Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/ZgXH7g-aUfK1ehVe010onFZj78k.roa
File: ZgXH7g-aUfK1ehVe010onFZj78k.roa (raw, json)
Hash identifier: NUk21hqhloDAaeTFnpiR9xyurUnIWUjeV5ujM8REUrQ=
Subject key identifier: 66:05:C7:EE:0F:9A:51:F2:B5:7A:15:5E:D3:5D:28:9C:56:63:EF:C9
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 018CC26D6527024F3D694C9A24CB41B7DD7B
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/ZgXH7g-aUfK1ehVe010onFZj78k.roa
Signing time: Mon 01 Jan 2024 00:29:58 +0000
ROA not before: Mon 01 Jan 2024 00:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49685
IP address blocks: 193.148.20.0/22 maxlen: 24
45.86.176.0/22 maxlen: 24
185.54.180.0/22 maxlen: 24
93.90.64.0/22 maxlen: 24
157.97.112.0/21 maxlen: 24
2a02:4660::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:03:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:65:27:02:4f:3d:69:4c:9a:24:cb:41:b7:dd:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6605c7ee0f9a51f2b57a155ed35d289c5663efc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:24:d8:f7:94:ea:53:da:6f:4b:3a:47:a4:ab:
49:36:62:66:fa:30:e2:f0:fc:b2:50:44:87:c1:33:
a9:9e:e1:f8:be:c7:e8:5d:31:7a:0a:24:cf:9e:ec:
1e:c2:be:28:6e:35:46:d4:0c:a5:c3:58:4b:67:d7:
d2:57:b5:11:f7:42:aa:b9:e0:da:44:05:4c:e4:c2:
bb:32:4e:29:bb:7b:ec:1c:70:75:f9:7d:ea:b0:f5:
28:e6:82:a8:32:60:cc:d0:4c:e8:70:b2:61:ca:5c:
b5:be:7e:6a:73:fe:f2:65:a6:88:f8:ac:fc:c8:4c:
d6:a8:63:34:0f:9b:10:73:b5:03:af:22:9f:73:f4:
32:82:fe:e7:1d:00:26:dc:47:24:e2:c8:d1:ca:7f:
4f:48:cb:f3:49:03:0e:f2:0a:dc:f2:6c:fa:41:d3:
be:96:79:8d:9c:85:4f:20:23:b2:66:8f:e3:9b:26:
f9:b3:19:2c:fd:3e:65:f4:15:bd:d2:79:1c:1f:03:
d0:30:9b:02:5e:87:cd:06:de:32:2b:3a:a4:46:48:
ce:1b:6f:17:c0:15:b7:f5:b5:5e:31:a1:b2:a4:b9:
d0:df:19:a2:89:4e:04:93:7b:2f:2b:79:83:b7:85:
e7:96:f2:45:97:88:6d:d9:a1:d7:bc:ec:bb:d6:4d:
f5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:05:C7:EE:0F:9A:51:F2:B5:7A:15:5E:D3:5D:28:9C:56:63:EF:C9
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/ZgXH7g-aUfK1ehVe010onFZj78k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.176.0/22
93.90.64.0/22
157.97.112.0/21
185.54.180.0/22
193.148.20.0/22
IPv6:
2a02:4660::/32
Signature Algorithm: sha256WithRSAEncryption
19:1f:30:55:e9:d2:08:48:79:20:5c:22:fe:bc:ed:c9:f4:53:
6d:fd:1f:92:dd:51:a1:7c:05:17:e2:20:c2:2c:79:32:ec:3a:
89:4f:89:16:1a:b6:ef:70:fc:4c:40:9d:d7:b1:d9:c1:7b:60:
59:12:86:99:47:f8:f2:51:2b:c3:3b:51:dd:60:c5:3c:38:28:
3f:7c:f9:66:de:92:e0:b6:75:83:f5:12:35:cf:b7:d0:0e:f7:
a7:de:a4:bf:18:c7:ad:38:66:53:a7:66:58:aa:85:d1:a0:0e:
9b:28:db:a2:5f:dd:f8:18:c0:68:cb:48:a7:f1:a3:e7:61:f2:
35:c8:38:58:87:a7:90:66:7a:b3:85:ab:8a:c9:a6:30:a8:15:
ac:75:a2:c5:cd:6e:6f:bb:d9:e6:8e:a6:34:13:96:e0:73:76:
1e:16:07:16:8f:91:9f:20:24:84:b9:0a:04:e9:c9:9d:d9:cf:
c0:85:57:2d:d0:50:cc:f3:3f:20:c3:b4:39:f2:6e:79:95:d2:
8f:8e:c8:de:83:ca:bf:dd:53:c5:87:d0:02:8e:bb:55:1d:02:
12:cc:e2:45:be:e5:bd:c5:6b:77:c7:52:72:67:a8:f3:a8:27:
9d:28:62:83:8d:09:2b:a3:cf:d9:0e:ac:2b:96:9c:85:53:bc:
45:5b:71:52
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzCbWUnAk89aUyaJMtBt917MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjA1YzdlZTBmOWE1MWYyYjU3YTE1NWVkMzVkMjg5YzU2NjNlZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyTY95TqU9pvSzpHpKtJNmJm+jDi
8PyyUESHwTOpnuH4vsfoXTF6CiTPnuwewr4objVG1Aylw1hLZ9fSV7UR90KqueDa
RAVM5MK7Mk4pu3vsHHB1+X3qsPUo5oKoMmDM0EzocLJhyly1vn5qc/7yZaaI+Kz8
yEzWqGM0D5sQc7UDryKfc/Qygv7nHQAm3Eck4sjRyn9PSMvzSQMO8grc8mz6QdO+
lnmNnIVPICOyZo/jmyb5sxks/T5l9BW90nkcHwPQMJsCXofNBt4yKzqkRkjOG28X
wBW39bVeMaGypLnQ3xmiiU4Ek3svK3mDt4XnlvJFl4ht2aHXvOy71k31WwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGYFx+4PmlHytXoVXtNdKJxWY+/JMB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEvWmdYSDdnLWFVZksxZWhWZTAxMG9uRlpqNzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVawAwQC
XVpAAwQDnWFwAwQCuTa0AwQCwZQUMA0EAgACMAcDBQAqAkZgMA0GCSqGSIb3DQEB
CwUAA4IBAQAZHzBV6dIISHkgXCL+vO3J9FNt/R+S3VGhfAUX4iDCLHky7DqJT4kW
GrbvcPxMQJ3XsdnBe2BZEoaZR/jyUSvDO1HdYMU8OCg/fPlm3pLgtnWD9RI1z7fQ
Dven3qS/GMetOGZTp2ZYqoXRoA6bKNuiX934GMBoy0in8aPnYfI1yDhYh6eQZnqz
hauKyaYwqBWsdaLFzW5vu9nmjqY0E5bgc3YeFgcWj5GfICSEuQoE6cmd2c/AhVct
0FDM8z8gw7Q58m55ldKPjsjeg8q/3VPFh9ACjrtVHQISzOJFvuW9xWt3x1JyZ6jz
qCedKGKDjQkro8/ZDqwrlpyFU7xFW3FS
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:07:35 2024 by rpki-client on console-ams.rpki-client.org