Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/ZbHCF1Q9aJPWlS6BCGJqI6TxVg0.roa
File: ZbHCF1Q9aJPWlS6BCGJqI6TxVg0.roa (raw, json)
Hash identifier: 9xM9oDDsaE0+lyXX9bqCabyg5qmTGytk8yVa5j98rXU=
Subject key identifier: 65:B1:C2:17:54:3D:68:93:D6:95:2E:81:08:62:6A:23:A4:F1:56:0D
Certificate issuer: /CN=58ff89023b87c0bf8479b9ff4725258613e4f0b5
Certificate serial: 018CEE0E8ECE02D25981D0FC67F42515C0F8
Authority key identifier: 58:FF:89:02:3B:87:C0:BF:84:79:B9:FF:47:25:25:86:13:E4:F0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WP-JAjuHwL-Eebn_RyUlhhPk8LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/ZbHCF1Q9aJPWlS6BCGJqI6TxVg0.roa
Signing time: Tue 09 Jan 2024 11:49:40 +0000
ROA not before: Tue 09 Jan 2024 11:49:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 80.75.212.0/24 maxlen: 24
176.97.210.0/24 maxlen: 24
2a12:b200::/29 maxlen: 29
2a07:4b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/WP-JAjuHwL-Eebn_RyUlhhPk8LU.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/WP-JAjuHwL-Eebn_RyUlhhPk8LU.mft
rsync://rpki.ripe.net/repository/DEFAULT/WP-JAjuHwL-Eebn_RyUlhhPk8LU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:0e:8e:ce:02:d2:59:81:d0:fc:67:f4:25:15:c0:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ff89023b87c0bf8479b9ff4725258613e4f0b5
Validity
Not Before: Jan 9 11:49:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65b1c217543d6893d6952e8108626a23a4f1560d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0a:e6:cd:7e:e9:64:5d:0e:2a:7c:43:7f:3f:
43:ef:62:69:de:58:11:73:95:10:f5:79:01:e3:c8:
d5:f9:87:1d:8d:a7:0b:37:4f:47:cb:8b:db:6b:d4:
c7:e0:ce:ba:dd:bb:45:7a:b4:3f:c1:39:e4:19:a0:
f3:da:ec:af:43:fd:81:5c:ed:a3:f0:cf:d0:24:ae:
3a:9e:b3:09:fb:c5:c7:f0:f2:22:1c:98:19:a6:c7:
6d:39:6f:59:e7:8a:3f:e2:dc:aa:07:34:ab:bf:f2:
52:21:4e:3a:8b:94:10:9f:44:74:fc:a4:0a:2f:69:
99:6b:01:a5:c0:56:7a:41:17:c1:b3:f1:24:ad:0f:
f6:72:df:65:48:0b:40:af:39:a5:cd:3a:96:fa:27:
fc:0d:c2:de:59:74:83:60:07:67:a5:3c:af:04:25:
5a:05:f6:c0:e7:86:09:f1:71:15:2c:c4:00:12:d1:
77:74:c8:49:f7:05:38:d8:5f:56:37:f1:80:ba:0a:
9e:63:6d:a4:74:28:50:43:32:8f:b6:6e:2c:d4:19:
7c:57:79:3e:db:b2:17:7d:45:8b:88:32:2e:e5:05:
11:8b:c1:0e:a0:f2:70:5a:ad:3a:4a:98:73:a3:01:
88:de:74:fd:bb:dc:f0:b2:84:d7:7f:75:a5:57:15:
bb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B1:C2:17:54:3D:68:93:D6:95:2E:81:08:62:6A:23:A4:F1:56:0D
X509v3 Authority Key Identifier:
keyid:58:FF:89:02:3B:87:C0:BF:84:79:B9:FF:47:25:25:86:13:E4:F0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WP-JAjuHwL-Eebn_RyUlhhPk8LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/ZbHCF1Q9aJPWlS6BCGJqI6TxVg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/WP-JAjuHwL-Eebn_RyUlhhPk8LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.75.212.0/24
176.97.210.0/24
IPv6:
2a07:4b40::/29
2a12:b200::/29
Signature Algorithm: sha256WithRSAEncryption
c0:0d:8e:04:8f:e6:67:59:f4:fd:34:c8:cd:65:49:1b:4f:76:
bd:4e:93:ad:92:88:b4:d4:2a:81:aa:5f:32:dc:f3:67:a1:e0:
6a:32:e5:65:e9:52:cb:eb:05:e8:67:be:ca:15:03:fb:07:08:
bf:54:67:de:c8:5f:25:0b:b6:88:05:86:17:5c:a8:94:77:87:
e2:b1:a7:d3:b7:c0:f8:80:bd:c4:86:59:e3:8c:97:8a:63:8c:
3a:6b:56:c2:a3:91:d6:6d:97:b4:f0:cd:15:12:22:20:e5:85:
96:e4:2a:b1:24:45:c8:4e:ab:cf:5f:cb:09:11:14:cd:0f:25:
e8:1d:37:d6:f1:2c:65:37:ee:fe:a2:74:21:f2:32:fc:d6:b3:
a7:9e:38:49:46:00:d6:8d:e7:40:46:25:2d:3e:cf:2d:96:4f:
42:2b:3e:43:d2:f7:cf:29:66:9c:b9:17:64:e4:07:26:bb:cc:
ae:9b:d4:30:0d:93:20:1d:af:6c:90:9b:d4:3e:8b:6d:03:c7:
5d:72:03:9e:d6:99:b3:06:1e:2f:12:a1:57:e8:44:ea:fb:dc:
49:54:8d:3c:18:8c:31:03:f2:63:ff:c1:ab:a4:65:fe:90:77:
ff:b3:2e:a8:da:d7:b9:1f:65:8f:c2:f4:44:f0:13:b8:8b:64:
c7:06:05:f5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzuDo7OAtJZgdD8Z/QlFcD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZmY4OTAyM2I4N2MwYmY4NDc5YjlmZjQ3MjUyNTg2MTNl
NGYwYjUwHhcNMjQwMTA5MTE0OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWIxYzIxNzU0M2Q2ODkzZDY5NTJlODEwODYyNmEyM2E0ZjE1NjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgrmzX7pZF0OKnxDfz9D72Jp3lgR
c5UQ9XkB48jV+YcdjacLN09Hy4vba9TH4M663btFerQ/wTnkGaDz2uyvQ/2BXO2j
8M/QJK46nrMJ+8XH8PIiHJgZpsdtOW9Z54o/4tyqBzSrv/JSIU46i5QQn0R0/KQK
L2mZawGlwFZ6QRfBs/EkrQ/2ct9lSAtArzmlzTqW+if8DcLeWXSDYAdnpTyvBCVa
BfbA54YJ8XEVLMQAEtF3dMhJ9wU42F9WN/GAugqeY22kdChQQzKPtm4s1Bl8V3k+
27IXfUWLiDIu5QURi8EOoPJwWq06SphzowGI3nT9u9zwsoTXf3WlVxW7GwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGWxwhdUPWiT1pUugQhiaiOk8VYNMB8GA1UdIwQY
MBaAFFj/iQI7h8C/hHm5/0clJYYT5PC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1AtSkFqdUh3TC1FZWJuX1J5VWxoaFBrOExVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iZWJiNmYtOTQ3YS00ZWFjLTg1YjEt
MzYzMTNjNTMyZDA0LzEvWmJIQ0YxUTlhSlBXbFM2QkNHSnFJNlR4VmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iZWJiNmYtOTQ3YS00ZWFjLTg1YjEtMzYzMTNjNTMyZDA0
LzEvV1AtSkFqdUh3TC1FZWJuX1J5VWxoaFBrOExVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAUEvUAwQA
sGHSMBQEAgACMA4DBQMqB0tAAwUDKhKyADANBgkqhkiG9w0BAQsFAAOCAQEAwA2O
BI/mZ1n0/TTIzWVJG092vU6TrZKItNQqgapfMtzzZ6HgajLlZelSy+sF6Ge+yhUD
+wcIv1Rn3shfJQu2iAWGF1yolHeH4rGn07fA+IC9xIZZ44yXimOMOmtWwqOR1m2X
tPDNFRIiIOWFluQqsSRFyE6rz1/LCREUzQ8l6B031vEsZTfu/qJ0IfIy/Nazp544
SUYA1o3nQEYlLT7PLZZPQis+Q9L3zylmnLkXZOQHJrvMrpvUMA2TIB2vbJCb1D6L
bQPHXXIDntaZswYeLxKhV+hE6vvcSVSNPBiMMQPyY//Bq6Rl/pB3/7MuqNrXuR9l
j8L0RPATuItkxwYF9Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:34:12 2024 by rpki-client on console-fra.rpki-client.org