Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/eb837b-3ae5-4f60-829b-2b8038283017/1/h_nz58u08FizJT6QqMmzgvHXa30.roa
File: h_nz58u08FizJT6QqMmzgvHXa30.roa (raw, json)
Hash identifier: a7inPd4S5JOxbx1D7dpV8xXLL/kK45ovN9hEF9GzpLw=
Subject key identifier: 87:F9:F3:E7:CB:B4:F0:58:B3:25:3E:90:A8:C9:B3:82:F1:D7:6B:7D
Certificate issuer: /CN=65a424cee2fdb0072b541438d913d26636a9b88b
Certificate serial: 018CC79353E6BCC35385CE0C2ADF51AA5855
Authority key identifier: 65:A4:24:CE:E2:FD:B0:07:2B:54:14:38:D9:13:D2:66:36:A9:B8:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZaQkzuL9sAcrVBQ42RPSZjapuIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/eb837b-3ae5-4f60-829b-2b8038283017/1/h_nz58u08FizJT6QqMmzgvHXa30.roa
Signing time: Tue 02 Jan 2024 00:29:30 +0000
ROA not before: Tue 02 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198731
IP address blocks: 5.1.32.0/21 maxlen: 21
85.184.224.0/22 maxlen: 22
185.64.232.0/22 maxlen: 22
185.45.28.0/22 maxlen: 22
81.173.40.0/23 maxlen: 23
2a00:bc40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/eb837b-3ae5-4f60-829b-2b8038283017/1/ZaQkzuL9sAcrVBQ42RPSZjapuIs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/eb837b-3ae5-4f60-829b-2b8038283017/1/ZaQkzuL9sAcrVBQ42RPSZjapuIs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZaQkzuL9sAcrVBQ42RPSZjapuIs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:53:e6:bc:c3:53:85:ce:0c:2a:df:51:aa:58:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a424cee2fdb0072b541438d913d26636a9b88b
Validity
Not Before: Jan 2 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87f9f3e7cbb4f058b3253e90a8c9b382f1d76b7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:ab:5f:3a:24:15:7f:67:0e:c2:e1:b1:f4:fe:
dc:81:97:db:ed:b6:03:76:d2:56:c6:64:e8:db:cf:
ca:1f:a9:f2:7a:fb:b3:a6:4f:ec:55:ae:40:d4:f3:
f0:02:4a:b5:f0:d2:ea:bf:38:b3:f9:f2:50:12:95:
d5:c8:f5:30:7f:9c:90:cc:7d:30:99:18:53:5b:fc:
ce:44:91:80:f5:df:80:ad:2e:65:24:00:52:67:0f:
72:ca:a4:85:1c:ae:ce:fd:35:40:9e:3d:9a:a4:ff:
32:ed:6d:14:05:df:c9:fb:8f:2b:a1:b3:ee:0d:86:
07:59:e5:95:f8:eb:aa:d0:9e:d0:e5:b2:e9:a7:32:
91:99:21:bb:21:89:d0:13:88:40:e2:17:23:5a:e5:
5b:2e:59:3a:97:2b:24:08:57:97:d3:67:b2:30:16:
6b:fa:e0:54:40:df:bd:d7:fb:cb:1b:ec:86:cb:d9:
26:65:a3:95:dc:76:b3:87:7b:e5:09:21:59:80:87:
3b:e8:7c:2d:eb:d3:7f:69:21:b4:74:b4:32:2b:f0:
e1:83:2a:9b:e1:c9:11:dd:36:d0:34:7c:da:2e:e7:
55:d9:e4:59:7b:29:b1:bd:ae:3e:39:71:b3:12:50:
1b:88:70:6d:90:f3:87:71:3e:b6:56:0e:5d:8f:0a:
d1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F9:F3:E7:CB:B4:F0:58:B3:25:3E:90:A8:C9:B3:82:F1:D7:6B:7D
X509v3 Authority Key Identifier:
keyid:65:A4:24:CE:E2:FD:B0:07:2B:54:14:38:D9:13:D2:66:36:A9:B8:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaQkzuL9sAcrVBQ42RPSZjapuIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/eb837b-3ae5-4f60-829b-2b8038283017/1/h_nz58u08FizJT6QqMmzgvHXa30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/eb837b-3ae5-4f60-829b-2b8038283017/1/ZaQkzuL9sAcrVBQ42RPSZjapuIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.32.0/21
81.173.40.0/23
85.184.224.0/22
185.45.28.0/22
185.64.232.0/22
IPv6:
2a00:bc40::/32
Signature Algorithm: sha256WithRSAEncryption
a9:c3:fe:66:cc:96:c9:ae:44:e0:a3:d9:2e:56:2e:e2:b2:5a:
fa:e3:02:00:84:1d:12:9c:14:29:7c:bd:c4:a7:81:96:2c:f1:
96:da:f2:81:37:77:42:89:ca:7f:72:3c:af:b1:04:a4:7a:5d:
50:57:4a:ce:0f:40:79:93:6f:5d:8c:38:35:5e:ba:f9:80:c0:
14:0b:19:64:8b:e3:95:d1:61:04:90:d7:f6:6b:b8:1b:34:e3:
1d:6b:4e:bc:6d:6e:11:bc:f7:3d:42:c1:4c:df:38:0f:01:9f:
84:70:69:83:85:d1:c5:5e:a3:12:ab:a3:e9:17:57:e1:45:14:
8c:59:84:04:df:04:a6:1c:c5:b7:14:f0:9e:02:20:23:eb:6b:
4a:7a:b5:c6:56:bd:d9:13:9d:d7:ee:ae:37:eb:53:74:7f:5c:
ef:3a:4e:57:06:43:99:ff:15:47:3e:ee:e0:b4:0b:f8:5d:b0:
3f:1a:95:0d:86:a4:2c:7c:66:65:ae:c3:62:f5:84:f4:ca:e3:
b1:4d:98:87:b1:d9:47:00:01:df:4d:3f:84:99:e6:30:32:12:
ae:13:bc:93:a6:e7:f9:45:a9:91:37:90:38:9a:13:d0:2b:22:
26:e6:99:57:d3:79:a6:1f:1f:39:d5:9b:67:c4:e8:3a:17:3c:
e4:1c:94:91
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHk1PmvMNThc4MKt9RqlhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTQyNGNlZTJmZGIwMDcyYjU0MTQzOGQ5MTNkMjY2MzZh
OWI4OGIwHhcNMjQwMTAyMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y5ZjNlN2NiYjRmMDU4YjMyNTNlOTBhOGM5YjM4MmYxZDc2YjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7atfOiQVf2cOwuGx9P7cgZfb7bYD
dtJWxmTo28/KH6nyevuzpk/sVa5A1PPwAkq18NLqvziz+fJQEpXVyPUwf5yQzH0w
mRhTW/zORJGA9d+ArS5lJABSZw9yyqSFHK7O/TVAnj2apP8y7W0UBd/J+48robPu
DYYHWeWV+Ouq0J7Q5bLppzKRmSG7IYnQE4hA4hcjWuVbLlk6lyskCFeX02eyMBZr
+uBUQN+91/vLG+yGy9kmZaOV3Hazh3vlCSFZgIc76Hwt69N/aSG0dLQyK/Dhgyqb
4ckR3TbQNHzaLudV2eRZeymxva4+OXGzElAbiHBtkPOHcT62Vg5djwrRvQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIf58+fLtPBYsyU+kKjJs4Lx12t9MB8GA1UdIwQY
MBaAFGWkJM7i/bAHK1QUONkT0mY2qbiLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFRa3p1TDlzQWNyVkJRNDJSUFNaamFwdUlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9lYjgzN2ItM2FlNS00ZjYwLTgyOWIt
MmI4MDM4MjgzMDE3LzEvaF9uejU4dTA4Rml6SlQ2UXFNbXpndkhYYTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9lYjgzN2ItM2FlNS00ZjYwLTgyOWItMmI4MDM4MjgzMDE3
LzEvWmFRa3p1TDlzQWNyVkJRNDJSUFNaamFwdUlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBQEgAwQB
Ua0oAwQCVbjgAwQCuS0cAwQCuUDoMA0EAgACMAcDBQAqALxAMA0GCSqGSIb3DQEB
CwUAA4IBAQCpw/5mzJbJrkTgo9kuVi7islr64wIAhB0SnBQpfL3Ep4GWLPGW2vKB
N3dCicp/cjyvsQSkel1QV0rOD0B5k29djDg1Xrr5gMAUCxlki+OV0WEEkNf2a7gb
NOMda068bW4RvPc9QsFM3zgPAZ+EcGmDhdHFXqMSq6PpF1fhRRSMWYQE3wSmHMW3
FPCeAiAj62tKerXGVr3ZE53X7q4361N0f1zvOk5XBkOZ/xVHPu7gtAv4XbA/GpUN
hqQsfGZlrsNi9YT0yuOxTZiHsdlHAAHfTT+EmeYwMhKuE7yTpuf5RamRN5A4mhPQ
KyIm5plX03mmHx851ZtnxOg6FzzkHJSR
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:32:20 2024 by rpki-client on console-ams.rpki-client.org