Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/zwAIxoWncOgPy74mMRZyX9FMwso.roa
File: zwAIxoWncOgPy74mMRZyX9FMwso.roa (raw, json)
Hash identifier: Jb5RYVWFEpTlZl+DH2GS+KeAhy8u7/fVJ7aRAWI9yvw=
Subject key identifier: CF:00:08:C6:85:A7:70:E8:0F:CB:BE:26:31:16:72:5F:D1:4C:C2:CA
Certificate issuer: /CN=5b5bff9d41f719f62600c32d3410ddb99eccb30c
Certificate serial: 01922974BA866E99B797D52251E18BCD399D
Authority key identifier: 5B:5B:FF:9D:41:F7:19:F6:26:00:C3:2D:34:10:DD:B9:9E:CC:B3:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1v_nUH3GfYmAMMtNBDduZ7Msww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/zwAIxoWncOgPy74mMRZyX9FMwso.roa
Signing time: Wed 25 Sep 2024 13:52:48 +0000
ROA not before: Wed 25 Sep 2024 13:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25228
IP address blocks: 78.138.4.0/22 maxlen: 22
78.138.36.0/22 maxlen: 22
83.229.52.0/22 maxlen: 22
83.229.100.0/24 maxlen: 24
83.229.101.0/24 maxlen: 24
83.229.102.0/24 maxlen: 24
185.115.108.0/22 maxlen: 22
213.255.212.0/22 maxlen: 22
213.255.220.0/22 maxlen: 22
213.255.232.0/22 maxlen: 22
213.255.236.0/22 maxlen: 22
213.255.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/W1v_nUH3GfYmAMMtNBDduZ7Msww.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/W1v_nUH3GfYmAMMtNBDduZ7Msww.mft
rsync://rpki.ripe.net/repository/DEFAULT/W1v_nUH3GfYmAMMtNBDduZ7Msww.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:74:ba:86:6e:99:b7:97:d5:22:51:e1:8b:cd:39:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b5bff9d41f719f62600c32d3410ddb99eccb30c
Validity
Not Before: Sep 25 13:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf0008c685a770e80fcbbe263116725fd14cc2ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:50:b3:5d:5c:5b:86:36:f3:89:eb:94:48:94:
1f:2e:dc:34:60:5b:10:d4:78:0b:37:bd:62:2e:76:
8a:a0:e2:38:1c:9d:45:69:1f:f4:51:4a:64:c7:79:
66:6d:ee:c0:17:58:d1:de:ad:25:9b:66:91:2d:27:
1d:4a:e2:b8:fe:c6:7a:b5:1a:cb:54:08:cc:4e:d0:
66:1b:e6:79:5a:55:0e:df:aa:e1:d4:cb:5c:cd:f4:
c2:e5:1b:d8:9e:57:60:19:83:c9:63:db:87:50:41:
14:ab:42:e3:cb:f7:ed:0b:ff:17:0f:9e:20:27:34:
06:6b:29:2a:30:a6:4c:98:03:3e:9f:1e:f5:93:9b:
15:45:20:7d:ee:8e:3e:7e:5e:8b:95:8b:48:4f:ae:
e6:79:4f:0c:dd:d5:07:e8:37:67:03:3d:00:f3:1e:
c5:7d:3e:b4:1f:5b:8b:a1:b7:87:3d:b8:92:27:41:
81:63:26:26:9a:e7:5a:48:94:35:01:cd:77:88:68:
a4:e7:d1:94:a7:78:99:8c:f4:94:37:4e:d2:b9:0c:
3c:4c:7b:35:d5:0b:01:67:81:93:90:d4:80:a7:03:
14:15:57:74:13:66:64:e9:4d:50:29:d5:d1:39:3e:
39:f9:70:a7:4c:78:93:0b:3c:ae:55:cc:dc:45:b1:
32:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:00:08:C6:85:A7:70:E8:0F:CB:BE:26:31:16:72:5F:D1:4C:C2:CA
X509v3 Authority Key Identifier:
keyid:5B:5B:FF:9D:41:F7:19:F6:26:00:C3:2D:34:10:DD:B9:9E:CC:B3:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1v_nUH3GfYmAMMtNBDduZ7Msww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/zwAIxoWncOgPy74mMRZyX9FMwso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/4f43fc-4187-4bb9-905a-f0c6258b9a04/1/W1v_nUH3GfYmAMMtNBDduZ7Msww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.4.0/22
78.138.36.0/22
83.229.52.0/22
83.229.100.0-83.229.102.255
185.115.108.0/22
213.255.212.0/22
213.255.220.0/22
213.255.232.0/21
213.255.252.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:0c:5a:82:d9:d2:ef:22:40:89:7a:3f:78:14:d8:25:2a:1e:
dc:80:98:a8:df:e0:c3:66:7c:ad:ed:92:df:e1:b9:98:63:f6:
af:d3:3b:c5:63:5e:48:82:54:81:34:37:1c:5e:bc:69:92:9a:
12:d6:ca:d5:88:db:5b:fb:90:1e:6d:71:c1:c7:c0:a3:bd:93:
38:39:5e:c8:84:a0:e7:4f:0e:5e:c0:a6:a4:f3:3c:89:ff:04:
80:22:b8:6c:d4:c0:8e:36:0e:d0:05:e6:0d:f6:d9:b5:5a:50:
e3:ba:03:de:c3:ec:c2:f3:7b:6b:c3:be:a5:41:99:b5:14:bd:
10:6a:e9:4d:93:dd:96:d8:3e:ad:3c:2b:76:04:30:81:8f:fa:
e9:ee:19:73:14:64:82:41:70:81:ac:76:01:61:c5:55:fb:bc:
f7:56:c3:a1:a8:b5:8d:c7:ba:35:ac:aa:b2:83:d3:df:5b:b5:
ca:21:e2:8c:47:5c:56:bc:9d:77:c0:d3:fc:93:d8:e2:bd:5d:
32:2a:b7:c9:93:0b:e7:2e:33:ef:9a:e0:ca:73:b8:b4:89:17:
5f:b4:ba:5b:ee:4e:54:8e:e0:d7:83:ba:46:7d:21:ef:11:53:
6d:97:ec:f0:12:06:cb:79:89:a3:ef:3c:26:74:bf:87:d5:96:
86:69:5b:e8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZIpdLqGbpm3l9UiUeGLzTmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNWJmZjlkNDFmNzE5ZjYyNjAwYzMyZDM0MTBkZGI5OWVj
Y2IzMGMwHhcNMjQwOTI1MTM1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjAwMDhjNjg1YTc3MGU4MGZjYmJlMjYzMTE2NzI1ZmQxNGNjMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllCzXVxbhjbzieuUSJQfLtw0YFsQ
1HgLN71iLnaKoOI4HJ1FaR/0UUpkx3lmbe7AF1jR3q0lm2aRLScdSuK4/sZ6tRrL
VAjMTtBmG+Z5WlUO36rh1MtczfTC5RvYnldgGYPJY9uHUEEUq0Ljy/ftC/8XD54g
JzQGaykqMKZMmAM+nx71k5sVRSB97o4+fl6LlYtIT67meU8M3dUH6DdnAz0A8x7F
fT60H1uLobeHPbiSJ0GBYyYmmudaSJQ1Ac13iGik59GUp3iZjPSUN07SuQw8THs1
1QsBZ4GTkNSApwMUFVd0E2Zk6U1QKdXROT45+XCnTHiTCzyuVczcRbEyAQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFM8ACMaFp3DoD8u+JjEWcl/RTMLKMB8GA1UdIwQY
MBaAFFtb/51B9xn2JgDDLTQQ3bmezLMMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzF2X25VSDNHZlltQU1NdE5CRGR1WjdNc3d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi80ZjQzZmMtNDE4Ny00YmI5LTkwNWEt
ZjBjNjI1OGI5YTA0LzEvendBSXhvV25jT2dQeTc0bU1SWnlYOUZNd3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi80ZjQzZmMtNDE4Ny00YmI5LTkwNWEtZjBjNjI1OGI5YTA0
LzEvVzF2X25VSDNHZlltQU1NdE5CRGR1WjdNc3d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCTooEAwQC
TookAwQCU+U0MAwDBAJT5WQDBABT5WYDBAK5c2wDBALV/9QDBALV/9wDBAPV/+gD
BALV//wwDQYJKoZIhvcNAQELBQADggEBAH0MWoLZ0u8iQIl6P3gU2CUqHtyAmKjf
4MNmfK3tkt/huZhj9q/TO8VjXkiCVIE0NxxevGmSmhLWytWI21v7kB5tccHHwKO9
kzg5XsiEoOdPDl7ApqTzPIn/BIAiuGzUwI42DtAF5g322bVaUOO6A97D7MLze2vD
vqVBmbUUvRBq6U2T3ZbYPq08K3YEMIGP+unuGXMUZIJBcIGsdgFhxVX7vPdWw6Go
tY3HujWsqrKD099btcoh4oxHXFa8nXfA0/yT2OK9XTIqt8mTC+cuM++a4MpzuLSJ
F1+0ulvuTlSO4NeDukZ9Ie8RU22X7PASBst5iaPvPCZ0v4fVloZpW+g=
-----END CERTIFICATE-----
Generated at Tue Nov 26 22:08:10 2024 by rpki-client on console-ams.rpki-client.org