Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/PZwWB3-GjYeUOPRuIgR-B249Lss.roa
File: PZwWB3-GjYeUOPRuIgR-B249Lss.roa (raw, json)
Hash identifier: vWy7X8Zbsta3ka+s0sh3LLPxv/R415T+aw/A2NfuJnM=
Subject key identifier: 3D:9C:16:07:7F:86:8D:87:94:38:F4:6E:22:04:7E:07:6E:3D:2E:CB
Certificate issuer: /CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Certificate serial: 018CC42524CB4BC4EEAAAE601BA0766B3645
Authority key identifier: C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/PZwWB3-GjYeUOPRuIgR-B249Lss.roa
Signing time: Mon 01 Jan 2024 08:30:17 +0000
ROA not before: Mon 01 Jan 2024 08:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43824
IP address blocks: 185.127.125.0/24 maxlen: 24
185.127.124.0/24 maxlen: 24
185.127.127.0/24 maxlen: 24
185.127.126.0/24 maxlen: 24
193.27.233.0/24 maxlen: 24
193.27.232.0/24 maxlen: 24
193.27.235.0/24 maxlen: 24
193.27.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:24:cb:4b:c4:ee:aa:ae:60:1b:a0:76:6b:36:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Validity
Not Before: Jan 1 08:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d9c16077f868d879438f46e22047e076e3d2ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8c:65:f2:f9:ca:b6:3f:8c:c8:6d:72:b7:2a:
83:03:ed:b9:5b:52:46:27:ce:de:62:71:8a:36:e6:
67:c5:61:bf:32:ec:83:1e:aa:6e:3a:71:ed:aa:32:
e0:28:86:5c:92:00:b0:24:b1:18:6c:2c:88:33:f5:
dc:a1:c5:3c:78:2f:01:52:08:fe:3e:3f:6c:c5:87:
11:95:ef:eb:50:18:f8:af:37:f6:3d:f1:39:fb:c0:
48:2b:23:3c:45:1e:8f:ad:76:8c:48:00:41:fc:d2:
93:ea:5c:cc:2c:2d:68:1a:9e:4a:86:9d:39:85:e1:
e0:b4:ad:86:27:06:70:01:1e:76:70:5d:bd:23:50:
58:73:e8:58:b5:8a:dd:a7:42:64:14:c5:41:8f:5c:
50:2d:86:60:c4:60:cf:64:bd:2f:8a:41:a8:48:c5:
2a:87:fd:a6:41:4d:7f:64:4d:05:54:90:93:ec:48:
35:8a:40:63:c7:42:4f:6d:05:e6:cb:c7:23:e2:cb:
e5:61:03:4c:66:25:cd:a9:8b:7e:91:73:e3:91:8c:
34:70:97:1e:bd:6e:e9:96:3d:45:fd:1e:60:41:63:
8e:ee:12:01:ee:28:ed:8d:c6:d7:c8:1b:55:dd:19:
19:fb:e6:c4:94:99:fa:b6:4c:6b:39:8a:aa:0d:f9:
63:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9C:16:07:7F:86:8D:87:94:38:F4:6E:22:04:7E:07:6E:3D:2E:CB
X509v3 Authority Key Identifier:
keyid:C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/PZwWB3-GjYeUOPRuIgR-B249Lss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.124.0/22
193.27.232.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:a0:98:e4:67:7b:81:ca:86:c0:f4:2b:97:12:f7:ca:cb:f4:
01:a1:53:aa:02:45:0d:2b:2a:ba:bd:1c:f9:2c:4e:1d:9e:36:
da:fd:ba:b2:81:0d:bd:13:76:e4:15:c4:69:60:2a:7a:f1:c0:
7c:00:5f:d8:27:c0:23:84:0a:82:86:a9:d7:f0:c5:72:9d:15:
39:7a:64:dd:0e:2c:27:e2:84:5b:c5:91:19:1d:21:eb:42:e4:
a5:75:b0:f7:34:f6:36:96:df:1f:e2:b6:b4:73:81:8d:9f:f5:
d8:4c:03:19:93:4d:cc:06:7e:32:48:da:4c:25:95:59:61:f1:
50:c5:d2:b7:0b:73:83:05:66:0b:e7:4c:c9:6f:ed:4c:b7:2e:
ac:89:b7:91:79:fd:67:37:bb:54:cb:f4:ca:2b:ad:15:78:88:
ea:dc:1b:9b:8a:8f:5c:c4:f9:7a:0e:24:48:6e:99:a9:ca:1d:
48:ec:33:41:7d:5b:16:c1:d3:32:6d:59:c2:e8:1e:7d:a8:5c:
ac:e9:67:58:d4:f5:da:c1:42:d6:f8:64:ac:6b:a3:36:16:9c:
5f:ac:ec:8b:d3:64:30:69:97:4d:19:55:d5:51:df:b9:c8:c4:
f8:d0:ce:78:8a:3c:ca:e8:91:80:5f:f1:fe:d7:2a:71:6e:de:
b4:b3:82:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJSTLS8Tuqq5gG6B2azZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDI4NWRmNWIwMzllMGYwNGUyZGZlY2UyOGE1YThmYmVj
NmU5MzgwHhcNMjQwMTAxMDgzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDljMTYwNzdmODY4ZDg3OTQzOGY0NmUyMjA0N2UwNzZlM2QyZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioxl8vnKtj+MyG1ytyqDA+25W1JG
J87eYnGKNuZnxWG/MuyDHqpuOnHtqjLgKIZckgCwJLEYbCyIM/XcocU8eC8BUgj+
Pj9sxYcRle/rUBj4rzf2PfE5+8BIKyM8RR6PrXaMSABB/NKT6lzMLC1oGp5Khp05
heHgtK2GJwZwAR52cF29I1BYc+hYtYrdp0JkFMVBj1xQLYZgxGDPZL0vikGoSMUq
h/2mQU1/ZE0FVJCT7Eg1ikBjx0JPbQXmy8cj4svlYQNMZiXNqYt+kXPjkYw0cJce
vW7plj1F/R5gQWOO7hIB7ijtjcbXyBtV3RkZ++bElJn6tkxrOYqqDfljAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD2cFgd/ho2HlDj0biIEfgduPS7LMB8GA1UdIwQY
MBaAFMEChd9bA54PBOLf7OKKWo++xuk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUt
NTJhZmM3N2NhMThmLzEvUFp3V0IzLUdqWWVVT1BSdUlnUi1CMjQ5THNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUtNTJhZmM3N2NhMThm
LzEvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuX98AwQC
wRvoMA0GCSqGSIb3DQEBCwUAA4IBAQB7oJjkZ3uByobA9CuXEvfKy/QBoVOqAkUN
Kyq6vRz5LE4dnjba/bqygQ29E3bkFcRpYCp68cB8AF/YJ8AjhAqChqnX8MVynRU5
emTdDiwn4oRbxZEZHSHrQuSldbD3NPY2lt8f4ra0c4GNn/XYTAMZk03MBn4ySNpM
JZVZYfFQxdK3C3ODBWYL50zJb+1Mty6sibeRef1nN7tUy/TKK60VeIjq3Bubio9c
xPl6DiRIbpmpyh1I7DNBfVsWwdMybVnC6B59qFys6WdY1PXawULW+GSsa6M2Fpxf
rOyL02QwaZdNGVXVUd+5yMT40M54ijzK6JGAX/H+1ypxbt60s4ID
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:05:41 2024 by rpki-client on console-fra.rpki-client.org