Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/Z2NWUXOtjiFzIwMi0qXMu5uPzEc.roa
File: Z2NWUXOtjiFzIwMi0qXMu5uPzEc.roa (raw, json)
Hash identifier: 8MnIRMRFwuBRRybsgBmtugAVQd/94L1R5i5r8LXqwE0=
Subject key identifier: 67:63:56:51:73:AD:8E:21:73:23:03:22:D2:A5:CC:BB:9B:8F:CC:47
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018CCA298935710352D85BDB71D66A4F93EF
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/Z2NWUXOtjiFzIwMi0qXMu5uPzEc.roa
Signing time: Tue 02 Jan 2024 12:32:48 +0000
ROA not before: Tue 02 Jan 2024 12:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211043
IP address blocks: 85.203.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:89:35:71:03:52:d8:5b:db:71:d6:6a:4f:93:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 12:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6763565173ad8e2173230322d2a5ccbb9b8fcc47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:50:1f:cc:fb:f2:96:eb:bb:b1:b7:07:3a:2f:
25:ad:f4:76:63:c2:cd:4a:b6:42:df:c2:41:c1:3d:
e1:91:08:9a:a9:1e:b9:43:3a:22:24:43:97:73:7f:
53:47:a4:93:25:c5:2f:ca:46:9e:64:12:34:71:41:
91:bf:8d:b5:d5:37:a9:bd:84:46:8f:50:e1:e3:27:
fd:20:db:4c:70:c3:69:dd:25:4a:fe:ff:f3:ec:9b:
b0:9f:2b:e0:b1:2c:ce:5a:19:f3:36:1a:27:61:aa:
1b:6f:68:6d:2a:fa:ee:fc:93:55:14:fa:ff:05:c3:
a7:a8:15:19:f3:a0:d9:8e:24:89:6f:b7:74:d5:c9:
2d:77:dc:14:29:34:01:e6:1d:2d:59:8a:00:81:ad:
05:00:d5:7f:12:64:4e:39:0f:13:ba:15:c7:f7:75:
ef:3e:2f:ae:ab:39:a8:54:52:de:51:1a:b2:06:10:
7a:4c:fc:ee:a6:fb:1c:a9:60:52:10:d7:cd:46:10:
12:6a:00:36:18:ed:83:84:12:ee:7a:83:87:3d:38:
6c:16:08:ac:6c:a0:d1:e8:ba:6a:92:b6:1d:44:3c:
ba:9c:07:c2:80:4c:2c:c0:07:5c:d1:c5:ae:32:18:
95:8a:6c:a2:6c:65:6c:85:58:7f:88:42:3e:4f:fd:
80:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:63:56:51:73:AD:8E:21:73:23:03:22:D2:A5:CC:BB:9B:8F:CC:47
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/Z2NWUXOtjiFzIwMi0qXMu5uPzEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.52.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:29:6c:09:96:1a:d9:12:14:14:c2:a2:fd:de:74:af:5b:46:
50:71:8b:f8:0a:25:3b:db:b0:2f:de:b3:af:1b:95:2b:6c:7c:
ba:44:16:46:24:df:b7:e4:dc:e9:91:9c:e9:7a:26:c5:30:15:
aa:47:89:a8:2a:9f:d5:4d:21:29:64:fe:79:07:24:3b:a6:73:
6c:7b:69:bc:fb:88:c5:81:55:bd:c7:cb:07:29:f9:87:d4:7e:
14:d0:ed:bd:70:f0:1c:2a:45:27:2c:97:ca:1c:8c:d3:fc:9f:
81:59:7b:bd:61:12:0f:ca:e7:d5:48:3f:63:1f:9b:ff:ba:93:
1a:5f:a9:06:8f:6b:df:31:74:d7:ad:18:c5:b6:e4:cb:0c:57:
54:a0:04:19:49:da:82:0f:cb:9d:73:67:38:66:1d:e7:75:ef:
ae:3a:78:c4:df:27:2b:b7:52:a9:d1:39:02:ef:e1:35:35:21:
18:15:a7:6a:75:7d:bc:4a:fe:74:90:f0:b3:d1:a3:87:71:57:
16:dd:4f:31:43:a1:ce:b5:9c:15:a2:83:4b:60:fc:ed:04:03:
cd:56:fd:75:d3:7a:fd:61:80:73:db:8b:94:77:2a:a2:18:8a:
d8:61:ac:87:35:d6:3b:b2:44:e0:0e:3c:4b:8b:68:1e:eb:87:
94:31:d7:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKYk1cQNS2FvbcdZqT5PvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMTAyMTIzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzYzNTY1MTczYWQ4ZTIxNzMyMzAzMjJkMmE1Y2NiYjliOGZjYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVAfzPvyluu7sbcHOi8lrfR2Y8LN
SrZC38JBwT3hkQiaqR65QzoiJEOXc39TR6STJcUvykaeZBI0cUGRv4211TepvYRG
j1Dh4yf9INtMcMNp3SVK/v/z7JuwnyvgsSzOWhnzNhonYaobb2htKvru/JNVFPr/
BcOnqBUZ86DZjiSJb7d01cktd9wUKTQB5h0tWYoAga0FANV/EmROOQ8TuhXH93Xv
Pi+uqzmoVFLeURqyBhB6TPzupvscqWBSENfNRhASagA2GO2DhBLueoOHPThsFgis
bKDR6LpqkrYdRDy6nAfCgEwswAdc0cWuMhiVimyibGVshVh/iEI+T/2AFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdjVlFzrY4hcyMDItKlzLubj8xHMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvWjJOV1VYT3RqaUZ6SXdNaTBxWE11NXVQekVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcs0MA0G
CSqGSIb3DQEBCwUAA4IBAQBbKWwJlhrZEhQUwqL93nSvW0ZQcYv4CiU727Av3rOv
G5UrbHy6RBZGJN+35NzpkZzpeibFMBWqR4moKp/VTSEpZP55ByQ7pnNse2m8+4jF
gVW9x8sHKfmH1H4U0O29cPAcKkUnLJfKHIzT/J+BWXu9YRIPyufVSD9jH5v/upMa
X6kGj2vfMXTXrRjFtuTLDFdUoAQZSdqCD8udc2c4Zh3nde+uOnjE3ycrt1Kp0TkC
7+E1NSEYFadqdX28Sv50kPCz0aOHcVcW3U8xQ6HOtZwVooNLYPztBAPNVv1103r9
YYBz24uUdyqiGIrYYayHNdY7skTgDjxLi2ge64eUMdeC
-----END CERTIFICATE-----
Generated at Thu May 2 23:06:22 2024 by rpki-client on console-fra.rpki-client.org