Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/0205f2-df2a-41d6-bc2d-72827fe6d7af/1/ZJ9-EKplM2AFUnCS89s4FNXC0q8.roa
File: ZJ9-EKplM2AFUnCS89s4FNXC0q8.roa (raw, json)
Hash identifier: fN0oCwdbwbGBk3h9fmGI4oqj4+POczOu/4iHK0UIr+M=
Subject key identifier: 64:9F:7E:10:AA:65:33:60:05:52:70:92:F3:DB:38:14:D5:C2:D2:AF
Certificate issuer: /CN=7e058377510a3a9245ce72cbe88e0efa19719204
Certificate serial: 018CC5005C5BCEAC6F70C43AAE873EB34A2E
Authority key identifier: 7E:05:83:77:51:0A:3A:92:45:CE:72:CB:E8:8E:0E:FA:19:71:92:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fgWDd1EKOpJFznLL6I4O-hlxkgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/0205f2-df2a-41d6-bc2d-72827fe6d7af/1/ZJ9-EKplM2AFUnCS89s4FNXC0q8.roa
Signing time: Mon 01 Jan 2024 12:29:44 +0000
ROA not before: Mon 01 Jan 2024 12:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42468
IP address blocks: 185.83.211.0/24 maxlen: 24
185.83.208.0/24 maxlen: 24
185.83.209.0/24 maxlen: 24
185.83.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/0205f2-df2a-41d6-bc2d-72827fe6d7af/1/fgWDd1EKOpJFznLL6I4O-hlxkgQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/0205f2-df2a-41d6-bc2d-72827fe6d7af/1/fgWDd1EKOpJFznLL6I4O-hlxkgQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/fgWDd1EKOpJFznLL6I4O-hlxkgQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 18:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:5c:5b:ce:ac:6f:70:c4:3a:ae:87:3e:b3:4a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e058377510a3a9245ce72cbe88e0efa19719204
Validity
Not Before: Jan 1 12:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=649f7e10aa65336005527092f3db3814d5c2d2af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:24:a1:69:d8:d7:98:04:6d:f3:e2:1f:a9:ff:
10:14:b8:42:1e:73:66:1c:92:e4:71:af:c1:2c:23:
95:b2:74:3d:eb:c6:57:a4:2e:5b:8f:85:0c:86:c0:
8b:cf:4e:c4:f5:67:f4:34:74:a9:ef:b8:f2:0a:5e:
17:62:40:95:2c:b8:93:e8:62:17:77:45:a4:f0:60:
cd:f6:35:12:32:b3:10:b2:54:d9:64:40:d6:89:c5:
99:59:da:9d:d2:92:c8:03:1b:a8:77:e6:a1:ba:a3:
48:97:07:5e:d2:1e:a9:1c:cf:d6:40:fe:00:c6:cd:
2c:01:63:97:88:9e:08:bc:51:3d:44:5e:6e:16:71:
59:ed:e6:99:bf:69:f9:fd:7d:a8:ce:02:04:97:c1:
a3:4d:72:88:80:52:b7:c3:75:86:05:d7:9c:62:4d:
4a:05:09:46:9e:50:b5:9f:e1:1b:e5:52:df:b9:6c:
9f:54:d9:cb:0b:b7:54:54:f2:c3:c2:f9:ca:84:60:
ba:cd:17:d2:71:cf:bc:de:9d:b4:73:bb:2a:ad:54:
70:f0:c2:f3:2f:7b:05:d5:9b:01:5d:b8:09:da:b8:
75:3d:de:7b:e3:53:b4:2c:1e:2f:b4:52:bb:19:95:
b3:1c:dc:5c:af:13:ff:6e:de:58:3c:f1:72:54:96:
bf:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9F:7E:10:AA:65:33:60:05:52:70:92:F3:DB:38:14:D5:C2:D2:AF
X509v3 Authority Key Identifier:
keyid:7E:05:83:77:51:0A:3A:92:45:CE:72:CB:E8:8E:0E:FA:19:71:92:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fgWDd1EKOpJFznLL6I4O-hlxkgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/0205f2-df2a-41d6-bc2d-72827fe6d7af/1/ZJ9-EKplM2AFUnCS89s4FNXC0q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/0205f2-df2a-41d6-bc2d-72827fe6d7af/1/fgWDd1EKOpJFznLL6I4O-hlxkgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.208.0/22
Signature Algorithm: sha256WithRSAEncryption
33:f2:3a:3e:9f:35:37:9e:19:a8:0f:b2:45:23:9d:be:dc:88:
bd:bc:d0:1c:b0:c9:c3:44:ea:1d:33:64:00:01:e8:d3:76:a3:
0b:f8:31:e0:cd:38:5f:02:ca:51:a0:fc:cc:1e:00:39:bb:93:
b7:a9:4b:7f:ae:cd:9f:15:f0:70:4b:dc:7d:0d:ad:d2:57:77:
0d:5e:99:49:98:8a:e4:50:ae:e0:53:47:5f:32:c4:55:c0:e3:
d4:7e:9d:ee:4d:39:b3:8d:5f:58:27:3a:80:6b:a5:6d:7a:fe:
18:e0:90:65:fd:00:25:e5:d9:d8:e2:f6:23:9a:af:e6:f4:70:
a0:49:f9:94:6c:dc:be:ef:77:e3:8f:8c:d0:c3:2b:64:2a:95:
2e:47:7c:62:81:76:a0:59:af:e9:06:ae:3a:ea:d7:02:8b:e4:
34:e1:34:b4:73:86:29:a8:31:19:91:b4:43:3e:7f:9b:ac:d9:
99:3b:80:f6:4c:05:f5:ce:c1:8e:e9:be:6c:ac:01:5f:48:06:
24:72:be:b1:b3:ae:50:0a:5a:d0:6b:32:29:8b:42:0d:1a:f2:
d2:c2:7e:01:ff:dc:a5:3d:72:75:c0:a0:73:c2:ab:4b:cb:88:
eb:db:18:36:57:f5:93:67:62:17:f6:6d:fe:4d:40:a6:3e:74:
c4:bd:c5:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAFxbzqxvcMQ6roc+s0ouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMDU4Mzc3NTEwYTNhOTI0NWNlNzJjYmU4OGUwZWZhMTk3
MTkyMDQwHhcNMjQwMTAxMTIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDlmN2UxMGFhNjUzMzYwMDU1MjcwOTJmM2RiMzgxNGQ1YzJkMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+iShadjXmARt8+Ifqf8QFLhCHnNm
HJLkca/BLCOVsnQ968ZXpC5bj4UMhsCLz07E9Wf0NHSp77jyCl4XYkCVLLiT6GIX
d0Wk8GDN9jUSMrMQslTZZEDWicWZWdqd0pLIAxuod+ahuqNIlwde0h6pHM/WQP4A
xs0sAWOXiJ4IvFE9RF5uFnFZ7eaZv2n5/X2ozgIEl8GjTXKIgFK3w3WGBdecYk1K
BQlGnlC1n+Eb5VLfuWyfVNnLC7dUVPLDwvnKhGC6zRfScc+83p20c7sqrVRw8MLz
L3sF1ZsBXbgJ2rh1Pd5741O0LB4vtFK7GZWzHNxcrxP/bt5YPPFyVJa/WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSffhCqZTNgBVJwkvPbOBTVwtKvMB8GA1UdIwQY
MBaAFH4Fg3dRCjqSRc5yy+iODvoZcZIEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmdXRGQxRUtPcEpGem5MTDZJNE8taGx4a2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wMjA1ZjItZGYyYS00MWQ2LWJjMmQt
NzI4MjdmZTZkN2FmLzEvWko5LUVLcGxNMkFGVW5DUzg5czRGTlhDMHE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wMjA1ZjItZGYyYS00MWQ2LWJjMmQtNzI4MjdmZTZkN2Fm
LzEvZmdXRGQxRUtPcEpGem5MTDZJNE8taGx4a2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVPQMA0G
CSqGSIb3DQEBCwUAA4IBAQAz8jo+nzU3nhmoD7JFI52+3Ii9vNAcsMnDROodM2QA
AejTdqML+DHgzThfAspRoPzMHgA5u5O3qUt/rs2fFfBwS9x9Da3SV3cNXplJmIrk
UK7gU0dfMsRVwOPUfp3uTTmzjV9YJzqAa6Vtev4Y4JBl/QAl5dnY4vYjmq/m9HCg
SfmUbNy+73fjj4zQwytkKpUuR3xigXagWa/pBq466tcCi+Q04TS0c4YpqDEZkbRD
Pn+brNmZO4D2TAX1zsGO6b5srAFfSAYkcr6xs65QClrQazIpi0INGvLSwn4B/9yl
PXJ1wKBzwqtLy4jr2xg2V/WTZ2IX9m3+TUCmPnTEvcXa
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:59:12 2024 by rpki-client on console-ams.rpki-client.org