Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NZxirVYlbHlLjU4T7KCOHg4iZWk.roa
File: NZxirVYlbHlLjU4T7KCOHg4iZWk.roa (raw, json)
Hash identifier: SXrHPNsJgb1Km/An3onCZdTk50lVRmV5+dJ78ashQas=
Subject key identifier: 35:9C:62:AD:56:25:6C:79:4B:8D:4E:13:EC:A0:8E:1E:0E:22:65:69
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B5ABA6DE79EBDC6A726421DF61FC9
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NZxirVYlbHlLjU4T7KCOHg4iZWk.roa
Signing time: Tue 02 Jan 2024 12:34:48 +0000
ROA not before: Tue 02 Jan 2024 12:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60945
IP address blocks: 185.133.73.0/24 maxlen: 24
45.85.194.0/24 maxlen: 24
194.156.159.0/24 maxlen: 32
2a06:7a03::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 22:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:5a:ba:6d:e7:9e:bd:c6:a7:26:42:1d:f6:1f:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=359c62ad56256c794b8d4e13eca08e1e0e226569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:90:d1:5c:34:56:8f:06:47:d7:27:e9:05:1f:
94:aa:22:e2:28:81:47:d0:5e:a7:96:4e:f9:a0:0e:
43:39:49:fa:ef:5a:5a:0f:3e:1c:96:24:d8:f2:76:
71:47:ae:20:55:d9:2e:5c:5c:60:18:8d:21:d1:0c:
67:ba:c8:71:cd:48:8f:ed:fc:8b:48:4b:cd:34:8c:
77:78:85:83:76:84:7b:e2:d2:a5:99:d7:79:53:66:
6c:a7:c3:99:85:51:16:e0:1c:86:e1:f1:c6:73:db:
dd:48:b1:39:6f:07:c7:a9:0a:ef:1f:d1:eb:26:d9:
97:91:43:d1:68:19:f6:11:3d:69:11:7b:a6:63:fa:
f3:f9:15:42:a4:95:6b:64:18:8c:74:d4:e0:6b:50:
cf:08:ab:e3:6a:18:f9:f3:9d:46:da:08:c2:53:69:
be:77:41:b0:d6:26:bf:ac:d2:66:b7:c2:cc:ec:da:
99:5b:84:d1:dd:f1:21:3a:75:b9:f3:6d:8b:bd:64:
44:55:d6:a6:a0:78:c8:9d:19:fb:8f:cc:d1:f4:58:
ac:37:62:10:b7:56:9b:94:bd:d4:39:20:3c:18:f1:
e7:60:9d:c4:59:1b:20:88:13:e0:23:b4:18:b0:50:
8d:2b:f0:fc:26:22:93:a1:fb:3f:1e:f3:b7:c7:76:
d9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9C:62:AD:56:25:6C:79:4B:8D:4E:13:EC:A0:8E:1E:0E:22:65:69
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NZxirVYlbHlLjU4T7KCOHg4iZWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.194.0/24
185.133.73.0/24
194.156.159.0/24
IPv6:
2a06:7a03::/48
Signature Algorithm: sha256WithRSAEncryption
a0:00:d1:a5:e2:15:43:3c:72:b9:00:fa:59:8d:73:fc:3a:a0:
ca:55:fe:3a:c3:04:1a:46:4e:3c:f3:d1:2a:5e:5c:29:95:62:
a2:97:e5:3a:16:cf:d6:81:ed:c9:97:1a:86:12:63:b9:f7:63:
30:aa:97:a8:df:ef:e1:33:59:e8:18:a7:bb:fd:34:2e:b8:8b:
e4:96:b7:bc:a7:9c:1e:d3:9e:5b:78:96:0e:86:b4:6d:5e:b0:
f7:a6:8c:ad:10:47:ca:18:dd:07:bc:20:31:e2:c0:f1:e2:d9:
9a:78:68:de:85:4e:3b:53:65:18:92:19:74:70:0c:23:ea:16:
2f:32:2a:5a:92:0d:01:c2:01:2c:0f:85:39:f8:d8:17:62:08:
eb:64:b2:08:00:91:19:3d:6d:9a:bb:39:a7:c9:99:47:34:92:
f8:45:19:7e:0d:b1:bc:7b:bf:dc:47:c2:be:dc:4d:31:d1:b2:
42:c2:79:4d:21:2a:50:90:fe:52:f2:40:66:91:82:71:76:60:
21:a4:33:de:21:5c:14:99:3f:10:09:46:75:e5:dc:9e:f4:e2:
89:9d:87:91:ec:7f:be:55:46:c8:d5:17:8f:f1:a2:48:4f:e1:
5a:ff:8b:89:5b:bc:c1:30:8b:55:5d:fd:90:16:d6:49:6c:2a:
91:95:ef:22
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzKK1q6beeevcanJkId9h/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTljNjJhZDU2MjU2Yzc5NGI4ZDRlMTNlY2EwOGUxZTBlMjI2NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JDRXDRWjwZH1yfpBR+UqiLiKIFH
0F6nlk75oA5DOUn671paDz4cliTY8nZxR64gVdkuXFxgGI0h0QxnushxzUiP7fyL
SEvNNIx3eIWDdoR74tKlmdd5U2Zsp8OZhVEW4ByG4fHGc9vdSLE5bwfHqQrvH9Hr
JtmXkUPRaBn2ET1pEXumY/rz+RVCpJVrZBiMdNTga1DPCKvjahj5851G2gjCU2m+
d0Gw1ia/rNJmt8LM7NqZW4TR3fEhOnW5822LvWREVdamoHjInRn7j8zR9FisN2IQ
t1ablL3UOSA8GPHnYJ3EWRsgiBPgI7QYsFCNK/D8JiKTofs/HvO3x3bZoQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDWcYq1WJWx5S41OE+ygjh4OImVpMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvTlp4aXJWWWxiSGxMalU0VDdLQ09IZzRpWldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALVXCAwQA
uYVJAwQAwpyfMA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBAKAA
0aXiFUM8crkA+lmNc/w6oMpV/jrDBBpGTjzz0SpeXCmVYqKX5ToWz9aB7cmXGoYS
Y7n3YzCql6jf7+EzWegYp7v9NC64i+SWt7ynnB7Tnlt4lg6GtG1esPemjK0QR8oY
3Qe8IDHiwPHi2Zp4aN6FTjtTZRiSGXRwDCPqFi8yKlqSDQHCASwPhTn42BdiCOtk
sggAkRk9bZq7OafJmUc0kvhFGX4Nsbx7v9xHwr7cTTHRskLCeU0hKlCQ/lLyQGaR
gnF2YCGkM94hXBSZPxAJRnXl3J704omdh5Hsf75VRsjVF4/xokhP4Vr/i4lbvMEw
i1Vd/ZAW1klsKpGV7yI=
-----END CERTIFICATE-----
Generated at Wed May 1 06:22:54 2024 by rpki-client on console-fra.rpki-client.org