Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/ZIMfSSRMD2LoKxS9OXYjBmqq6L0.roa
File: ZIMfSSRMD2LoKxS9OXYjBmqq6L0.roa (raw, json)
Hash identifier: b8cKAjbNsbstQFK+wSy+UfPUHrtAPpfCjs/d9rPd6XY=
Subject key identifier: 64:83:1F:49:24:4C:0F:62:E8:2B:14:BD:39:76:23:06:6A:AA:E8:BD
Certificate issuer: /CN=38506d80ab592de7be0a331bbf4fa0068d41408a
Certificate serial: 018F8604FBE9278996AC03EB188354D3BE5F
Authority key identifier: 38:50:6D:80:AB:59:2D:E7:BE:0A:33:1B:BF:4F:A0:06:8D:41:40:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/ZIMfSSRMD2LoKxS9OXYjBmqq6L0.roa
Signing time: Fri 17 May 2024 10:07:04 +0000
ROA not before: Fri 17 May 2024 10:07:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57136
IP address blocks: 91.230.248.0/24 maxlen: 24
194.102.117.0/24 maxlen: 24
194.105.143.0/24 maxlen: 24
194.126.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:04:fb:e9:27:89:96:ac:03:eb:18:83:54:d3:be:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38506d80ab592de7be0a331bbf4fa0068d41408a
Validity
Not Before: May 17 10:07:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64831f49244c0f62e82b14bd397623066aaae8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ea:07:59:14:3c:f1:bd:75:99:59:b8:23:cb:
e0:64:8f:05:6c:d9:8b:62:44:87:2d:1b:01:7f:0a:
8f:5b:4c:34:4a:bc:f6:62:78:7c:6b:91:ba:ec:85:
aa:b5:08:ca:dc:a4:f2:3f:b5:05:d8:64:b0:00:15:
5e:e0:e8:6b:a2:e7:d9:a5:49:b3:66:83:ec:51:46:
ba:95:90:38:88:10:18:c7:3d:b9:50:a3:33:50:77:
e3:f3:66:76:10:67:c1:2e:20:40:13:07:b2:96:3b:
11:ac:8f:3b:6b:e1:4b:2d:9f:88:92:18:b7:8d:08:
97:98:53:c0:81:d6:5a:cb:7c:de:c8:d0:8a:ef:1a:
21:75:02:0f:d8:b5:0b:6d:41:72:26:bb:4d:4f:b3:
42:e6:53:44:ee:ec:89:90:3e:89:ff:b5:97:22:1e:
ae:60:3b:08:57:62:a5:28:bd:f8:54:7b:40:6a:b1:
d8:9e:30:07:c5:bb:ae:60:b4:90:31:98:9b:35:2a:
67:93:35:ff:56:ad:30:95:09:ba:87:93:67:cc:e2:
26:cc:fe:4c:b9:b7:59:e9:d5:1a:5f:9a:ed:02:db:
37:bb:7d:5a:eb:e5:38:13:a2:e8:0a:03:b5:20:38:
da:53:dd:60:1a:22:f9:ef:3a:2b:4b:27:2b:23:76:
a2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:83:1F:49:24:4C:0F:62:E8:2B:14:BD:39:76:23:06:6A:AA:E8:BD
X509v3 Authority Key Identifier:
keyid:38:50:6D:80:AB:59:2D:E7:BE:0A:33:1B:BF:4F:A0:06:8D:41:40:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFBtgKtZLee-CjMbv0-gBo1BQIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/ZIMfSSRMD2LoKxS9OXYjBmqq6L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f94f78-f262-4207-8f18-8df8af3001bc/1/OFBtgKtZLee-CjMbv0-gBo1BQIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.248.0/24
194.102.117.0/24
194.105.143.0/24
194.126.205.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:d8:c4:69:b2:36:8d:0f:58:29:5f:fb:4a:e8:4f:d6:88:11:
32:a5:30:d5:d8:eb:52:c5:e3:9d:10:b6:23:4f:75:df:c3:a6:
ee:fd:3a:ca:02:dc:b2:19:53:b2:53:7b:78:40:38:43:24:f9:
6d:0d:48:2b:e4:9f:f4:ac:ec:80:5a:ff:2a:e5:91:38:e8:f0:
91:d0:ca:a9:15:4a:28:6d:ab:c8:c1:f2:9d:1b:cd:44:a3:75:
a1:99:52:51:b6:b0:5f:9b:38:a1:4f:0c:05:68:24:62:b5:a1:
3a:5b:57:bd:83:ef:ee:6c:a3:dd:89:4c:81:c8:85:ed:ab:49:
e4:56:f0:b6:20:46:0d:52:f6:fd:30:0b:5a:cb:24:5e:42:36:
6b:7a:6e:38:c9:50:a7:af:6a:44:f8:03:0e:e9:59:82:bb:63:
6b:c7:63:eb:f4:37:2a:80:ce:0a:f4:30:22:50:81:bd:31:98:
17:dd:10:46:1c:75:b5:80:21:20:03:86:62:53:7c:a9:f8:27:
16:88:aa:fe:2e:4e:85:c3:b2:1a:62:75:d3:15:af:a0:b9:58:
df:91:e0:41:41:d3:ba:26:54:08:50:39:95:55:d5:43:ed:7a:
17:d5:37:dc:76:54:8c:f4:52:d8:c3:0d:9f:6f:40:48:83:a3:
8c:7e:c3:70
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY+GBPvpJ4mWrAPrGINU075fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NTA2ZDgwYWI1OTJkZTdiZTBhMzMxYmJmNGZhMDA2OGQ0
MTQwOGEwHhcNMjQwNTE3MTAwNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDgzMWY0OTI0NGMwZjYyZTgyYjE0YmQzOTc2MjMwNjZhYWFlOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuoHWRQ88b11mVm4I8vgZI8FbNmL
YkSHLRsBfwqPW0w0Srz2Ynh8a5G67IWqtQjK3KTyP7UF2GSwABVe4OhroufZpUmz
ZoPsUUa6lZA4iBAYxz25UKMzUHfj82Z2EGfBLiBAEweyljsRrI87a+FLLZ+Ikhi3
jQiXmFPAgdZay3zeyNCK7xohdQIP2LULbUFyJrtNT7NC5lNE7uyJkD6J/7WXIh6u
YDsIV2KlKL34VHtAarHYnjAHxbuuYLSQMZibNSpnkzX/Vq0wlQm6h5NnzOImzP5M
ubdZ6dUaX5rtAts3u31a6+U4E6LoCgO1IDjaU91gGiL57zorSycrI3aixwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGSDH0kkTA9i6CsUvTl2IwZqqui9MB8GA1UdIwQY
MBaAFDhQbYCrWS3nvgozG79PoAaNQUCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9mOTRmNzgtZjI2Mi00MjA3LThmMTgt
OGRmOGFmMzAwMWJjLzEvWklNZlNTUk1EMkxvS3hTOU9YWWpCbXFxNkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9mOTRmNzgtZjI2Mi00MjA3LThmMTgtOGRmOGFmMzAwMWJj
LzEvT0ZCdGdLdFpMZWUtQ2pNYnYwLWdCbzFCUUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+b4AwQA
wmZ1AwQAwmmPAwQAwn7NMA0GCSqGSIb3DQEBCwUAA4IBAQBa2MRpsjaND1gpX/tK
6E/WiBEypTDV2OtSxeOdELYjT3Xfw6bu/TrKAtyyGVOyU3t4QDhDJPltDUgr5J/0
rOyAWv8q5ZE46PCR0MqpFUoobavIwfKdG81Eo3WhmVJRtrBfmzihTwwFaCRitaE6
W1e9g+/ubKPdiUyByIXtq0nkVvC2IEYNUvb9MAtayyReQjZrem44yVCnr2pE+AMO
6VmCu2Nrx2Pr9DcqgM4K9DAiUIG9MZgX3RBGHHW1gCEgA4ZiU3yp+CcWiKr+Lk6F
w7IaYnXTFa+guVjfkeBBQdO6JlQIUDmVVdVD7XoX1TfcdlSM9FLYww2fb0BIg6OM
fsNw
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:51:59 2024 by rpki-client on console-fra.rpki-client.org