Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/Zds-0yoirKWsyW6ursByen80Cg8.roa
File: Zds-0yoirKWsyW6ursByen80Cg8.roa (raw, json)
Hash identifier: BXiyhGHT9zX+B5Q4iQJx+8USQCvczwNWk+LhQCn6JRc=
Subject key identifier: 65:DB:3E:D3:2A:22:AC:A5:AC:C9:6E:AE:AE:C0:72:7A:7F:34:0A:0F
Certificate issuer: /CN=4b25df8620374243e3c5eab25550af24e0eff48c
Certificate serial: 018CC50154A9AFC029DF7BE253B53CE59D13
Authority key identifier: 4B:25:DF:86:20:37:42:43:E3:C5:EA:B2:55:50:AF:24:E0:EF:F4:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SyXfhiA3QkPjxeqyVVCvJODv9Iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/Zds-0yoirKWsyW6ursByen80Cg8.roa
Signing time: Mon 01 Jan 2024 12:30:47 +0000
ROA not before: Mon 01 Jan 2024 12:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49284
IP address blocks: 46.29.104.0/21 maxlen: 21
185.208.232.0/23 maxlen: 23
185.208.232.0/22 maxlen: 22
185.208.233.0/24 maxlen: 24
185.208.234.0/24 maxlen: 24
185.208.234.0/23 maxlen: 23
185.208.235.0/24 maxlen: 24
188.92.184.0/21 maxlen: 21
37.209.200.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/SyXfhiA3QkPjxeqyVVCvJODv9Iw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/SyXfhiA3QkPjxeqyVVCvJODv9Iw.mft
rsync://rpki.ripe.net/repository/DEFAULT/SyXfhiA3QkPjxeqyVVCvJODv9Iw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:54:a9:af:c0:29:df:7b:e2:53:b5:3c:e5:9d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b25df8620374243e3c5eab25550af24e0eff48c
Validity
Not Before: Jan 1 12:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65db3ed32a22aca5acc96eaeaec0727a7f340a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:80:48:98:30:90:6f:a9:e8:5a:05:3e:3e:b0:
fb:02:79:9c:27:9c:71:e8:78:b2:d3:fd:3d:36:55:
44:1f:98:8d:5f:51:c5:44:c9:4f:ea:5e:72:6a:a1:
a8:03:09:32:f8:fc:d0:9c:75:9c:24:e7:90:07:af:
93:18:80:ad:51:28:7d:12:7e:29:de:94:5a:90:86:
28:a3:45:cb:03:89:cd:92:b5:ed:d8:e8:29:19:13:
d5:73:7c:59:ce:d2:09:3d:0f:b2:6a:d1:dc:ce:42:
03:1f:ae:aa:4b:53:34:48:38:af:21:a3:47:10:fd:
6b:5d:bf:80:5b:d6:3d:f6:93:4e:11:43:cd:7c:f6:
e1:18:30:78:8e:7e:d7:8c:b3:cc:e0:98:6f:37:f3:
c3:37:c8:84:f9:d4:3a:4d:7d:45:47:e7:26:40:01:
e9:54:a5:dd:5c:52:14:9d:29:af:2e:37:08:d1:1e:
96:44:86:94:d9:45:98:07:a7:53:f5:2d:70:e4:68:
28:86:ab:ba:4b:4e:7c:d7:e4:78:22:22:4b:70:e3:
12:f7:ef:2f:0b:ba:d4:f4:04:60:84:fe:3d:68:75:
2d:42:a6:b1:7c:c7:d7:fd:62:46:23:f2:5c:ba:ad:
89:67:e6:12:56:71:4d:8c:ed:44:71:8d:7a:88:4c:
b8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:DB:3E:D3:2A:22:AC:A5:AC:C9:6E:AE:AE:C0:72:7A:7F:34:0A:0F
X509v3 Authority Key Identifier:
keyid:4B:25:DF:86:20:37:42:43:E3:C5:EA:B2:55:50:AF:24:E0:EF:F4:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SyXfhiA3QkPjxeqyVVCvJODv9Iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/Zds-0yoirKWsyW6ursByen80Cg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/SyXfhiA3QkPjxeqyVVCvJODv9Iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.200.0/21
46.29.104.0/21
185.208.232.0/22
188.92.184.0/21
Signature Algorithm: sha256WithRSAEncryption
ba:01:80:29:ba:23:96:d8:e1:5c:7d:02:55:22:1f:7a:73:a8:
35:d3:e8:e8:f5:0a:a3:b6:6e:39:18:87:ec:84:2c:5f:c2:98:
b2:c5:5d:97:1e:da:53:8c:13:80:ce:03:b5:cd:c2:45:f3:2c:
e3:49:8a:79:10:90:77:34:16:56:b9:cb:d7:17:24:b7:58:35:
6d:13:69:3a:36:ee:ad:18:a8:fd:bf:56:be:b5:23:76:df:d0:
16:e1:61:97:f6:45:2a:79:cc:03:6d:3a:f2:c0:21:ec:b3:86:
16:7a:35:e6:98:dd:98:76:0d:78:e1:1c:0b:ca:c2:3e:f0:30:
40:7d:b7:13:71:67:b3:de:66:4d:9e:c3:20:2b:89:6f:56:cf:
cf:d2:9b:5e:84:61:f8:0a:72:6b:91:0b:a1:8d:17:c1:9a:5d:
2e:6d:24:74:f5:38:e4:1a:4a:85:18:ef:06:b9:18:66:df:3f:
e7:4f:3c:52:23:1b:76:72:3b:fb:ee:66:02:d4:a8:1d:13:22:
00:67:54:5b:6c:b7:84:e9:dc:8f:51:8f:34:9c:9b:48:cb:ad:
ca:11:2e:1f:0b:9c:fa:da:ad:25:1c:af:6a:2c:6b:d7:84:2b:
85:d8:14:be:e2:17:8b:53:dc:76:ac:45:6f:c4:63:f7:43:69:
43:22:f1:86
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFAVSpr8Ap33viU7U85Z0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMjVkZjg2MjAzNzQyNDNlM2M1ZWFiMjU1NTBhZjI0ZTBl
ZmY0OGMwHhcNMjQwMTAxMTIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWRiM2VkMzJhMjJhY2E1YWNjOTZlYWVhZWMwNzI3YTdmMzQwYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IBImDCQb6noWgU+PrD7AnmcJ5xx
6Hiy0/09NlVEH5iNX1HFRMlP6l5yaqGoAwky+PzQnHWcJOeQB6+TGICtUSh9En4p
3pRakIYoo0XLA4nNkrXt2OgpGRPVc3xZztIJPQ+yatHczkIDH66qS1M0SDivIaNH
EP1rXb+AW9Y99pNOEUPNfPbhGDB4jn7XjLPM4JhvN/PDN8iE+dQ6TX1FR+cmQAHp
VKXdXFIUnSmvLjcI0R6WRIaU2UWYB6dT9S1w5Ggohqu6S0581+R4IiJLcOMS9+8v
C7rU9ARghP49aHUtQqaxfMfX/WJGI/Jcuq2JZ+YSVnFNjO1EcY16iEy4wwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGXbPtMqIqylrMlurq7Acnp/NAoPMB8GA1UdIwQY
MBaAFEsl34YgN0JD48XqslVQryTg7/SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3lYZmhpQTNRa1BqeGVxeVZWQ3ZKT0R2OUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hNzEyNDgtYTQ2NS00MGQ0LWEyY2Yt
YTQxYjUwYWEyNzJkLzEvWmRzLTB5b2lyS1dzeVc2dXJzQnllbjgwQ2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hNzEyNDgtYTQ2NS00MGQ0LWEyY2YtYTQxYjUwYWEyNzJk
LzEvU3lYZmhpQTNRa1BqeGVxeVZWQ3ZKT0R2OUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJdHIAwQD
Lh1oAwQCudDoAwQDvFy4MA0GCSqGSIb3DQEBCwUAA4IBAQC6AYApuiOW2OFcfQJV
Ih96c6g10+jo9Qqjtm45GIfshCxfwpiyxV2XHtpTjBOAzgO1zcJF8yzjSYp5EJB3
NBZWucvXFyS3WDVtE2k6Nu6tGKj9v1a+tSN239AW4WGX9kUqecwDbTrywCHss4YW
ejXmmN2Ydg144RwLysI+8DBAfbcTcWez3mZNnsMgK4lvVs/P0ptehGH4CnJrkQuh
jRfBml0ubSR09TjkGkqFGO8GuRhm3z/nTzxSIxt2cjv77mYC1KgdEyIAZ1RbbLeE
6dyPUY80nJtIy63KES4fC5z62q0lHK9qLGvXhCuF2BS+4heLU9x2rEVvxGP3Q2lD
IvGG
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:55 2024 by rpki-client on console-fra.rpki-client.org