Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/KQzuC7TEzVd8SYmxAqelUhEFYEQ.roa
File: KQzuC7TEzVd8SYmxAqelUhEFYEQ.roa (raw, json)
Hash identifier: zif3ZruXP6qs7u1JJizympbwHoKy2KqCPM2sHOoaH7o=
Subject key identifier: 29:0C:EE:0B:B4:C4:CD:57:7C:49:89:B1:02:A7:A5:52:11:05:60:44
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0191320577AD28475D9D74F298A0870F3678
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/KQzuC7TEzVd8SYmxAqelUhEFYEQ.roa
Signing time: Thu 08 Aug 2024 12:45:04 +0000
ROA not before: Thu 08 Aug 2024 12:45:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211373
IP address blocks: 89.44.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Dec 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:32:05:77:ad:28:47:5d:9d:74:f2:98:a0:87:0f:36:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 8 12:45:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=290cee0bb4c4cd577c4989b102a7a55211056044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5d:3b:8c:69:ca:9b:8c:fb:7a:9c:95:9b:42:
38:b7:ac:46:d2:53:c7:c7:57:b4:15:ed:5c:f5:86:
6c:1f:7d:42:06:b5:90:a2:4b:55:9f:db:30:e3:b3:
e4:78:45:cb:81:ab:b5:8e:e5:7b:ae:2f:25:52:d1:
a4:72:ef:44:af:ca:2b:87:8d:64:f9:94:9c:99:eb:
85:5e:45:27:9a:b1:1c:26:c7:b4:f0:49:f0:83:90:
24:33:b6:ee:cd:ba:df:fa:1e:ac:4e:23:5b:c5:75:
ac:1e:fa:69:3b:92:d2:f6:b4:05:9d:b0:5d:dc:0e:
d1:fb:37:0d:83:3e:bd:af:c3:cd:16:dc:4e:ea:da:
3c:2d:06:61:16:9d:e3:9d:5c:fb:1d:93:d7:ad:ed:
bf:da:fc:29:48:73:d3:cf:e8:99:68:0a:fd:62:68:
14:31:0c:8e:b3:50:80:2f:f0:59:8a:6b:d4:db:23:
5d:8e:7b:a4:fb:8f:03:eb:08:46:a5:0f:bd:ee:b3:
45:fe:5f:9f:da:25:ca:5a:bf:32:ed:4e:80:83:24:
56:62:98:44:0d:7f:4c:a2:1c:97:73:f2:f4:5c:2a:
94:54:67:5e:bb:23:2b:5d:ae:42:46:fe:af:d9:38:
92:bc:d0:ec:59:ce:fd:df:79:8e:d9:c0:d9:dc:e4:
a9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0C:EE:0B:B4:C4:CD:57:7C:49:89:B1:02:A7:A5:52:11:05:60:44
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/KQzuC7TEzVd8SYmxAqelUhEFYEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.102.0/24
Signature Algorithm: sha256WithRSAEncryption
17:48:90:ff:8d:30:25:ae:7e:c9:4e:0a:69:ac:ca:1a:0d:0b:
31:04:d5:02:fa:b4:9e:c9:ac:30:27:26:61:09:1d:f6:ab:c3:
35:b1:0d:bf:83:c7:f6:23:76:64:e1:51:68:fd:d7:2e:9c:e1:
40:85:e5:65:a7:ae:f6:df:ef:42:6b:a3:3e:58:75:6a:77:ce:
d8:68:47:50:b7:96:f3:df:29:95:3b:4e:91:75:09:2c:6a:ad:
82:4e:f9:33:c9:05:be:55:4d:60:0e:e1:a9:b3:78:f1:77:6d:
f9:22:4c:b1:52:20:da:f2:ce:24:9b:67:37:b6:20:dd:a0:ab:
70:f9:e3:4e:d2:c0:02:a0:e6:13:ab:f9:52:33:23:7d:6a:ce:
db:be:57:4f:b5:59:8c:bc:11:62:01:0f:7a:91:19:30:aa:9a:
3a:fc:f0:2e:64:26:55:ed:d5:d1:b8:a4:ce:f3:4d:d6:4e:77:
3c:2c:7c:9f:fb:da:b2:30:ae:28:2e:9e:d7:cc:c6:2a:19:1d:
0f:1a:2a:82:79:54:63:43:f0:87:7a:5a:b7:6a:e9:d7:99:fd:
5e:73:b0:87:55:c5:ef:b8:e6:97:26:9f:8d:80:8d:28:67:2b:
f1:3b:7b:12:bb:92:f0:60:96:a5:24:aa:8f:f1:43:e2:7e:fe:
ea:04:fc:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEyBXetKEddnXTymKCHDzZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODA4MTI0NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTBjZWUwYmI0YzRjZDU3N2M0OTg5YjEwMmE3YTU1MjExMDU2MDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF07jGnKm4z7epyVm0I4t6xG0lPH
x1e0Fe1c9YZsH31CBrWQoktVn9sw47PkeEXLgau1juV7ri8lUtGkcu9Er8orh41k
+ZScmeuFXkUnmrEcJse08Enwg5AkM7buzbrf+h6sTiNbxXWsHvppO5LS9rQFnbBd
3A7R+zcNgz69r8PNFtxO6to8LQZhFp3jnVz7HZPXre2/2vwpSHPTz+iZaAr9YmgU
MQyOs1CAL/BZimvU2yNdjnuk+48D6whGpQ+97rNF/l+f2iXKWr8y7U6AgyRWYphE
DX9MohyXc/L0XCqUVGdeuyMrXa5CRv6v2TiSvNDsWc7933mO2cDZ3OSppQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkM7gu0xM1XfEmJsQKnpVIRBWBEMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvS1F6dUM3VEV6VmQ4U1lteEFxZWxVaEVGWUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSxmMA0G
CSqGSIb3DQEBCwUAA4IBAQAXSJD/jTAlrn7JTgpprMoaDQsxBNUC+rSeyawwJyZh
CR32q8M1sQ2/g8f2I3Zk4VFo/dcunOFAheVlp6723+9Ca6M+WHVqd87YaEdQt5bz
3ymVO06RdQksaq2CTvkzyQW+VU1gDuGps3jxd235IkyxUiDa8s4km2c3tiDdoKtw
+eNO0sACoOYTq/lSMyN9as7bvldPtVmMvBFiAQ96kRkwqpo6/PAuZCZV7dXRuKTO
803WTnc8LHyf+9qyMK4oLp7XzMYqGR0PGiqCeVRjQ/CHelq3aunXmf1ec7CHVcXv
uOaXJp+NgI0oZyvxO3sSu5LwYJalJKqP8UPifv7qBPyn
-----END CERTIFICATE-----
Generated at Fri Dec 13 16:29:25 2024 by rpki-client on console-ams.rpki-client.org