Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b79871-b1dd-4e6e-95e7-de025e6f8589/1/mz0UnqOPLotD3nk3YU4lHCHqND0.roa
File: mz0UnqOPLotD3nk3YU4lHCHqND0.roa (raw, json)
Hash identifier: qMzO8DXUj6RwljIpVUe99OGNIzFdkRKJ1v059lezeyE=
Subject key identifier: 9B:3D:14:9E:A3:8F:2E:8B:43:DE:79:37:61:4E:25:1C:21:EA:34:3D
Certificate issuer: /CN=bb30155764cb2ee0f5eeefcdf52a7b12d372eddd
Certificate serial: 018CC56ED6689C4025E78A1CCFEA09B06EA1
Authority key identifier: BB:30:15:57:64:CB:2E:E0:F5:EE:EF:CD:F5:2A:7B:12:D3:72:ED:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uzAVV2TLLuD17u_N9Sp7EtNy7d0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b79871-b1dd-4e6e-95e7-de025e6f8589/1/mz0UnqOPLotD3nk3YU4lHCHqND0.roa
Signing time: Mon 01 Jan 2024 14:30:24 +0000
ROA not before: Mon 01 Jan 2024 14:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28847
IP address blocks: 81.94.64.0/19 maxlen: 19
80.245.224.0/20 maxlen: 20
185.145.92.0/22 maxlen: 22
2001:1630::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/b79871-b1dd-4e6e-95e7-de025e6f8589/1/uzAVV2TLLuD17u_N9Sp7EtNy7d0.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/b79871-b1dd-4e6e-95e7-de025e6f8589/1/uzAVV2TLLuD17u_N9Sp7EtNy7d0.mft
rsync://rpki.ripe.net/repository/DEFAULT/uzAVV2TLLuD17u_N9Sp7EtNy7d0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 20:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d6:68:9c:40:25:e7:8a:1c:cf:ea:09:b0:6e:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb30155764cb2ee0f5eeefcdf52a7b12d372eddd
Validity
Not Before: Jan 1 14:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b3d149ea38f2e8b43de7937614e251c21ea343d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8b:4b:66:9b:9e:82:b6:79:a7:44:bd:46:f4:
0b:c9:b6:be:aa:86:e3:ff:98:93:a7:47:80:7e:05:
da:97:e1:4e:ce:97:a0:ec:09:eb:a9:70:1f:d9:8d:
c6:dc:3b:33:8c:28:69:f1:3e:2d:6f:39:22:84:c2:
d8:dc:90:07:3e:08:28:a1:1a:f9:d8:2f:dd:b2:2e:
82:a8:dd:77:a7:5c:be:9b:eb:82:8e:e9:97:1a:f2:
6b:ff:8e:3b:8f:44:2a:1f:d0:0d:09:64:ba:f3:ab:
f2:51:cc:3f:67:b3:bd:f4:06:c5:c8:66:7d:19:73:
7a:49:37:e4:81:5f:ea:8c:a3:91:25:8f:1f:cb:b6:
e4:c3:28:d3:ff:25:53:8f:e5:f8:43:42:31:d6:cf:
dd:8a:83:f2:1a:6e:48:86:fb:2d:9f:91:69:0b:59:
07:80:1e:5a:17:5e:7e:48:8e:18:c5:b0:1e:0b:c8:
30:aa:1a:c0:aa:b2:8b:18:13:51:a5:74:00:cd:39:
92:af:f7:24:d7:11:4e:7f:c3:e7:70:7e:ce:5d:28:
f7:98:55:eb:8b:ea:39:ba:32:d1:20:bb:bb:08:3f:
12:8b:cc:53:55:f9:ae:37:e5:78:8f:72:36:05:fd:
dd:b3:0c:b7:12:80:f0:39:7f:59:3c:25:be:bd:93:
27:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3D:14:9E:A3:8F:2E:8B:43:DE:79:37:61:4E:25:1C:21:EA:34:3D
X509v3 Authority Key Identifier:
keyid:BB:30:15:57:64:CB:2E:E0:F5:EE:EF:CD:F5:2A:7B:12:D3:72:ED:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uzAVV2TLLuD17u_N9Sp7EtNy7d0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b79871-b1dd-4e6e-95e7-de025e6f8589/1/mz0UnqOPLotD3nk3YU4lHCHqND0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b79871-b1dd-4e6e-95e7-de025e6f8589/1/uzAVV2TLLuD17u_N9Sp7EtNy7d0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.245.224.0/20
81.94.64.0/19
185.145.92.0/22
IPv6:
2001:1630::/29
Signature Algorithm: sha256WithRSAEncryption
7b:5f:68:1c:a8:25:7e:56:1d:17:c9:b9:6d:e9:f2:8f:cf:e6:
b5:82:8d:af:0c:51:3c:d1:9d:a4:f4:b6:56:cc:33:a9:18:ff:
da:54:d4:76:22:34:93:b9:8a:20:95:37:04:c8:2f:cb:74:12:
20:d2:80:8d:1a:8a:03:34:fb:0c:72:c5:1e:f7:fb:8e:e1:2d:
52:5d:87:3f:f8:94:a4:5c:45:ac:ce:69:ec:16:43:63:9b:55:
03:b3:4f:7f:70:f0:5c:11:b2:d9:9b:d0:5a:46:f8:20:ca:b1:
2e:8d:f4:51:52:40:ef:59:7f:32:1d:f0:22:fe:53:ab:4f:82:
87:7f:65:22:b9:ce:8e:ae:80:c5:0f:e5:d3:36:f1:1c:6e:62:
4d:1d:95:0d:a5:28:fd:6e:7d:e4:75:af:66:47:02:af:30:40:
e8:b6:88:32:61:c1:89:c8:bf:0a:27:a5:7a:24:f0:d4:d8:d5:
13:ba:2b:18:ed:19:12:1e:da:20:fd:b3:0f:3a:d0:6f:60:03:
e6:b6:a1:55:97:fc:a1:47:b5:02:7c:49:77:ff:8e:ad:ec:13:
05:89:16:e2:f4:db:f2:5a:49:7d:05:cf:14:32:b5:32:19:c4:
b6:0d:43:0f:19:77:1d:cf:12:33:58:f1:a1:59:f4:5f:92:a3:
56:13:b7:6c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFbtZonEAl54ocz+oJsG6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMzAxNTU3NjRjYjJlZTBmNWVlZWZjZGY1MmE3YjEyZDM3
MmVkZGQwHhcNMjQwMTAxMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjNkMTQ5ZWEzOGYyZThiNDNkZTc5Mzc2MTRlMjUxYzIxZWEzNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwotLZpuegrZ5p0S9RvQLyba+qobj
/5iTp0eAfgXal+FOzpeg7AnrqXAf2Y3G3DszjChp8T4tbzkihMLY3JAHPggooRr5
2C/dsi6CqN13p1y+m+uCjumXGvJr/447j0QqH9ANCWS686vyUcw/Z7O99AbFyGZ9
GXN6STfkgV/qjKORJY8fy7bkwyjT/yVTj+X4Q0Ix1s/dioPyGm5Ihvstn5FpC1kH
gB5aF15+SI4YxbAeC8gwqhrAqrKLGBNRpXQAzTmSr/ck1xFOf8PncH7OXSj3mFXr
i+o5ujLRILu7CD8Si8xTVfmuN+V4j3I2Bf3dswy3EoDwOX9ZPCW+vZMnHQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJs9FJ6jjy6LQ955N2FOJRwh6jQ9MB8GA1UdIwQY
MBaAFLswFVdkyy7g9e7vzfUqexLTcu3dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXpBVlYyVExMdUQxN3VfTjlTcDdFdE55N2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iNzk4NzEtYjFkZC00ZTZlLTk1ZTct
ZGUwMjVlNmY4NTg5LzEvbXowVW5xT1BMb3REM25rM1lVNGxIQ0hxTkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iNzk4NzEtYjFkZC00ZTZlLTk1ZTctZGUwMjVlNmY4NTg5
LzEvdXpBVlYyVExMdUQxN3VfTjlTcDdFdE55N2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUPXgAwQF
UV5AAwQCuZFcMA0EAgACMAcDBQMgARYwMA0GCSqGSIb3DQEBCwUAA4IBAQB7X2gc
qCV+Vh0Xyblt6fKPz+a1go2vDFE80Z2k9LZWzDOpGP/aVNR2IjSTuYoglTcEyC/L
dBIg0oCNGooDNPsMcsUe9/uO4S1SXYc/+JSkXEWszmnsFkNjm1UDs09/cPBcEbLZ
m9BaRvggyrEujfRRUkDvWX8yHfAi/lOrT4KHf2Uiuc6OroDFD+XTNvEcbmJNHZUN
pSj9bn3kda9mRwKvMEDotogyYcGJyL8KJ6V6JPDU2NUTuisY7RkSHtog/bMPOtBv
YAPmtqFVl/yhR7UCfEl3/46t7BMFiRbi9NvyWkl9Bc8UMrUyGcS2DUMPGXcdzxIz
WPGhWfRfkqNWE7ds
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:05:57 2024 by rpki-client on console-ams.rpki-client.org