Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1ZkgAFuweqJMx3cg3yyiT50jvAU.roa
File: 1ZkgAFuweqJMx3cg3yyiT50jvAU.roa (raw, json)
Hash identifier: lSOo4hAy1mxj1zBK7qqwMmZUNMf4QUTBJkRQRVxUHQU=
Subject key identifier: D5:99:20:00:5B:B0:7A:A2:4C:C7:77:20:DF:2C:A2:4F:9D:23:BC:05
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018CCA2989B108147AAF57D69CFBDC0D8926
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1ZkgAFuweqJMx3cg3yyiT50jvAU.roa
Signing time: Tue 02 Jan 2024 12:32:48 +0000
ROA not before: Tue 02 Jan 2024 12:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212042
IP address blocks: 85.203.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:89:b1:08:14:7a:af:57:d6:9c:fb:dc:0d:89:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 12:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d59920005bb07aa24cc77720df2ca24f9d23bc05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6b:aa:9b:44:f9:c5:f8:45:4c:5a:1b:0c:f1:
fd:6a:9e:a8:c7:ee:de:2c:19:42:ec:0a:07:5a:3d:
63:f5:a7:35:e5:66:a2:3b:90:a4:86:96:65:97:48:
7a:c4:04:c9:3f:1e:cb:bf:58:32:9e:16:a3:19:b3:
65:d9:70:df:32:e2:cd:a2:84:c9:91:b2:a7:bd:87:
20:c9:e9:37:6a:fe:b8:69:73:04:5d:6c:f0:67:18:
af:a2:4a:db:23:c3:22:5f:10:db:7f:97:75:a8:4f:
73:63:5b:3f:51:66:ee:09:ac:c4:7c:55:bb:aa:b4:
05:c4:d5:79:a6:e6:bd:8d:7b:83:b7:f2:65:70:1d:
3c:d7:96:c6:d6:b9:f9:67:2e:79:32:0d:e9:81:12:
ec:78:37:84:2f:f1:82:6b:50:48:a1:0a:45:dd:7d:
a6:14:2a:82:ab:e8:70:ce:77:b7:59:b3:d3:46:7d:
3d:79:9c:d3:12:39:8d:1a:59:64:98:fd:1b:9e:ae:
9c:58:3a:08:c3:72:76:88:f5:ca:f7:3e:4a:44:7f:
65:c8:67:3c:b5:0f:c1:28:7f:aa:d0:06:03:ef:28:
c3:41:ed:84:a6:00:8f:fd:dc:c8:61:f3:e7:60:7a:
14:c4:38:e1:da:f4:44:23:15:7a:7e:0e:f0:33:b7:
c2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:99:20:00:5B:B0:7A:A2:4C:C7:77:20:DF:2C:A2:4F:9D:23:BC:05
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1ZkgAFuweqJMx3cg3yyiT50jvAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.33.0/24
Signature Algorithm: sha256WithRSAEncryption
58:a5:79:b0:ee:39:15:1e:af:2c:f6:bf:20:7a:db:49:04:a5:
fd:bd:45:46:3d:46:d5:48:6a:88:5a:99:0b:b6:b2:37:7d:ca:
62:ab:b4:01:72:57:5e:e7:26:3a:60:c7:a5:76:8e:93:c6:1e:
a4:1b:76:8e:70:c2:99:22:78:ec:e4:76:6e:00:bf:45:e9:46:
ac:46:6e:74:fd:6c:61:41:c1:93:7d:1e:28:14:0f:22:02:93:
b4:ac:99:22:d4:43:e8:00:b9:05:20:58:53:92:32:89:29:d6:
46:67:ca:26:7b:c5:93:54:20:d3:96:a8:92:3e:35:1d:8f:f6:
de:cc:c1:26:b0:d0:bd:80:d2:12:87:2e:cb:bd:df:c3:dd:45:
8b:42:aa:c5:96:00:19:52:75:0f:4c:c5:4f:e6:7f:74:9e:2c:
8e:f3:44:7d:fd:2e:47:ee:0a:ec:c2:ca:46:44:79:c7:19:d6:
cc:6f:88:ca:16:8a:68:38:35:54:fc:09:d2:d0:5a:32:e0:80:
02:35:d8:51:d3:cf:92:57:db:e2:95:45:72:ba:bf:70:83:38:
6f:8b:66:e0:59:92:63:46:69:1c:80:a6:94:53:a8:f4:f7:7d:
88:09:f9:a5:80:be:cc:01:97:16:b8:ce:b3:39:aa:58:1e:de:
5a:ba:47:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKYmxCBR6r1fWnPvcDYkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMTAyMTIzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk5MjAwMDViYjA3YWEyNGNjNzc3MjBkZjJjYTI0ZjlkMjNiYzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGuqm0T5xfhFTFobDPH9ap6ox+7e
LBlC7AoHWj1j9ac15WaiO5CkhpZll0h6xATJPx7Lv1gynhajGbNl2XDfMuLNooTJ
kbKnvYcgyek3av64aXMEXWzwZxivokrbI8MiXxDbf5d1qE9zY1s/UWbuCazEfFW7
qrQFxNV5pua9jXuDt/JlcB0815bG1rn5Zy55Mg3pgRLseDeEL/GCa1BIoQpF3X2m
FCqCq+hwzne3WbPTRn09eZzTEjmNGllkmP0bnq6cWDoIw3J2iPXK9z5KRH9lyGc8
tQ/BKH+q0AYD7yjDQe2EpgCP/dzIYfPnYHoUxDjh2vREIxV6fg7wM7fCKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWZIABbsHqiTMd3IN8sok+dI7wFMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvMVprZ0FGdXdlcUpNeDNjZzN5eWlUNTBqdkFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcshMA0G
CSqGSIb3DQEBCwUAA4IBAQBYpXmw7jkVHq8s9r8gettJBKX9vUVGPUbVSGqIWpkL
trI3fcpiq7QBclde5yY6YMeldo6Txh6kG3aOcMKZInjs5HZuAL9F6UasRm50/Wxh
QcGTfR4oFA8iApO0rJki1EPoALkFIFhTkjKJKdZGZ8ome8WTVCDTlqiSPjUdj/be
zMEmsNC9gNIShy7Lvd/D3UWLQqrFlgAZUnUPTMVP5n90niyO80R9/S5H7grswspG
RHnHGdbMb4jKFopoODVU/AnS0Foy4IACNdhR08+SV9vilUVyur9wgzhvi2bgWZJj
RmkcgKaUU6j0932ICfmlgL7MAZcWuM6zOapYHt5aukdB
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:38:09 2024 by rpki-client on console-ams.rpki-client.org