Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/54560f-9f39-469d-80cf-10d02a710216/1/SARZNBLMtVFMX3zihgI8t9QojNE.roa
File: SARZNBLMtVFMX3zihgI8t9QojNE.roa (raw, json)
Hash identifier: Q0b3YyNkw233eiOY3Utww7h60J2C085WeEZX7NL3ioU=
Subject key identifier: 48:04:59:34:12:CC:B5:51:4C:5F:7C:E2:86:02:3C:B7:D4:28:8C:D1
Certificate issuer: /CN=6ffce16ffd6a9ba9c57314558a447fabf6c5c0da
Certificate serial: 018CC8DEE44A38D98DC2D43E5391A9489E12
Authority key identifier: 6F:FC:E1:6F:FD:6A:9B:A9:C5:73:14:55:8A:44:7F:AB:F6:C5:C0:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_zhb_1qm6nFcxRVikR_q_bFwNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/54560f-9f39-469d-80cf-10d02a710216/1/SARZNBLMtVFMX3zihgI8t9QojNE.roa
Signing time: Tue 02 Jan 2024 06:31:39 +0000
ROA not before: Tue 02 Jan 2024 06:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206694
IP address blocks: 193.53.86.0/24 maxlen: 24
185.122.122.0/24 maxlen: 24
185.122.121.0/24 maxlen: 24
185.122.123.0/24 maxlen: 24
185.122.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/54560f-9f39-469d-80cf-10d02a710216/1/b_zhb_1qm6nFcxRVikR_q_bFwNo.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/54560f-9f39-469d-80cf-10d02a710216/1/b_zhb_1qm6nFcxRVikR_q_bFwNo.mft
rsync://rpki.ripe.net/repository/DEFAULT/b_zhb_1qm6nFcxRVikR_q_bFwNo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:e4:4a:38:d9:8d:c2:d4:3e:53:91:a9:48:9e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ffce16ffd6a9ba9c57314558a447fabf6c5c0da
Validity
Not Before: Jan 2 06:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4804593412ccb5514c5f7ce286023cb7d4288cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:14:a3:9c:cf:a7:ac:96:c7:c1:97:43:7e:0e:
09:d0:5d:3e:81:cd:69:f7:e7:a8:7a:67:0a:8c:d7:
5b:3a:37:10:6c:b1:1d:e8:3a:c4:3a:03:19:5f:3d:
0e:22:da:f9:f1:27:a6:49:9f:57:8b:bb:d1:c8:17:
bb:89:02:e9:bd:65:0e:e6:69:d1:89:86:70:99:fe:
34:0f:ab:21:a1:67:1d:5e:6c:be:62:3e:a1:13:4e:
b2:f2:f6:24:bc:03:78:77:00:13:f8:e7:fe:36:e7:
24:25:40:38:f2:53:8e:51:d8:6b:4b:94:e7:26:dc:
17:56:a2:fe:20:f6:2e:03:54:0b:13:8f:81:0c:16:
fd:5c:90:7a:5a:18:c9:9f:a0:25:72:58:21:2c:2c:
79:74:f9:2d:66:43:99:fa:3c:99:bc:ce:34:35:88:
2a:b1:53:4f:43:db:6b:c7:28:01:25:4d:c9:9e:ca:
52:0f:28:7f:ca:43:1d:a0:f9:0f:33:3e:d2:ec:6c:
39:35:64:c3:0c:cf:ec:43:02:0e:9d:df:6b:7a:73:
90:4d:a6:bf:21:cb:6d:d2:98:49:1c:49:fc:8c:2a:
d3:95:d8:dd:33:a8:c7:f0:84:98:2f:b8:41:17:6e:
4d:b7:c2:44:a6:8c:ce:5d:6d:bc:9a:ed:e1:cf:71:
d4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:04:59:34:12:CC:B5:51:4C:5F:7C:E2:86:02:3C:B7:D4:28:8C:D1
X509v3 Authority Key Identifier:
keyid:6F:FC:E1:6F:FD:6A:9B:A9:C5:73:14:55:8A:44:7F:AB:F6:C5:C0:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_zhb_1qm6nFcxRVikR_q_bFwNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/54560f-9f39-469d-80cf-10d02a710216/1/SARZNBLMtVFMX3zihgI8t9QojNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/54560f-9f39-469d-80cf-10d02a710216/1/b_zhb_1qm6nFcxRVikR_q_bFwNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.120.0/22
193.53.86.0/24
Signature Algorithm: sha256WithRSAEncryption
05:b5:1b:13:40:b5:f7:34:5e:33:cc:71:39:85:34:94:cf:83:
12:83:b7:f6:1b:a8:09:d0:02:f3:c3:0b:5f:e2:52:38:33:8b:
f3:60:5d:3f:49:51:56:70:6c:80:33:b6:32:2b:95:1c:69:37:
b5:b0:38:0c:25:f9:11:66:69:42:a1:05:5a:f1:67:14:61:f8:
e8:44:e6:05:ec:5f:1d:32:ef:ed:39:7f:0b:3f:a0:41:51:a8:
d6:00:40:3c:0d:06:94:fb:ca:c9:19:9b:f9:33:ca:a4:28:b2:
fa:25:5c:84:ff:c9:c7:90:99:88:01:41:17:b2:b6:30:90:af:
b5:0c:16:95:ef:ff:f1:83:28:3b:8e:cc:3b:0c:6f:af:d9:85:
ef:e4:3c:b8:12:50:d4:6d:64:ce:4b:64:97:86:92:3f:83:52:
29:52:43:bf:e4:aa:8c:14:bb:41:40:44:f3:b6:7b:87:e7:6e:
f5:ca:4a:2e:33:29:44:3f:12:03:6c:b7:34:6f:32:13:ef:02:
52:d8:81:95:38:c6:f2:d7:28:a6:eb:e3:8d:cf:54:bc:08:db:
b9:8e:de:3b:3b:bb:eb:32:0e:cf:d4:c9:f5:bd:9a:84:25:80:
e6:fd:92:15:22:05:c0:2c:0a:a7:5f:6c:5e:06:97:14:3a:38:
02:fd:3f:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3uRKONmNwtQ+U5GpSJ4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmNlMTZmZmQ2YTliYTljNTczMTQ1NThhNDQ3ZmFiZjZj
NWMwZGEwHhcNMjQwMTAyMDYzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODA0NTkzNDEyY2NiNTUxNGM1ZjdjZTI4NjAyM2NiN2Q0Mjg4Y2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghSjnM+nrJbHwZdDfg4J0F0+gc1p
9+eoemcKjNdbOjcQbLEd6DrEOgMZXz0OItr58SemSZ9Xi7vRyBe7iQLpvWUO5mnR
iYZwmf40D6shoWcdXmy+Yj6hE06y8vYkvAN4dwAT+Of+NuckJUA48lOOUdhrS5Tn
JtwXVqL+IPYuA1QLE4+BDBb9XJB6WhjJn6AlclghLCx5dPktZkOZ+jyZvM40NYgq
sVNPQ9trxygBJU3JnspSDyh/ykMdoPkPMz7S7Gw5NWTDDM/sQwIOnd9renOQTaa/
Ictt0phJHEn8jCrTldjdM6jH8ISYL7hBF25Nt8JEpozOXW28mu3hz3HUNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEgEWTQSzLVRTF984oYCPLfUKIzRMB8GA1UdIwQY
MBaAFG/84W/9apupxXMUVYpEf6v2xcDaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl96aGJfMXFtNm5GY3hSVmlrUl9xX2JGd05vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81NDU2MGYtOWYzOS00NjlkLTgwY2Yt
MTBkMDJhNzEwMjE2LzEvU0FSWk5CTE10VkZNWDN6aWhnSTh0OVFvak5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81NDU2MGYtOWYzOS00NjlkLTgwY2YtMTBkMDJhNzEwMjE2
LzEvYl96aGJfMXFtNm5GY3hSVmlrUl9xX2JGd05vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXp4AwQA
wTVWMA0GCSqGSIb3DQEBCwUAA4IBAQAFtRsTQLX3NF4zzHE5hTSUz4MSg7f2G6gJ
0ALzwwtf4lI4M4vzYF0/SVFWcGyAM7YyK5UcaTe1sDgMJfkRZmlCoQVa8WcUYfjo
ROYF7F8dMu/tOX8LP6BBUajWAEA8DQaU+8rJGZv5M8qkKLL6JVyE/8nHkJmIAUEX
srYwkK+1DBaV7//xgyg7jsw7DG+v2YXv5Dy4ElDUbWTOS2SXhpI/g1IpUkO/5KqM
FLtBQETztnuH5271ykouMylEPxIDbLc0bzIT7wJS2IGVOMby1yim6+ONz1S8CNu5
jt47O7vrMg7P1Mn1vZqEJYDm/ZIVIgXALAqnX2xeBpcUOjgC/T9Z
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:57:57 2024 by rpki-client on console-fra.rpki-client.org