Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/zJ2MAUhzIoj6jmAJ-qs1NJAZuPs.roa
File: zJ2MAUhzIoj6jmAJ-qs1NJAZuPs.roa (raw, json)
Hash identifier: cQZMPWleMqHVOJnA2KhsmryjXOwdjuJMWQRAFxY7Jis=
Subject key identifier: CC:9D:8C:01:48:73:22:88:FA:8E:60:09:FA:AB:35:34:90:19:B8:FB
Certificate issuer: /CN=e36b4c58e6cfd9fa7e7222a58b3626db7b985324
Certificate serial: 01921F2459D48956CD7F066321A80A896168
Authority key identifier: E3:6B:4C:58:E6:CF:D9:FA:7E:72:22:A5:8B:36:26:DB:7B:98:53:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/42tMWObP2fp-ciKlizYm23uYUyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/zJ2MAUhzIoj6jmAJ-qs1NJAZuPs.roa
Signing time: Mon 23 Sep 2024 13:48:48 +0000
ROA not before: Mon 23 Sep 2024 13:48:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43016
IP address blocks: 185.121.216.0/22 maxlen: 22
195.181.192.0/20 maxlen: 23
2a06:a0c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/42tMWObP2fp-ciKlizYm23uYUyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/42tMWObP2fp-ciKlizYm23uYUyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/42tMWObP2fp-ciKlizYm23uYUyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1f:24:59:d4:89:56:cd:7f:06:63:21:a8:0a:89:61:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e36b4c58e6cfd9fa7e7222a58b3626db7b985324
Validity
Not Before: Sep 23 13:48:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc9d8c0148732288fa8e6009faab35349019b8fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fb:4e:4f:37:8a:94:35:a0:d7:3e:9e:33:aa:
45:0e:22:a1:04:d6:4a:6a:f6:7a:d7:f0:0b:43:e9:
f3:4d:06:3b:c9:3a:18:04:c1:45:cf:7a:d8:71:65:
05:3f:76:e5:cc:6e:60:3b:98:b9:b3:ae:62:ab:f3:
32:5c:da:79:63:c2:40:2c:a9:89:e7:89:45:63:c4:
1a:0f:37:2a:c5:08:29:24:21:cc:01:c7:b5:cc:d4:
f5:1a:1d:85:2d:7a:ea:34:e2:af:9c:3f:b8:52:32:
ed:6a:34:e6:34:1a:23:0f:c0:9a:de:c4:e8:c0:76:
b4:65:d8:46:67:7c:69:ce:39:57:d9:40:3c:0b:af:
4f:03:3c:09:ad:cb:aa:c4:fa:fb:0f:79:ff:d0:1c:
c7:2e:03:07:45:f6:0b:de:45:38:50:91:34:17:6f:
22:58:a8:d7:c4:96:b9:bf:b9:db:45:ab:4a:07:70:
2b:52:2a:3d:fb:fe:b2:9f:b0:40:96:f6:dd:af:7f:
3c:e5:c0:19:94:59:ec:14:81:d2:23:28:e6:d9:1a:
44:f6:03:df:91:61:52:a3:4d:97:0d:32:db:14:f4:
73:61:94:1b:06:56:ba:68:68:91:fa:bc:c2:75:21:
84:2a:e1:47:53:01:75:93:6c:bb:24:37:de:2b:c1:
a9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9D:8C:01:48:73:22:88:FA:8E:60:09:FA:AB:35:34:90:19:B8:FB
X509v3 Authority Key Identifier:
keyid:E3:6B:4C:58:E6:CF:D9:FA:7E:72:22:A5:8B:36:26:DB:7B:98:53:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/42tMWObP2fp-ciKlizYm23uYUyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/zJ2MAUhzIoj6jmAJ-qs1NJAZuPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/42tMWObP2fp-ciKlizYm23uYUyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.216.0/22
195.181.192.0/20
IPv6:
2a06:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
69:21:2b:d3:e0:3b:0a:d5:d2:e7:f9:25:4a:87:a5:e0:c2:38:
37:4d:57:1f:7a:2f:9d:8c:cc:bf:b3:e9:27:16:24:73:08:4c:
ec:ab:4e:7f:6b:3b:8a:dd:ac:6c:54:88:27:d4:0c:d5:21:c0:
b6:67:3e:13:86:5d:14:32:15:27:a5:5c:39:37:00:d4:f0:78:
48:aa:ca:27:51:72:a8:e2:53:d6:72:80:85:5d:92:b5:9d:cd:
f2:4a:f1:0a:2a:ab:b4:a0:62:59:84:81:ee:c4:00:23:3e:45:
c6:86:01:1e:ce:ef:bb:e0:31:39:ed:32:b9:3b:64:7b:74:18:
7e:61:32:fe:8e:7c:50:58:73:16:61:94:7d:bf:da:08:06:bd:
65:41:9f:0f:e7:7f:33:0d:a6:54:76:4c:2a:f2:19:7e:bb:1f:
17:5b:a3:83:24:d5:d9:46:a0:ba:e4:74:da:69:29:ab:94:17:
c9:eb:8e:91:bc:86:06:9f:16:34:0b:28:88:01:bf:8c:a1:64:
e8:4d:b0:ba:b5:c7:0b:46:6d:3e:de:f3:b8:6a:5e:67:69:fb:
8a:37:c0:16:45:89:8e:3d:c3:ef:d6:7b:f0:05:00:0b:02:4e:
24:37:51:a5:44:44:7e:21:22:dc:f6:ea:a0:3c:5d:bb:80:6d:
67:7d:44:cd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZIfJFnUiVbNfwZjIagKiWFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNmI0YzU4ZTZjZmQ5ZmE3ZTcyMjJhNThiMzYyNmRiN2I5
ODUzMjQwHhcNMjQwOTIzMTM0ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzlkOGMwMTQ4NzMyMjg4ZmE4ZTYwMDlmYWFiMzUzNDkwMTliOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PtOTzeKlDWg1z6eM6pFDiKhBNZK
avZ61/ALQ+nzTQY7yToYBMFFz3rYcWUFP3blzG5gO5i5s65iq/MyXNp5Y8JALKmJ
54lFY8QaDzcqxQgpJCHMAce1zNT1Gh2FLXrqNOKvnD+4UjLtajTmNBojD8Ca3sTo
wHa0ZdhGZ3xpzjlX2UA8C69PAzwJrcuqxPr7D3n/0BzHLgMHRfYL3kU4UJE0F28i
WKjXxJa5v7nbRatKB3ArUio9+/6yn7BAlvbdr3885cAZlFnsFIHSIyjm2RpE9gPf
kWFSo02XDTLbFPRzYZQbBla6aGiR+rzCdSGEKuFHUwF1k2y7JDfeK8Gp3QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMydjAFIcyKI+o5gCfqrNTSQGbj7MB8GA1UdIwQY
MBaAFONrTFjmz9n6fnIipYs2Jtt7mFMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDJ0TVdPYlAyZnAtY2lLbGl6WW0yM3VZVXlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZDdkZjgtYjQ2NC00Y2E3LWJhNmMt
ODAwYzk5ODUxMzY4LzEvekoyTUFVaHpJb2o2am1BSi1xczFOSkFadVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZDdkZjgtYjQ2NC00Y2E3LWJhNmMtODAwYzk5ODUxMzY4
LzEvNDJ0TVdPYlAyZnAtY2lLbGl6WW0yM3VZVXlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXnYAwQE
w7XAMA0EAgACMAcDBQMqBqDAMA0GCSqGSIb3DQEBCwUAA4IBAQBpISvT4DsK1dLn
+SVKh6Xgwjg3TVcfei+djMy/s+knFiRzCEzsq05/azuK3axsVIgn1AzVIcC2Zz4T
hl0UMhUnpVw5NwDU8HhIqsonUXKo4lPWcoCFXZK1nc3ySvEKKqu0oGJZhIHuxAAj
PkXGhgEezu+74DE57TK5O2R7dBh+YTL+jnxQWHMWYZR9v9oIBr1lQZ8P538zDaZU
dkwq8hl+ux8XW6ODJNXZRqC65HTaaSmrlBfJ646RvIYGnxY0CyiIAb+MoWToTbC6
tccLRm0+3vO4al5nafuKN8AWRYmOPcPv1nvwBQALAk4kN1GlRER+ISLc9uqgPF27
gG1nfUTN
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:47 2024 by rpki-client on console-fra.rpki-client.org