Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/ZeMkiRDiOJjHdPlvP4JimE9uCbA.roa
File: ZeMkiRDiOJjHdPlvP4JimE9uCbA.roa (raw, json)
Hash identifier: z9kHJVLAktNJes2RnM+c74koZHDGkPBTtYuvoctYW84=
Subject key identifier: 65:E3:24:89:10:E2:38:98:C7:74:F9:6F:3F:82:62:98:4F:6E:09:B0
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018CC87130C78EDA4BBC8B71ED6709496EB4
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/ZeMkiRDiOJjHdPlvP4JimE9uCbA.roa
Signing time: Tue 02 Jan 2024 04:31:50 +0000
ROA not before: Tue 02 Jan 2024 04:31:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49449
IP address blocks: 185.18.96.0/22 maxlen: 22
188.123.64.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Nov 2024 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:30:c7:8e:da:4b:bc:8b:71:ed:67:09:49:6e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 04:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65e3248910e23898c774f96f3f8262984f6e09b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d3:4d:06:be:21:04:93:b6:43:e6:dd:da:2c:
51:ca:ca:7a:a1:15:4d:93:fa:67:82:29:a6:da:18:
5a:f1:7f:48:3f:91:b3:85:54:fd:cd:fd:d4:24:3f:
96:4e:23:0c:e6:65:eb:80:76:f9:59:12:07:2e:91:
92:40:ad:14:94:ff:76:5d:68:86:35:a6:af:29:0c:
e5:7c:4d:39:43:6d:67:db:d6:a5:14:15:0c:0a:6e:
bb:25:74:f1:8e:31:67:4f:f6:11:dd:f2:29:3b:c9:
6b:6b:e5:53:fd:75:ef:aa:15:f0:47:0b:5a:6b:dc:
5c:06:09:38:36:02:14:47:dd:77:a3:24:c3:21:d9:
eb:88:b3:b2:e5:c4:e5:0d:41:48:dc:d1:a1:0b:10:
fc:92:d8:43:95:0a:10:9b:41:c1:0a:8e:f9:7a:17:
c8:ea:fb:93:b0:61:06:37:98:fa:a1:13:56:8e:81:
f2:40:05:18:28:08:f4:38:ab:6a:ec:0f:77:b3:e8:
31:97:63:c2:fb:87:bc:d4:8c:ae:df:af:d7:37:4e:
4d:3d:d9:27:f2:3b:81:3e:5c:6b:e4:ed:54:e0:6d:
9e:b6:7f:f8:34:9c:15:0e:bd:7c:ae:b5:f7:00:a1:
6b:ea:de:b3:8a:76:96:ea:7f:83:be:37:19:2a:2c:
7b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E3:24:89:10:E2:38:98:C7:74:F9:6F:3F:82:62:98:4F:6E:09:B0
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/ZeMkiRDiOJjHdPlvP4JimE9uCbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.96.0/22
188.123.64.0/19
Signature Algorithm: sha256WithRSAEncryption
53:77:b6:c3:3d:dd:e2:56:e0:03:34:41:7b:3b:9d:af:e3:bc:
cc:f4:1b:a9:8b:99:97:16:6c:a9:7c:09:f0:20:90:96:53:7f:
3e:0e:fc:67:5c:1e:0a:36:5d:c6:e6:b1:93:2a:ae:5e:9c:1a:
f4:5a:09:75:bb:95:ee:64:a1:07:66:e5:b4:a7:d4:23:a0:99:
f5:2c:b3:e8:b8:43:23:50:e2:1b:46:1a:70:5a:c2:c7:61:ba:
5a:15:f4:2c:33:98:34:77:d4:fa:e9:0e:4d:fe:ec:69:03:9a:
1d:97:db:2c:1e:66:b4:46:d7:06:39:e2:29:45:ad:55:72:2e:
27:42:6f:71:85:51:90:8c:75:b8:41:2d:39:0d:24:b1:74:83:
58:a0:d8:60:28:0e:d3:7f:b9:a3:61:77:32:c2:44:96:bc:01:
4d:7a:63:83:d9:b7:ef:8b:56:18:2f:bb:e4:23:69:87:55:9a:
2f:64:6e:5a:43:95:cf:22:b5:48:37:8e:50:53:ac:6e:98:e0:
00:67:e1:ef:ef:f0:b2:c1:f7:4e:8c:ce:5e:8e:b6:ad:c7:71:
fd:ed:de:47:79:e6:53:26:d2:f7:56:eb:92:20:4a:99:b4:56:
66:32:a1:ba:17:69:8f:70:6f:51:31:ca:58:75:43:36:6a:38:
48:ce:dd:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcTDHjtpLvItx7WcJSW60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjQwMTAyMDQzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWUzMjQ4OTEwZTIzODk4Yzc3NGY5NmYzZjgyNjI5ODRmNmUwOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtNNBr4hBJO2Q+bd2ixRysp6oRVN
k/pngimm2hha8X9IP5GzhVT9zf3UJD+WTiMM5mXrgHb5WRIHLpGSQK0UlP92XWiG
NaavKQzlfE05Q21n29alFBUMCm67JXTxjjFnT/YR3fIpO8lra+VT/XXvqhXwRwta
a9xcBgk4NgIUR913oyTDIdnriLOy5cTlDUFI3NGhCxD8kthDlQoQm0HBCo75ehfI
6vuTsGEGN5j6oRNWjoHyQAUYKAj0OKtq7A93s+gxl2PC+4e81Iyu36/XN05NPdkn
8juBPlxr5O1U4G2etn/4NJwVDr18rrX3AKFr6t6zinaW6n+DvjcZKix7ewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGXjJIkQ4jiYx3T5bz+CYphPbgmwMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvWmVNa2lSRGlPSmpIZFBsdlA0SmltRTl1Q2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRJgAwQF
vHtAMA0GCSqGSIb3DQEBCwUAA4IBAQBTd7bDPd3iVuADNEF7O52v47zM9Bupi5mX
FmypfAnwIJCWU38+DvxnXB4KNl3G5rGTKq5enBr0Wgl1u5XuZKEHZuW0p9QjoJn1
LLPouEMjUOIbRhpwWsLHYbpaFfQsM5g0d9T66Q5N/uxpA5odl9ssHma0RtcGOeIp
Ra1Vci4nQm9xhVGQjHW4QS05DSSxdINYoNhgKA7Tf7mjYXcywkSWvAFNemOD2bfv
i1YYL7vkI2mHVZovZG5aQ5XPIrVIN45QU6xumOAAZ+Hv7/CywfdOjM5ejratx3H9
7d5HeeZTJtL3VuuSIEqZtFZmMqG6F2mPcG9RMcpYdUM2ajhIzt2x
-----END CERTIFICATE-----
Generated at Wed Nov 27 16:51:09 2024 by rpki-client on console-fra.rpki-client.org