Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/9c130b-e15e-4b6d-b5fb-719b0497e7cc/1/zM027GHnMUbLJmm62Kvh9xLG_6c.roa
File: zM027GHnMUbLJmm62Kvh9xLG_6c.roa (raw, json)
Hash identifier: 9K0YFBGGX0fDS40uwODg7qjVc9XbKaEljsH3WPygoys=
Subject key identifier: CC:CD:36:EC:61:E7:31:46:CB:26:69:BA:D8:AB:E1:F7:12:C6:FF:A7
Certificate issuer: /CN=15ab3e72f7340da856e93d62ee8d023f1d7c8ee7
Certificate serial: 018CC5010B45DB31A3643879D833883030F9
Authority key identifier: 15:AB:3E:72:F7:34:0D:A8:56:E9:3D:62:EE:8D:02:3F:1D:7C:8E:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fas-cvc0DahW6T1i7o0CPx18juc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/9c130b-e15e-4b6d-b5fb-719b0497e7cc/1/zM027GHnMUbLJmm62Kvh9xLG_6c.roa
Signing time: Mon 01 Jan 2024 12:30:29 +0000
ROA not before: Mon 01 Jan 2024 12:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209549
IP address blocks: 185.149.38.0/24 maxlen: 24
185.149.37.0/24 maxlen: 24
185.149.36.0/24 maxlen: 24
185.149.36.0/22 maxlen: 22
2a0d:b780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/9c130b-e15e-4b6d-b5fb-719b0497e7cc/1/Fas-cvc0DahW6T1i7o0CPx18juc.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/9c130b-e15e-4b6d-b5fb-719b0497e7cc/1/Fas-cvc0DahW6T1i7o0CPx18juc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fas-cvc0DahW6T1i7o0CPx18juc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0b:45:db:31:a3:64:38:79:d8:33:88:30:30:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15ab3e72f7340da856e93d62ee8d023f1d7c8ee7
Validity
Not Before: Jan 1 12:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cccd36ec61e73146cb2669bad8abe1f712c6ffa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:56:3d:7b:00:ee:8b:0c:f2:de:10:ca:41:e3:
8b:6c:c7:1b:a5:34:5d:5b:20:68:7c:f9:bd:72:31:
c2:96:b9:50:93:a0:48:c6:85:71:e2:98:af:b0:93:
8f:be:a3:00:3b:a3:71:52:e8:db:5c:6c:b6:e9:b5:
f3:ab:31:62:77:2d:2b:69:16:f0:37:a6:1c:c5:84:
84:4b:c0:bb:a1:34:93:22:ed:9c:29:5f:af:f7:78:
73:b6:9c:ea:d5:a8:be:4d:a2:a7:a2:b0:4e:b8:95:
6d:70:64:db:5b:2b:6e:ad:30:d7:e2:0f:b9:fb:ef:
4e:af:48:94:6b:b3:ac:0a:27:e9:78:ff:c8:fa:d1:
56:96:79:8c:f3:0a:ba:ae:9b:67:71:cc:6c:7a:51:
a0:e7:73:0a:8c:04:ae:1a:7f:6d:45:9e:98:b2:b6:
65:b2:d1:ec:55:49:ae:4c:4b:0e:a2:7b:fb:80:cb:
fc:04:ba:6e:c7:d7:f8:48:7d:da:dc:4d:ac:97:20:
0b:0a:fc:4b:61:1c:5c:de:fa:38:5d:c5:f1:81:7b:
7f:5c:49:1f:53:6b:6a:d4:59:96:31:e1:d6:a0:3e:
ab:3c:1a:27:0b:e6:e7:da:88:94:f0:4e:ca:32:17:
1b:78:6a:3a:20:7f:f9:c8:10:ae:33:21:68:a4:d3:
46:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:CD:36:EC:61:E7:31:46:CB:26:69:BA:D8:AB:E1:F7:12:C6:FF:A7
X509v3 Authority Key Identifier:
keyid:15:AB:3E:72:F7:34:0D:A8:56:E9:3D:62:EE:8D:02:3F:1D:7C:8E:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fas-cvc0DahW6T1i7o0CPx18juc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9c130b-e15e-4b6d-b5fb-719b0497e7cc/1/zM027GHnMUbLJmm62Kvh9xLG_6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9c130b-e15e-4b6d-b5fb-719b0497e7cc/1/Fas-cvc0DahW6T1i7o0CPx18juc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.36.0/22
IPv6:
2a0d:b780::/29
Signature Algorithm: sha256WithRSAEncryption
29:7a:b7:28:69:44:09:2a:d0:fd:99:dd:ac:c0:63:b1:12:66:
18:0e:72:11:84:0e:d8:48:32:2d:c6:ea:81:77:67:49:96:9b:
31:48:5f:fc:d4:b2:27:e1:86:54:4c:3c:94:0b:34:38:bb:41:
16:5f:14:8f:f5:35:a2:7b:a9:42:ce:87:1a:3a:35:8f:5f:06:
f0:92:1f:84:f6:e4:d4:c7:5d:e7:77:da:ac:2b:c9:d5:f4:36:
03:30:a0:75:0c:86:0d:5b:7a:d4:b8:ae:3a:e2:02:be:60:52:
bd:21:63:fd:25:cc:24:65:7c:51:17:13:8d:3c:80:8f:e7:b6:
ad:57:90:ce:1f:48:c2:fe:d1:0e:05:59:01:8d:ec:09:f1:84:
60:e2:f9:53:2b:df:7c:26:48:fe:76:c2:50:ee:aa:8f:29:23:
6e:a7:bd:54:3e:d2:09:8c:12:ab:23:82:30:a9:66:b4:50:2f:
72:a1:05:fa:07:fc:02:62:e4:84:0a:c0:e1:b0:5e:38:23:64:
f8:9c:04:b7:46:00:d9:f0:7a:a9:b2:0f:07:38:72:38:19:a8:
85:38:9c:c7:74:0e:78:4c:3e:e6:c7:d8:c7:51:4c:27:24:d2:
0a:b1:72:bc:0b:c5:bf:c6:07:9d:76:c9:a5:6b:63:f8:ba:6c:
af:0d:9e:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAQtF2zGjZDh52DOIMDD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1YWIzZTcyZjczNDBkYTg1NmU5M2Q2MmVlOGQwMjNmMWQ3
YzhlZTcwHhcNMjQwMTAxMTIzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2NkMzZlYzYxZTczMTQ2Y2IyNjY5YmFkOGFiZTFmNzEyYzZmZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlY9ewDuiwzy3hDKQeOLbMcbpTRd
WyBofPm9cjHClrlQk6BIxoVx4pivsJOPvqMAO6NxUujbXGy26bXzqzFidy0raRbw
N6YcxYSES8C7oTSTIu2cKV+v93hztpzq1ai+TaKnorBOuJVtcGTbWyturTDX4g+5
++9Or0iUa7OsCifpeP/I+tFWlnmM8wq6rptnccxselGg53MKjASuGn9tRZ6YsrZl
stHsVUmuTEsOonv7gMv8BLpux9f4SH3a3E2slyALCvxLYRxc3vo4XcXxgXt/XEkf
U2tq1FmWMeHWoD6rPBonC+bn2oiU8E7KMhcbeGo6IH/5yBCuMyFopNNG/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMzNNuxh5zFGyyZputir4fcSxv+nMB8GA1UdIwQY
MBaAFBWrPnL3NA2oVuk9Yu6NAj8dfI7nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmFzLWN2YzBEYWhXNlQxaTdvMENQeDE4anVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni85YzEzMGItZTE1ZS00YjZkLWI1ZmIt
NzE5YjA0OTdlN2NjLzEvek0wMjdHSG5NVWJMSm1tNjJLdmg5eExHXzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni85YzEzMGItZTE1ZS00YjZkLWI1ZmItNzE5YjA0OTdlN2Nj
LzEvRmFzLWN2YzBEYWhXNlQxaTdvMENQeDE4anVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZUkMA0E
AgACMAcDBQMqDbeAMA0GCSqGSIb3DQEBCwUAA4IBAQApercoaUQJKtD9md2swGOx
EmYYDnIRhA7YSDItxuqBd2dJlpsxSF/81LIn4YZUTDyUCzQ4u0EWXxSP9TWie6lC
zocaOjWPXwbwkh+E9uTUx13nd9qsK8nV9DYDMKB1DIYNW3rUuK464gK+YFK9IWP9
JcwkZXxRFxONPICP57atV5DOH0jC/tEOBVkBjewJ8YRg4vlTK998Jkj+dsJQ7qqP
KSNup71UPtIJjBKrI4IwqWa0UC9yoQX6B/wCYuSECsDhsF44I2T4nAS3RgDZ8Hqp
sg8HOHI4GaiFOJzHdA54TD7mx9jHUUwnJNIKsXK8C8W/xgeddsmla2P4umyvDZ5Z
-----END CERTIFICATE-----
Generated at Sun May 19 07:45:58 2024 by rpki-client on console-fra.rpki-client.org