Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/zmEEaST4dd3jhpV1hpkglJ0is3c.roa
File: zmEEaST4dd3jhpV1hpkglJ0is3c.roa (raw, json)
Hash identifier: y4Xammo3wJEUgA8ihA0Bxbz6bbcUsDNGFpIW81Fh1W0=
Subject key identifier: CE:61:04:69:24:F8:75:DD:E3:86:95:75:86:99:20:94:9D:22:B3:77
Certificate issuer: /CN=8323b9731b196b1acbc829f5b28b325fd9d3e3d4
Certificate serial: 018CC3B73CDBEC7812DCAD33E7AD3A1C7F76
Authority key identifier: 83:23:B9:73:1B:19:6B:1A:CB:C8:29:F5:B2:8B:32:5F:D9:D3:E3:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gyO5cxsZaxrLyCn1sosyX9nT49Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/zmEEaST4dd3jhpV1hpkglJ0is3c.roa
Signing time: Mon 01 Jan 2024 06:30:14 +0000
ROA not before: Mon 01 Jan 2024 06:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206332
IP address blocks: 185.171.201.0/24 maxlen: 24
185.146.47.0/24 maxlen: 24
185.146.46.0/24 maxlen: 24
2a07:4d80::/32 maxlen: 32
2a10:55c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/gyO5cxsZaxrLyCn1sosyX9nT49Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/gyO5cxsZaxrLyCn1sosyX9nT49Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gyO5cxsZaxrLyCn1sosyX9nT49Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3c:db:ec:78:12:dc:ad:33:e7:ad:3a:1c:7f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8323b9731b196b1acbc829f5b28b325fd9d3e3d4
Validity
Not Before: Jan 1 06:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce61046924f875dde3869575869920949d22b377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1a:d5:f1:03:fd:1a:80:c2:86:94:a2:31:65:
0d:2b:27:b9:49:2a:f7:cc:1e:f7:27:a7:cf:99:fd:
f7:01:0d:08:00:b9:03:d3:98:1e:a4:be:d1:82:97:
1d:14:c2:b7:ea:be:27:9c:bb:80:3c:e7:13:df:9b:
00:45:76:d6:fb:d0:d2:32:9a:55:9e:15:a5:28:18:
54:5e:9a:7a:dd:9b:14:69:1d:cf:86:c1:93:50:47:
cc:c1:54:db:31:83:d3:d8:13:1f:6e:ee:e9:5b:08:
f8:4b:00:c3:f5:1d:c3:07:74:9f:ae:66:e3:7d:f0:
62:67:07:0a:b2:3f:78:35:94:57:94:d0:3e:26:40:
9c:06:1d:f9:7f:76:20:0e:6d:4d:ad:41:5c:64:4e:
96:52:4d:0c:f7:1e:f7:8c:75:1e:a8:9e:f2:ab:28:
d9:c6:24:c6:20:86:02:89:f0:d8:48:25:6f:9b:1c:
da:43:91:81:3b:0b:6a:e1:8d:05:a8:b4:cf:67:06:
56:bb:50:00:9a:04:d8:d7:37:ec:08:c6:1f:d6:b8:
95:b0:34:19:b7:ff:b3:60:42:87:54:3b:c1:17:15:
7b:87:af:cf:84:51:ed:ce:c3:9a:dc:65:38:05:e8:
b3:f5:bf:c9:2a:94:6c:2a:5f:dd:3b:b5:fd:db:c9:
47:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:61:04:69:24:F8:75:DD:E3:86:95:75:86:99:20:94:9D:22:B3:77
X509v3 Authority Key Identifier:
keyid:83:23:B9:73:1B:19:6B:1A:CB:C8:29:F5:B2:8B:32:5F:D9:D3:E3:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyO5cxsZaxrLyCn1sosyX9nT49Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/zmEEaST4dd3jhpV1hpkglJ0is3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/da1f23-3694-4f59-85cf-ca1e5f081950/1/gyO5cxsZaxrLyCn1sosyX9nT49Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.46.0/23
185.171.201.0/24
IPv6:
2a07:4d80::/32
2a10:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
89:73:d1:91:32:ac:6f:3f:61:0c:ae:e6:b3:a2:42:50:1b:9c:
34:c8:38:7b:be:1a:f9:c9:9e:32:5b:0a:8f:99:43:78:f7:d3:
4e:81:9f:69:46:32:df:55:f6:51:26:37:6b:5e:17:d0:59:b7:
ed:6e:90:2e:c2:4e:aa:ae:ea:d0:91:83:26:ef:c4:8b:59:ae:
ac:68:4e:e7:4e:02:df:22:4b:91:a1:48:40:f5:cd:bb:1b:3a:
91:2c:79:56:d2:da:e9:40:54:7a:dd:12:84:bb:88:fb:62:d2:
20:0d:d5:6b:f5:fb:5e:96:b6:63:50:21:af:77:e7:86:aa:08:
89:fd:11:a6:4c:cd:78:17:84:6d:dc:e1:60:a7:89:9e:91:01:
6f:d4:6c:4b:6d:3c:30:11:3e:8a:94:1c:50:27:6f:4a:30:63:
50:87:e5:da:37:bb:8c:86:42:ce:60:15:db:3e:ca:cd:31:11:
16:34:5e:76:5b:7f:3d:25:b1:cb:d7:a0:89:69:e0:bf:ca:98:
45:45:1d:33:cc:f8:85:6c:74:4e:3f:7f:0b:86:b4:74:ae:86:
ea:3b:93:85:c4:b9:55:3d:5e:8a:a3:2d:96:0d:c5:3d:dc:15:
8a:5e:3f:7a:a9:c1:ba:2a:95:d4:80:d7:f2:31:0a:d8:36:c8:
7f:f0:bd:db
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDtzzb7HgS3K0z5606HH92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMjNiOTczMWIxOTZiMWFjYmM4MjlmNWIyOGIzMjVmZDlk
M2UzZDQwHhcNMjQwMTAxMDYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTYxMDQ2OTI0Zjg3NWRkZTM4Njk1NzU4Njk5MjA5NDlkMjJiMzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBrV8QP9GoDChpSiMWUNKye5SSr3
zB73J6fPmf33AQ0IALkD05gepL7RgpcdFMK36r4nnLuAPOcT35sARXbW+9DSMppV
nhWlKBhUXpp63ZsUaR3PhsGTUEfMwVTbMYPT2BMfbu7pWwj4SwDD9R3DB3Sfrmbj
ffBiZwcKsj94NZRXlNA+JkCcBh35f3YgDm1NrUFcZE6WUk0M9x73jHUeqJ7yqyjZ
xiTGIIYCifDYSCVvmxzaQ5GBOwtq4Y0FqLTPZwZWu1AAmgTY1zfsCMYf1riVsDQZ
t/+zYEKHVDvBFxV7h6/PhFHtzsOa3GU4Beiz9b/JKpRsKl/dO7X928lHnQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFM5hBGkk+HXd44aVdYaZIJSdIrN3MB8GA1UdIwQY
MBaAFIMjuXMbGWsay8gp9bKLMl/Z0+PUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3lPNWN4c1pheHJMeUNuMXNvc3lYOW5UNDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kYTFmMjMtMzY5NC00ZjU5LTg1Y2Yt
Y2ExZTVmMDgxOTUwLzEvem1FRWFTVDRkZDNqaHBWMWhwa2dsSjBpczNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kYTFmMjMtMzY5NC00ZjU5LTg1Y2YtY2ExZTVmMDgxOTUw
LzEvZ3lPNWN4c1pheHJMeUNuMXNvc3lYOW5UNDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBuZIuAwQA
uavJMBQEAgACMA4DBQAqB02AAwUDKhBVwDANBgkqhkiG9w0BAQsFAAOCAQEAiXPR
kTKsbz9hDK7ms6JCUBucNMg4e74a+cmeMlsKj5lDePfTToGfaUYy31X2USY3a14X
0Fm37W6QLsJOqq7q0JGDJu/Ei1murGhO504C3yJLkaFIQPXNuxs6kSx5VtLa6UBU
et0ShLuI+2LSIA3Va/X7Xpa2Y1Ahr3fnhqoIif0RpkzNeBeEbdzhYKeJnpEBb9Rs
S208MBE+ipQcUCdvSjBjUIfl2je7jIZCzmAV2z7KzTERFjRedlt/PSWxy9egiWng
v8qYRUUdM8z4hWx0Tj9/C4a0dK6G6juThcS5VT1eiqMtlg3FPdwVil4/eqnBuiqV
1IDX8jEK2DbIf/C92w==
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:48:56 2024 by rpki-client on console-ams.rpki-client.org