Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/7637a6-5237-4b16-93cf-be17b8aad554/1/z2uQYpuGxVxuR1kW4K1ZWnhGF5o.roa
File: z2uQYpuGxVxuR1kW4K1ZWnhGF5o.roa (raw, json)
Hash identifier: 1lUMxnFhs0Jm31ZwfxvkR5pAD+4fsVXYcCK6nm9KVGs=
Subject key identifier: CF:6B:90:62:9B:86:C5:5C:6E:47:59:16:E0:AD:59:5A:78:46:17:9A
Certificate issuer: /CN=1f31139f89e825962a7e3380ade75b56ab5baad5
Certificate serial: 018E39D159F6B938C089E1D6885D281E871E
Authority key identifier: 1F:31:13:9F:89:E8:25:96:2A:7E:33:80:AD:E7:5B:56:AB:5B:AA:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzETn4noJZYqfjOAredbVqtbqtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/7637a6-5237-4b16-93cf-be17b8aad554/1/z2uQYpuGxVxuR1kW4K1ZWnhGF5o.roa
Signing time: Wed 13 Mar 2024 21:56:45 +0000
ROA not before: Wed 13 Mar 2024 21:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50522
IP address blocks: 81.23.244.0/22 maxlen: 22
81.173.0.0/22 maxlen: 22
81.173.7.0/24 maxlen: 24
81.173.32.0/22 maxlen: 23
81.173.48.0/20 maxlen: 20
81.173.64.0/20 maxlen: 20
81.173.96.0/22 maxlen: 22
81.173.125.0/24 maxlen: 24
81.173.126.0/23 maxlen: 23
109.235.32.0/21 maxlen: 21
185.61.68.0/22 maxlen: 22
2a03:be00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/7637a6-5237-4b16-93cf-be17b8aad554/1/HzETn4noJZYqfjOAredbVqtbqtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/7637a6-5237-4b16-93cf-be17b8aad554/1/HzETn4noJZYqfjOAredbVqtbqtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HzETn4noJZYqfjOAredbVqtbqtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:d1:59:f6:b9:38:c0:89:e1:d6:88:5d:28:1e:87:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f31139f89e825962a7e3380ade75b56ab5baad5
Validity
Not Before: Mar 13 21:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf6b90629b86c55c6e475916e0ad595a7846179a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b1:b0:ff:06:ac:42:a0:e3:98:92:06:3d:ff:
91:a6:df:1c:c4:7f:32:6c:59:2d:0a:cf:bd:59:08:
69:db:0a:a8:f2:40:00:d0:00:05:eb:e4:91:82:2f:
ce:a8:80:a8:18:cc:d1:03:cf:10:4c:97:cf:48:48:
66:1e:a5:f2:14:3c:c6:c6:4f:97:3c:00:03:2b:2c:
96:e3:4b:c9:53:0b:1c:43:1b:1e:e8:2e:df:39:b2:
8e:93:3e:4a:60:86:0a:de:f3:64:96:dd:89:58:8b:
de:52:ca:07:91:36:b5:42:fb:7f:3d:9e:2a:e0:72:
98:ac:fb:b9:9d:74:2e:9c:01:a1:d4:cd:c4:d3:1a:
ca:84:19:6e:62:52:6e:f1:be:22:df:05:68:32:8f:
04:e1:5a:94:a0:c9:f2:e7:ff:12:08:de:78:a3:15:
86:5d:f7:a4:68:0d:71:a5:de:0b:46:9d:7e:58:36:
03:78:5c:87:3a:b4:af:8f:a6:46:30:b5:a1:4d:f2:
f8:bf:e9:91:56:51:81:b0:2d:18:76:39:61:a8:a7:
20:73:fb:cd:4c:c3:c5:a7:49:6d:ef:c0:24:70:62:
50:3c:4b:d0:e1:9e:0b:ef:6c:c3:6c:94:81:89:ec:
1a:07:f2:6d:0d:ac:3c:9d:ca:5f:20:97:12:ea:d5:
5e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:6B:90:62:9B:86:C5:5C:6E:47:59:16:E0:AD:59:5A:78:46:17:9A
X509v3 Authority Key Identifier:
keyid:1F:31:13:9F:89:E8:25:96:2A:7E:33:80:AD:E7:5B:56:AB:5B:AA:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzETn4noJZYqfjOAredbVqtbqtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7637a6-5237-4b16-93cf-be17b8aad554/1/z2uQYpuGxVxuR1kW4K1ZWnhGF5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7637a6-5237-4b16-93cf-be17b8aad554/1/HzETn4noJZYqfjOAredbVqtbqtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.244.0/22
81.173.0.0/22
81.173.7.0/24
81.173.32.0/22
81.173.48.0-81.173.79.255
81.173.96.0/22
81.173.125.0-81.173.127.255
109.235.32.0/21
185.61.68.0/22
IPv6:
2a03:be00::/32
Signature Algorithm: sha256WithRSAEncryption
70:8b:74:84:1c:2f:35:39:3c:b3:d6:2e:d7:17:56:a7:12:66:
4f:d1:db:65:02:bd:39:23:73:f9:c2:d8:f5:7c:2e:f0:10:22:
93:c8:ee:03:2f:07:6f:99:56:17:a2:81:7d:68:09:ff:c5:a8:
55:7f:ab:9c:9d:cd:58:46:30:e7:82:04:6d:c9:7b:a1:13:e3:
65:be:52:52:9a:5e:c2:52:af:dd:ef:21:d1:04:2a:f0:63:bd:
ca:14:b1:ab:78:f7:e9:68:3d:33:f0:f6:91:9a:f6:58:17:9b:
1c:d0:32:99:50:dc:98:11:75:ad:d0:ea:a5:97:ce:f3:98:36:
9e:09:27:40:d9:64:e7:1e:d3:8d:1f:0c:8f:ad:94:79:10:96:
f3:95:3c:9f:c5:45:b6:85:8f:aa:ac:ae:e4:05:81:f7:b9:c2:
f2:f4:58:e0:32:29:09:a6:a6:b2:57:c1:e8:6f:b9:3a:50:a0:
93:14:e3:f5:bb:7b:a0:e5:86:2c:ea:08:7d:43:0a:7b:31:37:
02:95:36:a8:12:f8:99:bf:45:37:97:36:e5:d2:9b:4c:40:e9:
87:b0:64:a8:4b:da:d4:53:2f:b0:13:0d:70:c6:45:8e:b7:f2:
c1:40:c4:1b:34:ee:be:8c:04:29:a1:bf:42:2f:9e:8d:6c:9d:
27:ee:b4:7c
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAY450Vn2uTjAieHWiF0oHoceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzExMzlmODllODI1OTYyYTdlMzM4MGFkZTc1YjU2YWI1
YmFhZDUwHhcNMjQwMzEzMjE1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjZiOTA2MjliODZjNTVjNmU0NzU5MTZlMGFkNTk1YTc4NDYxNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrGw/wasQqDjmJIGPf+Rpt8cxH8y
bFktCs+9WQhp2wqo8kAA0AAF6+SRgi/OqICoGMzRA88QTJfPSEhmHqXyFDzGxk+X
PAADKyyW40vJUwscQxse6C7fObKOkz5KYIYK3vNklt2JWIveUsoHkTa1Qvt/PZ4q
4HKYrPu5nXQunAGh1M3E0xrKhBluYlJu8b4i3wVoMo8E4VqUoMny5/8SCN54oxWG
XfekaA1xpd4LRp1+WDYDeFyHOrSvj6ZGMLWhTfL4v+mRVlGBsC0YdjlhqKcgc/vN
TMPFp0lt78AkcGJQPEvQ4Z4L72zDbJSBiewaB/JtDaw8ncpfIJcS6tVeywIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFM9rkGKbhsVcbkdZFuCtWVp4RheaMB8GA1UdIwQY
MBaAFB8xE5+J6CWWKn4zgK3nW1arW6rVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpFVG40bm9KWllxZmpPQXJlZGJWcXRicXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83NjM3YTYtNTIzNy00YjE2LTkzY2Yt
YmUxN2I4YWFkNTU0LzEvejJ1UVlwdUd4Vnh1UjFrVzRLMVpXbmhHRjVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS83NjM3YTYtNTIzNy00YjE2LTkzY2YtYmUxN2I4YWFkNTU0
LzEvSHpFVG40bm9KWllxZmpPQXJlZGJWcXRicXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQCURf0AwQC
Ua0AAwQAUa0HAwQCUa0gMAwDBARRrTADBARRrUADBAJRrWAwDAMEAFGtfQMEB1Gt
AAMEA23rIAMEArk9RDANBAIAAjAHAwUAKgO+ADANBgkqhkiG9w0BAQsFAAOCAQEA
cIt0hBwvNTk8s9Yu1xdWpxJmT9HbZQK9OSNz+cLY9Xwu8BAik8juAy8Hb5lWF6KB
fWgJ/8WoVX+rnJ3NWEYw54IEbcl7oRPjZb5SUppewlKv3e8h0QQq8GO9yhSxq3j3
6Wg9M/D2kZr2WBebHNAymVDcmBF1rdDqpZfO85g2ngknQNlk5x7TjR8Mj62UeRCW
85U8n8VFtoWPqqyu5AWB97nC8vRY4DIpCaamslfB6G+5OlCgkxTj9bt7oOWGLOoI
fUMKezE3ApU2qBL4mb9FN5c25dKbTEDph7BkqEva1FMvsBMNcMZFjrfywUDEGzTu
vowEKaG/Qi+ejWydJ+60fA==
-----END CERTIFICATE-----
Generated at Fri May 17 20:12:32 2024 by rpki-client on console-fra.rpki-client.org