Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2zhbPG80HSobeXOXQtJjqENh_XA.roa
File: 2zhbPG80HSobeXOXQtJjqENh_XA.roa (raw, json)
Hash identifier: nog5L/SebPLI5LhCVPlq4kxnb8O+iNCaTK2+UGHfT5E=
Subject key identifier: DB:38:5B:3C:6F:34:1D:2A:1B:79:73:97:42:D2:63:A8:43:61:FD:70
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192AED5C22FAA402D62050E4AFB0F6417BC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2zhbPG80HSobeXOXQtJjqENh_XA.roa
Signing time: Mon 21 Oct 2024 11:28:17 +0000
ROA not before: Mon 21 Oct 2024 11:28:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 85.209.135.0/24 maxlen: 24
94.156.14.0/24 maxlen: 24
193.148.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 15:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:d5:c2:2f:aa:40:2d:62:05:0e:4a:fb:0f:64:17:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 21 11:28:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db385b3c6f341d2a1b79739742d263a84361fd70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d1:fb:49:d9:9a:b8:8a:4c:5a:c6:5d:3b:38:
d6:00:7a:cd:b1:0a:49:16:e3:c0:66:d1:24:4c:83:
2d:d1:c2:12:eb:00:0b:73:55:c8:14:66:c5:27:14:
e3:1a:71:44:16:84:8a:d7:1a:05:f5:7c:28:d8:bb:
0f:c9:fa:ce:36:ba:21:13:6a:b2:12:d9:2d:3f:4e:
af:46:b5:37:99:a9:5d:79:09:ce:5f:68:41:7b:28:
1f:a4:e3:ec:10:d4:a6:55:10:f1:5a:ad:54:82:a4:
c0:ab:9d:ad:fc:65:0c:fb:2a:07:20:0a:7f:15:f7:
44:3a:99:67:5d:ef:92:7f:2d:bd:5d:b6:c6:d1:0a:
d0:25:ad:c1:b9:1e:f3:c0:e9:86:d3:00:02:35:64:
6e:8b:46:32:33:4b:45:0d:9b:4c:67:7d:11:44:14:
e7:46:28:0d:10:77:93:71:8d:d6:39:36:80:8e:87:
8e:47:8b:1f:b4:18:f9:f6:e8:38:73:e1:0c:de:af:
b6:43:a2:89:68:38:eb:7c:16:2f:40:7a:27:b6:a5:
0e:36:a0:95:72:c2:dd:01:c7:e4:5e:8b:8c:90:12:
29:dd:d3:83:94:9c:b3:d9:4d:b6:3d:1d:d5:84:b3:
6e:f1:34:88:33:e9:42:8e:47:f2:79:c4:af:0b:19:
c9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:38:5B:3C:6F:34:1D:2A:1B:79:73:97:42:D2:63:A8:43:61:FD:70
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2zhbPG80HSobeXOXQtJjqENh_XA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.135.0/24
94.156.14.0/24
193.148.253.0/24
Signature Algorithm: sha256WithRSAEncryption
49:a8:ff:47:04:0f:9e:72:86:72:8a:19:d6:eb:ee:90:02:43:
fc:29:d5:8f:23:4f:b0:a0:f3:16:a2:09:00:85:7a:d0:0c:06:
bc:bf:25:59:b4:79:ca:4c:cd:0e:e1:4f:f9:9b:43:8a:08:d0:
5b:19:6a:22:e4:7c:be:dd:46:da:44:b9:cf:50:40:56:29:d8:
77:c6:57:6f:42:06:46:e9:ba:f2:50:07:2f:09:fc:a8:11:e5:
6d:c9:46:4f:ca:9e:29:ef:15:3a:8b:fa:ff:81:e2:6e:51:96:
77:a1:66:2f:e4:82:0e:92:14:3d:1e:33:72:46:2a:01:99:50:
71:1a:00:92:85:d8:4c:50:64:3e:97:25:fc:d5:fb:58:29:5d:
bf:78:37:87:d2:92:06:d8:c4:e0:5c:31:42:24:ea:19:95:d0:
29:98:25:79:6a:2f:d5:68:9e:18:7b:95:41:dc:6d:04:21:da:
22:c4:8d:00:0c:ec:72:91:00:e2:0c:97:a7:01:d4:da:21:eb:
24:d4:f6:0d:08:34:de:ae:a1:9f:75:35:4e:58:3a:92:6f:ee:
2c:4c:98:40:a9:70:de:e8:e1:cc:fb:9b:e8:6f:b0:a1:14:49:
45:dd:52:29:d2:40:e9:ed:b6:17:16:30:61:30:6e:45:b9:91:
0f:8b:95:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKu1cIvqkAtYgUOSvsPZBe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDIxMTEyODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjM4NWIzYzZmMzQxZDJhMWI3OTczOTc0MmQyNjNhODQzNjFmZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9H7SdmauIpMWsZdOzjWAHrNsQpJ
FuPAZtEkTIMt0cIS6wALc1XIFGbFJxTjGnFEFoSK1xoF9Xwo2LsPyfrONrohE2qy
EtktP06vRrU3maldeQnOX2hBeygfpOPsENSmVRDxWq1UgqTAq52t/GUM+yoHIAp/
FfdEOplnXe+Sfy29XbbG0QrQJa3BuR7zwOmG0wACNWRui0YyM0tFDZtMZ30RRBTn
RigNEHeTcY3WOTaAjoeOR4sftBj59ug4c+EM3q+2Q6KJaDjrfBYvQHontqUONqCV
csLdAcfkXouMkBIp3dODlJyz2U22PR3VhLNu8TSIM+lCjkfyecSvCxnJLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNs4WzxvNB0qG3lzl0LSY6hDYf1wMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMnpoYlBHODBIU29iZVhPWFF0SmpxRU5oX1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVdGHAwQA
XpwOAwQAwZT9MA0GCSqGSIb3DQEBCwUAA4IBAQBJqP9HBA+ecoZyihnW6+6QAkP8
KdWPI0+woPMWogkAhXrQDAa8vyVZtHnKTM0O4U/5m0OKCNBbGWoi5Hy+3UbaRLnP
UEBWKdh3xldvQgZG6bryUAcvCfyoEeVtyUZPyp4p7xU6i/r/geJuUZZ3oWYv5IIO
khQ9HjNyRioBmVBxGgCShdhMUGQ+lyX81ftYKV2/eDeH0pIG2MTgXDFCJOoZldAp
mCV5ai/VaJ4Ye5VB3G0EIdoixI0ADOxykQDiDJenAdTaIesk1PYNCDTerqGfdTVO
WDqSb+4sTJhAqXDe6OHM+5vob7ChFElF3VIp0kDp7bYXFjBhMG5FuZEPi5VL
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:43:26 2024 by rpki-client on console-ams.rpki-client.org