Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/zFdXKQllvtSNtk52MTngccm4w9I.roa
File: zFdXKQllvtSNtk52MTngccm4w9I.roa (raw, json)
Hash identifier: ppz6v+YPAYP3usFn2zNU7GGusnuMvABa5HLhuwjgJkc=
Subject key identifier: CC:57:57:29:09:65:BE:D4:8D:B6:4E:76:31:39:E0:71:C9:B8:C3:D2
Certificate issuer: /CN=dc2c2fef9c8caf8f2f08211ef02c3d0ad3474917
Certificate serial: 018D88C3E37CEBD7345263185020A372AE82
Authority key identifier: DC:2C:2F:EF:9C:8C:AF:8F:2F:08:21:1E:F0:2C:3D:0A:D3:47:49:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Cwv75yMr48vCCEe8Cw9CtNHSRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/zFdXKQllvtSNtk52MTngccm4w9I.roa
Signing time: Thu 08 Feb 2024 12:49:15 +0000
ROA not before: Thu 08 Feb 2024 12:49:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56496
IP address blocks: 89.19.52.0/22 maxlen: 22
89.19.52.0/23 maxlen: 23
89.19.52.0/24 maxlen: 24
89.19.53.0/24 maxlen: 24
89.19.54.0/23 maxlen: 23
89.19.54.0/24 maxlen: 24
89.19.55.0/24 maxlen: 24
91.224.210.0/23 maxlen: 23
91.224.210.0/24 maxlen: 24
91.224.211.0/24 maxlen: 24
2a0d:bac0::/29 maxlen: 29
2a0d:bac0::/32 maxlen: 32
2a0d:bac1::/32 maxlen: 32
2a0d:bac2::/32 maxlen: 32
2a0d:bac3::/32 maxlen: 32
2a0d:bac4::/32 maxlen: 32
2a0d:bac5::/32 maxlen: 32
2a0d:bac6::/32 maxlen: 32
2a0d:bac7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/3Cwv75yMr48vCCEe8Cw9CtNHSRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/3Cwv75yMr48vCCEe8Cw9CtNHSRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Cwv75yMr48vCCEe8Cw9CtNHSRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:88:c3:e3:7c:eb:d7:34:52:63:18:50:20:a3:72:ae:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc2c2fef9c8caf8f2f08211ef02c3d0ad3474917
Validity
Not Before: Feb 8 12:49:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc5757290965bed48db64e763139e071c9b8c3d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4b:03:44:88:3e:d0:ae:f2:13:b2:a9:0a:5e:
05:51:f3:0c:be:03:bb:57:b1:aa:60:24:33:ae:c9:
29:59:04:79:bb:7e:d3:ec:4d:3b:8d:d6:df:ab:7f:
13:3d:a8:2a:b2:73:a1:8c:87:c5:ac:bd:41:63:41:
2a:28:a4:6b:f1:c0:73:16:e4:ac:22:99:c4:a3:8c:
ba:28:1c:45:cd:87:ce:52:49:30:5e:e6:3b:0a:57:
a6:7b:b1:cd:1a:8e:0a:6f:5c:ed:d8:30:3d:dc:cd:
cf:5d:65:99:d3:d9:b1:24:30:53:2f:c6:92:3f:36:
90:e9:23:28:f0:69:d0:76:07:60:8b:1e:6e:55:1d:
03:55:18:8a:1f:9a:e4:7d:43:33:ab:69:e9:4a:2f:
06:0d:5c:c6:8c:c3:e4:a3:b1:d8:2d:93:95:ca:31:
a6:7a:b0:58:1e:ce:c3:78:12:86:a3:e7:c1:97:3a:
7f:79:ce:65:bc:62:bc:da:a4:54:3e:6e:de:1c:0c:
ef:00:60:85:a5:55:7d:36:60:7c:c9:ca:db:e2:60:
50:a1:8e:e9:cc:af:f8:98:b1:af:72:34:fb:43:74:
57:bc:fd:5f:4d:21:e8:ce:ae:e4:24:b7:79:2d:01:
1a:23:8a:98:60:c1:4d:c5:95:44:28:bf:08:9c:21:
eb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:57:57:29:09:65:BE:D4:8D:B6:4E:76:31:39:E0:71:C9:B8:C3:D2
X509v3 Authority Key Identifier:
keyid:DC:2C:2F:EF:9C:8C:AF:8F:2F:08:21:1E:F0:2C:3D:0A:D3:47:49:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Cwv75yMr48vCCEe8Cw9CtNHSRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/zFdXKQllvtSNtk52MTngccm4w9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/08531b-bd66-4fce-a569-8644c5814c9a/1/3Cwv75yMr48vCCEe8Cw9CtNHSRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.52.0/22
91.224.210.0/23
IPv6:
2a0d:bac0::/29
Signature Algorithm: sha256WithRSAEncryption
27:bc:00:62:5c:d8:40:94:35:32:9b:c5:b5:1c:b1:04:43:de:
3c:2e:6c:b3:c1:c4:ee:a6:74:6f:cd:22:bc:e5:09:8d:be:48:
17:d7:fa:ea:e1:29:45:4c:81:eb:b7:9f:cc:4e:ae:62:4d:f2:
45:be:5d:ab:f7:0c:cc:9a:7b:40:2f:13:7a:ed:28:ab:80:9d:
d0:68:f3:22:19:8a:e1:32:aa:92:13:53:77:d9:52:0c:6e:2d:
52:e0:36:23:c3:f6:72:97:a6:f7:86:0c:72:47:ac:e0:74:a0:
a1:f3:98:10:a2:1e:59:11:93:5d:fb:6e:f9:6a:04:53:d1:11:
08:17:f0:02:c9:66:f0:ba:c7:f8:ce:65:9f:0a:ba:99:00:51:
7a:2f:13:85:9a:ca:6b:fb:a4:1f:2f:78:24:4e:fb:81:e8:f9:
2a:db:a1:40:b1:58:31:a0:45:2f:38:83:54:05:0b:c4:fd:49:
20:14:68:0e:7a:35:39:75:fc:0b:32:93:44:90:e5:bc:8c:87:
8d:02:1c:34:b4:c1:f2:74:34:64:08:60:4a:c6:cb:1d:20:d8:
25:5e:d1:29:6f:ed:da:ad:ac:5f:9a:f9:51:79:56:02:04:9b:
71:ac:29:ce:9f:54:54:bd:05:fc:f3:f9:39:c7:46:46:bf:1d:
69:15:e0:b2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2Iw+N869c0UmMYUCCjcq6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMmMyZmVmOWM4Y2FmOGYyZjA4MjExZWYwMmMzZDBhZDM0
NzQ5MTcwHhcNMjQwMjA4MTI0OTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzU3NTcyOTA5NjViZWQ0OGRiNjRlNzYzMTM5ZTA3MWM5YjhjM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUsDRIg+0K7yE7KpCl4FUfMMvgO7
V7GqYCQzrskpWQR5u37T7E07jdbfq38TPagqsnOhjIfFrL1BY0EqKKRr8cBzFuSs
IpnEo4y6KBxFzYfOUkkwXuY7Cleme7HNGo4Kb1zt2DA93M3PXWWZ09mxJDBTL8aS
PzaQ6SMo8GnQdgdgix5uVR0DVRiKH5rkfUMzq2npSi8GDVzGjMPko7HYLZOVyjGm
erBYHs7DeBKGo+fBlzp/ec5lvGK82qRUPm7eHAzvAGCFpVV9NmB8ycrb4mBQoY7p
zK/4mLGvcjT7Q3RXvP1fTSHozq7kJLd5LQEaI4qYYMFNxZVEKL8InCHr/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMxXVykJZb7UjbZOdjE54HHJuMPSMB8GA1UdIwQY
MBaAFNwsL++cjK+PLwghHvAsPQrTR0kXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0N3djc1eU1yNDh2Q0NFZThDdzlDdE5IU1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wODUzMWItYmQ2Ni00ZmNlLWE1Njkt
ODY0NGM1ODE0YzlhLzEvekZkWEtRbGx2dFNOdGs1Mk1UbmdjY200dzlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wODUzMWItYmQ2Ni00ZmNlLWE1NjktODY0NGM1ODE0Yzlh
LzEvM0N3djc1eU1yNDh2Q0NFZThDdzlDdE5IU1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWRM0AwQB
W+DSMA0EAgACMAcDBQMqDbrAMA0GCSqGSIb3DQEBCwUAA4IBAQAnvABiXNhAlDUy
m8W1HLEEQ948LmyzwcTupnRvzSK85QmNvkgX1/rq4SlFTIHrt5/MTq5iTfJFvl2r
9wzMmntALxN67SirgJ3QaPMiGYrhMqqSE1N32VIMbi1S4DYjw/Zyl6b3hgxyR6zg
dKCh85gQoh5ZEZNd+275agRT0REIF/ACyWbwusf4zmWfCrqZAFF6LxOFmspr+6Qf
L3gkTvuB6Pkq26FAsVgxoEUvOINUBQvE/UkgFGgOejU5dfwLMpNEkOW8jIeNAhw0
tMHydDRkCGBKxssdINglXtEpb+3araxfmvlReVYCBJtxrCnOn1RUvQX88/k5x0ZG
vx1pFeCy
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:39:05 2024 by rpki-client on console-ams.rpki-client.org