Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/6e43b9-c6a7-4d51-8061-06c8bb374a58/1/IDWWwZGMVR_ZKMGJFpQH-ZoK1bg.roa
File: IDWWwZGMVR_ZKMGJFpQH-ZoK1bg.roa (raw, json)
Hash identifier: eN9ag6fl5NIGkWI6aapUjCp2oeWM9mnSu5BsAzvhMIQ=
Subject key identifier: 20:35:96:C1:91:8C:55:1F:D9:28:C1:89:16:94:07:F9:9A:0A:D5:B8
Certificate issuer: /CN=e06536d2b17c45c175739f3313119be219d331ac
Certificate serial: 018CC649A33EF8678EF99373FF40B3BF55C6
Authority key identifier: E0:65:36:D2:B1:7C:45:C1:75:73:9F:33:13:11:9B:E2:19:D3:31:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4GU20rF8RcF1c58zExGb4hnTMaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/6e43b9-c6a7-4d51-8061-06c8bb374a58/1/IDWWwZGMVR_ZKMGJFpQH-ZoK1bg.roa
Signing time: Mon 01 Jan 2024 18:29:23 +0000
ROA not before: Mon 01 Jan 2024 18:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15576
IP address blocks: 188.92.224.0/21 maxlen: 21
185.254.76.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/6e43b9-c6a7-4d51-8061-06c8bb374a58/1/4GU20rF8RcF1c58zExGb4hnTMaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/6e43b9-c6a7-4d51-8061-06c8bb374a58/1/4GU20rF8RcF1c58zExGb4hnTMaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/4GU20rF8RcF1c58zExGb4hnTMaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:a3:3e:f8:67:8e:f9:93:73:ff:40:b3:bf:55:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e06536d2b17c45c175739f3313119be219d331ac
Validity
Not Before: Jan 1 18:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=203596c1918c551fd928c189169407f99a0ad5b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:08:7e:d2:19:43:6a:83:af:0e:e0:0c:82:a6:
29:88:ca:f8:7f:88:65:33:8c:51:2e:60:62:3e:bd:
4b:92:be:c8:1e:8f:8a:27:8e:9b:d0:dd:ee:ca:46:
0c:6d:94:5a:0f:87:f6:a6:b2:7e:f6:e0:aa:6e:d1:
ff:52:58:71:e6:3d:7f:2a:f0:a1:c5:cf:5f:27:13:
49:1c:ee:56:9c:0d:ff:9d:75:3e:ba:3e:05:8e:6c:
f6:4e:cc:40:e2:4e:51:ac:eb:24:66:88:54:94:fb:
11:88:a5:54:7b:f8:65:c6:9b:5e:d5:84:b8:4c:32:
79:e1:2b:6d:49:7b:dc:09:cc:0e:f7:bd:29:de:ab:
76:76:26:ce:a0:b1:17:bf:b6:6c:14:66:f2:7e:67:
e4:f6:3c:d5:43:b9:7b:a7:d8:2c:4d:d4:c6:94:47:
ee:c6:eb:54:42:f8:8d:d6:45:df:ee:f2:2a:e4:b7:
58:de:55:87:a9:13:22:3a:bd:30:a1:71:71:ae:a9:
80:a3:f4:2a:d4:6c:5d:6d:5c:28:ee:cd:96:4b:18:
9e:5c:8c:3d:97:34:bc:09:f3:6f:23:4c:d9:78:f0:
d4:82:5b:ea:87:a8:e3:43:82:d2:61:e0:e5:3a:65:
5f:e7:58:ee:71:20:ad:c1:c0:bf:9a:7d:3d:b7:24:
7b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:35:96:C1:91:8C:55:1F:D9:28:C1:89:16:94:07:F9:9A:0A:D5:B8
X509v3 Authority Key Identifier:
keyid:E0:65:36:D2:B1:7C:45:C1:75:73:9F:33:13:11:9B:E2:19:D3:31:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4GU20rF8RcF1c58zExGb4hnTMaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/6e43b9-c6a7-4d51-8061-06c8bb374a58/1/IDWWwZGMVR_ZKMGJFpQH-ZoK1bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/6e43b9-c6a7-4d51-8061-06c8bb374a58/1/4GU20rF8RcF1c58zExGb4hnTMaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.76.0/22
188.92.224.0/21
Signature Algorithm: sha256WithRSAEncryption
43:23:df:26:90:65:14:fe:d6:10:05:7b:64:f1:d2:4c:bc:7d:
a0:8a:2f:fa:c2:66:01:c3:e4:b2:eb:d8:32:72:11:fb:4a:3a:
8e:be:d0:3f:5c:8b:7c:fe:70:b7:ff:7e:e7:d2:e3:65:d0:33:
26:84:c7:15:7c:c8:8b:3b:81:9a:88:46:9c:e0:b5:7c:96:91:
36:26:2a:5d:03:16:28:8a:9d:0c:ff:e5:d7:86:d7:39:23:90:
c4:18:cd:85:0f:f7:09:52:06:8f:07:b3:62:13:c2:f8:a8:6d:
e1:bc:45:bf:21:b9:79:e3:12:b3:fc:62:37:96:7f:43:54:48:
18:fd:6a:1c:8e:bf:dd:d2:3e:1c:ba:21:c5:ce:5d:47:f5:b6:
fd:91:58:96:c4:84:82:7f:5b:3f:ff:ea:e7:a0:eb:cb:83:6f:
73:c3:b8:8b:73:c1:3d:cf:37:76:a8:2e:fe:c4:fa:cf:17:0a:
6b:07:24:6e:5b:86:38:97:8a:fe:6d:22:c8:48:9f:bb:24:5e:
e6:ec:52:64:61:f4:aa:30:ed:94:27:fb:bb:5c:77:9e:a5:41:
af:b9:3b:4d:59:29:af:07:87:78:8e:ae:da:9c:7e:40:23:63:
1c:28:a5:21:ea:86:c6:46:d1:e0:63:a8:75:ff:2a:86:aa:15:
7e:dd:43:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSaM++GeO+ZNz/0Czv1XGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjUzNmQyYjE3YzQ1YzE3NTczOWYzMzEzMTE5YmUyMTlk
MzMxYWMwHhcNMjQwMTAxMTgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM1OTZjMTkxOGM1NTFmZDkyOGMxODkxNjk0MDdmOTlhMGFkNWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAh+0hlDaoOvDuAMgqYpiMr4f4hl
M4xRLmBiPr1Lkr7IHo+KJ46b0N3uykYMbZRaD4f2prJ+9uCqbtH/Ulhx5j1/KvCh
xc9fJxNJHO5WnA3/nXU+uj4Fjmz2TsxA4k5RrOskZohUlPsRiKVUe/hlxpte1YS4
TDJ54SttSXvcCcwO970p3qt2dibOoLEXv7ZsFGbyfmfk9jzVQ7l7p9gsTdTGlEfu
xutUQviN1kXf7vIq5LdY3lWHqRMiOr0woXFxrqmAo/Qq1GxdbVwo7s2WSxieXIw9
lzS8CfNvI0zZePDUglvqh6jjQ4LSYeDlOmVf51jucSCtwcC/mn09tyR7gwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCA1lsGRjFUf2SjBiRaUB/maCtW4MB8GA1UdIwQY
MBaAFOBlNtKxfEXBdXOfMxMRm+IZ0zGsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdVMjByRjhSY0YxYzU4ekV4R2I0aG5UTWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82ZTQzYjktYzZhNy00ZDUxLTgwNjEt
MDZjOGJiMzc0YTU4LzEvSURXV3daR01WUl9aS01HSkZwUUgtWm9LMWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82ZTQzYjktYzZhNy00ZDUxLTgwNjEtMDZjOGJiMzc0YTU4
LzEvNEdVMjByRjhSY0YxYzU4ekV4R2I0aG5UTWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuf5MAwQD
vFzgMA0GCSqGSIb3DQEBCwUAA4IBAQBDI98mkGUU/tYQBXtk8dJMvH2gii/6wmYB
w+Sy69gychH7SjqOvtA/XIt8/nC3/37n0uNl0DMmhMcVfMiLO4GaiEac4LV8lpE2
JipdAxYoip0M/+XXhtc5I5DEGM2FD/cJUgaPB7NiE8L4qG3hvEW/Ibl54xKz/GI3
ln9DVEgY/Wocjr/d0j4cuiHFzl1H9bb9kViWxISCf1s//+rnoOvLg29zw7iLc8E9
zzd2qC7+xPrPFwprByRuW4Y4l4r+bSLISJ+7JF7m7FJkYfSqMO2UJ/u7XHeepUGv
uTtNWSmvB4d4jq7anH5AI2McKKUh6obGRtHgY6h1/yqGqhV+3UOs
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:26 2024 by rpki-client on console-fra.rpki-client.org