Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/ZLXIzlXgj7BWbz-DeYwot5gFSHE.roa
File: ZLXIzlXgj7BWbz-DeYwot5gFSHE.roa (raw, json)
Hash identifier: yxLIKl+qL0uL31esAkmi7EGnKLS2N4w04iXAMgyE7bg=
Subject key identifier: 64:B5:C8:CE:55:E0:8F:B0:56:6F:3F:83:79:8C:28:B7:98:05:48:71
Certificate issuer: /CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a
Certificate serial: 01918DECF660F232877250E8BACBD9EBA01C
Authority key identifier: 6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/ZLXIzlXgj7BWbz-DeYwot5gFSHE.roa
Signing time: Mon 26 Aug 2024 09:03:22 +0000
ROA not before: Mon 26 Aug 2024 09:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 185.15.209.0/24 maxlen: 24
185.15.210.0/24 maxlen: 24
185.15.211.0/24 maxlen: 24
185.142.32.0/24 maxlen: 24
185.142.34.0/23 maxlen: 23
185.142.35.0/24 maxlen: 24
194.213.24.0/24 maxlen: 24
194.242.33.0/24 maxlen: 24
2a03:afc0:1::/48 maxlen: 48
2a03:afc0:2::/48 maxlen: 48
2a03:afc0:3::/48 maxlen: 48
2a03:afc0:5::/48 maxlen: 48
2a03:afc0:6::/48 maxlen: 48
2a03:afc0:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.mft
rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8d:ec:f6:60:f2:32:87:72:50:e8:ba:cb:d9:eb:a0:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d39ce4c29ab3f802f9de933f4495026c4d0ee4a
Validity
Not Before: Aug 26 09:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64b5c8ce55e08fb0566f3f83798c28b798054871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b5:db:62:19:7d:17:16:07:e8:1d:1f:ad:a7:
90:17:d2:ca:d4:f4:9d:53:93:af:e3:c1:8b:4d:ef:
b8:5b:2f:cc:a6:e3:c3:cf:b7:a3:ba:f6:8b:b4:64:
70:e1:f3:58:31:dc:c2:68:45:cc:87:0e:8d:7a:e4:
09:3a:52:4d:04:2a:fd:ea:ee:8d:88:c3:d7:7f:e4:
0a:b4:41:ef:9b:e3:10:39:53:47:f6:2b:fb:f4:1d:
e3:ad:e4:4f:aa:5d:82:ec:62:5c:9e:29:cc:65:30:
30:82:c4:7f:5a:af:b4:c1:ed:88:5c:66:3e:12:19:
cb:bd:d6:62:73:0f:20:4a:c6:35:22:e8:80:99:c8:
26:48:e0:91:48:ef:eb:47:8f:2b:02:5e:bc:5b:4f:
aa:46:c4:e4:4d:99:72:17:e6:6d:ef:fe:61:43:e9:
c2:2e:e6:82:ec:e4:09:75:d6:94:46:4a:97:05:76:
cf:93:30:85:cb:5a:c7:47:b9:e3:c9:5c:12:66:56:
bc:48:8a:1a:d3:ea:f2:08:ae:f7:60:16:19:b9:36:
b1:c2:61:c9:a4:61:6c:84:d1:4a:12:a4:a9:ce:ec:
ca:37:ea:c9:35:47:52:78:ad:fa:ee:9c:82:48:ec:
88:7c:de:15:e6:ac:3a:20:92:99:a2:a5:dd:2f:2d:
ff:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B5:C8:CE:55:E0:8F:B0:56:6F:3F:83:79:8C:28:B7:98:05:48:71
X509v3 Authority Key Identifier:
keyid:6D:39:CE:4C:29:AB:3F:80:2F:9D:E9:33:F4:49:50:26:C4:D0:EE:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTnOTCmrP4Avnekz9ElQJsTQ7ko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/ZLXIzlXgj7BWbz-DeYwot5gFSHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/44e8f5-3584-490e-9979-cdc31d5fb8a4/1/bTnOTCmrP4Avnekz9ElQJsTQ7ko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.209.0-185.15.211.255
185.142.32.0/24
185.142.34.0/23
194.213.24.0/24
194.242.33.0/24
IPv6:
2a03:afc0:1::-2a03:afc0:3:ffff:ffff:ffff:ffff:ffff
2a03:afc0:5::-2a03:afc0:6:ffff:ffff:ffff:ffff:ffff
2a03:afc0:8::/48
Signature Algorithm: sha256WithRSAEncryption
6e:40:d1:ea:db:0a:37:8a:26:fc:bd:ce:a4:9b:c7:9d:35:0e:
58:f6:5c:eb:4f:59:5f:1f:92:53:8a:e8:45:9b:c5:56:a8:c9:
4f:b8:87:79:de:2c:95:88:e6:e4:0c:a5:f4:c5:52:0a:39:91:
92:69:40:ad:ad:b6:d8:ee:c5:75:bf:fd:fd:86:01:f2:34:c4:
d6:e5:02:d2:8b:a5:41:1f:41:20:73:1b:bb:b2:ff:db:4d:b7:
c0:d5:24:9a:16:88:1f:4b:ff:7b:07:f4:bb:9f:d0:e8:2f:d4:
c9:58:97:81:78:25:b2:eb:9b:6f:b4:f5:b2:4b:74:7a:53:58:
9c:15:f7:fc:d1:10:80:fa:3a:8f:c4:fe:df:56:a6:de:71:3d:
6e:60:87:eb:03:b0:d6:11:a1:5f:62:71:a2:69:8e:58:36:ab:
8e:51:76:57:54:aa:51:62:3d:37:5d:ab:bc:fd:db:24:1b:44:
54:3d:dd:14:b0:01:41:d5:47:49:52:c7:e9:d5:37:17:58:b1:
e8:2c:df:c6:ed:ad:ce:f4:bc:05:20:bf:67:53:83:77:55:50:
19:c2:bd:0e:1d:58:97:30:b5:c6:37:1d:48:9c:91:c4:53:40:
81:20:5c:07:c3:7a:7c:b6:71:d4:61:b3:78:07:9f:b9:3b:40:
d6:29:a2:c6
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZGN7PZg8jKHclDousvZ66AcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMzljZTRjMjlhYjNmODAyZjlkZTkzM2Y0NDk1MDI2YzRk
MGVlNGEwHhcNMjQwODI2MDkwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGI1YzhjZTU1ZTA4ZmIwNTY2ZjNmODM3OThjMjhiNzk4MDU0ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7XbYhl9FxYH6B0fraeQF9LK1PSd
U5Ov48GLTe+4Wy/MpuPDz7ejuvaLtGRw4fNYMdzCaEXMhw6NeuQJOlJNBCr96u6N
iMPXf+QKtEHvm+MQOVNH9iv79B3jreRPql2C7GJcninMZTAwgsR/Wq+0we2IXGY+
EhnLvdZicw8gSsY1IuiAmcgmSOCRSO/rR48rAl68W0+qRsTkTZlyF+Zt7/5hQ+nC
LuaC7OQJddaURkqXBXbPkzCFy1rHR7njyVwSZla8SIoa0+ryCK73YBYZuTaxwmHJ
pGFshNFKEqSpzuzKN+rJNUdSeK367pyCSOyIfN4V5qw6IJKZoqXdLy3/VwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFGS1yM5V4I+wVm8/g3mMKLeYBUhxMB8GA1UdIwQY
MBaAFG05zkwpqz+AL53pM/RJUCbE0O5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5Nzkt
Y2RjMzFkNWZiOGE0LzEvWkxYSXpsWGdqN0JXYnotRGVZd290NWdGU0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80NGU4ZjUtMzU4NC00OTBlLTk5NzktY2RjMzFkNWZiOGE0
LzEvYlRuT1RDbXJQNEF2bmVrejlFbFFKc1RRN2tvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzAsBAIAATAmMAwDBAC5D9ED
BAK5D9ADBAC5jiADBAG5jiIDBADC1RgDBADC8iEwNwQCAAIwMTASAwcAKgOvwAAB
AwcCKgOvwAAAMBIDBwAqA6/AAAUDBwAqA6/AAAYDBwAqA6/AAAgwDQYJKoZIhvcN
AQELBQADggEBAG5A0erbCjeKJvy9zqSbx501Dlj2XOtPWV8fklOK6EWbxVaoyU+4
h3neLJWI5uQMpfTFUgo5kZJpQK2tttjuxXW//f2GAfI0xNblAtKLpUEfQSBzG7uy
/9tNt8DVJJoWiB9L/3sH9Luf0Ogv1MlYl4F4JbLrm2+09bJLdHpTWJwV9/zREID6
Oo/E/t9Wpt5xPW5gh+sDsNYRoV9icaJpjlg2q45RdldUqlFiPTddq7z92yQbRFQ9
3RSwAUHVR0lSx+nVNxdYsegs38btrc70vAUgv2dTg3dVUBnCvQ4dWJcwtcY3HUic
kcRTQIEgXAfDeny2cdRhs3gHn7k7QNYposY=
-----END CERTIFICATE-----
Generated at Tue Nov 26 05:34:48 2024 by rpki-client on console-ams.rpki-client.org