Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/Z6e-YKpAQbBE8992mbXIdh8DLaI.roa
File: Z6e-YKpAQbBE8992mbXIdh8DLaI.roa (raw, json)
Hash identifier: zdP3R0HZwl1k6gdIkr9nwr7ix2dfU/jxmKc7Z4cQmJ0=
Subject key identifier: 67:A7:BE:60:AA:40:41:B0:44:F3:DF:76:99:B5:C8:76:1F:03:2D:A2
Certificate issuer: /CN=efa70cb849e3837451bd79af7dc7e035963e6043
Certificate serial: 018CC6B938767BBEEC1B05200334BEE918FF
Authority key identifier: EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/Z6e-YKpAQbBE8992mbXIdh8DLaI.roa
Signing time: Mon 01 Jan 2024 20:31:16 +0000
ROA not before: Mon 01 Jan 2024 20:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34916
IP address blocks: 89.44.238.0/23 maxlen: 23
89.42.118.0/23 maxlen: 23
86.106.27.0/24 maxlen: 24
86.104.231.0/24 maxlen: 24
86.105.204.0/23 maxlen: 23
85.204.193.0/24 maxlen: 24
86.105.226.0/24 maxlen: 24
89.35.250.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.mft
rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 16:02:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:38:76:7b:be:ec:1b:05:20:03:34:be:e9:18:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa70cb849e3837451bd79af7dc7e035963e6043
Validity
Not Before: Jan 1 20:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a7be60aa4041b044f3df7699b5c8761f032da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a9:2b:c1:00:ed:82:34:67:46:cd:b7:c9:e8:
ba:c1:79:c1:82:96:6e:45:8a:cb:0a:71:1c:ee:b3:
38:08:52:08:74:0f:66:7b:b3:74:f7:eb:bf:98:e9:
4c:b2:1d:60:98:b4:0f:33:6a:2c:9f:2e:e5:b7:d0:
df:6c:4b:9d:db:a1:82:e1:26:b5:f8:9b:4a:e9:78:
dc:39:a8:3a:52:f8:51:7f:58:cd:9b:9b:8a:44:61:
1f:47:9c:ee:97:40:32:ec:a7:32:8f:e8:cf:d6:e5:
11:77:d0:9a:1c:6c:8f:ba:7d:92:68:11:c2:ea:50:
3c:1c:70:1b:d5:71:76:3e:2c:ba:40:4f:57:6b:de:
99:ca:8f:9d:b9:3c:81:c7:a6:29:b1:55:ab:44:ec:
b7:c9:82:50:c3:2e:65:e9:a8:8f:cd:a4:c6:cc:ae:
d5:5f:fc:70:88:79:7f:84:1b:2e:df:1b:d4:ed:df:
24:44:aa:d3:43:ee:b8:75:01:24:94:0a:1a:65:fc:
4b:bc:1c:d3:34:f1:1b:c4:e4:4a:0c:f2:c6:cf:fa:
9c:35:83:d5:ea:e6:12:7d:60:d1:23:12:db:76:19:
57:62:8a:d3:45:3d:39:7b:e6:47:e8:3c:0a:82:e5:
83:7f:81:e5:22:f1:e4:f3:0e:03:53:32:9e:2c:c2:
dd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A7:BE:60:AA:40:41:B0:44:F3:DF:76:99:B5:C8:76:1F:03:2D:A2
X509v3 Authority Key Identifier:
keyid:EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/Z6e-YKpAQbBE8992mbXIdh8DLaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.193.0/24
86.104.231.0/24
86.105.204.0/23
86.105.226.0/24
86.106.27.0/24
89.35.250.0/23
89.42.118.0/23
89.44.238.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:7b:60:f9:bf:12:df:dd:3b:c2:de:44:f8:8b:70:77:24:30:
dd:56:7e:1c:c8:0e:b4:1e:99:3c:25:86:e1:d1:23:0c:43:0b:
dd:5a:6c:9a:05:df:c3:5d:b3:89:d7:b8:bf:d4:44:c7:88:ba:
b5:ca:1d:c1:20:d2:7c:6d:2e:92:96:5d:2a:37:67:50:75:d1:
69:4e:83:6a:e9:57:93:ef:d5:e7:28:03:d8:d5:5f:63:e4:e1:
36:f2:a7:18:57:62:5c:8b:fd:aa:11:52:79:88:6e:ea:e3:9b:
7d:2e:f7:ce:cd:a7:a2:3e:e5:2c:f5:89:45:e4:93:c3:e8:36:
50:22:c7:11:56:6a:30:eb:b5:c0:5b:14:21:1c:b9:ca:7f:2d:
e7:80:5d:a2:42:02:1d:a9:c3:06:6f:d9:58:ef:d2:f1:c9:32:
83:18:e1:dc:63:16:bb:a8:ed:ba:9f:9c:53:92:68:9e:59:7d:
3d:ae:55:2d:e0:9b:b6:b9:69:8d:4a:3f:09:d1:e1:02:4d:20:
59:f1:47:7e:37:96:51:79:ac:17:3e:70:71:73:d3:4b:a4:29:
cd:e6:7d:ae:85:9c:db:44:26:39:85:7c:42:67:04:d6:25:9c:
99:5d:a1:2f:10:32:b1:48:2f:43:51:a8:73:89:24:46:1a:f0:
67:6e:99:b9
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzGuTh2e77sGwUgAzS+6Rj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTcwY2I4NDllMzgzNzQ1MWJkNzlhZjdkYzdlMDM1OTYz
ZTYwNDMwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E3YmU2MGFhNDA0MWIwNDRmM2RmNzY5OWI1Yzg3NjFmMDMyZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqkrwQDtgjRnRs23yei6wXnBgpZu
RYrLCnEc7rM4CFIIdA9me7N09+u/mOlMsh1gmLQPM2osny7lt9DfbEud26GC4Sa1
+JtK6XjcOag6UvhRf1jNm5uKRGEfR5zul0Ay7Kcyj+jP1uURd9CaHGyPun2SaBHC
6lA8HHAb1XF2Piy6QE9Xa96Zyo+duTyBx6YpsVWrROy3yYJQwy5l6aiPzaTGzK7V
X/xwiHl/hBsu3xvU7d8kRKrTQ+64dQEklAoaZfxLvBzTNPEbxORKDPLGz/qcNYPV
6uYSfWDRIxLbdhlXYorTRT05e+ZH6DwKguWDf4HlIvHk8w4DUzKeLMLdZQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGenvmCqQEGwRPPfdpm1yHYfAy2iMB8GA1UdIwQY
MBaAFO+nDLhJ44N0Ub15r33H4DWWPmBDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZjTXVFbmpnM1JSdlhtdmZjZmdOWlktWUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS82OTJiMWUtYzlmZS00M2UwLWI3MjIt
NTNhNjA0ODA3NjFkLzEvWjZlLVlLcEFRYkJFODk5Mm1iWElkaDhETGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS82OTJiMWUtYzlmZS00M2UwLWI3MjItNTNhNjA0ODA3NjFk
LzEvNzZjTXVFbmpnM1JSdlhtdmZjZmdOWlktWUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVczBAwQA
VmjnAwQBVmnMAwQAVmniAwQAVmobAwQBWSP6AwQBWSp2AwQBWSzuMA0GCSqGSIb3
DQEBCwUAA4IBAQA+e2D5vxLf3TvC3kT4i3B3JDDdVn4cyA60Hpk8JYbh0SMMQwvd
WmyaBd/DXbOJ17i/1ETHiLq1yh3BINJ8bS6Sll0qN2dQddFpToNq6VeT79XnKAPY
1V9j5OE28qcYV2Jci/2qEVJ5iG7q45t9LvfOzaeiPuUs9YlF5JPD6DZQIscRVmow
67XAWxQhHLnKfy3ngF2iQgIdqcMGb9lY79LxyTKDGOHcYxa7qO26n5xTkmieWX09
rlUt4Ju2uWmNSj8J0eECTSBZ8Ud+N5ZReawXPnBxc9NLpCnN5n2uhZzbRCY5hXxC
ZwTWJZyZXaEvEDKxSC9DUahziSRGGvBnbpm5
-----END CERTIFICATE-----
Generated at Thu May 23 20:02:00 2024 by rpki-client on console-fra.rpki-client.org