Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ZcnwxsHfR-WZqOdxUhttbP5b758.roa
File: ZcnwxsHfR-WZqOdxUhttbP5b758.roa (raw, json)
Hash identifier: oKzjlabDuRnZvmdXkP14uCojdFdEjTnDsiauKW5p7p0=
Subject key identifier: 65:C9:F0:C6:C1:DF:47:E5:99:A8:E7:71:52:1B:6D:6C:FE:5B:EF:9F
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 0190FE5DD0C3633BD24FE3533ABEFE497D9B
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ZcnwxsHfR-WZqOdxUhttbP5b758.roa
Signing time: Mon 29 Jul 2024 12:01:19 +0000
ROA not before: Mon 29 Jul 2024 12:01:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.243.0/24 maxlen: 24
45.136.206.0/24 maxlen: 24
88.218.250.0/24 maxlen: 24
193.28.183.0/24 maxlen: 24
193.47.41.0/24 maxlen: 24
194.61.233.0/24 maxlen: 24
194.147.88.0/24 maxlen: 24
194.156.94.0/24 maxlen: 24
194.169.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:5d:d0:c3:63:3b:d2:4f:e3:53:3a:be:fe:49:7d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jul 29 12:01:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65c9f0c6c1df47e599a8e771521b6d6cfe5bef9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:02:48:90:c4:4a:12:7f:e2:63:ec:5e:76:2a:
ab:7f:fa:03:1e:99:1a:06:99:55:90:22:3b:15:af:
b9:bc:2f:8b:d2:68:6a:7e:75:2b:bb:80:a1:a1:68:
1d:dc:cc:fe:23:0e:23:eb:c6:b8:f8:f9:7c:8f:27:
cc:2d:2f:17:f2:5f:86:24:0f:9c:a4:47:80:17:48:
e1:6a:9d:ae:09:8c:9a:d5:54:bb:86:31:0a:c4:85:
9c:a3:6d:6f:49:cb:eb:b6:44:f1:83:2c:f6:00:9e:
ea:5e:13:24:68:78:fb:7b:90:49:a6:06:58:ac:21:
6d:2e:0e:79:b8:f6:84:17:12:04:70:4f:ea:ae:65:
3e:f9:ad:f1:69:1c:f5:65:0f:ef:d5:cc:51:71:43:
2f:1d:47:13:28:22:01:35:b0:4a:45:2e:10:f4:b1:
5f:ba:20:15:5f:4a:53:e4:0d:d1:a6:7d:5e:5a:73:
d7:8f:a7:6c:cd:70:1b:47:2e:c6:12:e2:44:82:3c:
61:54:4e:37:07:7a:3f:20:29:82:ea:53:4a:9d:f6:
a6:be:6a:0b:da:55:91:a5:a2:c9:af:ba:67:18:46:
17:f3:f5:6e:23:a2:ca:b3:61:16:22:94:b6:39:af:
29:b2:59:f7:4d:f3:70:bc:b9:dd:92:b1:6a:1a:3e:
fa:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C9:F0:C6:C1:DF:47:E5:99:A8:E7:71:52:1B:6D:6C:FE:5B:EF:9F
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ZcnwxsHfR-WZqOdxUhttbP5b758.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.243.0/24
45.136.206.0/24
88.218.250.0/24
193.28.183.0/24
193.47.41.0/24
194.61.233.0/24
194.147.88.0/24
194.156.94.0/24
194.169.86.0/24
Signature Algorithm: sha256WithRSAEncryption
98:45:d8:ba:65:10:d4:2f:36:e6:fc:51:9b:8e:1c:84:28:20:
e1:de:45:92:00:a9:75:aa:d3:5d:16:38:fa:b4:3a:11:00:e4:
e3:67:f5:ac:e1:90:9a:2b:56:da:ea:95:b1:74:49:eb:2d:a4:
98:a1:0f:5c:0a:02:d6:94:19:ce:2a:e9:93:66:ac:88:c4:20:
86:56:6e:5e:a1:78:96:76:88:32:2f:18:4d:20:df:92:83:26:
c4:12:76:0b:63:1c:77:71:fc:4d:a9:4e:a6:da:7a:5a:ee:3c:
86:5e:a1:ea:2b:fe:3a:0f:44:78:7e:cb:27:77:16:a8:c8:8e:
d3:d0:56:ce:12:9a:18:c3:16:53:44:87:01:cd:10:74:63:8d:
a5:12:13:f4:77:e2:85:1e:03:27:df:83:3e:cb:6a:84:c5:72:
80:78:03:df:47:4e:17:db:5b:a7:f5:d9:9e:34:75:63:42:d6:
31:05:5d:2e:fc:41:82:72:eb:81:56:a0:5e:24:87:9d:81:19:
a8:cc:4a:18:d5:86:4f:ae:63:ee:54:30:35:1e:73:5d:56:5c:
24:6e:44:0a:78:db:d8:66:9f:00:70:a0:a3:ba:2d:e4:93:6c:
e4:54:3d:4d:9c:eb:bb:5e:1c:57:75:81:20:c8:04:61:21:31:
f5:1a:9f:fb
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZD+XdDDYzvST+NTOr7+SX2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNzI5MTIwMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWM5ZjBjNmMxZGY0N2U1OTlhOGU3NzE1MjFiNmQ2Y2ZlNWJlZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQJIkMRKEn/iY+xediqrf/oDHpka
BplVkCI7Fa+5vC+L0mhqfnUru4ChoWgd3Mz+Iw4j68a4+Pl8jyfMLS8X8l+GJA+c
pEeAF0jhap2uCYya1VS7hjEKxIWco21vScvrtkTxgyz2AJ7qXhMkaHj7e5BJpgZY
rCFtLg55uPaEFxIEcE/qrmU++a3xaRz1ZQ/v1cxRcUMvHUcTKCIBNbBKRS4Q9LFf
uiAVX0pT5A3Rpn1eWnPXj6dszXAbRy7GEuJEgjxhVE43B3o/ICmC6lNKnfamvmoL
2lWRpaLJr7pnGEYX8/VuI6LKs2EWIpS2Oa8psln3TfNwvLndkrFqGj76wwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGXJ8MbB30flmajncVIbbWz+W++fMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvWmNud3hzSGZSLVdacU9keFVodHRiUDViNzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjjzAwQA
LYjOAwQAWNr6AwQAwRy3AwQAwS8pAwQAwj3pAwQAwpNYAwQAwpxeAwQAwqlWMA0G
CSqGSIb3DQEBCwUAA4IBAQCYRdi6ZRDULzbm/FGbjhyEKCDh3kWSAKl1qtNdFjj6
tDoRAOTjZ/Ws4ZCaK1ba6pWxdEnrLaSYoQ9cCgLWlBnOKumTZqyIxCCGVm5eoXiW
dogyLxhNIN+SgybEEnYLYxx3cfxNqU6m2npa7jyGXqHqK/46D0R4fssndxaoyI7T
0FbOEpoYwxZTRIcBzRB0Y42lEhP0d+KFHgMn34M+y2qExXKAeAPfR04X21un9dme
NHVjQtYxBV0u/EGCcuuBVqBeJIedgRmozEoY1YZPrmPuVDA1HnNdVlwkbkQKeNvY
Zp8AcKCjui3kk2zkVD1NnOu7XhxXdYEgyARhITH1Gp/7
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:59:57 2024 by rpki-client on console-ams.rpki-client.org