Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/2zZcO2V9AWocMlTITiupU3SvUlA.roa
File: 2zZcO2V9AWocMlTITiupU3SvUlA.roa (raw, json)
Hash identifier: UECj1e3c/M+UfHIRh3+1NWptPnvSLrWwumjDTHvV9Xs=
Subject key identifier: DB:36:5C:3B:65:7D:01:6A:1C:32:54:C8:4E:2B:A9:53:74:AF:52:50
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 018CC348E16049B6A3FDBE1067803134FABB
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/2zZcO2V9AWocMlTITiupU3SvUlA.roa
Signing time: Mon 01 Jan 2024 04:29:42 +0000
ROA not before: Mon 01 Jan 2024 04:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47626
IP address blocks: 193.7.216.0/22 maxlen: 22
5.180.240.0/22 maxlen: 22
176.96.190.0/23 maxlen: 24
176.96.189.0/24 maxlen: 24
128.0.94.0/24 maxlen: 24
128.0.92.0/24 maxlen: 24
78.24.100.0/22 maxlen: 22
213.241.199.0/24 maxlen: 24
91.208.35.0/24 maxlen: 24
91.222.120.0/22 maxlen: 24
188.93.64.0/22 maxlen: 22
2a05:9c00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e1:60:49:b6:a3:fd:be:10:67:80:31:34:fa:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Jan 1 04:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db365c3b657d016a1c3254c84e2ba95374af5250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7c:96:63:c1:e4:30:0f:d8:94:05:62:6b:32:
f9:6c:57:c2:20:a9:3b:2a:48:c4:f6:74:7f:8b:e6:
71:e5:7c:0c:4f:72:63:51:2e:6b:e0:54:3e:50:1d:
0b:e4:32:fe:a2:06:ed:1c:11:a6:46:9d:7f:33:a9:
d4:0c:3a:7b:ce:ac:38:20:c5:b9:ac:72:7d:b4:0c:
9a:48:90:99:01:c1:a5:ce:d6:a7:62:ac:dd:22:b8:
06:33:88:fc:ca:79:9b:12:bd:8f:aa:e6:7c:ac:fe:
f4:33:07:26:30:51:aa:2b:f3:8b:2f:74:f8:ca:90:
9e:b9:fe:5c:91:be:f2:62:2d:89:75:7c:31:79:14:
17:9d:d8:63:48:2a:86:bf:99:10:57:0c:28:99:5f:
43:ac:8a:fb:56:ef:87:c6:ca:6f:1b:dc:08:19:89:
9b:dd:95:69:3f:0d:4d:b1:e0:2a:ff:38:51:88:95:
4b:d6:b1:8a:ed:68:09:de:74:6a:db:f6:ba:2d:71:
49:93:1a:01:b2:a9:95:a0:95:3c:3f:b7:85:47:e8:
a7:5c:66:82:e5:a0:bb:c1:50:40:aa:40:bb:e4:d9:
95:53:26:b7:cc:e2:62:07:12:c7:94:6f:90:c2:91:
5b:22:0f:d4:cc:73:c1:04:f1:60:c1:c5:77:05:20:
7a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:36:5C:3B:65:7D:01:6A:1C:32:54:C8:4E:2B:A9:53:74:AF:52:50
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/2zZcO2V9AWocMlTITiupU3SvUlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.240.0/22
78.24.100.0/22
91.208.35.0/24
91.222.120.0/22
128.0.92.0/24
128.0.94.0/24
176.96.189.0-176.96.191.255
188.93.64.0/22
193.7.216.0/22
213.241.199.0/24
IPv6:
2a05:9c00::/29
Signature Algorithm: sha256WithRSAEncryption
02:cb:9c:42:67:d1:35:cf:94:f0:ac:71:46:52:89:e3:fc:06:
4f:dc:1b:43:28:37:b7:10:4c:57:7c:d2:5f:40:1c:93:fa:64:
4d:03:51:5d:3d:2b:5e:bc:09:b5:ad:24:73:26:3a:33:f1:f1:
33:55:95:b4:a8:fb:5c:7f:15:47:57:5d:67:c8:6f:18:ad:34:
a2:e3:be:99:b3:bc:fb:e7:53:9a:71:44:59:d5:1d:e1:2c:8b:
0f:4f:23:71:45:0d:d6:64:8b:de:9c:a3:43:1a:41:cf:22:c8:
d4:95:e1:d0:68:a3:a0:ac:28:50:c9:17:81:78:90:f2:e1:87:
9d:57:eb:cb:71:72:bd:72:94:fb:4a:78:59:29:2f:51:b4:83:
4b:18:58:0a:19:3d:6d:57:79:53:27:28:f6:f1:12:7e:60:1d:
2e:a7:ee:d4:5d:1f:2e:c1:06:85:f5:76:8b:7b:69:e8:10:e7:
c0:8b:59:f2:5a:13:57:87:80:61:0b:b5:70:40:a8:c0:3a:66:
0c:f5:59:0d:34:36:42:85:3c:29:30:d3:10:66:d6:82:11:b3:
70:8a:6b:8a:9c:63:38:4b:e6:e2:57:18:b5:b5:7e:3a:e1:0c:
ca:ce:10:b6:31:e7:47:3e:72:89:3b:91:bb:c5:15:bc:a6:4b:
2f:ca:63:c5
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYzDSOFgSbaj/b4QZ4AxNPq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjQwMTAxMDQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjM2NWMzYjY1N2QwMTZhMWMzMjU0Yzg0ZTJiYTk1Mzc0YWY1MjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHyWY8HkMA/YlAViazL5bFfCIKk7
KkjE9nR/i+Zx5XwMT3JjUS5r4FQ+UB0L5DL+ogbtHBGmRp1/M6nUDDp7zqw4IMW5
rHJ9tAyaSJCZAcGlztanYqzdIrgGM4j8ynmbEr2PquZ8rP70MwcmMFGqK/OLL3T4
ypCeuf5ckb7yYi2JdXwxeRQXndhjSCqGv5kQVwwomV9DrIr7Vu+HxspvG9wIGYmb
3ZVpPw1NseAq/zhRiJVL1rGK7WgJ3nRq2/a6LXFJkxoBsqmVoJU8P7eFR+inXGaC
5aC7wVBAqkC75NmVUya3zOJiBxLHlG+QwpFbIg/UzHPBBPFgwcV3BSB64wIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFNs2XDtlfQFqHDJUyE4rqVN0r1JQMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvMnpaY08yVjlBV29jTWxUSVRpdXBVM1N2VWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQCBbTwAwQC
ThhkAwQAW9AjAwQCW954AwQAgABcAwQAgABeMAwDBACwYL0DBAawYIADBAK8XUAD
BALBB9gDBADV8ccwDQQCAAIwBwMFAyoFnAAwDQYJKoZIhvcNAQELBQADggEBAALL
nEJn0TXPlPCscUZSieP8Bk/cG0MoN7cQTFd80l9AHJP6ZE0DUV09K168CbWtJHMm
OjPx8TNVlbSo+1x/FUdXXWfIbxitNKLjvpmzvPvnU5pxRFnVHeEsiw9PI3FFDdZk
i96co0MaQc8iyNSV4dBoo6CsKFDJF4F4kPLhh51X68txcr1ylPtKeFkpL1G0g0sY
WAoZPW1XeVMnKPbxEn5gHS6n7tRdHy7BBoX1dot7aegQ58CLWfJaE1eHgGELtXBA
qMA6Zgz1WQ00NkKFPCkw0xBm1oIRs3CKa4qcYzhL5uJXGLW1fjrhDMrOELYx50c+
cok7kbvFFbymSy/KY8U=
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:50:50 2024 by rpki-client on console-ams.rpki-client.org