Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/zRHLDmwzXrhvG1Pw_Q7XAk55moA.roa
File: zRHLDmwzXrhvG1Pw_Q7XAk55moA.roa (raw, json)
Hash identifier: k40N9QQvydHsyQ7Qt1ewFfOcs1f6p7cjXgqvmHt4OaE=
Subject key identifier: CD:11:CB:0E:6C:33:5E:B8:6F:1B:53:F0:FD:0E:D7:02:4E:79:9A:80
Certificate issuer: /CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Certificate serial: 018CC6B8EBFF9744E655DFC17664D2B8C8DB
Authority key identifier: B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/zRHLDmwzXrhvG1Pw_Q7XAk55moA.roa
Signing time: Mon 01 Jan 2024 20:30:56 +0000
ROA not before: Mon 01 Jan 2024 20:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51275
IP address blocks: 193.23.139.0/24 maxlen: 24
109.232.201.0/24 maxlen: 24
109.232.200.0/21 maxlen: 21
193.23.138.0/24 maxlen: 24
109.232.202.0/24 maxlen: 24
109.232.200.0/24 maxlen: 24
89.107.249.0/24 maxlen: 24
2a00:1608::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:eb:ff:97:44:e6:55:df:c1:76:64:d2:b8:c8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Validity
Not Before: Jan 1 20:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd11cb0e6c335eb86f1b53f0fd0ed7024e799a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8a:2c:4c:5c:00:de:92:1f:e5:e1:a5:b2:7c:
27:3d:37:e0:66:93:92:99:92:89:a3:9a:00:89:1a:
76:e4:31:da:ec:93:ae:c0:bc:cf:b7:be:39:e7:9b:
45:2e:50:c2:30:2b:26:df:6d:29:d7:fd:6e:ff:fa:
7a:01:8c:bf:02:d3:f6:12:05:cb:18:63:06:5c:37:
34:25:f2:a5:03:9d:07:93:c7:68:c0:69:4a:d0:8b:
b1:87:62:97:37:7b:ba:37:16:63:1a:aa:86:a3:a9:
7f:22:cb:55:e8:d5:9f:97:64:7c:21:52:ce:aa:34:
13:a6:68:af:cb:29:be:99:ec:61:20:45:e5:48:7a:
56:7c:2b:6f:07:7c:f2:c2:13:7e:dd:33:70:4b:45:
c9:1b:7e:c4:dc:14:8c:13:39:7b:aa:f1:e1:83:40:
a7:a1:99:2b:00:a1:7b:fe:15:f4:b8:d0:8c:8d:30:
6a:a9:11:36:e2:6c:76:03:9a:8b:6a:6d:22:91:c6:
dc:ec:47:b9:f8:12:6b:f3:f9:95:ef:29:f3:7e:6e:
c4:d3:17:49:84:af:01:ac:ad:09:f1:fa:4b:4b:38:
bc:cd:9b:c8:ae:d1:4b:cc:92:1f:7e:b2:1a:ee:92:
b1:f6:01:00:f8:6a:f5:48:c2:be:66:1c:3d:34:4c:
23:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:11:CB:0E:6C:33:5E:B8:6F:1B:53:F0:FD:0E:D7:02:4E:79:9A:80
X509v3 Authority Key Identifier:
keyid:B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/zRHLDmwzXrhvG1Pw_Q7XAk55moA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.249.0/24
109.232.200.0/21
193.23.138.0/23
IPv6:
2a00:1608::/32
Signature Algorithm: sha256WithRSAEncryption
a2:ac:7b:2f:78:71:82:51:f3:7c:01:12:3c:b5:3c:76:b6:a7:
8e:79:87:a6:0a:5f:53:8b:82:b8:b0:74:f6:e5:d8:36:b4:5c:
2c:ba:3e:e6:8d:bc:c2:ca:fa:af:a2:02:b4:b8:0e:c8:be:06:
cd:5c:d4:1a:d5:06:e0:d0:01:8b:c9:f1:98:7d:7a:b0:7a:b6:
00:50:4d:32:37:c2:fa:d8:16:29:db:86:4e:0a:39:0c:aa:ac:
99:51:c9:69:ec:8f:22:ad:10:55:72:44:c8:bd:de:d7:7b:b5:
a6:25:d6:45:46:3a:2f:6b:ad:73:27:78:c3:8f:ec:3a:37:79:
4c:fa:f7:a8:cb:c1:bf:93:14:d7:d8:68:5c:d2:62:87:3b:00:
3f:13:71:a7:0e:06:8a:27:96:01:50:5c:13:ca:39:69:f6:33:
81:ce:65:d2:ee:10:b2:d6:9a:7c:d0:1a:b9:74:e7:39:82:f0:
e1:87:00:2e:31:f5:ee:a5:cb:ac:69:14:98:3b:c2:c4:a8:e7:
72:a4:45:14:24:f4:f5:18:b3:3c:23:7c:79:3d:ba:40:aa:93:
41:03:fe:cb:c6:1d:29:d6:cf:a6:85:bd:37:bb:cb:c6:6b:50:
3c:1e:8d:3f:93:e4:86:8e:b3:7b:ea:a7:c2:00:66:d7:e0:de:
7e:36:ac:ff
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGuOv/l0TmVd/BdmTSuMjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjM1MGEwYWUzMmU3M2U2NjBjNDE2YzNmMTQwNmVkZDM2
MTVmODIwHhcNMjQwMTAxMjAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDExY2IwZTZjMzM1ZWI4NmYxYjUzZjBmZDBlZDcwMjRlNzk5YTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4osTFwA3pIf5eGlsnwnPTfgZpOS
mZKJo5oAiRp25DHa7JOuwLzPt74555tFLlDCMCsm320p1/1u//p6AYy/AtP2EgXL
GGMGXDc0JfKlA50Hk8dowGlK0Iuxh2KXN3u6NxZjGqqGo6l/IstV6NWfl2R8IVLO
qjQTpmivyym+mexhIEXlSHpWfCtvB3zywhN+3TNwS0XJG37E3BSMEzl7qvHhg0Cn
oZkrAKF7/hX0uNCMjTBqqRE24mx2A5qLam0ikcbc7Ee5+BJr8/mV7ynzfm7E0xdJ
hK8BrK0J8fpLSzi8zZvIrtFLzJIffrIa7pKx9gEA+Gr1SMK+Zhw9NEwjUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM0Ryw5sM164bxtT8P0O1wJOeZqAMB8GA1UdIwQY
MBaAFLmzUKCuMuc+ZgxBbD8UBu3TYV+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2Et
ZWY3M2I3YjRjYTNjLzEvelJITERtd3pYcmh2RzFQd19RN1hBazU1bW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2EtZWY3M2I3YjRjYTNj
LzEvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWWv5AwQD
bejIAwQBwReKMA0EAgACMAcDBQAqABYIMA0GCSqGSIb3DQEBCwUAA4IBAQCirHsv
eHGCUfN8ARI8tTx2tqeOeYemCl9Ti4K4sHT25dg2tFwsuj7mjbzCyvqvogK0uA7I
vgbNXNQa1Qbg0AGLyfGYfXqwerYAUE0yN8L62BYp24ZOCjkMqqyZUclp7I8irRBV
ckTIvd7Xe7WmJdZFRjova61zJ3jDj+w6N3lM+veoy8G/kxTX2Ghc0mKHOwA/E3Gn
DgaKJ5YBUFwTyjlp9jOBzmXS7hCy1pp80Bq5dOc5gvDhhwAuMfXupcusaRSYO8LE
qOdypEUUJPT1GLM8I3x5PbpAqpNBA/7Lxh0p1s+mhb03u8vGa1A8Ho0/k+SGjrN7
6qfCAGbX4N5+Nqz/
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:34:50 2024 by rpki-client on console-fra.rpki-client.org