Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/zWXOFIQw7e5cAZUb9kpgIWCdVU0.roa
File: zWXOFIQw7e5cAZUb9kpgIWCdVU0.roa (raw, json)
Hash identifier: Y7kUWxJ3jmGY+2ee2yKAD/F+1P2e8PH0KVuCcP8wRnY=
Subject key identifier: CD:65:CE:14:84:30:ED:EE:5C:01:95:1B:F6:4A:60:21:60:9D:55:4D
Certificate issuer: /CN=366a9d542297577b37aa0c423195afe2a98e135d
Certificate serial: 018CC9BC141D8925A42D89B28922FB5AF071
Authority key identifier: 36:6A:9D:54:22:97:57:7B:37:AA:0C:42:31:95:AF:E2:A9:8E:13:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NmqdVCKXV3s3qgxCMZWv4qmOE10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/zWXOFIQw7e5cAZUb9kpgIWCdVU0.roa
Signing time: Tue 02 Jan 2024 10:33:15 +0000
ROA not before: Tue 02 Jan 2024 10:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52129
IP address blocks: 91.207.212.0/23 maxlen: 23
185.183.28.0/22 maxlen: 22
185.183.29.0/24 maxlen: 24
185.183.30.0/24 maxlen: 24
185.183.31.0/24 maxlen: 24
185.183.28.0/24 maxlen: 24
143.55.144.0/21 maxlen: 24
91.209.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/NmqdVCKXV3s3qgxCMZWv4qmOE10.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/NmqdVCKXV3s3qgxCMZWv4qmOE10.mft
rsync://rpki.ripe.net/repository/DEFAULT/NmqdVCKXV3s3qgxCMZWv4qmOE10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:14:1d:89:25:a4:2d:89:b2:89:22:fb:5a:f0:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=366a9d542297577b37aa0c423195afe2a98e135d
Validity
Not Before: Jan 2 10:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd65ce148430edee5c01951bf64a6021609d554d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2b:d0:90:c0:fe:79:60:44:ef:a1:e4:99:f9:
55:70:36:38:72:5f:0e:ef:f4:a2:1d:db:65:4e:85:
7b:76:c0:ea:d3:b0:93:33:71:3e:c3:e0:5b:53:02:
bf:20:82:e3:71:f6:18:bd:95:33:3f:c1:9e:70:13:
d7:d1:3a:0e:7d:12:22:88:d9:97:43:cf:27:73:7e:
45:c9:12:dd:67:f0:30:59:be:7f:e2:5a:3e:51:74:
2a:cc:7b:7f:53:3f:64:6a:90:c5:0c:b6:7e:fb:98:
39:dc:71:02:30:0b:82:39:9a:e0:0c:62:a8:a4:6c:
98:74:9c:10:01:3c:b9:01:e2:21:87:b9:74:37:9c:
08:04:3a:37:2b:14:0b:9b:c8:95:75:c4:45:30:47:
b3:34:a8:8b:81:06:f6:bd:81:a7:ea:dc:bf:aa:50:
2e:fd:9b:3d:73:64:bc:d9:59:a5:34:d2:01:00:7a:
cc:93:fa:2a:fa:f6:a5:49:59:d6:d2:21:1d:3f:36:
a9:5d:b1:ff:22:4d:9f:42:e0:21:52:b7:27:7b:e7:
3c:4b:f3:da:1f:2e:10:45:b1:84:a4:28:25:e6:20:
ed:a7:71:a3:1f:b2:eb:6b:15:8c:37:e8:b2:75:00:
1b:75:14:ce:5c:e0:8d:bf:af:01:bb:0a:c0:bc:70:
9e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:65:CE:14:84:30:ED:EE:5C:01:95:1B:F6:4A:60:21:60:9D:55:4D
X509v3 Authority Key Identifier:
keyid:36:6A:9D:54:22:97:57:7B:37:AA:0C:42:31:95:AF:E2:A9:8E:13:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NmqdVCKXV3s3qgxCMZWv4qmOE10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/zWXOFIQw7e5cAZUb9kpgIWCdVU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/NmqdVCKXV3s3qgxCMZWv4qmOE10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.212.0/23
91.209.104.0/24
143.55.144.0/21
185.183.28.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:23:a6:00:69:3d:e7:8a:21:b2:91:54:34:76:d9:9a:08:ea:
4e:49:fc:39:72:51:3a:20:b9:2f:81:30:b7:b2:c1:39:b3:73:
8d:cd:c1:cc:3f:55:a9:02:8a:1d:99:f7:8a:92:f8:a1:bd:73:
30:15:c2:61:ff:c6:0e:94:82:7c:59:8d:35:86:6e:06:cc:fc:
fb:5a:01:c0:45:b3:ad:94:01:72:d2:91:4b:00:de:e0:d5:23:
71:3b:4e:0c:e7:59:49:b9:00:3b:f8:96:f8:aa:3b:1d:81:79:
31:5d:cd:57:46:cb:bd:a8:3f:f4:19:39:bb:2c:de:31:90:36:
08:19:52:ae:ae:53:36:4e:72:4e:8f:f5:69:5f:f9:03:a5:65:
8a:e6:d1:ea:d7:e6:8f:07:6a:2f:4e:35:63:ee:56:c2:cc:a6:
59:04:1a:0c:e9:0d:58:af:ff:b0:67:e8:b9:94:03:85:70:29:
58:a0:47:25:a9:98:b5:be:50:41:22:e8:46:cd:83:0a:d7:21:
a0:8c:5c:65:37:c5:71:e7:2a:0f:75:98:e0:bf:21:52:46:cf:
60:5e:61:3a:09:05:9c:46:72:74:dd:05:30:2d:85:86:48:0a:
c1:1e:57:d4:a1:99:62:ad:d7:2b:28:89:9a:2b:3d:39:b7:2d:
15:bc:a5:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJvBQdiSWkLYmyiSL7WvBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NmE5ZDU0MjI5NzU3N2IzN2FhMGM0MjMxOTVhZmUyYTk4
ZTEzNWQwHhcNMjQwMTAyMTAzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDY1Y2UxNDg0MzBlZGVlNWMwMTk1MWJmNjRhNjAyMTYwOWQ1NTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlivQkMD+eWBE76HkmflVcDY4cl8O
7/SiHdtlToV7dsDq07CTM3E+w+BbUwK/IILjcfYYvZUzP8GecBPX0ToOfRIiiNmX
Q88nc35FyRLdZ/AwWb5/4lo+UXQqzHt/Uz9kapDFDLZ++5g53HECMAuCOZrgDGKo
pGyYdJwQATy5AeIhh7l0N5wIBDo3KxQLm8iVdcRFMEezNKiLgQb2vYGn6ty/qlAu
/Zs9c2S82VmlNNIBAHrMk/oq+valSVnW0iEdPzapXbH/Ik2fQuAhUrcne+c8S/Pa
Hy4QRbGEpCgl5iDtp3GjH7LraxWMN+iydQAbdRTOXOCNv68BuwrAvHCe/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM1lzhSEMO3uXAGVG/ZKYCFgnVVNMB8GA1UdIwQY
MBaAFDZqnVQil1d7N6oMQjGVr+KpjhNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm1xZFZDS1hWM3MzcWd4Q01aV3Y0cW1PRTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mYzc1NDUtYzVmYS00M2JkLTg4Mzkt
ZDE4NWRlYzA2MDEyLzEveldYT0ZJUXc3ZTVjQVpVYjlrcGdJV0NkVlUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mYzc1NDUtYzVmYS00M2JkLTg4MzktZDE4NWRlYzA2MDEy
LzEvTm1xZFZDS1hWM3MzcWd4Q01aV3Y0cW1PRTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW8/UAwQA
W9FoAwQDjzeQAwQCubccMA0GCSqGSIb3DQEBCwUAA4IBAQCcI6YAaT3niiGykVQ0
dtmaCOpOSfw5clE6ILkvgTC3ssE5s3ONzcHMP1WpAoodmfeKkvihvXMwFcJh/8YO
lIJ8WY01hm4GzPz7WgHARbOtlAFy0pFLAN7g1SNxO04M51lJuQA7+Jb4qjsdgXkx
Xc1XRsu9qD/0GTm7LN4xkDYIGVKurlM2TnJOj/VpX/kDpWWK5tHq1+aPB2ovTjVj
7lbCzKZZBBoM6Q1Yr/+wZ+i5lAOFcClYoEclqZi1vlBBIuhGzYMK1yGgjFxlN8Vx
5yoPdZjgvyFSRs9gXmE6CQWcRnJ03QUwLYWGSArBHlfUoZlirdcrKImaKz05ty0V
vKVY
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:19:50 2024 by rpki-client on console-ams.rpki-client.org