Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zRCbvNiJoxdARAlkPJCWY8MrMUo.roa
File: zRCbvNiJoxdARAlkPJCWY8MrMUo.roa (raw, json)
Hash identifier: n5qdd4RsfyIqwzNjG4RmPTqEoY5uIa40JoYoHk7BBRM=
Subject key identifier: CD:10:9B:BC:D8:89:A3:17:40:44:09:64:3C:90:96:63:C3:2B:31:4A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019173F9E859641E60093049875CD19C0EC6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zRCbvNiJoxdARAlkPJCWY8MrMUo.roa
Signing time: Wed 21 Aug 2024 08:07:23 +0000
ROA not before: Wed 21 Aug 2024 08:07:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200080
IP address blocks: 85.209.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:73:f9:e8:59:64:1e:60:09:30:49:87:5c:d1:9c:0e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 21 08:07:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd109bbcd889a317404409643c909663c32b314a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:43:b6:c4:eb:ee:3b:a6:e6:97:17:95:a8:78:
66:06:28:9d:f3:a2:de:d4:51:1a:ee:d8:1d:88:d6:
d0:51:aa:ff:db:5d:7c:34:56:10:ba:1b:59:41:4d:
3f:62:8c:10:2f:c8:4e:93:c3:ec:b3:57:43:a0:77:
10:b6:64:c1:22:e3:d4:32:87:ed:b9:01:00:d2:16:
de:3e:cb:dd:55:f3:c8:13:5e:78:8d:6c:fa:f3:ff:
19:c5:a0:ab:d6:46:00:55:16:93:05:da:81:a9:eb:
6a:ba:07:93:52:43:38:d3:73:17:25:87:e6:63:71:
95:3a:c3:80:17:a0:69:8f:3d:67:ff:dc:0b:fe:a4:
0a:16:d0:d4:0c:f7:fb:f1:eb:2a:ef:2d:31:71:fe:
9e:ed:ce:de:32:e3:87:e7:70:bb:dc:7f:88:19:94:
08:90:9f:35:ef:57:a2:06:71:2a:c7:0f:33:32:3d:
44:94:25:19:b0:2f:40:c2:e1:84:80:eb:fe:98:a2:
f0:10:75:ee:1b:57:28:3f:27:ba:31:41:f7:3d:51:
e9:ea:cb:44:1a:b0:97:ee:8f:9e:2e:5f:6b:36:17:
bc:bb:a5:d5:2b:18:b2:17:2d:3a:96:a3:a3:3d:47:
57:5d:73:59:f7:dc:ba:ee:b2:16:19:83:c0:c1:09:
fd:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:10:9B:BC:D8:89:A3:17:40:44:09:64:3C:90:96:63:C3:2B:31:4A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zRCbvNiJoxdARAlkPJCWY8MrMUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.135.0/24
Signature Algorithm: sha256WithRSAEncryption
02:99:24:fa:de:3f:2c:3f:d9:c0:b3:05:62:de:8d:82:72:0b:
8e:55:76:2b:4b:c8:85:51:b8:9f:51:29:d9:ce:6c:44:47:6e:
87:85:58:b2:13:08:88:12:0b:3a:e2:7d:91:8f:4a:ae:41:ac:
1a:99:a7:fd:84:cd:2b:08:8f:e2:a2:4b:86:4e:6e:8d:40:43:
5e:e2:e6:4b:2b:9b:b5:3c:8a:ce:3f:62:a5:25:3b:06:ce:de:
36:6f:44:9f:22:a6:78:1e:eb:e9:c2:ff:94:fa:fb:bf:36:de:
55:53:31:25:14:19:cc:f4:19:e1:10:35:00:ea:0d:5e:15:b9:
32:16:f6:b5:90:ef:c2:73:4e:71:61:0c:5a:02:b9:9b:6b:b5:
53:76:74:c3:ee:b1:0b:42:aa:97:e7:00:49:17:2f:0d:79:3d:
61:3e:04:4c:f9:7a:f9:d3:6c:86:3f:8b:bd:49:45:73:e6:6f:
e1:11:44:66:13:e6:1a:3c:1d:f0:80:89:ad:27:96:5d:89:9d:
09:f2:8f:35:4d:a2:13:e7:ff:2f:dd:58:2c:35:98:e7:85:a8:
cc:5a:a4:81:d5:d8:3a:af:f9:c8:46:03:06:69:2a:b2:5f:f7:
55:40:dc:34:fc:f5:ff:9e:9a:e4:4b:de:f9:7a:09:43:2b:49:
4a:f7:53:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFz+ehZZB5gCTBJh1zRnA7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODIxMDgwNzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDEwOWJiY2Q4ODlhMzE3NDA0NDA5NjQzYzkwOTY2M2MzMmIzMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EO2xOvuO6bmlxeVqHhmBiid86Le
1FEa7tgdiNbQUar/2118NFYQuhtZQU0/YowQL8hOk8Pss1dDoHcQtmTBIuPUMoft
uQEA0hbePsvdVfPIE154jWz68/8ZxaCr1kYAVRaTBdqBqetqugeTUkM403MXJYfm
Y3GVOsOAF6Bpjz1n/9wL/qQKFtDUDPf78esq7y0xcf6e7c7eMuOH53C73H+IGZQI
kJ8171eiBnEqxw8zMj1ElCUZsC9AwuGEgOv+mKLwEHXuG1coPye6MUH3PVHp6stE
GrCX7o+eLl9rNhe8u6XVKxiyFy06lqOjPUdXXXNZ99y67rIWGYPAwQn9awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0Qm7zYiaMXQEQJZDyQlmPDKzFKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvelJDYnZOaUpveGRBUkFsa1BKQ1dZOE1yTVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdGHMA0G
CSqGSIb3DQEBCwUAA4IBAQACmST63j8sP9nAswVi3o2CcguOVXYrS8iFUbifUSnZ
zmxER26HhViyEwiIEgs64n2Rj0quQawamaf9hM0rCI/iokuGTm6NQENe4uZLK5u1
PIrOP2KlJTsGzt42b0SfIqZ4Huvpwv+U+vu/Nt5VUzElFBnM9BnhEDUA6g1eFbky
Fva1kO/Cc05xYQxaArmba7VTdnTD7rELQqqX5wBJFy8NeT1hPgRM+Xr502yGP4u9
SUVz5m/hEURmE+YaPB3wgImtJ5ZdiZ0J8o81TaIT5/8v3VgsNZjnhajMWqSB1dg6
r/nIRgMGaSqyX/dVQNw0/PX/nprkS975eglDK0lK91M9
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:09 2024 by rpki-client on console-fra.rpki-client.org