Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Z5lC0qus4Omm1iAXnOyCN9fd6fc.roa
File: Z5lC0qus4Omm1iAXnOyCN9fd6fc.roa (raw, json)
Hash identifier: CrGGYM8bIfrRmwYUaHKt1NH7gtE2tO0szfCZbMzGR3E=
Subject key identifier: 67:99:42:D2:AB:AC:E0:E9:A6:D6:20:17:9C:EC:82:37:D7:DD:E9:F7
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01904ADED0EEC3D18924E99A9D54AE9372EE
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Z5lC0qus4Omm1iAXnOyCN9fd6fc.roa
Signing time: Mon 24 Jun 2024 15:30:34 +0000
ROA not before: Mon 24 Jun 2024 15:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206068
IP address blocks: 86.104.19.0/24 maxlen: 24
86.104.192.0/24 maxlen: 24
86.104.195.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:de:d0:ee:c3:d1:89:24:e9:9a:9d:54:ae:93:72:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 24 15:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=679942d2abace0e9a6d620179cec8237d7dde9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3c:2b:12:8f:e2:66:4e:b2:80:f9:8f:b5:9d:
41:73:a4:f1:a0:14:de:e3:40:c6:2a:11:46:99:9f:
6d:b9:47:03:26:b4:de:bc:d1:3e:50:1a:01:b7:11:
c3:86:5e:fc:ae:b6:e3:21:42:1e:cb:59:ce:01:51:
34:04:32:dc:b2:9c:2b:67:b0:c8:7d:4a:3f:f8:e0:
29:ef:5b:41:3a:2d:b5:7b:0e:19:32:67:82:d4:5f:
3e:c5:b0:0e:7f:2c:cc:5c:86:56:e9:22:f5:a2:f8:
8b:2c:2e:35:64:aa:d5:10:6f:6b:ff:6e:f6:0e:7b:
ce:11:95:24:ec:c7:57:8e:a1:21:76:1c:75:ed:27:
0c:78:65:d6:65:73:35:3f:50:b7:e0:69:f4:d4:10:
9e:7c:fa:52:fc:6a:f0:c0:78:8a:37:b9:f9:81:a0:
a2:19:17:e1:b5:54:a9:d0:28:f0:f8:9a:4f:e5:74:
71:37:af:6d:8d:bd:78:56:2d:a5:07:d7:fc:a0:81:
1e:a1:6e:39:c3:87:a0:e8:f4:97:f0:90:56:c3:27:
7c:20:d6:30:63:d6:7b:2b:15:eb:32:10:48:ff:fb:
17:76:4e:1b:e7:0c:a1:7f:24:77:b4:ae:e6:41:b0:
9c:ad:61:c8:ab:21:22:b2:3d:d3:8a:bc:dc:95:81:
d0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:99:42:D2:AB:AC:E0:E9:A6:D6:20:17:9C:EC:82:37:D7:DD:E9:F7
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Z5lC0qus4Omm1iAXnOyCN9fd6fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.19.0/24
86.104.192.0/24
86.104.195.0/24
89.32.126.0/24
94.231.198.0/24
Signature Algorithm: sha256WithRSAEncryption
93:30:17:33:b6:5d:25:a8:4c:cc:e7:9a:5e:5d:34:c8:7f:a8:
f6:eb:9b:db:21:47:90:55:66:c0:ac:2c:cf:72:2d:56:15:71:
68:1d:fb:78:ef:88:21:1c:45:74:82:f7:27:7c:a5:9f:cf:c1:
76:ed:87:69:9d:d3:e0:92:9e:fe:49:af:87:fa:b0:df:51:92:
e7:1c:6c:d1:65:4d:81:31:e4:24:dd:94:c8:a0:77:95:97:d6:
bf:59:93:2e:22:7c:b3:a3:fb:71:43:1c:25:0f:56:99:d7:97:
27:74:9d:e5:98:6f:cf:ab:36:3a:78:16:ee:52:03:c3:63:af:
6f:08:89:57:f2:13:9d:29:38:43:0a:69:2c:dd:31:8d:d0:58:
e9:96:24:84:ee:28:b9:8e:1d:99:fc:72:ba:be:2e:22:d2:13:
8f:c4:d3:90:fc:4a:fd:48:f7:a2:4e:4c:8b:8b:31:41:53:ed:
2a:bf:21:b7:40:5e:5f:d9:39:9c:94:64:e2:62:28:27:5f:34:
79:ce:e8:75:a8:c7:7d:4c:db:60:a7:2b:f3:d8:f0:8f:87:be:
7c:4b:01:5c:e8:a5:4e:53:03:47:60:71:23:f6:55:37:6e:a7:
7e:32:4d:46:43:47:a0:c9:55:21:35:70:d1:74:17:c3:e3:5c:
2e:11:22:43
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZBK3tDuw9GJJOmanVSuk3LuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNjI0MTUzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzk5NDJkMmFiYWNlMGU5YTZkNjIwMTc5Y2VjODIzN2Q3ZGRlOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzwrEo/iZk6ygPmPtZ1Bc6TxoBTe
40DGKhFGmZ9tuUcDJrTevNE+UBoBtxHDhl78rrbjIUIey1nOAVE0BDLcspwrZ7DI
fUo/+OAp71tBOi21ew4ZMmeC1F8+xbAOfyzMXIZW6SL1oviLLC41ZKrVEG9r/272
DnvOEZUk7MdXjqEhdhx17ScMeGXWZXM1P1C34Gn01BCefPpS/GrwwHiKN7n5gaCi
GRfhtVSp0Cjw+JpP5XRxN69tjb14Vi2lB9f8oIEeoW45w4eg6PSX8JBWwyd8INYw
Y9Z7KxXrMhBI//sXdk4b5wyhfyR3tK7mQbCcrWHIqyEisj3TirzclYHQ5QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGeZQtKrrODpptYgF5zsgjfX3en3MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWjVsQzBxdXM0T21tMWlBWG5PeUNOOWZkNmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVmgTAwQA
VmjAAwQAVmjDAwQAWSB+AwQAXufGMA0GCSqGSIb3DQEBCwUAA4IBAQCTMBcztl0l
qEzM55peXTTIf6j265vbIUeQVWbArCzPci1WFXFoHft474ghHEV0gvcnfKWfz8F2
7YdpndPgkp7+Sa+H+rDfUZLnHGzRZU2BMeQk3ZTIoHeVl9a/WZMuInyzo/txQxwl
D1aZ15cndJ3lmG/PqzY6eBbuUgPDY69vCIlX8hOdKThDCmks3TGN0FjpliSE7ii5
jh2Z/HK6vi4i0hOPxNOQ/Er9SPeiTkyLizFBU+0qvyG3QF5f2TmclGTiYignXzR5
zuh1qMd9TNtgpyvz2PCPh758SwFc6KVOUwNHYHEj9lU3bqd+Mk1GQ0egyVUhNXDR
dBfD41wuESJD
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:12 2024 by rpki-client on console-ams.rpki-client.org