Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/KzB2ZS78khFNdB_CGCXy1WLNFHY.roa
File: KzB2ZS78khFNdB_CGCXy1WLNFHY.roa (raw, json)
Hash identifier: Z0zNhcTmjO69TAnMPnDwJB5erHhNYKFG3CbS8fWq10U=
Subject key identifier: 2B:30:76:65:2E:FC:92:11:4D:74:1F:C2:18:25:F2:D5:62:CD:14:76
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 018CC727606D3A9549D8DC1635009697FF48
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/KzB2ZS78khFNdB_CGCXy1WLNFHY.roa
Signing time: Mon 01 Jan 2024 22:31:35 +0000
ROA not before: Mon 01 Jan 2024 22:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199152
IP address blocks: 91.241.47.0/24 maxlen: 24
193.19.110.0/24 maxlen: 24
91.203.235.0/24 maxlen: 24
193.43.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:60:6d:3a:95:49:d8:dc:16:35:00:96:97:ff:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jan 1 22:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b3076652efc92114d741fc21825f2d562cd1476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:65:5a:6a:18:39:38:b7:1b:e1:e0:ae:e4:c8:
b4:c8:09:b6:32:1e:a8:18:7a:e0:bc:b4:0f:3d:ff:
2c:53:df:82:39:d3:b0:cd:3c:a8:4c:ab:45:66:cf:
2a:76:4b:5b:3f:03:40:e9:df:4f:21:c3:8b:9c:b6:
00:c7:c3:6a:d1:df:71:2b:67:0c:74:e6:89:a2:48:
75:64:a3:39:79:a9:7a:f0:1e:55:e8:1f:a8:e9:cc:
21:00:72:a9:e6:99:36:5a:3b:da:5a:fd:59:7d:6f:
10:fc:a0:b4:87:28:9e:b5:d3:77:9d:ca:32:7f:4d:
1f:27:9f:77:f0:9f:6d:af:46:38:f3:4d:7f:c0:97:
8a:b5:73:32:a0:0c:35:b2:0f:a8:1e:18:db:47:20:
ab:b1:67:9a:2c:7f:78:05:fe:2b:7b:d0:40:0f:aa:
37:28:07:2d:b6:7a:dc:9d:0b:c2:20:4e:02:64:16:
b9:16:c9:04:52:c5:7c:ed:bd:d7:ea:41:b5:a5:ef:
04:9b:30:e2:05:47:2e:40:4a:b6:bf:4e:b0:fb:ab:
b3:f7:2f:5c:8c:7e:4f:7e:88:75:10:50:e0:ff:93:
3a:11:6c:80:8d:87:f5:2f:d8:b7:81:41:1f:b6:cc:
a2:84:9d:fb:4f:8c:ee:4d:69:0b:a2:ba:95:b2:13:
f1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:30:76:65:2E:FC:92:11:4D:74:1F:C2:18:25:F2:D5:62:CD:14:76
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/KzB2ZS78khFNdB_CGCXy1WLNFHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.235.0/24
91.241.47.0/24
193.19.110.0/24
193.43.248.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:23:ea:7f:94:21:90:b5:a0:8e:1d:7c:dc:c8:72:ad:bc:09:
3f:e3:bc:a6:3e:52:d0:61:0d:6b:41:7d:d3:c9:c2:fc:d1:b1:
c2:82:29:a4:f8:a8:65:8e:a5:fe:aa:21:2a:cd:08:81:5b:07:
e8:ba:e4:05:2e:f3:47:56:c7:10:d7:36:98:0a:1a:1a:b3:b8:
ee:3d:90:67:82:84:f2:b7:89:5d:e4:49:8f:aa:fb:9f:70:cd:
ea:c1:3c:3f:fa:98:56:ee:95:71:0d:76:ba:a8:0d:62:68:a5:
4d:3d:44:7a:67:4f:79:01:70:c1:0d:ac:1b:6c:ea:6f:7d:a1:
98:49:90:95:95:2e:7c:64:8f:7b:66:75:5d:24:2a:26:51:7f:
5f:52:ba:a0:cd:bd:f2:64:5a:67:55:bd:78:9c:e0:59:fb:c8:
03:d9:f5:e3:a1:54:40:8f:3e:90:89:39:84:21:3b:e7:56:51:
07:00:43:3e:2f:89:79:4b:ee:32:06:9a:21:2f:c1:74:8f:e4:
03:51:52:62:b9:fe:05:37:a8:ec:f6:73:14:92:dc:22:28:12:
4f:bd:32:e3:5e:24:38:26:76:0a:60:b4:39:0b:ca:d6:85:19:
da:ef:21:88:3d:70:e0:f0:39:22:f2:91:55:c2:ce:6d:54:76:
e5:0d:a2:bb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHJ2BtOpVJ2NwWNQCWl/9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjQwMTAxMjIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjMwNzY2NTJlZmM5MjExNGQ3NDFmYzIxODI1ZjJkNTYyY2QxNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGVaahg5OLcb4eCu5Mi0yAm2Mh6o
GHrgvLQPPf8sU9+COdOwzTyoTKtFZs8qdktbPwNA6d9PIcOLnLYAx8Nq0d9xK2cM
dOaJokh1ZKM5eal68B5V6B+o6cwhAHKp5pk2WjvaWv1ZfW8Q/KC0hyietdN3ncoy
f00fJ5938J9tr0Y4801/wJeKtXMyoAw1sg+oHhjbRyCrsWeaLH94Bf4re9BAD6o3
KActtnrcnQvCIE4CZBa5FskEUsV87b3X6kG1pe8EmzDiBUcuQEq2v06w+6uz9y9c
jH5Pfoh1EFDg/5M6EWyAjYf1L9i3gUEftsyihJ37T4zuTWkLorqVshPx/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCswdmUu/JIRTXQfwhgl8tVizRR2MB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvS3pCMlpTNzhraEZOZEJfQ0dDWHkxV0xORkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8vrAwQA
W/EvAwQAwRNuAwQAwSv4MA0GCSqGSIb3DQEBCwUAA4IBAQB6I+p/lCGQtaCOHXzc
yHKtvAk/47ymPlLQYQ1rQX3TycL80bHCgimk+KhljqX+qiEqzQiBWwfouuQFLvNH
VscQ1zaYChoas7juPZBngoTyt4ld5EmPqvufcM3qwTw/+phW7pVxDXa6qA1iaKVN
PUR6Z095AXDBDawbbOpvfaGYSZCVlS58ZI97ZnVdJComUX9fUrqgzb3yZFpnVb14
nOBZ+8gD2fXjoVRAjz6QiTmEITvnVlEHAEM+L4l5S+4yBpohL8F0j+QDUVJiuf4F
N6js9nMUktwiKBJPvTLjXiQ4JnYKYLQ5C8rWhRna7yGIPXDg8Dki8pFVws5tVHbl
DaK7
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:45:50 2024 by rpki-client on console-ams.rpki-client.org