Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/ZQW2QjZ48RAJsTkSvk5kwsBmz7E.roa
File: ZQW2QjZ48RAJsTkSvk5kwsBmz7E.roa (raw, json)
Hash identifier: sajtXo1TlFUKtktNuJsmK4WwYDi1mor9Fi9YPeBs1Lk=
Subject key identifier: 65:05:B6:42:36:78:F1:10:09:B1:39:12:BE:4E:64:C2:C0:66:CF:B1
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 018CC424D573A0B9E3F538812EAF0F960268
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/ZQW2QjZ48RAJsTkSvk5kwsBmz7E.roa
Signing time: Mon 01 Jan 2024 08:29:57 +0000
ROA not before: Mon 01 Jan 2024 08:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20860
IP address blocks: 185.49.236.0/22 maxlen: 24
109.69.80.0/21 maxlen: 24
185.71.24.0/22 maxlen: 24
195.189.124.0/22 maxlen: 24
45.145.180.0/22 maxlen: 24
185.33.184.0/22 maxlen: 24
185.11.240.0/22 maxlen: 24
195.94.112.0/20 maxlen: 24
94.199.184.0/21 maxlen: 24
151.236.208.0/21 maxlen: 24
185.68.0.0/22 maxlen: 24
94.190.240.0/21 maxlen: 24
93.95.8.0/21 maxlen: 24
185.122.216.0/22 maxlen: 24
31.210.128.0/21 maxlen: 24
185.31.252.0/22 maxlen: 24
37.35.88.0/21 maxlen: 24
87.237.64.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:d5:73:a0:b9:e3:f5:38:81:2e:af:0f:96:02:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 08:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6505b6423678f11009b13912be4e64c2c066cfb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:90:79:df:7a:d1:ac:68:93:b9:48:74:77:cc:
c5:1f:af:2a:ad:8c:f8:77:46:1d:ba:16:44:98:09:
85:07:b7:08:55:03:65:73:52:dd:60:36:74:90:f0:
0a:0e:47:08:48:42:a3:bc:29:36:3d:de:1b:5d:c5:
8c:8b:5d:33:13:da:f2:a7:3c:e4:6e:a4:08:82:01:
ce:ff:9a:f4:1f:d3:67:e8:61:4d:03:78:2e:9d:2a:
ae:5e:a5:09:f1:81:dc:8a:c7:b8:43:dc:50:31:84:
77:f9:90:15:3e:71:f5:75:fe:82:5d:a8:25:2a:19:
a0:97:ba:68:d1:df:89:93:2a:2c:d8:23:1b:2d:e3:
94:b5:be:2a:89:d3:83:40:6f:2a:82:d8:72:b3:d5:
cf:7e:3d:43:21:4c:b8:a9:9f:54:07:7a:59:55:5f:
84:88:f8:b9:4d:48:e1:b2:61:23:9f:6e:b6:bc:71:
3a:87:15:69:38:c1:67:8c:b6:32:61:d6:3a:dc:e8:
31:bd:13:84:95:ba:76:4e:1d:61:bc:7f:07:78:3f:
06:ce:89:46:39:90:60:88:5a:ea:c3:15:5d:5d:a3:
f7:83:4f:57:79:0c:bf:5c:e4:71:dd:a6:45:29:eb:
6c:f4:ff:7a:19:d5:d0:2f:43:a8:1d:d7:8e:50:d8:
cf:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:05:B6:42:36:78:F1:10:09:B1:39:12:BE:4E:64:C2:C0:66:CF:B1
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/ZQW2QjZ48RAJsTkSvk5kwsBmz7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.128.0/21
37.35.88.0/21
45.145.180.0/22
87.237.64.0/21
93.95.8.0/21
94.190.240.0/21
94.199.184.0/21
109.69.80.0/21
151.236.208.0/21
185.11.240.0/22
185.31.252.0/22
185.33.184.0/22
185.49.236.0/22
185.68.0.0/22
185.71.24.0/22
185.122.216.0/22
195.94.112.0/20
195.189.124.0/22
Signature Algorithm: sha256WithRSAEncryption
12:86:b1:40:14:d7:1d:f6:be:2e:3a:01:b4:1c:0d:8e:81:ea:
35:6c:6b:9f:44:4b:4c:24:93:88:44:fb:4b:b7:57:79:30:52:
40:a8:19:43:02:b4:23:55:2f:c0:3e:7b:08:0a:a6:24:38:57:
3f:79:87:22:85:16:1e:ba:2a:02:86:58:1c:57:0b:5a:72:52:
7b:ec:cd:db:78:37:65:91:8e:19:f9:de:61:68:88:c2:87:d1:
c0:ed:ca:11:02:8a:55:3f:e2:f4:5e:1b:01:ac:bc:9e:1b:d2:
26:4a:20:0d:de:63:43:00:6c:0f:9d:d5:7a:6c:af:c5:4e:18:
63:8b:6e:88:ee:9e:2e:20:0e:1b:0a:06:f8:b1:c3:6d:93:80:
41:28:94:95:54:2f:79:4e:cd:bc:55:c0:36:93:13:6c:1a:55:
97:ce:8c:3b:17:fe:0c:89:22:3d:d6:60:6a:51:04:99:de:61:
eb:9b:29:92:e0:b0:53:82:e6:21:63:b8:e3:54:90:a5:ea:c9:
2d:68:a3:b2:e4:0c:e8:4d:c2:7c:e7:98:93:aa:49:71:a2:65:
c0:7d:f9:ea:77:d4:26:b4:3c:be:d0:7a:a1:4b:7d:fd:d2:17:
0c:85:96:86:62:ce:6b:1b:45:7b:a7:57:82:eb:47:f4:4d:91:
85:dc:f5:39
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYzEJNVzoLnj9TiBLq8PlgJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NGQ2MWNkMTdlZDkyZTU0YmIzMzk3ZjFlNWE2YjM5MDRh
YzZmMDUwHhcNMjQwMTAxMDgyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTA1YjY0MjM2NzhmMTEwMDliMTM5MTJiZTRlNjRjMmMwNjZjZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5B533rRrGiTuUh0d8zFH68qrYz4
d0YduhZEmAmFB7cIVQNlc1LdYDZ0kPAKDkcISEKjvCk2Pd4bXcWMi10zE9rypzzk
bqQIggHO/5r0H9Nn6GFNA3gunSquXqUJ8YHcise4Q9xQMYR3+ZAVPnH1df6CXagl
Khmgl7po0d+Jkyos2CMbLeOUtb4qidODQG8qgthys9XPfj1DIUy4qZ9UB3pZVV+E
iPi5TUjhsmEjn262vHE6hxVpOMFnjLYyYdY63OgxvROElbp2Th1hvH8HeD8GzolG
OZBgiFrqwxVdXaP3g09XeQy/XORx3aZFKets9P96GdXQL0OoHdeOUNjPIQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFGUFtkI2ePEQCbE5Er5OZMLAZs+xMB8GA1UdIwQY
MBaAFMhNYc0X7ZLlS7M5fx5aazkErG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGIt
YzI1Nzc5MmRhZGM0LzEvWlFXMlFqWjQ4UkFKc1RrU3ZrNWt3c0JtejdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGItYzI1Nzc5MmRhZGM0
LzEveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAx/SgAME
AyUjWAMEAi2RtAMEA1ftQAMEA11fCAMEA16+8AMEA17HuAMEA21FUAMEA5fs0AME
ArkL8AMEArkf/AMEArkhuAMEArkx7AMEArlEAAMEArlHGAMEArl62AMEBMNecAME
AsO9fDANBgkqhkiG9w0BAQsFAAOCAQEAEoaxQBTXHfa+LjoBtBwNjoHqNWxrn0RL
TCSTiET7S7dXeTBSQKgZQwK0I1UvwD57CAqmJDhXP3mHIoUWHroqAoZYHFcLWnJS
e+zN23g3ZZGOGfneYWiIwofRwO3KEQKKVT/i9F4bAay8nhvSJkogDd5jQwBsD53V
emyvxU4YY4tuiO6eLiAOGwoG+LHDbZOAQSiUlVQveU7NvFXANpMTbBpVl86MOxf+
DIkiPdZgalEEmd5h65spkuCwU4LmIWO441SQperJLWijsuQM6E3CfOeYk6pJcaJl
wH356nfUJrQ8vtB6oUt9/dIXDIWWhmLOaxtFe6dXgutH9E2Rhdz1OQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:28:08 2024 by rpki-client on console-fra.rpki-client.org