Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/13754c-8be7-460e-8507-13575ef729f3/1/zJqgQpmOLeTrVebojjzPsGgcIh8.roa
File: zJqgQpmOLeTrVebojjzPsGgcIh8.roa (raw, json)
Hash identifier: fiLqmdWqaZf8rcOk5/44DrVfXWLn199hME6Mb+mZWDc=
Subject key identifier: CC:9A:A0:42:99:8E:2D:E4:EB:55:E6:E8:8E:3C:CF:B0:68:1C:22:1F
Certificate issuer: /CN=c3eb70743815fe445c958a3c5117ef2753d30f7e
Certificate serial: 018CCA99FD250E530EC00BA406D82F8639CB
Authority key identifier: C3:EB:70:74:38:15:FE:44:5C:95:8A:3C:51:17:EF:27:53:D3:0F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w-twdDgV_kRclYo8URfvJ1PTD34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/13754c-8be7-460e-8507-13575ef729f3/1/zJqgQpmOLeTrVebojjzPsGgcIh8.roa
Signing time: Tue 02 Jan 2024 14:35:38 +0000
ROA not before: Tue 02 Jan 2024 14:35:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198297
IP address blocks: 185.86.134.0/24 maxlen: 24
185.86.135.0/24 maxlen: 24
185.86.134.0/23 maxlen: 23
185.86.133.0/24 maxlen: 24
185.86.132.0/23 maxlen: 23
185.86.132.0/22 maxlen: 22
185.86.132.9/32 maxlen: 32
185.86.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/13754c-8be7-460e-8507-13575ef729f3/1/w-twdDgV_kRclYo8URfvJ1PTD34.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/13754c-8be7-460e-8507-13575ef729f3/1/w-twdDgV_kRclYo8URfvJ1PTD34.mft
rsync://rpki.ripe.net/repository/DEFAULT/w-twdDgV_kRclYo8URfvJ1PTD34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:fd:25:0e:53:0e:c0:0b:a4:06:d8:2f:86:39:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3eb70743815fe445c958a3c5117ef2753d30f7e
Validity
Not Before: Jan 2 14:35:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc9aa042998e2de4eb55e6e88e3ccfb0681c221f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:16:40:0c:f0:b5:0a:6f:d6:63:9d:d3:16:8e:
f4:ea:42:c4:d5:a9:32:46:b1:b4:f1:3c:09:12:54:
1c:a3:52:c9:9c:92:e2:f2:fb:6f:41:9e:46:18:43:
25:8c:9b:2d:5d:e6:8c:68:ab:62:38:f4:1d:bd:ac:
e5:09:3e:7a:8d:38:70:7b:83:f4:dc:53:c7:f9:3a:
2c:84:84:91:7b:c4:a9:5c:08:30:69:7b:c3:3c:76:
ae:06:50:ca:f7:6b:c2:09:66:f5:96:5e:af:ff:dd:
f1:1f:64:56:b8:45:06:66:c3:1b:58:a7:40:1f:c4:
3d:d4:c0:6a:61:6a:0e:9b:55:c0:ad:c1:5a:c6:72:
a8:4d:04:de:ad:b3:2d:07:72:5b:1f:88:30:d6:0a:
ec:f5:bb:cb:80:75:1f:f2:62:89:5a:a2:51:2a:3a:
7b:cf:41:a7:2e:90:25:ac:f8:4e:84:16:aa:27:58:
45:d9:1f:51:9c:3f:4b:a9:a3:dc:f6:b2:56:17:ce:
bd:b0:67:c1:13:e2:42:21:97:12:95:b0:4c:b6:f6:
48:81:62:f8:b8:c1:2e:b5:64:ed:bc:ed:81:14:4e:
a7:72:eb:af:3b:d9:7e:3e:4f:bf:93:3c:9c:37:32:
b3:cf:eb:51:5b:97:12:18:59:eb:06:28:11:0e:56:
aa:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9A:A0:42:99:8E:2D:E4:EB:55:E6:E8:8E:3C:CF:B0:68:1C:22:1F
X509v3 Authority Key Identifier:
keyid:C3:EB:70:74:38:15:FE:44:5C:95:8A:3C:51:17:EF:27:53:D3:0F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w-twdDgV_kRclYo8URfvJ1PTD34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/13754c-8be7-460e-8507-13575ef729f3/1/zJqgQpmOLeTrVebojjzPsGgcIh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/13754c-8be7-460e-8507-13575ef729f3/1/w-twdDgV_kRclYo8URfvJ1PTD34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.132.0/22
Signature Algorithm: sha256WithRSAEncryption
30:f3:9b:ee:30:d7:a2:3e:b2:5e:22:d9:e8:2f:ea:ce:91:f4:
b1:c3:1a:5e:de:8b:4c:cc:72:22:11:99:7d:8e:88:6f:75:3d:
e0:e9:a4:f8:da:62:22:40:5f:88:ae:5e:88:00:41:36:af:d9:
d5:c5:40:9c:c7:71:36:56:2f:63:4d:2e:da:9b:4f:66:0d:77:
be:db:4d:9c:4e:35:27:a7:18:e7:b0:b0:9f:b1:83:2d:fc:2e:
14:a3:52:bd:ef:bf:72:9d:ef:82:de:00:fb:48:f3:12:0e:27:
1a:58:62:fa:d1:94:75:c3:d1:6d:c8:ed:ee:3f:60:c0:97:43:
92:ed:c4:15:5c:7b:56:3f:cb:dd:49:42:31:ad:08:8d:aa:47:
71:32:74:1b:44:c1:45:57:a0:8d:9b:bd:05:31:f7:78:69:72:
05:b8:40:b9:7d:84:a9:b7:20:6a:d2:48:d3:61:7f:12:d4:fa:
ef:9b:57:7a:ef:35:2e:1c:33:ed:19:c7:38:6b:fa:99:e2:ba:
1e:b2:ed:17:36:cc:80:5e:9f:58:d3:74:57:9c:17:ef:ac:ab:
f8:8b:7e:76:8a:7d:c5:1d:88:59:21:98:f4:79:f8:87:ea:a2:
42:fb:db:04:81:bd:87:8c:dc:ac:a7:ce:04:b0:fb:c7:aa:4b:
9a:66:43:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmf0lDlMOwAukBtgvhjnLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZWI3MDc0MzgxNWZlNDQ1Yzk1OGEzYzUxMTdlZjI3NTNk
MzBmN2UwHhcNMjQwMTAyMTQzNTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzlhYTA0Mjk5OGUyZGU0ZWI1NWU2ZTg4ZTNjY2ZiMDY4MWMyMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRZADPC1Cm/WY53TFo706kLE1aky
RrG08TwJElQco1LJnJLi8vtvQZ5GGEMljJstXeaMaKtiOPQdvazlCT56jThwe4P0
3FPH+ToshISRe8SpXAgwaXvDPHauBlDK92vCCWb1ll6v/93xH2RWuEUGZsMbWKdA
H8Q91MBqYWoOm1XArcFaxnKoTQTerbMtB3JbH4gw1grs9bvLgHUf8mKJWqJRKjp7
z0GnLpAlrPhOhBaqJ1hF2R9RnD9LqaPc9rJWF869sGfBE+JCIZcSlbBMtvZIgWL4
uMEutWTtvO2BFE6ncuuvO9l+Pk+/kzycNzKzz+tRW5cSGFnrBigRDlaqBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMyaoEKZji3k61Xm6I48z7BoHCIfMB8GA1UdIwQY
MBaAFMPrcHQ4Ff5EXJWKPFEX7ydT0w9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdy10d2REZ1Zfa1JjbFlvOFVSZnZKMVBURDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xMzc1NGMtOGJlNy00NjBlLTg1MDct
MTM1NzVlZjcyOWYzLzEvekpxZ1FwbU9MZVRyVmVib2pqelBzR2djSWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xMzc1NGMtOGJlNy00NjBlLTg1MDctMTM1NzVlZjcyOWYz
LzEvdy10d2REZ1Zfa1JjbFlvOFVSZnZKMVBURDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVaEMA0G
CSqGSIb3DQEBCwUAA4IBAQAw85vuMNeiPrJeItnoL+rOkfSxwxpe3otMzHIiEZl9
johvdT3g6aT42mIiQF+Irl6IAEE2r9nVxUCcx3E2Vi9jTS7am09mDXe+202cTjUn
pxjnsLCfsYMt/C4Uo1K9779yne+C3gD7SPMSDicaWGL60ZR1w9FtyO3uP2DAl0OS
7cQVXHtWP8vdSUIxrQiNqkdxMnQbRMFFV6CNm70FMfd4aXIFuEC5fYSptyBq0kjT
YX8S1Prvm1d67zUuHDPtGcc4a/qZ4roesu0XNsyAXp9Y03RXnBfvrKv4i352in3F
HYhZIZj0efiH6qJC+9sEgb2HjNysp84EsPvHqkuaZkNa
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:36:42 2024 by rpki-client on console-fra.rpki-client.org