Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/PZBlciOgx1iu--0CUh-TRvfXQnw.roa
File: PZBlciOgx1iu--0CUh-TRvfXQnw.roa (raw, json)
Hash identifier: xe9t8S+Cxqt5Psa+BHBNk0LNByMIygol8p+z4og3Y1I=
Subject key identifier: 3D:90:65:72:23:A0:C7:58:AE:FB:ED:02:52:1F:93:46:F7:D7:42:7C
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CC2DADF9FBC48A20427540FD4A6DB49A2
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/PZBlciOgx1iu--0CUh-TRvfXQnw.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203389
IP address blocks: 82.177.184.0/22 maxlen: 22
88.220.62.0/23 maxlen: 23
195.136.124.0/22 maxlen: 22
82.177.210.0/23 maxlen: 23
88.220.96.0/23 maxlen: 23
88.220.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:df:9f:bc:48:a2:04:27:54:0f:d4:a6:db:49:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d90657223a0c758aefbed02521f9346f7d7427c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a3:e2:93:89:b1:e1:3e:0c:81:1d:29:e7:b8:
d7:c6:3b:fd:7f:d6:3f:55:cc:24:b8:b7:d5:67:c9:
14:0f:ac:6c:5a:bc:23:fd:2a:b4:00:e4:24:6f:d4:
9f:45:47:3d:6a:e0:66:d4:37:4c:e7:b3:15:7a:e8:
5a:63:61:90:61:4b:99:97:e5:87:dc:9d:9b:1c:35:
92:9d:69:1c:ab:76:56:a5:27:ec:cb:a3:28:32:05:
48:33:c1:91:52:8f:cb:63:03:43:57:be:1e:0e:9a:
94:13:5c:6a:f1:ae:80:56:3b:a9:45:7a:2e:b5:11:
f3:8d:fd:1e:de:da:f6:83:67:34:d3:07:9d:24:c1:
13:d7:6a:11:31:95:1e:09:2b:cd:87:e4:d2:43:dc:
e1:6c:3b:ac:ae:74:32:fc:71:29:56:03:08:97:d3:
34:d1:2c:bd:f5:9c:b5:26:41:8a:d6:eb:01:5b:b6:
27:73:e5:b1:95:ea:1c:1a:86:67:dd:0d:83:7b:a0:
8f:0c:14:b5:0c:2d:df:77:07:c4:cd:5e:ab:50:56:
fa:89:5c:66:33:d7:98:be:38:4c:9a:21:41:40:22:
30:f2:49:ec:85:11:a9:d5:b2:f9:a5:69:2c:87:10:
44:82:4d:44:d4:d8:92:d3:96:2e:0c:61:f9:96:42:
48:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:90:65:72:23:A0:C7:58:AE:FB:ED:02:52:1F:93:46:F7:D7:42:7C
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/PZBlciOgx1iu--0CUh-TRvfXQnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.177.184.0/22
82.177.210.0/23
88.220.62.0/23
88.220.96.0/23
88.220.100.0/22
195.136.124.0/22
Signature Algorithm: sha256WithRSAEncryption
05:63:46:eb:36:5b:bd:e9:39:83:e5:ec:19:f3:2d:09:eb:a9:
43:bf:af:13:fd:ff:6e:5b:f2:24:81:94:2c:df:63:bb:6f:21:
c0:c1:61:59:c9:cd:6a:ea:43:fc:b0:54:ce:cc:c9:93:75:17:
d1:79:54:d1:69:5f:b0:a0:bd:29:0b:41:1d:ec:af:eb:4c:8e:
28:71:82:3f:49:a4:d8:3f:64:a3:d3:fd:ff:74:4d:78:a4:93:
97:56:40:c4:c6:43:e9:99:3a:14:c0:df:e7:1e:19:ad:6f:98:
16:8d:2d:04:f2:31:26:a9:f4:c5:c6:ae:4a:55:88:00:48:2e:
5a:14:a7:3b:82:85:87:bc:83:57:b4:70:05:a8:da:69:b8:bf:
67:b7:48:0e:1c:20:27:eb:c7:5e:46:c2:f8:e3:dd:31:69:62:
60:61:d5:6b:8c:cb:a2:9a:86:15:1e:3b:1b:5d:eb:5d:84:e9:
8d:35:79:08:d7:8a:9a:61:fe:9e:af:51:23:b2:69:a6:88:1f:
82:9b:8e:96:47:7b:7b:4e:70:04:79:ba:cc:d6:b5:7d:4f:f6:
d1:fd:4d:d8:d8:42:37:22:1e:98:d6:86:18:61:cb:85:28:b1:
73:de:1b:7a:2b:48:70:2c:06:dc:f0:e3:6b:a5:4f:b0:50:3b:
66:5a:fc:77
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzC2t+fvEiiBCdUD9Sm20miMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDkwNjU3MjIzYTBjNzU4YWVmYmVkMDI1MjFmOTM0NmY3ZDc0MjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6Pik4mx4T4MgR0p57jXxjv9f9Y/
VcwkuLfVZ8kUD6xsWrwj/Sq0AOQkb9SfRUc9auBm1DdM57MVeuhaY2GQYUuZl+WH
3J2bHDWSnWkcq3ZWpSfsy6MoMgVIM8GRUo/LYwNDV74eDpqUE1xq8a6AVjupRXou
tRHzjf0e3tr2g2c00wedJMET12oRMZUeCSvNh+TSQ9zhbDusrnQy/HEpVgMIl9M0
0Sy99Zy1JkGK1usBW7Ync+WxleocGoZn3Q2De6CPDBS1DC3fdwfEzV6rUFb6iVxm
M9eYvjhMmiFBQCIw8knshRGp1bL5pWkshxBEgk1E1NiS05YuDGH5lkJIoQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD2QZXIjoMdYrvvtAlIfk0b310J8MB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvUFpCbGNpT2d4MWl1LS0wQ1VoLVRSdmZYUW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCUrG4AwQB
UrHSAwQBWNw+AwQBWNxgAwQCWNxkAwQCw4h8MA0GCSqGSIb3DQEBCwUAA4IBAQAF
Y0brNlu96TmD5ewZ8y0J66lDv68T/f9uW/IkgZQs32O7byHAwWFZyc1q6kP8sFTO
zMmTdRfReVTRaV+woL0pC0Ed7K/rTI4ocYI/SaTYP2Sj0/3/dE14pJOXVkDExkPp
mToUwN/nHhmtb5gWjS0E8jEmqfTFxq5KVYgASC5aFKc7goWHvINXtHAFqNppuL9n
t0gOHCAn68deRsL4490xaWJgYdVrjMuimoYVHjsbXetdhOmNNXkI14qaYf6er1Ej
smmmiB+Cm46WR3t7TnAEebrM1rV9T/bR/U3Y2EI3Ih6Y1oYYYcuFKLFz3ht6K0hw
LAbc8ONrpU+wUDtmWvx3
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:32:45 2024 by rpki-client on console-ams.rpki-client.org