Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/ZBKEUvb9g4hH0W5VyutV1wT7XdQ.roa
File: ZBKEUvb9g4hH0W5VyutV1wT7XdQ.roa (raw, json)
Hash identifier: t6pB9LZ1otDuRmFWKOEPGbShH3a6F+K9dm5eTn/3Jb0=
Subject key identifier: 64:12:84:52:F6:FD:83:88:47:D1:6E:55:CA:EB:55:D7:04:FB:5D:D4
Certificate issuer: /CN=f8caa797b900fc355fc2412467751eeb2c1c64be
Certificate serial: 018CC87001641C2F759A02B6D54924EA8917
Authority key identifier: F8:CA:A7:97:B9:00:FC:35:5F:C2:41:24:67:75:1E:EB:2C:1C:64:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/ZBKEUvb9g4hH0W5VyutV1wT7XdQ.roa
Signing time: Tue 02 Jan 2024 04:30:32 +0000
ROA not before: Tue 02 Jan 2024 04:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211467
IP address blocks: 193.34.83.0/24 maxlen: 24
185.98.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:01:64:1c:2f:75:9a:02:b6:d5:49:24:ea:89:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8caa797b900fc355fc2412467751eeb2c1c64be
Validity
Not Before: Jan 2 04:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64128452f6fd838847d16e55caeb55d704fb5dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:70:61:05:b6:17:6d:5f:86:02:06:68:11:ad:
dc:2a:ed:4e:79:a8:48:1b:31:92:bd:07:ba:fd:b7:
5a:6d:3b:87:78:ca:67:8c:45:da:9b:e3:35:fc:26:
55:9c:e6:db:e5:16:e0:c4:30:b6:51:18:21:3b:b1:
6f:3d:9a:31:98:e2:49:b3:d5:30:3b:eb:e8:b7:9a:
e6:68:52:1d:8b:25:c5:01:1e:bb:ac:dd:71:85:ce:
09:62:ae:84:de:0e:bd:17:ab:66:64:65:90:5d:fa:
dc:76:9d:6e:5a:f3:6d:6f:38:9b:b5:99:68:e4:cc:
9a:e3:8d:f8:80:1b:10:4e:29:f4:c0:cb:73:2b:66:
46:05:4c:12:23:fb:5b:96:18:62:4a:32:77:b5:a0:
b3:ac:96:13:ac:f8:25:2b:f1:04:c5:47:92:8c:54:
44:a4:74:37:6c:39:b5:4d:c9:56:65:55:bc:4b:c2:
bf:1e:6f:9c:ef:fe:4a:ae:2c:75:35:a6:7b:4c:f7:
9f:6e:cf:c1:01:4c:60:39:b0:c6:81:9e:97:a1:7f:
ce:e2:63:83:5b:f3:68:5e:8d:53:7f:06:69:da:d8:
52:b7:62:6f:dc:10:f3:c3:53:0a:7e:97:f0:90:af:
7a:62:78:73:80:71:07:67:b4:d4:20:b4:c5:fc:a6:
c0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:12:84:52:F6:FD:83:88:47:D1:6E:55:CA:EB:55:D7:04:FB:5D:D4
X509v3 Authority Key Identifier:
keyid:F8:CA:A7:97:B9:00:FC:35:5F:C2:41:24:67:75:1E:EB:2C:1C:64:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/ZBKEUvb9g4hH0W5VyutV1wT7XdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.219.0/24
193.34.83.0/24
Signature Algorithm: sha256WithRSAEncryption
37:ea:9d:cb:2c:e6:e0:ad:6e:4d:80:31:65:b2:17:5a:85:79:
34:c3:b2:6f:d4:ee:1f:e4:1b:ba:25:f8:3b:b2:16:fa:b1:c1:
3d:30:2a:ab:8b:84:3d:29:40:dc:1e:86:05:0c:1f:73:b6:b5:
22:74:09:40:54:34:c3:12:59:4a:91:38:ff:81:f8:13:d3:57:
c9:70:4a:d4:7f:f7:e1:1b:51:db:a5:ab:e2:0b:1d:ea:9c:43:
00:98:69:53:60:29:6d:d9:74:ea:8f:19:de:8d:8e:c6:98:0b:
fe:d0:84:d6:e6:d3:d9:c0:ba:e5:25:f6:da:f2:e4:68:6c:d1:
d7:76:78:67:bc:2a:23:60:88:8a:05:a9:da:a4:4d:66:7c:70:
48:d9:3f:74:9d:ad:2e:eb:a7:4a:73:e2:5a:2f:5f:12:03:92:
25:11:e8:6c:bd:c3:17:fe:fd:95:b0:99:96:fd:76:8b:4f:66:
ae:95:b1:5f:6b:e3:47:6a:7a:ee:f5:df:28:60:f5:d7:b8:7d:
0b:3a:61:b4:8c:16:5f:cb:bd:67:6f:8e:32:89:cb:fb:a6:8c:
70:f6:9d:4b:8b:b3:c4:c8:3f:3c:7b:88:26:0a:8c:56:2f:5d:
a6:51:01:45:69:75:7d:1e:8f:a7:b8:60:35:4b:56:af:18:b2:
0d:ea:bc:83
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIcAFkHC91mgK21Ukk6okXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4Y2FhNzk3YjkwMGZjMzU1ZmMyNDEyNDY3NzUxZWViMmMx
YzY0YmUwHhcNMjQwMTAyMDQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDEyODQ1MmY2ZmQ4Mzg4NDdkMTZlNTVjYWViNTVkNzA0ZmI1ZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3BhBbYXbV+GAgZoEa3cKu1OeahI
GzGSvQe6/bdabTuHeMpnjEXam+M1/CZVnObb5RbgxDC2URghO7FvPZoxmOJJs9Uw
O+vot5rmaFIdiyXFAR67rN1xhc4JYq6E3g69F6tmZGWQXfrcdp1uWvNtbzibtZlo
5Mya4434gBsQTin0wMtzK2ZGBUwSI/tblhhiSjJ3taCzrJYTrPglK/EExUeSjFRE
pHQ3bDm1TclWZVW8S8K/Hm+c7/5Krix1NaZ7TPefbs/BAUxgObDGgZ6XoX/O4mOD
W/NoXo1TfwZp2thSt2Jv3BDzw1MKfpfwkK96YnhzgHEHZ7TUILTF/KbABQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGQShFL2/YOIR9FuVcrrVdcE+13UMB8GA1UdIwQY
MBaAFPjKp5e5APw1X8JBJGd1HussHGS+MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1NcW5sN2tBX0RWZndrRWtaM1VlNnl3Y1pMNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcvMWI1NWNmLWJlOTQtNDlhZC05ZWI4
LTlkYjNkNDRjNmQyZi8xL1pCS0VVdmI5ZzRoSDBXNVZ5dXRWMXdUN1hkUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDcvMWI1NWNmLWJlOTQtNDlhZC05ZWI4LTlkYjNkNDRjNmQy
Zi8xLzEtTXFubDdrQV9EVmZ3a0VrWjNVZTZ5d2NaTDQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAC5YtsD
BADBIlMwDQYJKoZIhvcNAQELBQADggEBADfqncss5uCtbk2AMWWyF1qFeTTDsm/U
7h/kG7ol+DuyFvqxwT0wKquLhD0pQNwehgUMH3O2tSJ0CUBUNMMSWUqROP+B+BPT
V8lwStR/9+EbUdulq+ILHeqcQwCYaVNgKW3ZdOqPGd6NjsaYC/7QhNbm09nAuuUl
9try5Ghs0dd2eGe8KiNgiIoFqdqkTWZ8cEjZP3SdrS7rp0pz4lovXxIDkiUR6Gy9
wxf+/ZWwmZb9dotPZq6VsV9r40dqeu713yhg9de4fQs6YbSMFl/LvWdvjjKJy/um
jHD2nUuLs8TIPzx7iCYKjFYvXaZRAUVpdX0ej6e4YDVLVq8Ysg3qvIM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:01:02 2024 by rpki-client on console-fra.rpki-client.org