Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/z50TCFixwCVZR2BPQL1hkE79-s0.roa
File: z50TCFixwCVZR2BPQL1hkE79-s0.roa (raw, json)
Hash identifier: qpADydNueASlfuphIlKmEJg/mYF71ESQxXro92nlIaE=
Subject key identifier: CF:9D:13:08:58:B1:C0:25:59:47:60:4F:40:BD:61:90:4E:FD:FA:CD
Certificate issuer: /CN=335ca521362226d03c1829003d81d498aa838f33
Certificate serial: 018CC492CD22F356185B1D4D20F045DDE816
Authority key identifier: 33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/z50TCFixwCVZR2BPQL1hkE79-s0.roa
Signing time: Mon 01 Jan 2024 10:30:04 +0000
ROA not before: Mon 01 Jan 2024 10:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209257
IP address blocks: 185.186.222.0/24 maxlen: 24
185.186.221.0/24 maxlen: 24
2a11:1e40:ba5e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/M1ylITYiJtA8GCkAPYHUmKqDjzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/M1ylITYiJtA8GCkAPYHUmKqDjzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:cd:22:f3:56:18:5b:1d:4d:20:f0:45:dd:e8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335ca521362226d03c1829003d81d498aa838f33
Validity
Not Before: Jan 1 10:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf9d130858b1c0255947604f40bd61904efdfacd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ee:be:99:09:2e:b2:0f:6c:c6:4c:d5:7d:03:
e7:7c:3b:f0:41:8b:9f:d6:dd:b0:5a:01:3a:05:85:
88:67:2d:c1:0f:20:31:db:54:e4:8d:36:69:ba:e9:
5f:70:67:a9:9f:c2:8a:32:dc:8f:87:2e:8c:ca:df:
94:72:9d:79:0b:0b:0d:22:9f:ae:16:c3:7d:b2:5c:
75:99:ac:9a:e5:cd:00:ad:fe:63:94:5d:fa:29:7c:
25:04:46:37:b5:b9:5d:5e:5b:4f:28:16:53:47:bf:
11:4d:c9:c4:08:10:22:23:a0:63:b2:ab:97:83:f6:
0e:99:c7:3b:05:51:5a:cd:7b:04:97:28:56:a8:bf:
51:26:8a:d8:34:fc:b2:26:23:9e:7b:ab:ce:49:c8:
20:03:9b:13:e6:83:89:d9:25:7c:ba:85:22:78:08:
51:4c:28:d8:d8:9c:88:a8:1f:31:d6:f9:43:62:33:
8a:29:56:47:94:51:e3:f0:ac:7f:8e:39:67:54:05:
8d:93:1c:e0:fb:14:7a:02:2e:24:da:ae:fb:ec:4e:
3a:e3:f9:66:f8:b2:c3:f4:a6:ca:16:61:45:8a:51:
30:e8:80:80:ca:c7:82:5e:ad:c7:83:0f:b0:69:bb:
d3:3b:e6:05:f5:0e:08:27:d1:0d:90:1c:44:9b:3e:
40:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9D:13:08:58:B1:C0:25:59:47:60:4F:40:BD:61:90:4E:FD:FA:CD
X509v3 Authority Key Identifier:
keyid:33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/z50TCFixwCVZR2BPQL1hkE79-s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/M1ylITYiJtA8GCkAPYHUmKqDjzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.221.0-185.186.222.255
IPv6:
2a11:1e40:ba5e::/48
Signature Algorithm: sha256WithRSAEncryption
79:9c:16:ce:a8:0f:74:c6:20:b8:1e:62:3c:ee:7f:74:df:09:
36:20:dd:ff:72:8b:3d:f5:23:67:c2:99:ec:44:49:18:48:ee:
e1:f1:45:b3:f2:f1:12:75:75:c1:07:76:7d:63:34:f4:40:22:
59:2d:37:3b:3b:c7:c6:b8:70:39:6c:c3:3b:6e:c5:13:48:74:
9c:0c:0a:69:6b:6a:d3:85:13:5c:c3:79:7f:ea:ed:ac:d0:ac:
a2:16:91:98:fc:57:d2:84:39:ac:8f:00:ff:9f:68:90:e9:5e:
50:42:98:3a:76:53:eb:c8:93:44:5d:0b:b0:da:ab:66:d5:22:
31:10:a6:e2:72:4e:06:4e:22:9a:23:46:19:ed:24:ab:4b:72:
99:a1:20:d6:3b:63:52:b4:ab:a3:c3:2f:d8:cb:a3:7b:f4:35:
bd:78:80:b2:c4:b3:22:ab:2d:1c:d6:22:c4:82:c1:49:7e:dd:
94:05:fa:c4:e6:70:0b:06:d5:b4:41:8c:d9:c6:1d:c4:36:3e:
e9:21:34:76:5e:4e:15:11:bf:37:08:c7:df:75:0e:6c:f3:9d:
a7:42:00:03:31:27:79:2e:c5:d1:c0:5c:2a:f3:c9:79:24:5f:
08:04:00:9f:8f:67:0e:63:22:f2:8e:a2:d3:87:e8:33:7b:2a:
44:7e:ae:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzEks0i81YYWx1NIPBF3egWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNWNhNTIxMzYyMjI2ZDAzYzE4MjkwMDNkODFkNDk4YWE4
MzhmMzMwHhcNMjQwMTAxMTAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjlkMTMwODU4YjFjMDI1NTk0NzYwNGY0MGJkNjE5MDRlZmRmYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO6+mQkusg9sxkzVfQPnfDvwQYuf
1t2wWgE6BYWIZy3BDyAx21TkjTZpuulfcGepn8KKMtyPhy6Myt+Ucp15CwsNIp+u
FsN9slx1maya5c0Arf5jlF36KXwlBEY3tbldXltPKBZTR78RTcnECBAiI6BjsquX
g/YOmcc7BVFazXsElyhWqL9RJorYNPyyJiOee6vOScggA5sT5oOJ2SV8uoUieAhR
TCjY2JyIqB8x1vlDYjOKKVZHlFHj8Kx/jjlnVAWNkxzg+xR6Ai4k2q777E464/lm
+LLD9KbKFmFFilEw6ICAyseCXq3Hgw+wabvTO+YF9Q4IJ9ENkBxEmz5A2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+dEwhYscAlWUdgT0C9YZBO/frNMB8GA1UdIwQY
MBaAFDNcpSE2IibQPBgpAD2B1Jiqg48zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgt
OTc0YzQ0YWI5Y2ZiLzEvejUwVENGaXh3Q1ZaUjJCUFFMMWhrRTc5LXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgtOTc0YzQ0YWI5Y2Zi
LzEvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAC5ut0D
BAC5ut4wDwQCAAIwCQMHACoRHkC6XjANBgkqhkiG9w0BAQsFAAOCAQEAeZwWzqgP
dMYguB5iPO5/dN8JNiDd/3KLPfUjZ8KZ7ERJGEju4fFFs/LxEnV1wQd2fWM09EAi
WS03OzvHxrhwOWzDO27FE0h0nAwKaWtq04UTXMN5f+rtrNCsohaRmPxX0oQ5rI8A
/59okOleUEKYOnZT68iTRF0LsNqrZtUiMRCm4nJOBk4imiNGGe0kq0tymaEg1jtj
UrSro8Mv2Muje/Q1vXiAssSzIqstHNYixILBSX7dlAX6xOZwCwbVtEGM2cYdxDY+
6SE0dl5OFRG/NwjH33UObPOdp0IAAzEneS7F0cBcKvPJeSRfCAQAn49nDmMi8o6i
04foM3sqRH6unA==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:56 2024 by rpki-client on console-fra.rpki-client.org