Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/zytvXYGp5Ix5VrTr0rcnHDKoq28.roa
File: zytvXYGp5Ix5VrTr0rcnHDKoq28.roa (raw, json)
Hash identifier: zVhB1XTlKSuKezk8MLiNFeesrC0yiwYuaK/wQ8y5byA=
Subject key identifier: CF:2B:6F:5D:81:A9:E4:8C:79:56:B4:EB:D2:B7:27:1C:32:A8:AB:6F
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 0192D8F87F9154D39952A5A9A9047B6493A2
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/zytvXYGp5Ix5VrTr0rcnHDKoq28.roa
Signing time: Tue 29 Oct 2024 15:50:17 +0000
ROA not before: Tue 29 Oct 2024 15:50:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198160
IP address blocks: 89.36.32.0/24 maxlen: 24
89.36.33.0/24 maxlen: 24
185.121.133.0/24 maxlen: 24
185.121.135.0/24 maxlen: 24
212.232.19.0/24 maxlen: 24
2a14:6780::/29 maxlen: 48
2a14:6780::/32 maxlen: 32
2a14:6781::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:f8:7f:91:54:d3:99:52:a5:a9:a9:04:7b:64:93:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Oct 29 15:50:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf2b6f5d81a9e48c7956b4ebd2b7271c32a8ab6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cc:0c:95:b0:ea:27:f7:9c:f2:d6:b4:93:ed:
f2:fd:e4:fb:5a:d3:f1:fc:02:22:f9:e5:e5:eb:97:
55:35:0f:ba:0c:f8:5b:de:af:e0:7c:ef:9c:4f:99:
c4:75:b2:6b:7e:34:59:26:f6:e5:bd:db:55:52:7f:
81:08:61:1b:3f:b9:5d:73:c5:c8:20:3c:9a:85:bc:
cd:70:1a:fd:c5:94:f8:8c:55:5b:26:56:49:3f:29:
3d:ad:85:09:8f:a1:9c:41:da:49:e2:5e:39:54:ea:
3e:15:f4:c8:3d:56:44:33:67:85:5e:c3:9b:97:07:
0b:82:24:b1:ed:75:14:46:34:a8:e1:4e:ab:0b:91:
6b:65:04:91:c3:aa:df:af:27:a0:2e:01:08:ad:7d:
6c:06:fc:db:93:e2:cb:2a:5c:5a:3b:5c:63:03:02:
15:e6:8c:4e:ab:04:e8:b0:ca:d4:6d:8b:02:4d:f2:
ce:c2:ff:01:fa:be:46:79:ea:3a:f2:4c:40:f3:0c:
d6:af:6f:d8:f5:ec:20:f7:55:5a:5f:1d:97:7f:a3:
7f:25:0f:9e:b2:04:0f:02:4c:b3:92:9d:20:fe:f0:
bc:29:ec:53:7b:ed:02:33:6d:74:cc:1f:31:fc:c2:
80:c2:66:e2:19:1c:08:14:bb:f9:ce:84:2f:71:30:
1b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:2B:6F:5D:81:A9:E4:8C:79:56:B4:EB:D2:B7:27:1C:32:A8:AB:6F
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/zytvXYGp5Ix5VrTr0rcnHDKoq28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.32.0/23
185.121.133.0/24
185.121.135.0/24
212.232.19.0/24
IPv6:
2a14:6780::/29
Signature Algorithm: sha256WithRSAEncryption
4e:09:dd:47:4a:6e:0d:a0:a7:21:21:7c:a5:7d:15:fe:7a:42:
83:dd:d2:c1:04:f1:bb:bf:c3:fd:1d:50:76:41:91:43:68:c2:
dc:d3:4a:3d:bb:de:5b:bb:0b:8f:f3:9a:b2:72:c9:b7:4e:c7:
6e:74:53:c0:de:17:ef:8d:af:ae:bf:e3:48:59:e7:2c:c0:b6:
09:3c:9e:75:b5:7d:6a:b6:2f:56:64:17:1b:4c:3c:e8:5f:f4:
a0:c5:df:42:a2:16:79:fe:33:1d:a3:a7:a7:84:9a:21:43:6b:
39:0f:4a:44:fe:0f:ae:a6:cc:91:2d:1a:92:a5:37:17:aa:2e:
2a:fb:f0:2f:0f:12:d4:53:41:6f:80:eb:d9:46:ba:23:e7:1d:
b4:43:20:ea:d9:76:34:79:d0:05:aa:94:f5:d1:4e:96:d4:d6:
04:d0:5d:aa:f6:70:9d:2f:8f:46:8e:e9:50:17:95:a6:14:72:
05:99:3f:3c:3c:33:b1:7b:9e:bd:e9:54:05:e2:6b:d1:22:7b:
8f:84:14:af:09:3e:c6:07:07:08:3d:43:d0:9f:d7:ec:80:89:
fe:87:a2:5c:00:15:22:75:ca:05:7c:0e:fd:64:30:02:9d:1f:
c7:2f:38:d2:d5:28:b2:01:48:ac:20:b7:f1:67:78:c6:d9:c5:
cc:0c:d9:3e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZLY+H+RVNOZUqWpqQR7ZJOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjQxMDI5MTU1MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjJiNmY1ZDgxYTllNDhjNzk1NmI0ZWJkMmI3MjcxYzMyYThhYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsswMlbDqJ/ec8ta0k+3y/eT7WtPx
/AIi+eXl65dVNQ+6DPhb3q/gfO+cT5nEdbJrfjRZJvblvdtVUn+BCGEbP7ldc8XI
IDyahbzNcBr9xZT4jFVbJlZJPyk9rYUJj6GcQdpJ4l45VOo+FfTIPVZEM2eFXsOb
lwcLgiSx7XUURjSo4U6rC5FrZQSRw6rfryegLgEIrX1sBvzbk+LLKlxaO1xjAwIV
5oxOqwTosMrUbYsCTfLOwv8B+r5Geeo68kxA8wzWr2/Y9ewg91VaXx2Xf6N/JQ+e
sgQPAkyzkp0g/vC8KexTe+0CM210zB8x/MKAwmbiGRwIFLv5zoQvcTAbXwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFM8rb12BqeSMeVa069K3JxwyqKtvMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvenl0dlhZR3A1SXg1VnJUcjByY25IREtvcTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBWSQgAwQA
uXmFAwQAuXmHAwQA1OgTMA0EAgACMAcDBQMqFGeAMA0GCSqGSIb3DQEBCwUAA4IB
AQBOCd1HSm4NoKchIXylfRX+ekKD3dLBBPG7v8P9HVB2QZFDaMLc00o9u95buwuP
85qycsm3TsdudFPA3hfvja+uv+NIWecswLYJPJ51tX1qti9WZBcbTDzoX/Sgxd9C
ohZ5/jMdo6enhJohQ2s5D0pE/g+upsyRLRqSpTcXqi4q+/AvDxLUU0FvgOvZRroj
5x20QyDq2XY0edAFqpT10U6W1NYE0F2q9nCdL49GjulQF5WmFHIFmT88PDOxe569
6VQF4mvRInuPhBSvCT7GBwcIPUPQn9fsgIn+h6JcABUidcoFfA79ZDACnR/HLzjS
1SiyAUisILfxZ3jG2cXMDNk+
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:45:40 2024 by rpki-client on console-fra.rpki-client.org