Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/ZjbEOF69NhzYjDYehcjyz3voty8.roa
File: ZjbEOF69NhzYjDYehcjyz3voty8.roa (raw, json)
Hash identifier: URM1Jw2O6JSoKpZAuJcl1jnNgLoTFAndQ5zAwRdvYY4=
Subject key identifier: 66:36:C4:38:5E:BD:36:1C:D8:8C:36:1E:85:C8:F2:CF:7B:E8:B7:2F
Certificate issuer: /CN=14fb7c3336acd4189d3fac639a280d9b0020f298
Certificate serial: 018CC94E6C2FA38BCFF6D9E1A9664E100235
Authority key identifier: 14:FB:7C:33:36:AC:D4:18:9D:3F:AC:63:9A:28:0D:9B:00:20:F2:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FPt8Mzas1BidP6xjmigNmwAg8pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/ZjbEOF69NhzYjDYehcjyz3voty8.roa
Signing time: Tue 02 Jan 2024 08:33:29 +0000
ROA not before: Tue 02 Jan 2024 08:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200944
IP address blocks: 185.90.117.0/24 maxlen: 24
185.90.116.0/22 maxlen: 22
185.90.116.0/24 maxlen: 24
185.90.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/FPt8Mzas1BidP6xjmigNmwAg8pg.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/FPt8Mzas1BidP6xjmigNmwAg8pg.mft
rsync://rpki.ripe.net/repository/DEFAULT/FPt8Mzas1BidP6xjmigNmwAg8pg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6c:2f:a3:8b:cf:f6:d9:e1:a9:66:4e:10:02:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14fb7c3336acd4189d3fac639a280d9b0020f298
Validity
Not Before: Jan 2 08:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6636c4385ebd361cd88c361e85c8f2cf7be8b72f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:91:7d:2b:93:42:0e:3f:1b:6e:8d:bc:11:4a:
f8:0b:78:06:a5:95:9f:c8:4a:2e:77:5c:8c:9b:d1:
d9:d7:a4:00:b9:32:24:89:4e:8d:4a:5f:9e:5c:a0:
b2:08:ff:0d:21:e1:ab:80:2c:58:28:00:f8:0c:b8:
bc:61:af:f6:80:08:56:03:ea:42:f3:51:dc:93:c1:
87:89:4c:05:98:bd:59:f9:ac:4f:58:67:d5:05:8e:
25:e0:ff:3c:dc:6a:ed:0a:e9:dd:3b:23:3f:79:1b:
15:9c:6d:ba:c9:d8:81:6b:cc:c7:c0:28:3e:24:50:
4b:41:ed:c0:21:80:a9:9e:89:18:74:43:2f:b4:ac:
a5:e9:31:e0:23:04:85:f1:00:6f:d7:a1:cf:08:28:
90:e0:b4:81:2e:c9:ec:f9:eb:a3:f6:b9:98:79:26:
0b:ab:47:3a:e9:94:a8:9e:81:35:a5:06:f2:0a:53:
85:68:6a:6c:2f:d9:67:c8:5c:03:00:f6:e7:c9:35:
11:9e:ae:c4:c7:81:83:ee:62:5f:60:16:49:7f:1c:
07:e6:73:7e:1a:8c:0e:69:f8:1c:33:c5:f7:c5:76:
34:4d:bc:9a:ad:b2:46:2c:df:c0:fc:59:fd:6b:1c:
90:32:d4:f1:9e:4b:de:b7:46:7c:84:70:c4:be:1a:
9d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:36:C4:38:5E:BD:36:1C:D8:8C:36:1E:85:C8:F2:CF:7B:E8:B7:2F
X509v3 Authority Key Identifier:
keyid:14:FB:7C:33:36:AC:D4:18:9D:3F:AC:63:9A:28:0D:9B:00:20:F2:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FPt8Mzas1BidP6xjmigNmwAg8pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/ZjbEOF69NhzYjDYehcjyz3voty8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64df8e-4b04-4223-8467-9939df1d0d09/1/FPt8Mzas1BidP6xjmigNmwAg8pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.116.0/22
Signature Algorithm: sha256WithRSAEncryption
32:38:47:44:00:dc:24:26:89:23:69:39:3c:6e:6c:8d:79:9a:
6a:f4:69:f6:f6:2f:d5:a6:7a:5c:63:e1:7b:60:fd:20:c2:68:
dc:3d:69:64:01:21:73:13:76:ca:5b:46:d5:12:44:6a:90:cd:
76:ba:8e:23:1b:e2:80:67:18:4c:88:93:54:e9:44:d2:ba:d4:
7b:99:38:23:9c:7e:a8:a4:38:8a:0d:7d:c4:e0:81:a4:a7:27:
d5:7a:eb:b7:59:79:16:2d:e6:83:d5:88:13:8f:3c:64:3f:7c:
12:ec:3e:80:29:16:94:0c:7d:93:80:50:1e:27:1e:11:8c:e2:
7c:49:85:4f:05:3b:4b:c4:a9:23:e3:00:2f:ef:9c:eb:7c:ad:
9a:15:90:cc:15:65:12:84:5b:f9:73:aa:35:e1:0e:c8:ea:f3:
01:f4:d9:cf:c2:46:e6:ef:a3:4c:f8:ca:67:28:eb:05:04:b6:
12:52:e6:1d:dd:00:88:e5:95:9d:bb:fa:12:d5:62:5a:56:2a:
67:4b:26:b3:9b:15:a5:9d:ce:3c:ff:6c:c1:90:41:4f:0d:b7:
f0:66:f4:db:c6:a6:2a:76:9d:71:9f:0b:c8:c1:04:33:82:d4:
f8:8d:5d:33:a7:0e:e1:0d:f3:b4:a3:80:3d:2b:68:2d:dc:10:
08:c1:af:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmwvo4vP9tnhqWZOEAI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZmI3YzMzMzZhY2Q0MTg5ZDNmYWM2MzlhMjgwZDliMDAy
MGYyOTgwHhcNMjQwMTAyMDgzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjM2YzQzODVlYmQzNjFjZDg4YzM2MWU4NWM4ZjJjZjdiZThiNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5F9K5NCDj8bbo28EUr4C3gGpZWf
yEoud1yMm9HZ16QAuTIkiU6NSl+eXKCyCP8NIeGrgCxYKAD4DLi8Ya/2gAhWA+pC
81Hck8GHiUwFmL1Z+axPWGfVBY4l4P883GrtCundOyM/eRsVnG26ydiBa8zHwCg+
JFBLQe3AIYCpnokYdEMvtKyl6THgIwSF8QBv16HPCCiQ4LSBLsns+euj9rmYeSYL
q0c66ZSonoE1pQbyClOFaGpsL9lnyFwDAPbnyTURnq7Ex4GD7mJfYBZJfxwH5nN+
GowOafgcM8X3xXY0TbyarbJGLN/A/Fn9axyQMtTxnkvet0Z8hHDEvhqd2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGY2xDhevTYc2Iw2HoXI8s976LcvMB8GA1UdIwQY
MBaAFBT7fDM2rNQYnT+sY5ooDZsAIPKYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlB0OE16YXMxQmlkUDZ4am1pZ05td0FnOHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NGRmOGUtNGIwNC00MjIzLTg0Njct
OTkzOWRmMWQwZDA5LzEvWmpiRU9GNjlOaHpZakRZZWhjanl6M3ZvdHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NGRmOGUtNGIwNC00MjIzLTg0NjctOTkzOWRmMWQwZDA5
LzEvRlB0OE16YXMxQmlkUDZ4am1pZ05td0FnOHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVp0MA0G
CSqGSIb3DQEBCwUAA4IBAQAyOEdEANwkJokjaTk8bmyNeZpq9Gn29i/VpnpcY+F7
YP0gwmjcPWlkASFzE3bKW0bVEkRqkM12uo4jG+KAZxhMiJNU6UTSutR7mTgjnH6o
pDiKDX3E4IGkpyfVeuu3WXkWLeaD1YgTjzxkP3wS7D6AKRaUDH2TgFAeJx4RjOJ8
SYVPBTtLxKkj4wAv75zrfK2aFZDMFWUShFv5c6o14Q7I6vMB9NnPwkbm76NM+Mpn
KOsFBLYSUuYd3QCI5ZWdu/oS1WJaVipnSyazmxWlnc48/2zBkEFPDbfwZvTbxqYq
dp1xnwvIwQQzgtT4jV0zpw7hDfO0o4A9K2gt3BAIwa//
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:27:31 2024 by rpki-client on console-ams.rpki-client.org