Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/PZ-7eTlAk8e5-lsISM1Mg71Mrqc.roa
File: PZ-7eTlAk8e5-lsISM1Mg71Mrqc.roa (raw, json)
Hash identifier: 1oxx/t9m5sSGLdNtlpqQfj9Z5Xaprm8d3LC74wRLjFY=
Subject key identifier: 3D:9F:BB:79:39:40:93:C7:B9:FA:5B:08:48:CD:4C:83:BD:4C:AE:A7
Certificate issuer: /CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Certificate serial: 018CC3489EDAE87343C7F4AB618C036DE70C
Authority key identifier: D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/PZ-7eTlAk8e5-lsISM1Mg71Mrqc.roa
Signing time: Mon 01 Jan 2024 04:29:25 +0000
ROA not before: Mon 01 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 193.24.68.0/24 maxlen: 25
193.24.66.0/24 maxlen: 25
139.123.225.0/24 maxlen: 24
139.123.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/2HcqrBtiuH1rAdV6GgCmpyuKfaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/2HcqrBtiuH1rAdV6GgCmpyuKfaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 13:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9e:da:e8:73:43:c7:f4:ab:61:8c:03:6d:e7:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Validity
Not Before: Jan 1 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d9fbb79394093c7b9fa5b0848cd4c83bd4caea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:04:9f:b6:3a:39:62:94:7c:79:98:14:c2:c7:
93:72:84:70:1d:56:51:c5:a4:91:e4:14:a4:33:54:
51:6b:a3:dc:f8:83:11:8a:9c:e1:76:cc:be:52:96:
54:4e:2c:d8:b6:16:e1:56:4b:b0:e1:28:d5:cd:d7:
20:ef:cc:2b:7d:9d:08:88:c4:da:65:6d:9c:7f:aa:
26:ca:9f:c0:45:11:d1:20:2a:a7:2c:75:57:3d:d1:
e1:6e:1f:76:13:a5:15:ba:f6:46:da:06:27:0a:16:
26:bc:2e:75:46:52:45:a8:51:27:fe:03:d3:bb:6b:
fa:22:cf:6e:a4:14:e2:8c:85:c0:f5:cf:a6:f2:34:
2a:0b:b1:90:d4:a0:5a:55:18:19:5f:6b:2b:bc:03:
41:54:ee:29:6e:b1:bb:e7:b7:92:ee:74:05:f1:f6:
24:12:3e:31:ae:0c:ae:90:8a:94:5e:f3:46:b5:a6:
d9:0c:75:93:ec:18:99:64:a1:08:2a:e2:c4:5d:11:
af:d5:23:98:1f:08:ee:ae:7c:10:43:6a:9f:5a:45:
cd:a8:e3:11:2a:71:03:7b:b6:96:bf:5b:f0:13:07:
ea:83:24:e5:2d:32:f6:56:57:36:c0:76:9b:b0:a0:
6d:c3:ae:ec:fe:75:d6:12:cd:b4:00:cc:35:4a:1d:
c0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9F:BB:79:39:40:93:C7:B9:FA:5B:08:48:CD:4C:83:BD:4C:AE:A7
X509v3 Authority Key Identifier:
keyid:D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/PZ-7eTlAk8e5-lsISM1Mg71Mrqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/2HcqrBtiuH1rAdV6GgCmpyuKfaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.123.225.0/24
139.123.228.0/24
193.24.66.0/24
193.24.68.0/24
Signature Algorithm: sha256WithRSAEncryption
16:75:56:b2:da:39:31:00:68:f0:c7:2a:67:6f:05:d9:82:e1:
b4:ee:ff:84:81:4e:a0:b6:63:ce:58:2e:86:28:4d:c1:5a:1d:
81:fb:6c:53:95:d1:36:d7:b0:84:63:9f:69:dc:31:b4:05:96:
7d:97:11:e2:9c:46:15:d2:5f:0d:9c:d3:a8:e7:35:5b:f0:c6:
59:91:df:b4:48:91:06:ed:96:cd:05:25:27:51:70:e2:7d:b2:
cc:f4:ec:a5:ec:78:53:1a:00:b3:84:8c:4e:ca:e7:ff:0c:c6:
af:7f:4d:65:43:17:70:41:e1:d9:78:88:f4:4d:e3:c4:53:55:
3e:26:55:db:88:b4:24:63:e2:c6:b5:99:f8:44:b8:09:94:60:
75:03:88:a0:dd:c4:ea:ee:ae:d2:e9:13:db:b2:55:54:3c:44:
62:e7:4e:47:fe:f4:50:15:91:22:d8:6b:23:2c:14:36:44:a6:
93:a2:b1:5c:05:91:34:79:64:d4:60:0f:9e:20:b1:b7:19:28:
c0:f4:5b:ee:2d:f8:f4:91:2b:e9:17:be:d5:f0:d2:61:57:5e:
f2:3e:d0:98:7e:56:b4:0d:fb:6b:af:79:93:af:ad:15:94:27:
e3:01:4b:b3:ed:20:06:05:c2:22:f3:b6:bf:d6:ab:6c:5e:dc:
b5:7d:7c:3f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSJ7a6HNDx/SrYYwDbecMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzcyYWFjMWI2MmI4N2Q2YjAxZDU3YTFhMDBhNmE3MmI4
YTdkYTYwHhcNMjQwMTAxMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDlmYmI3OTM5NDA5M2M3YjlmYTViMDg0OGNkNGM4M2JkNGNhZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QSftjo5YpR8eZgUwseTcoRwHVZR
xaSR5BSkM1RRa6Pc+IMRipzhdsy+UpZUTizYthbhVkuw4SjVzdcg78wrfZ0IiMTa
ZW2cf6omyp/ARRHRICqnLHVXPdHhbh92E6UVuvZG2gYnChYmvC51RlJFqFEn/gPT
u2v6Is9upBTijIXA9c+m8jQqC7GQ1KBaVRgZX2srvANBVO4pbrG757eS7nQF8fYk
Ej4xrgyukIqUXvNGtabZDHWT7BiZZKEIKuLEXRGv1SOYHwjurnwQQ2qfWkXNqOMR
KnEDe7aWv1vwEwfqgyTlLTL2Vlc2wHabsKBtw67s/nXWEs20AMw1Sh3AswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD2fu3k5QJPHufpbCEjNTIO9TK6nMB8GA1UdIwQY
MBaAFNh3KqwbYrh9awHVehoApqcrin2mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhjcXJCdGl1SDFyQWRWNkdnQ21weXVLZmFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82MTZhNTgtNTM0Mi00MzJjLWE5YzUt
MzMzYmVlY2ZmNmY0LzEvUFotN2VUbEFrOGU1LWxzSVNNMU1nNzFNcnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82MTZhNTgtNTM0Mi00MzJjLWE5YzUtMzMzYmVlY2ZmNmY0
LzEvMkhjcXJCdGl1SDFyQWRWNkdnQ21weXVLZmFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAi3vhAwQA
i3vkAwQAwRhCAwQAwRhEMA0GCSqGSIb3DQEBCwUAA4IBAQAWdVay2jkxAGjwxypn
bwXZguG07v+EgU6gtmPOWC6GKE3BWh2B+2xTldE217CEY59p3DG0BZZ9lxHinEYV
0l8NnNOo5zVb8MZZkd+0SJEG7ZbNBSUnUXDifbLM9Oyl7HhTGgCzhIxOyuf/DMav
f01lQxdwQeHZeIj0TePEU1U+JlXbiLQkY+LGtZn4RLgJlGB1A4ig3cTq7q7S6RPb
slVUPERi505H/vRQFZEi2GsjLBQ2RKaTorFcBZE0eWTUYA+eILG3GSjA9FvuLfj0
kSvpF77V8NJhV17yPtCYfla0Dftrr3mTr60VlCfjAUuz7SAGBcIi87a/1qtsXty1
fXw/
-----END CERTIFICATE-----
Generated at Wed May 15 16:25:14 2024 by rpki-client on console-ams.rpki-client.org