Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/EZbJFcTZGMVGi1M9HWY2hthFalc.roa
File: EZbJFcTZGMVGi1M9HWY2hthFalc.roa (raw, json)
Hash identifier: TdvFP9eqt4i4F10xone2gTTbevOwUBqduedABYIMtEA=
Subject key identifier: 11:96:C9:15:C4:D9:18:C5:46:8B:53:3D:1D:66:36:86:D8:45:6A:57
Certificate issuer: /CN=cebf8d6dec3920bc73f097fdf56caf10b52db455
Certificate serial: 018ED35A540AE3E36A61643BA3570B580F6A
Authority key identifier: CE:BF:8D:6D:EC:39:20:BC:73:F0:97:FD:F5:6C:AF:10:B5:2D:B4:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zr-Nbew5ILxz8Jf99WyvELUttFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/EZbJFcTZGMVGi1M9HWY2hthFalc.roa
Signing time: Fri 12 Apr 2024 17:28:15 +0000
ROA not before: Fri 12 Apr 2024 17:28:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60595
IP address blocks: 185.15.52.0/22 maxlen: 22
185.15.52.0/24 maxlen: 24
185.15.53.0/24 maxlen: 24
185.15.54.0/24 maxlen: 24
185.15.55.0/24 maxlen: 24
194.2.77.0/24 maxlen: 24
194.26.133.0/24 maxlen: 24
2a03:a2c0::/29 maxlen: 48
2a03:a2c0::/32 maxlen: 32
2a03:a2c0::/48 maxlen: 48
2a03:a2c0:2::/48 maxlen: 48
2a03:a2c2::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/zr-Nbew5ILxz8Jf99WyvELUttFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/zr-Nbew5ILxz8Jf99WyvELUttFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/zr-Nbew5ILxz8Jf99WyvELUttFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:5a:54:0a:e3:e3:6a:61:64:3b:a3:57:0b:58:0f:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cebf8d6dec3920bc73f097fdf56caf10b52db455
Validity
Not Before: Apr 12 17:28:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1196c915c4d918c5468b533d1d663686d8456a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c7:84:98:49:d3:40:96:cb:f9:e4:78:eb:2b:
e7:de:c9:73:c0:5f:7f:6b:ca:f4:71:1c:d2:0d:5a:
d0:6c:c7:58:07:ea:d9:22:28:58:a8:e8:ee:27:25:
f0:40:24:49:c3:57:dc:ed:b1:95:b5:98:df:73:86:
da:2e:fd:2c:8e:24:08:6a:24:3a:8f:4a:be:14:d9:
e9:17:41:5a:be:36:34:37:2a:ba:81:68:e8:0e:cd:
63:ac:90:5d:43:4d:4e:76:05:f3:9c:62:31:db:ef:
46:73:19:fe:24:8b:dc:3b:9a:8c:23:91:7d:22:5a:
a2:32:94:96:63:72:e3:3c:2a:a0:e9:ea:7e:c9:c5:
0d:43:70:a8:da:3c:4f:d1:a0:4b:33:7f:ae:4c:d2:
8d:ef:cc:27:1a:83:2b:e2:29:06:da:16:fc:b7:bc:
92:ea:ba:71:24:4b:82:13:39:a2:70:72:25:55:92:
62:66:ab:be:07:83:24:4a:d9:09:bc:3a:6e:df:0e:
97:47:ce:9e:a9:65:7e:e7:ee:ae:d1:45:4c:c0:e7:
45:8e:c6:79:ef:89:ce:47:b5:17:4d:15:e9:65:a2:
46:8a:91:f8:fb:fe:32:fe:6a:df:a7:3c:37:c7:59:
45:de:d8:14:2b:46:e3:99:21:33:03:9a:93:aa:63:
22:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:96:C9:15:C4:D9:18:C5:46:8B:53:3D:1D:66:36:86:D8:45:6A:57
X509v3 Authority Key Identifier:
keyid:CE:BF:8D:6D:EC:39:20:BC:73:F0:97:FD:F5:6C:AF:10:B5:2D:B4:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zr-Nbew5ILxz8Jf99WyvELUttFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/EZbJFcTZGMVGi1M9HWY2hthFalc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5b6768-4b5f-4430-bff1-b5e5700fc774/1/zr-Nbew5ILxz8Jf99WyvELUttFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.52.0/22
194.2.77.0/24
194.26.133.0/24
IPv6:
2a03:a2c0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:6b:e6:5e:1f:2e:75:cb:71:4f:86:e3:a1:59:f5:31:b2:a6:
4d:1d:9b:c7:fb:aa:bf:f5:c7:ba:26:08:7a:93:8a:a2:28:4f:
d8:55:ee:69:07:46:6d:b1:22:51:c5:fc:a2:7f:51:e4:3d:de:
8e:89:74:f6:d1:60:95:92:84:9a:ee:9b:d9:4a:ec:2d:90:68:
51:d4:90:89:af:6d:d5:80:cb:01:af:e4:1d:80:31:ea:8f:51:
42:fb:fe:5f:c5:86:ca:76:ac:65:0a:43:fe:96:e4:49:9c:ae:
0c:6b:cb:4a:ae:b4:7d:14:cc:f2:de:d4:8a:00:b5:3a:b5:4f:
08:ba:f1:dd:a4:89:61:b9:24:f8:43:a7:2b:12:91:4c:52:75:
96:4e:21:da:4b:b3:50:e5:ae:d4:59:ed:36:39:98:16:24:59:
52:e8:4c:05:b0:32:30:bf:33:c7:31:b3:be:8f:8c:81:03:cf:
de:bb:bd:b6:bc:c5:94:e1:dc:0b:df:67:2a:72:af:2a:5b:59:
4f:98:1a:78:1b:80:86:e9:8c:f5:31:29:8f:d2:51:ef:75:c4:
7b:52:ba:48:8c:c2:69:5c:5c:cd:10:70:e5:cc:ca:b6:78:05:
b4:0c:f7:64:1a:ed:26:58:7e:b4:5e:06:2d:67:8d:17:1a:c0:
96:a4:85:a9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY7TWlQK4+NqYWQ7o1cLWA9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYmY4ZDZkZWMzOTIwYmM3M2YwOTdmZGY1NmNhZjEwYjUy
ZGI0NTUwHhcNMjQwNDEyMTcyODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTk2YzkxNWM0ZDkxOGM1NDY4YjUzM2QxZDY2MzY4NmQ4NDU2YTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoseEmEnTQJbL+eR46yvn3slzwF9/
a8r0cRzSDVrQbMdYB+rZIihYqOjuJyXwQCRJw1fc7bGVtZjfc4baLv0sjiQIaiQ6
j0q+FNnpF0FavjY0Nyq6gWjoDs1jrJBdQ01OdgXznGIx2+9Gcxn+JIvcO5qMI5F9
IlqiMpSWY3LjPCqg6ep+ycUNQ3Co2jxP0aBLM3+uTNKN78wnGoMr4ikG2hb8t7yS
6rpxJEuCEzmicHIlVZJiZqu+B4MkStkJvDpu3w6XR86eqWV+5+6u0UVMwOdFjsZ5
74nOR7UXTRXpZaJGipH4+/4y/mrfpzw3x1lF3tgUK0bjmSEzA5qTqmMiSwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBGWyRXE2RjFRotTPR1mNobYRWpXMB8GA1UdIwQY
MBaAFM6/jW3sOSC8c/CX/fVsrxC1LbRVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenItTmJldzVJTHh6OEpmOTlXeXZFTFV0dEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81YjY3NjgtNGI1Zi00NDMwLWJmZjEt
YjVlNTcwMGZjNzc0LzEvRVpiSkZjVFpHTVZHaTFNOUhXWTJodGhGYWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81YjY3NjgtNGI1Zi00NDMwLWJmZjEtYjVlNTcwMGZjNzc0
LzEvenItTmJldzVJTHh6OEpmOTlXeXZFTFV0dEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQ80AwQA
wgJNAwQAwhqFMA0EAgACMAcDBQMqA6LAMA0GCSqGSIb3DQEBCwUAA4IBAQB+a+Ze
Hy51y3FPhuOhWfUxsqZNHZvH+6q/9ce6Jgh6k4qiKE/YVe5pB0ZtsSJRxfyif1Hk
Pd6OiXT20WCVkoSa7pvZSuwtkGhR1JCJr23VgMsBr+QdgDHqj1FC+/5fxYbKdqxl
CkP+luRJnK4Ma8tKrrR9FMzy3tSKALU6tU8IuvHdpIlhuST4Q6crEpFMUnWWTiHa
S7NQ5a7UWe02OZgWJFlS6EwFsDIwvzPHMbO+j4yBA8/eu722vMWU4dwL32cqcq8q
W1lPmBp4G4CG6Yz1MSmP0lHvdcR7UrpIjMJpXFzNEHDlzMq2eAW0DPdkGu0mWH60
XgYtZ40XGsCWpIWp
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:48:36 2024 by rpki-client on console-fra.rpki-client.org