhtGLzc3rmS3CfE7OIup+2LDsjs+wYFpchOtL5tgfDuSTS7+RRNRgIWnp
2DNSf52gb7MTogdxpscoDdaOpniW3jFFbfIvLTpKJ2vqhyJUrFypmTyNCI+0mtam
NOLM7beNbMeMOhLQLFt9QJ75BavbepO8bWLpcSeBg3TGNQefzsFKUdyrEkZ/6AGR
T6Hk
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:02:39 2025 by rpki-client