Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/RhZzHCgRgHVM7Q33cmKjW86HNQA.roa
File: RhZzHCgRgHVM7Q33cmKjW86HNQA.roa (raw, json)
Hash identifier: ZLWOt5eL6BI+A12SPbHa13eC4Pmr0p80tCTfR1/iFOs=
Subject key identifier: 46:16:73:1C:28:11:80:75:4C:ED:0D:F7:72:62:A3:5B:CE:87:35:00
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018E1D81EB99A736EB047C7B00B9C5D4DA01
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/RhZzHCgRgHVM7Q33cmKjW86HNQA.roa
Signing time: Fri 08 Mar 2024 10:00:37 +0000
ROA not before: Fri 08 Mar 2024 10:00:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51820
IP address blocks: 138.188.136.0/24 maxlen: 24
138.188.138.0/24 maxlen: 24
193.5.63.0/24 maxlen: 24
193.247.90.0/24 maxlen: 24
194.209.67.0/24 maxlen: 24
195.65.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1d:81:eb:99:a7:36:eb:04:7c:7b:00:b9:c5:d4:da:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Mar 8 10:00:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4616731c281180754ced0df77262a35bce873500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c5:56:dc:2c:dd:19:32:71:19:39:46:cc:f3:
ad:ae:2e:28:eb:46:fa:d1:db:e3:f0:71:27:31:44:
25:c1:f0:d1:e0:b4:85:38:20:5c:0e:df:a0:52:75:
96:aa:44:4c:10:bf:d4:1c:3e:ac:82:27:44:12:9c:
0e:0f:f4:f8:4c:e1:4a:cf:bb:17:b3:e6:e3:62:f6:
48:b8:83:23:35:a2:82:39:ae:99:52:b8:f0:5f:12:
52:6b:ba:29:ee:9e:f2:f8:fa:21:f5:58:af:4f:5e:
fd:4e:6e:d4:4f:29:58:83:5b:2b:af:76:6d:9a:c7:
6d:35:c1:24:9f:f9:60:63:f4:ba:26:69:19:a2:d6:
8e:a6:89:ca:3f:27:79:ff:ec:a9:53:4a:ee:89:6d:
71:d3:f8:83:37:d3:c1:60:6b:eb:e2:69:dd:b9:5d:
71:fe:ef:94:11:f2:49:d4:bb:5d:6a:5a:c7:7d:da:
06:35:7a:2c:1e:73:c7:cb:c9:34:bb:c5:55:6c:08:
f4:7b:84:29:64:5a:2d:d4:b6:3d:9e:2d:60:3f:1f:
06:1b:2e:94:0d:fb:6b:62:3f:1f:9f:6a:71:76:5b:
26:d1:73:03:8e:64:5d:62:76:ef:d4:72:0b:5a:f5:
65:21:92:ec:0f:4f:7b:91:b9:be:12:ac:b8:05:cd:
82:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:16:73:1C:28:11:80:75:4C:ED:0D:F7:72:62:A3:5B:CE:87:35:00
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/RhZzHCgRgHVM7Q33cmKjW86HNQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.188.136.0/24
138.188.138.0/24
193.5.63.0/24
193.247.90.0/24
194.209.67.0/24
195.65.47.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:d8:0d:7a:bc:bd:1d:5e:55:f0:32:00:1e:06:8a:50:8c:84:
fa:49:25:ce:bc:c6:31:c6:97:90:89:bb:d9:d6:0a:9f:de:0d:
7a:65:80:6f:a1:e7:27:f2:4f:98:4b:f6:cb:e5:90:36:37:09:
8e:30:3e:2d:85:a4:da:f6:df:eb:10:b2:88:1d:0d:cd:de:04:
34:ce:98:0c:cb:58:04:49:3c:1e:a0:4a:15:d2:dd:ca:ae:a8:
8d:63:2a:9b:b5:f4:e6:a6:0a:de:6f:c6:b0:f2:8c:32:57:61:
2a:a0:a7:39:7d:ed:07:c2:1b:1a:8a:99:88:a2:73:4b:0a:8e:
95:ec:f7:93:57:8d:bc:f3:bf:f4:b4:da:b0:c5:05:13:46:a5:
3c:9b:4f:c2:4a:c5:d9:32:9c:5b:89:89:56:0e:6d:aa:1b:b0:
d5:8d:b1:19:a8:fb:02:39:09:59:51:2b:16:35:ac:ea:a4:1f:
da:17:4e:69:41:67:ee:22:f9:0e:5c:a2:b4:66:f5:aa:78:73:
eb:da:76:89:34:3c:54:64:bb:e1:e8:44:b8:ab:81:47:bb:5d:
83:7f:44:e1:bf:ee:ba:9d:02:b1:8b:6c:ae:78:73:d4:57:e4:
91:15:f5:cb:8d:3f:ad:6f:4c:28:33:ce:ab:6b:ec:bb:31:1a:
d0:37:98:c3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY4dgeuZpzbrBHx7ALnF1NoBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMzA4MTAwMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjE2NzMxYzI4MTE4MDc1NGNlZDBkZjc3MjYyYTM1YmNlODczNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMVW3CzdGTJxGTlGzPOtri4o60b6
0dvj8HEnMUQlwfDR4LSFOCBcDt+gUnWWqkRMEL/UHD6sgidEEpwOD/T4TOFKz7sX
s+bjYvZIuIMjNaKCOa6ZUrjwXxJSa7op7p7y+Poh9VivT179Tm7UTylYg1srr3Zt
msdtNcEkn/lgY/S6JmkZotaOponKPyd5/+ypU0ruiW1x0/iDN9PBYGvr4mnduV1x
/u+UEfJJ1LtdalrHfdoGNXosHnPHy8k0u8VVbAj0e4QpZFot1LY9ni1gPx8GGy6U
DftrYj8fn2pxdlsm0XMDjmRdYnbv1HILWvVlIZLsD097kbm+Eqy4Bc2CCQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEYWcxwoEYB1TO0N93Jio1vOhzUAMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvUmhaekhDZ1JnSFZNN1EzM2NtS2pXODZITlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAiryIAwQA
iryKAwQAwQU/AwQAwfdaAwQAwtFDAwQAw0EvMA0GCSqGSIb3DQEBCwUAA4IBAQCo
2A16vL0dXlXwMgAeBopQjIT6SSXOvMYxxpeQibvZ1gqf3g16ZYBvoecn8k+YS/bL
5ZA2NwmOMD4thaTa9t/rELKIHQ3N3gQ0zpgMy1gESTweoEoV0t3KrqiNYyqbtfTm
pgreb8aw8owyV2EqoKc5fe0HwhsaipmIonNLCo6V7PeTV42887/0tNqwxQUTRqU8
m0/CSsXZMpxbiYlWDm2qG7DVjbEZqPsCOQlZUSsWNazqpB/aF05pQWfuIvkOXKK0
ZvWqeHPr2naJNDxUZLvh6ES4q4FHu12Df0Thv+66nQKxi2yueHPUV+SRFfXLjT+t
b0woM86ra+y7MRrQN5jD
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:32:35 2024 by rpki-client on console-ams.rpki-client.org