Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/zS2-HP1VnbZC3j_0QTVrpAebgEU.roa
File: zS2-HP1VnbZC3j_0QTVrpAebgEU.roa (raw, json)
Hash identifier: 4avwGWv370hAx/9Dh+fIW3AL3KBaixp9uTUW5FPB01w=
Subject key identifier: CD:2D:BE:1C:FD:55:9D:B6:42:DE:3F:F4:41:35:6B:A4:07:9B:80:45
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018F616D3078080A569C38B9E49E26E135C7
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/zS2-HP1VnbZC3j_0QTVrpAebgEU.roa
Signing time: Fri 10 May 2024 07:34:56 +0000
ROA not before: Fri 10 May 2024 07:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.134.36.0/24 maxlen: 24
45.142.105.0/24 maxlen: 24
45.151.56.0/24 maxlen: 24
92.118.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 03:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:6d:30:78:08:0a:56:9c:38:b9:e4:9e:26:e1:35:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: May 10 07:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd2dbe1cfd559db642de3ff441356ba4079b8045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cc:96:06:dd:a1:47:68:2f:ef:d9:26:34:8c:
6c:c9:5a:18:ef:98:3b:07:09:a2:8f:50:8a:46:39:
13:84:00:6c:2c:a2:38:91:62:27:94:bb:a8:b5:f3:
22:6f:87:f3:c0:fc:9f:b9:1e:4b:02:b5:4f:46:e1:
d4:60:38:2f:5e:01:c3:4c:32:d3:8c:c9:c5:8f:d2:
54:e8:d7:53:b3:4d:f4:86:e0:c7:01:3a:43:40:b7:
6b:e2:17:ea:6d:77:4e:27:25:b7:e4:17:66:ea:ef:
b2:3a:25:12:6b:61:6c:16:91:48:dc:69:ec:89:72:
11:5d:54:1d:98:ac:1f:53:4f:0e:60:1a:8c:7a:52:
3d:60:e0:86:93:3a:45:ae:9d:c5:41:15:d4:50:51:
ef:f4:14:06:e5:0e:3a:ea:ae:f3:5e:28:75:a8:33:
63:ab:19:cf:49:fc:dc:e0:80:c5:3b:8a:39:97:ed:
6a:5c:a1:9e:d5:c7:c7:f2:6b:28:37:e5:13:dd:4f:
f5:cd:ed:ac:f1:a3:ab:72:68:8f:dd:1d:2b:38:66:
06:e9:39:27:fb:bd:c4:6a:5c:08:62:0d:30:3e:2b:
4c:65:43:9d:79:b5:fc:ba:4c:6c:7e:10:f7:eb:3e:
f7:9c:24:10:e0:6d:0b:e2:08:dd:26:2b:3d:8a:cd:
63:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2D:BE:1C:FD:55:9D:B6:42:DE:3F:F4:41:35:6B:A4:07:9B:80:45
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/zS2-HP1VnbZC3j_0QTVrpAebgEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.36.0/24
45.142.105.0/24
45.151.56.0/24
92.118.204.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:34:0b:62:b3:56:03:1d:db:69:62:aa:53:b7:27:22:3f:3f:
ab:4d:0c:85:ab:36:f4:e3:a3:6f:eb:ba:08:96:95:34:40:a3:
cb:a6:2a:52:dc:0c:b6:37:90:40:4d:4a:8c:5c:a0:12:2c:91:
5c:a8:a2:50:0e:7b:26:32:1d:3b:b0:bd:84:38:8b:c6:55:68:
24:74:d0:86:72:81:e0:e7:f1:5e:a4:e6:50:c4:18:99:4e:5f:
8f:cd:44:8e:5e:34:f5:e1:cb:de:aa:7d:a5:fb:43:e6:55:83:
5d:60:ed:f5:45:58:f6:e9:66:e8:72:d5:a7:67:52:f3:46:94:
81:18:ad:d6:06:fb:60:24:b3:4f:3c:cb:a3:42:5e:34:1b:18:
12:6b:66:34:0d:00:68:5c:b3:3c:c4:39:c0:18:d7:c8:01:ed:
e1:c0:2f:4a:93:9a:16:4d:96:c5:5a:9d:68:9f:55:9b:08:70:
ba:7f:25:c2:7f:b6:48:6c:1a:2e:85:eb:79:8b:f5:77:f7:dc:
51:2e:5e:73:70:2b:ad:b9:52:6a:c1:5b:44:fb:0c:0f:7c:aa:
99:8a:7a:de:38:1e:2a:70:3c:e5:65:55:c5:bf:88:65:94:2d:
58:fb:51:da:29:fd:b3:45:0e:08:e4:46:45:ec:f7:63:ac:08:
c6:6e:b0:5f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY9hbTB4CApWnDi55J4m4TXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwNTEwMDczNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDJkYmUxY2ZkNTU5ZGI2NDJkZTNmZjQ0MTM1NmJhNDA3OWI4MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8yWBt2hR2gv79kmNIxsyVoY75g7
Bwmij1CKRjkThABsLKI4kWInlLuotfMib4fzwPyfuR5LArVPRuHUYDgvXgHDTDLT
jMnFj9JU6NdTs030huDHATpDQLdr4hfqbXdOJyW35Bdm6u+yOiUSa2FsFpFI3Gns
iXIRXVQdmKwfU08OYBqMelI9YOCGkzpFrp3FQRXUUFHv9BQG5Q466q7zXih1qDNj
qxnPSfzc4IDFO4o5l+1qXKGe1cfH8msoN+UT3U/1ze2s8aOrcmiP3R0rOGYG6Tkn
+73EalwIYg0wPitMZUOdebX8ukxsfhD36z73nCQQ4G0L4gjdJis9is1jUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM0tvhz9VZ22Qt4/9EE1a6QHm4BFMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvelMyLUhQMVZuYlpDM2pfMFFUVnJwQWViZ0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYYkAwQA
LY5pAwQALZc4AwQCXHbMMA0GCSqGSIb3DQEBCwUAA4IBAQB7NAtis1YDHdtpYqpT
tyciPz+rTQyFqzb046Nv67oIlpU0QKPLpipS3Ay2N5BATUqMXKASLJFcqKJQDnsm
Mh07sL2EOIvGVWgkdNCGcoHg5/FepOZQxBiZTl+PzUSOXjT14cveqn2l+0PmVYNd
YO31RVj26WboctWnZ1LzRpSBGK3WBvtgJLNPPMujQl40GxgSa2Y0DQBoXLM8xDnA
GNfIAe3hwC9Kk5oWTZbFWp1on1WbCHC6fyXCf7ZIbBouhet5i/V399xRLl5zcCut
uVJqwVtE+wwPfKqZinreOB4qcDzlZVXFv4hllC1Y+1HaKf2zRQ4I5EZF7PdjrAjG
brBf
-----END CERTIFICATE-----
Generated at Mon Jun 3 08:58:32 2024 by rpki-client on console-fra.rpki-client.org