Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Zm9a0MTbA4UvCkxsi-OI0oIWOmU.roa
File: Zm9a0MTbA4UvCkxsi-OI0oIWOmU.roa (raw, json)
Hash identifier: beJiGPq13BvREPIPypF+tq5GsFjxjMrN408iLs6tNLc=
Subject key identifier: 66:6F:5A:D0:C4:DB:03:85:2F:0A:4C:6C:8B:E3:88:D2:82:16:3A:65
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018CC5011E2DC5D6217A25F4EA020614E462
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Zm9a0MTbA4UvCkxsi-OI0oIWOmU.roa
Signing time: Mon 01 Jan 2024 12:30:33 +0000
ROA not before: Mon 01 Jan 2024 12:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209280
IP address blocks: 185.227.81.0/24 maxlen: 24
194.146.45.0/24 maxlen: 24
2a0b:3c40:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:1e:2d:c5:d6:21:7a:25:f4:ea:02:06:14:e4:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 12:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=666f5ad0c4db03852f0a4c6c8be388d282163a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4b:fc:97:d8:07:5a:6a:c8:21:b3:b4:79:4d:
aa:5c:04:32:24:d7:fe:32:09:1a:51:21:f1:52:90:
c6:ae:cb:3a:85:1c:50:11:3e:be:a5:46:98:e5:12:
d4:26:c3:80:6e:fb:71:39:3c:79:98:2b:39:a2:4b:
99:9f:8b:48:96:da:29:87:f4:08:bf:51:34:ba:02:
d6:98:f9:d3:13:35:7c:e7:92:08:19:32:54:96:44:
eb:06:13:ee:a1:c9:6b:fb:fc:78:ab:4e:88:e1:a5:
3f:ae:ce:30:e4:81:5f:70:86:54:28:b2:19:cc:bd:
79:fa:c7:06:8a:8c:02:1a:4b:4b:4c:f3:16:1b:9e:
f7:4d:4d:f8:51:6e:a1:cb:00:18:54:21:65:05:3b:
f8:90:84:e4:25:55:04:15:f3:50:92:92:38:1d:b1:
90:6b:cb:6c:d2:d3:7f:fd:04:05:76:69:82:96:81:
16:ea:f0:72:5c:74:9a:e9:53:71:4b:c3:1a:81:ef:
7a:bc:d5:2d:8b:b1:54:f2:3a:32:2d:4c:18:cf:ba:
6e:04:a0:30:2f:5e:db:6c:00:94:d2:4e:18:35:0c:
c0:66:b8:a0:8f:ed:31:45:1e:5d:86:76:59:79:cc:
3c:d0:1b:33:0d:50:b1:28:c7:49:59:43:43:ed:23:
72:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:6F:5A:D0:C4:DB:03:85:2F:0A:4C:6C:8B:E3:88:D2:82:16:3A:65
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Zm9a0MTbA4UvCkxsi-OI0oIWOmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.81.0/24
194.146.45.0/24
IPv6:
2a0b:3c40:13::/48
Signature Algorithm: sha256WithRSAEncryption
3a:e4:6d:d9:4a:3a:be:a4:b3:e7:77:98:f4:97:f4:3a:7f:51:
32:77:02:ea:1d:42:9b:7f:c9:d1:e1:51:f1:56:13:2c:99:e9:
07:38:46:f0:aa:8e:c3:32:6b:88:7f:ce:6c:c2:10:dd:4d:b8:
02:a9:46:27:91:4d:c0:7f:43:cf:a8:ee:83:e7:74:b9:74:f8:
39:cd:ec:4e:a5:ea:96:fd:7f:e3:09:36:61:73:e9:00:d4:3f:
71:ce:70:1c:59:65:76:7c:16:b1:1c:37:a1:06:f6:54:f2:7b:
dc:bc:b7:75:44:a4:b5:79:c2:32:65:bf:3a:72:06:89:9b:94:
33:65:88:ee:f9:af:1e:3b:5a:a6:98:ca:04:39:2c:54:58:6d:
80:77:f5:51:ac:77:90:d7:73:2f:2e:19:1c:5f:50:ee:e6:df:
ed:ef:1c:2e:19:92:96:ab:95:fc:3b:94:3b:57:da:37:28:b2:
f3:46:58:12:15:7e:35:77:bb:4d:7a:e2:1e:61:ed:a2:42:f8:
97:03:8f:b4:a2:ff:d7:86:b4:22:60:d4:c5:af:45:81:ec:89:
64:83:69:46:09:be:a7:d6:ea:fe:ad:01:cc:1d:a6:2e:dd:cd:
f2:3a:fa:36:e2:c6:93:8b:1f:b1:25:39:11:e3:39:0d:f5:3f:
c3:5f:04:9e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFAR4txdYheiX06gIGFORiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwMTAxMTIzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjZmNWFkMGM0ZGIwMzg1MmYwYTRjNmM4YmUzODhkMjgyMTYzYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUv8l9gHWmrIIbO0eU2qXAQyJNf+
MgkaUSHxUpDGrss6hRxQET6+pUaY5RLUJsOAbvtxOTx5mCs5okuZn4tIltoph/QI
v1E0ugLWmPnTEzV855IIGTJUlkTrBhPuoclr+/x4q06I4aU/rs4w5IFfcIZUKLIZ
zL15+scGiowCGktLTPMWG573TU34UW6hywAYVCFlBTv4kITkJVUEFfNQkpI4HbGQ
a8ts0tN//QQFdmmCloEW6vByXHSa6VNxS8Mage96vNUti7FU8joyLUwYz7puBKAw
L17bbACU0k4YNQzAZrigj+0xRR5dhnZZecw80BszDVCxKMdJWUND7SNyWwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGZvWtDE2wOFLwpMbIvjiNKCFjplMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWm05YTBNVGJBNFV2Q2t4c2ktT0kwb0lXT21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAueNRAwQA
wpItMA8EAgACMAkDBwAqCzxAABMwDQYJKoZIhvcNAQELBQADggEBADrkbdlKOr6k
s+d3mPSX9Dp/UTJ3AuodQpt/ydHhUfFWEyyZ6Qc4RvCqjsMya4h/zmzCEN1NuAKp
RieRTcB/Q8+o7oPndLl0+DnN7E6l6pb9f+MJNmFz6QDUP3HOcBxZZXZ8FrEcN6EG
9lTye9y8t3VEpLV5wjJlvzpyBomblDNliO75rx47WqaYygQ5LFRYbYB39VGsd5DX
cy8uGRxfUO7m3+3vHC4Zkparlfw7lDtX2jcosvNGWBIVfjV3u0164h5h7aJC+JcD
j7Si/9eGtCJg1MWvRYHsiWSDaUYJvqfW6v6tAcwdpi7dzfI6+jbixpOLH7ElORHj
OQ31P8NfBJ4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:32:02 2024 by rpki-client on console-ams.rpki-client.org