Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/KZ3gI0Z3F5JIZVEPuBHW-TTycR8.roa
File: KZ3gI0Z3F5JIZVEPuBHW-TTycR8.roa (raw, json)
Hash identifier: hIJFfQnhl+PqtfGJcLooN7IspTm/Baui2VccJK7wiys=
Subject key identifier: 29:9D:E0:23:46:77:17:92:48:65:51:0F:B8:11:D6:F9:34:F2:71:1F
Certificate issuer: /CN=c4eb34dda2f8094968494892063351ee0f10e91a
Certificate serial: 018CC500C1B6559D624D89FE79C24909EE71
Authority key identifier: C4:EB:34:DD:A2:F8:09:49:68:49:48:92:06:33:51:EE:0F:10:E9:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xOs03aL4CUloSUiSBjNR7g8Q6Ro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/KZ3gI0Z3F5JIZVEPuBHW-TTycR8.roa
Signing time: Mon 01 Jan 2024 12:30:10 +0000
ROA not before: Mon 01 Jan 2024 12:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5650
IP address blocks: 152.89.228.0/23 maxlen: 23
152.89.230.0/23 maxlen: 23
152.89.228.0/22 maxlen: 22
45.80.250.0/23 maxlen: 23
2.58.176.0/22 maxlen: 22
2.58.178.0/23 maxlen: 23
2.58.176.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/xOs03aL4CUloSUiSBjNR7g8Q6Ro.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/xOs03aL4CUloSUiSBjNR7g8Q6Ro.mft
rsync://rpki.ripe.net/repository/DEFAULT/xOs03aL4CUloSUiSBjNR7g8Q6Ro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:c1:b6:55:9d:62:4d:89:fe:79:c2:49:09:ee:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4eb34dda2f8094968494892063351ee0f10e91a
Validity
Not Before: Jan 1 12:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=299de023467717924865510fb811d6f934f2711f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e4:84:2f:90:b0:3d:1f:b7:a6:cc:0d:56:f7:
a8:36:ac:d8:52:81:21:96:c2:09:3d:2d:39:10:d1:
3a:3c:ae:99:a8:c1:2f:ef:70:99:f0:bd:4f:0d:6b:
00:a3:da:20:fb:ef:cb:3b:59:ea:e4:11:db:e6:d7:
b0:d9:48:89:1f:1a:0f:7a:f5:d1:60:af:b2:b2:a3:
5c:6a:02:87:b9:e1:31:52:cd:03:9a:f5:59:b9:76:
a4:cd:ac:42:cc:53:0e:14:37:a2:12:98:b9:fa:05:
e2:63:2e:b2:17:15:43:a5:b9:26:08:bb:60:ec:06:
29:69:25:93:5c:9e:4d:b9:d9:9a:0d:47:53:d1:f4:
37:63:74:e6:df:74:14:ca:5c:0f:fe:78:8d:b8:4c:
3d:ca:86:fa:71:02:88:b2:8c:2a:21:ea:e8:ba:76:
ca:9f:4c:1e:da:fa:5c:a4:07:b8:8d:1d:27:ae:84:
aa:b0:93:9d:fd:a6:19:7d:55:73:3c:32:8f:e8:69:
24:31:28:81:a0:9a:2e:03:e2:2b:94:92:f4:b1:64:
91:58:87:7d:13:f7:32:d5:9e:69:11:09:56:63:db:
18:4e:f4:28:8d:49:c6:51:52:22:67:da:e2:3a:28:
13:1a:0e:6a:4b:ad:7e:da:85:81:26:29:3f:18:b9:
2b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9D:E0:23:46:77:17:92:48:65:51:0F:B8:11:D6:F9:34:F2:71:1F
X509v3 Authority Key Identifier:
keyid:C4:EB:34:DD:A2:F8:09:49:68:49:48:92:06:33:51:EE:0F:10:E9:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xOs03aL4CUloSUiSBjNR7g8Q6Ro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/KZ3gI0Z3F5JIZVEPuBHW-TTycR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/xOs03aL4CUloSUiSBjNR7g8Q6Ro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.176.0/22
45.80.250.0/23
152.89.228.0/22
Signature Algorithm: sha256WithRSAEncryption
d7:c9:84:c4:dc:ed:64:08:a2:00:bf:e5:c7:a7:5c:b4:f6:46:
49:9a:f1:c9:4c:c6:fe:fc:ee:16:26:87:9b:24:3e:e9:d4:a6:
22:0c:36:35:a9:89:22:97:1b:83:47:1e:97:d4:b9:df:21:9d:
b3:ea:0f:97:bd:0b:be:9f:02:49:65:0c:74:5c:83:53:a5:5d:
de:98:b8:40:a0:d7:5c:f6:be:80:40:2c:c1:c2:0f:7f:bb:12:
e2:12:ca:a8:47:b3:a4:6a:7d:1e:d8:53:31:74:13:bb:46:ca:
52:e0:70:8a:5e:0c:26:1c:20:0c:95:54:59:65:02:ea:63:7d:
09:4e:ad:b8:82:bb:f6:08:70:9e:4d:67:bd:2c:24:52:e6:00:
90:8c:c3:bb:50:52:f7:1d:82:85:f9:f6:3a:9c:0e:3b:cd:db:
d0:68:3d:1f:ad:bc:6d:0b:e8:73:63:00:b6:68:db:65:e3:90:
67:05:9a:4a:36:c2:5b:0f:6f:10:7f:8c:b1:40:04:2d:61:63:
9b:81:48:5d:97:a8:c4:43:36:f3:5f:33:9d:cb:53:70:5d:2c:
0f:0f:1d:75:5b:37:c7:4f:51:dd:d5:b6:62:ea:e0:27:36:1a:
c4:b9:0e:d4:cd:b6:4f:70:10:92:68:0e:f9:5b:5a:d5:9b:65:
e5:30:98:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFAMG2VZ1iTYn+ecJJCe5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZWIzNGRkYTJmODA5NDk2ODQ5NDg5MjA2MzM1MWVlMGYx
MGU5MWEwHhcNMjQwMTAxMTIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTlkZTAyMzQ2NzcxNzkyNDg2NTUxMGZiODExZDZmOTM0ZjI3MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+SEL5CwPR+3pswNVveoNqzYUoEh
lsIJPS05ENE6PK6ZqMEv73CZ8L1PDWsAo9og++/LO1nq5BHb5tew2UiJHxoPevXR
YK+ysqNcagKHueExUs0DmvVZuXakzaxCzFMOFDeiEpi5+gXiYy6yFxVDpbkmCLtg
7AYpaSWTXJ5NudmaDUdT0fQ3Y3Tm33QUylwP/niNuEw9yob6cQKIsowqIerounbK
n0we2vpcpAe4jR0nroSqsJOd/aYZfVVzPDKP6GkkMSiBoJouA+IrlJL0sWSRWId9
E/cy1Z5pEQlWY9sYTvQojUnGUVIiZ9riOigTGg5qS61+2oWBJik/GLkrYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCmd4CNGdxeSSGVRD7gR1vk08nEfMB8GA1UdIwQY
MBaAFMTrNN2i+AlJaElIkgYzUe4PEOkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE9zMDNhTDRDVWxvU1VpU0JqTlI3ZzhRNlJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9iOTY1ODQtMWY3MS00OGJiLWEwMjEt
YTM0N2I1NmYzYjlhLzEvS1ozZ0kwWjNGNUpJWlZFUHVCSFctVFR5Y1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9iOTY1ODQtMWY3MS00OGJiLWEwMjEtYTM0N2I1NmYzYjlh
LzEveE9zMDNhTDRDVWxvU1VpU0JqTlI3ZzhRNlJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjqwAwQB
LVD6AwQCmFnkMA0GCSqGSIb3DQEBCwUAA4IBAQDXyYTE3O1kCKIAv+XHp1y09kZJ
mvHJTMb+/O4WJoebJD7p1KYiDDY1qYkilxuDRx6X1LnfIZ2z6g+XvQu+nwJJZQx0
XINTpV3emLhAoNdc9r6AQCzBwg9/uxLiEsqoR7Okan0e2FMxdBO7RspS4HCKXgwm
HCAMlVRZZQLqY30JTq24grv2CHCeTWe9LCRS5gCQjMO7UFL3HYKF+fY6nA47zdvQ
aD0frbxtC+hzYwC2aNtl45BnBZpKNsJbD28Qf4yxQAQtYWObgUhdl6jEQzbzXzOd
y1NwXSwPDx11WzfHT1Hd1bZi6uAnNhrEuQ7UzbZPcBCSaA75W1rVm2XlMJhJ
-----END CERTIFICATE-----
Generated at Sat May 4 21:51:43 2024 by rpki-client on console-fra.rpki-client.org