Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/ZvRMUynEMvw838zk0Kz5fEhNLAc.roa
File: ZvRMUynEMvw838zk0Kz5fEhNLAc.roa (raw, json)
Hash identifier: Z4lfTb3JhKwZr3QNNaZEev0o6bP+yKo+7YjYjQvWv3w=
Subject key identifier: 66:F4:4C:53:29:C4:32:FC:3C:DF:CC:E4:D0:AC:F9:7C:48:4D:2C:07
Certificate issuer: /CN=046ca7b604ec08f6f54b0e748906547dd375674d
Certificate serial: 018CC7945173CEDF72C6CA499C8B7F40E1CD
Authority key identifier: 04:6C:A7:B6:04:EC:08:F6:F5:4B:0E:74:89:06:54:7D:D3:75:67:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGyntgTsCPb1Sw50iQZUfdN1Z00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/ZvRMUynEMvw838zk0Kz5fEhNLAc.roa
Signing time: Tue 02 Jan 2024 00:30:35 +0000
ROA not before: Tue 02 Jan 2024 00:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206436
IP address blocks: 193.202.96.0/21 maxlen: 24
193.202.104.0/24 maxlen: 24
185.223.52.0/24 maxlen: 24
2a10:8581::/48 maxlen: 48
2a10:8581:1::/48 maxlen: 48
2a10:8580::/48 maxlen: 48
2a10:8580:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/BGyntgTsCPb1Sw50iQZUfdN1Z00.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/BGyntgTsCPb1Sw50iQZUfdN1Z00.mft
rsync://rpki.ripe.net/repository/DEFAULT/BGyntgTsCPb1Sw50iQZUfdN1Z00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:51:73:ce:df:72:c6:ca:49:9c:8b:7f:40:e1:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=046ca7b604ec08f6f54b0e748906547dd375674d
Validity
Not Before: Jan 2 00:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66f44c5329c432fc3cdfcce4d0acf97c484d2c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:75:8f:ec:5c:2f:8d:a1:ee:cc:d2:16:d1:4a:
e8:e1:24:37:34:db:d5:54:ef:4f:62:c4:5b:06:cd:
1a:18:ee:dc:04:3c:44:18:1d:47:b1:b1:41:95:3d:
79:c3:fe:4d:2a:82:98:c0:1f:63:d4:87:27:6a:b3:
ee:25:94:a3:e4:97:da:89:f6:91:94:b3:90:56:01:
51:17:da:09:69:df:d0:b0:2f:d3:13:07:3c:a1:03:
a3:8d:10:38:e3:83:e6:b5:1c:ea:cd:c7:8d:e0:60:
96:bb:ed:f6:e8:78:3d:66:a8:da:fc:67:65:e5:19:
68:9d:d0:00:a2:c2:96:8f:1a:4c:0e:e2:71:b8:66:
bd:75:02:3e:ba:14:50:d2:45:db:9b:b2:53:49:4d:
42:4b:62:18:04:4a:63:97:7d:59:2d:e7:f1:68:4d:
a0:99:d5:3e:35:33:de:49:27:78:78:fe:00:81:1a:
43:7a:d6:43:3f:59:cb:4e:8d:b8:85:55:33:0b:d8:
3d:14:88:36:44:29:fa:76:46:8e:4f:e3:cb:10:1c:
ab:21:3f:ce:52:e4:05:6d:fb:ac:18:96:f1:ce:dc:
dc:e8:2b:94:d9:f6:7b:ef:1b:cf:cb:dc:e2:1d:4b:
00:cf:0a:1e:1e:b3:be:0c:bf:c9:30:b0:b8:4f:de:
b5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F4:4C:53:29:C4:32:FC:3C:DF:CC:E4:D0:AC:F9:7C:48:4D:2C:07
X509v3 Authority Key Identifier:
keyid:04:6C:A7:B6:04:EC:08:F6:F5:4B:0E:74:89:06:54:7D:D3:75:67:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGyntgTsCPb1Sw50iQZUfdN1Z00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/ZvRMUynEMvw838zk0Kz5fEhNLAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/BGyntgTsCPb1Sw50iQZUfdN1Z00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.52.0/24
193.202.96.0-193.202.104.255
IPv6:
2a10:8580::/47
2a10:8581::/47
Signature Algorithm: sha256WithRSAEncryption
71:b2:68:43:e1:d6:67:62:28:05:cf:06:2c:cf:11:f2:cf:3c:
e6:8b:e7:36:21:97:c9:5a:b6:6a:69:f2:31:b0:43:6d:e2:52:
10:2e:22:0b:49:eb:c3:06:12:c2:c2:6d:4b:a2:92:74:98:27:
43:f9:28:b3:9b:a7:a2:c5:e0:46:10:70:ca:18:57:92:76:eb:
c5:fb:10:49:6c:6f:3b:a3:f7:40:44:9f:c0:8d:ed:55:e2:25:
87:b9:c8:4a:17:62:a7:6e:9f:e6:8c:f2:65:8a:60:bb:80:6d:
40:cb:31:82:66:2d:2d:3f:df:ae:c6:d9:e5:18:b8:7b:83:ef:
5b:b8:cd:77:6a:45:4b:50:1d:e7:d5:e3:d6:5a:16:47:86:f2:
3f:7e:b3:9f:4b:07:44:da:e7:15:07:45:c8:8d:61:67:46:63:
7b:51:cc:c0:0f:f8:85:c4:85:d2:bd:27:0c:db:64:15:11:e7:
f2:0b:a5:fa:98:48:8b:85:34:1f:0c:7b:cb:7b:c5:7b:28:1f:
21:5c:24:a6:04:cc:80:7f:fa:82:d0:e7:25:ab:8f:33:5e:a3:
da:dd:c0:7c:77:7f:64:23:61:67:7e:8c:a9:11:a0:30:42:9c:
e7:cc:d0:4b:2f:e6:84:67:a6:0b:73:f8:3f:85:6a:bd:b1:61:
a6:8a:e8:49
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzHlFFzzt9yxspJnIt/QOHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NmNhN2I2MDRlYzA4ZjZmNTRiMGU3NDg5MDY1NDdkZDM3
NTY3NGQwHhcNMjQwMTAyMDAzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmY0NGM1MzI5YzQzMmZjM2NkZmNjZTRkMGFjZjk3YzQ4NGQyYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXWP7FwvjaHuzNIW0Uro4SQ3NNvV
VO9PYsRbBs0aGO7cBDxEGB1HsbFBlT15w/5NKoKYwB9j1IcnarPuJZSj5JfaifaR
lLOQVgFRF9oJad/QsC/TEwc8oQOjjRA444PmtRzqzceN4GCWu+326Hg9Zqja/Gdl
5RlondAAosKWjxpMDuJxuGa9dQI+uhRQ0kXbm7JTSU1CS2IYBEpjl31ZLefxaE2g
mdU+NTPeSSd4eP4AgRpDetZDP1nLTo24hVUzC9g9FIg2RCn6dkaOT+PLEByrIT/O
UuQFbfusGJbxztzc6CuU2fZ77xvPy9ziHUsAzwoeHrO+DL/JMLC4T961rQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGb0TFMpxDL8PN/M5NCs+XxITSwHMB8GA1UdIwQY
MBaAFARsp7YE7Aj29UsOdIkGVH3TdWdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkd5bnRnVHNDUGIxU3c1MGlRWlVmZE4xWjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zOTJlYTUtOWNhOC00YjBmLTkzODgt
MDkzOTYxZDM4Yzg2LzEvWnZSTVV5bkVNdnc4Mzh6azBLejVmRWhOTEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zOTJlYTUtOWNhOC00YjBmLTkzODgtMDkzOTYxZDM4Yzg2
LzEvQkd5bnRnVHNDUGIxU3c1MGlRWlVmZE4xWjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAaBAIAATAUAwQAud80MAwD
BAXBymADBADBymgwGAQCAAIwEgMHASoQhYAAAAMHASoQhYEAADANBgkqhkiG9w0B
AQsFAAOCAQEAcbJoQ+HWZ2IoBc8GLM8R8s885ovnNiGXyVq2amnyMbBDbeJSEC4i
C0nrwwYSwsJtS6KSdJgnQ/kos5unosXgRhBwyhhXknbrxfsQSWxvO6P3QESfwI3t
VeIlh7nIShdip26f5ozyZYpgu4BtQMsxgmYtLT/frsbZ5Ri4e4PvW7jNd2pFS1Ad
59Xj1loWR4byP36zn0sHRNrnFQdFyI1hZ0Zje1HMwA/4hcSF0r0nDNtkFRHn8gul
+phIi4U0Hwx7y3vFeygfIVwkpgTMgH/6gtDnJauPM16j2t3AfHd/ZCNhZ36MqRGg
MEKc58zQSy/mhGemC3P4P4VqvbFhporoSQ==
-----END CERTIFICATE-----
Generated at Fri May 17 23:47:48 2024 by rpki-client on console-ams.rpki-client.org