Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/NIZ-m0vENOnteGp--F5tI1lXxyE.roa
File: NIZ-m0vENOnteGp--F5tI1lXxyE.roa (raw, json)
Hash identifier: Y4ZE6nQfIEH4eWplvVFXdMXYBM5UdHuxPLnWbOrT5vU=
Subject key identifier: 34:86:7E:9B:4B:C4:34:E9:ED:78:6A:7E:F8:5E:6D:23:59:57:C7:21
Certificate issuer: /CN=334b09743ed2afd6afb47c58360ee3112a95cd34
Certificate serial: 0192969B964B4E3C8FFEE86BE00786CF7A31
Authority key identifier: 33:4B:09:74:3E:D2:AF:D6:AF:B4:7C:58:36:0E:E3:11:2A:95:CD:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M0sJdD7Sr9avtHxYNg7jESqVzTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/NIZ-m0vENOnteGp--F5tI1lXxyE.roa
Signing time: Wed 16 Oct 2024 18:33:51 +0000
ROA not before: Wed 16 Oct 2024 18:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205053
IP address blocks: 185.226.64.0/22 maxlen: 22
185.226.64.0/24 maxlen: 24
185.226.65.0/24 maxlen: 24
185.226.66.0/24 maxlen: 24
185.226.67.0/24 maxlen: 24
213.134.5.0/24 maxlen: 24
2a0c:5e00::/32 maxlen: 32
2a0c:5e00::/48 maxlen: 48
2a0c:5e00::/64 maxlen: 64
2a0c:5e00:8::/48 maxlen: 48
2a0c:5e00:8::/64 maxlen: 64
2a0c:5e00:8:100::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/M0sJdD7Sr9avtHxYNg7jESqVzTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/M0sJdD7Sr9avtHxYNg7jESqVzTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/M0sJdD7Sr9avtHxYNg7jESqVzTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 21:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:96:9b:96:4b:4e:3c:8f:fe:e8:6b:e0:07:86:cf:7a:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=334b09743ed2afd6afb47c58360ee3112a95cd34
Validity
Not Before: Oct 16 18:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34867e9b4bc434e9ed786a7ef85e6d235957c721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3a:93:77:02:4d:37:7a:47:2b:50:a7:c5:48:
f5:46:74:1d:50:3f:32:5f:13:63:45:d1:6e:d0:3c:
70:a8:2d:cc:cb:01:dd:cf:02:a6:05:cb:fa:b2:9b:
57:a7:29:94:70:08:fd:bc:7d:40:67:fc:07:75:e8:
52:fd:14:a1:47:5b:f9:97:13:b9:26:f4:8a:68:d1:
7b:f8:7e:93:16:33:0f:4d:94:30:81:fd:b2:17:6c:
5c:ff:83:34:7a:3a:ea:1c:a1:ff:b6:a8:58:f0:c3:
db:f4:f4:60:b5:c4:32:d3:fd:16:14:fb:dc:de:20:
cc:49:dd:f8:39:41:30:68:dc:43:79:5d:fb:7e:4e:
19:89:f8:17:34:27:77:48:48:5c:57:e4:5c:57:f0:
d5:7d:0d:b8:14:69:29:9b:41:18:76:f7:d2:34:fb:
cf:42:8e:81:ac:fe:dc:76:9c:ca:26:69:5e:e9:b3:
6a:e7:c2:76:96:82:42:5f:c1:c3:94:35:55:e2:c1:
92:0c:63:ce:93:78:24:be:f3:89:9e:c6:5c:04:1b:
ef:a4:f8:2a:39:60:0a:6f:41:83:b1:c8:0d:11:39:
da:86:98:c4:4d:93:4a:f6:56:a4:39:b3:5d:a9:e5:
4a:a2:65:00:5b:5e:9f:6f:21:08:55:2e:d8:8a:18:
7e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:86:7E:9B:4B:C4:34:E9:ED:78:6A:7E:F8:5E:6D:23:59:57:C7:21
X509v3 Authority Key Identifier:
keyid:33:4B:09:74:3E:D2:AF:D6:AF:B4:7C:58:36:0E:E3:11:2A:95:CD:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M0sJdD7Sr9avtHxYNg7jESqVzTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/NIZ-m0vENOnteGp--F5tI1lXxyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cd410f-9de4-4d82-8091-59e792fe14cc/1/M0sJdD7Sr9avtHxYNg7jESqVzTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.64.0/22
213.134.5.0/24
IPv6:
2a0c:5e00::/32
Signature Algorithm: sha256WithRSAEncryption
65:01:55:7e:cc:f7:9a:7f:1d:53:a0:6d:09:f9:19:0e:06:e1:
b9:b2:66:44:98:30:77:a5:dd:c9:99:5f:47:85:03:b0:71:5a:
9a:7e:14:b9:46:9b:8b:7a:3b:33:ba:75:6c:ed:4d:72:d7:fc:
e5:6f:06:16:94:9d:03:e8:ea:12:c3:ce:eb:76:fc:20:f4:e0:
4f:1a:0c:98:d3:b8:02:9c:98:bb:06:5e:d7:97:2d:c3:ee:23:
71:25:23:64:11:4f:5e:d2:48:de:3e:1c:7a:65:e0:01:3e:ee:
e5:13:f8:54:65:6f:4f:d0:a7:a2:42:6b:d3:ea:6a:29:2b:17:
d9:b3:7b:0f:29:18:f7:a3:64:4c:d7:8a:4d:46:ce:17:db:1e:
64:b6:8a:bb:c2:bb:b6:f5:83:7f:1b:3c:d3:40:61:b8:74:34:
0e:8e:b1:90:70:bf:64:46:86:c6:6e:b9:08:34:04:56:2d:50:
7d:0d:14:e8:56:d5:30:72:01:a0:dc:3f:1e:de:20:68:6e:a4:
90:3d:f7:f8:08:a2:df:a1:40:36:ee:a9:36:74:3e:6c:81:38:
1f:ec:f9:b2:3a:0b:ed:9e:5c:3e:35:3d:bc:69:6a:04:4c:d6:
21:44:86:54:9e:a0:84:3f:ce:17:08:32:58:a3:ff:bf:74:53:
92:50:11:b3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZKWm5ZLTjyP/uhr4AeGz3oxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNGIwOTc0M2VkMmFmZDZhZmI0N2M1ODM2MGVlMzExMmE5
NWNkMzQwHhcNMjQxMDE2MTgzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDg2N2U5YjRiYzQzNGU5ZWQ3ODZhN2VmODVlNmQyMzU5NTdjNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjqTdwJNN3pHK1CnxUj1RnQdUD8y
XxNjRdFu0DxwqC3MywHdzwKmBcv6sptXpymUcAj9vH1AZ/wHdehS/RShR1v5lxO5
JvSKaNF7+H6TFjMPTZQwgf2yF2xc/4M0ejrqHKH/tqhY8MPb9PRgtcQy0/0WFPvc
3iDMSd34OUEwaNxDeV37fk4ZifgXNCd3SEhcV+RcV/DVfQ24FGkpm0EYdvfSNPvP
Qo6BrP7cdpzKJmle6bNq58J2loJCX8HDlDVV4sGSDGPOk3gkvvOJnsZcBBvvpPgq
OWAKb0GDscgNETnahpjETZNK9lakObNdqeVKomUAW16fbyEIVS7Yihh+7wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDSGfptLxDTp7XhqfvhebSNZV8chMB8GA1UdIwQY
MBaAFDNLCXQ+0q/Wr7R8WDYO4xEqlc00MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTBzSmREN1NyOWF2dEh4WU5nN2pFU3FWelRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jZDQxMGYtOWRlNC00ZDgyLTgwOTEt
NTllNzkyZmUxNGNjLzEvTklaLW0wdkVOT250ZUdwLS1GNXRJMWxYeHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jZDQxMGYtOWRlNC00ZDgyLTgwOTEtNTllNzkyZmUxNGNj
LzEvTTBzSmREN1NyOWF2dEh4WU5nN2pFU3FWelRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCueJAAwQA
1YYFMA0EAgACMAcDBQAqDF4AMA0GCSqGSIb3DQEBCwUAA4IBAQBlAVV+zPeafx1T
oG0J+RkOBuG5smZEmDB3pd3JmV9HhQOwcVqafhS5RpuLejszunVs7U1y1/zlbwYW
lJ0D6OoSw87rdvwg9OBPGgyY07gCnJi7Bl7Xly3D7iNxJSNkEU9e0kjePhx6ZeAB
Pu7lE/hUZW9P0KeiQmvT6mopKxfZs3sPKRj3o2RM14pNRs4X2x5ktoq7wru29YN/
GzzTQGG4dDQOjrGQcL9kRobGbrkINARWLVB9DRToVtUwcgGg3D8e3iBobqSQPff4
CKLfoUA27qk2dD5sgTgf7PmyOgvtnlw+NT28aWoETNYhRIZUnqCEP84XCDJYo/+/
dFOSUBGz
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:54:38 2024 by rpki-client on console-fra.rpki-client.org