Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ZhzfQLtUPbXSS_yploJx5dfx8-s.roa
File: ZhzfQLtUPbXSS_yploJx5dfx8-s.roa (raw, json)
Hash identifier: Di9wixGOw4Llu6Ada+XYu+Vl/vmvPpxwjRT63s/20w0=
Subject key identifier: 66:1C:DF:40:BB:54:3D:B5:D2:4B:FC:A9:96:82:71:E5:D7:F1:F3:EB
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CC2DAD9226EDFF3E14B3EE571A6D35F15
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ZhzfQLtUPbXSS_yploJx5dfx8-s.roa
Signing time: Mon 01 Jan 2024 02:29:31 +0000
ROA not before: Mon 01 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197704
IP address blocks: 195.136.194.0/23 maxlen: 23
194.183.54.0/23 maxlen: 24
195.136.18.0/23 maxlen: 23
82.177.112.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 04:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d9:22:6e:df:f3:e1:4b:3e:e5:71:a6:d3:5f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=661cdf40bb543db5d24bfca9968271e5d7f1f3eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3d:91:ec:32:21:ea:2f:85:9d:b9:e6:0d:cc:
cf:f6:f2:be:5e:6f:71:c5:73:85:9d:4b:15:88:93:
b7:3c:11:3f:43:a6:e0:cf:53:ec:26:b2:06:a6:e5:
78:fb:d8:7a:77:e6:52:c5:cd:11:c4:fb:4d:30:f6:
d2:95:99:53:09:fa:2e:25:93:b5:ec:33:ea:0f:4b:
c7:0d:a9:ad:48:ab:96:f9:64:36:6b:9f:4e:60:00:
6e:72:03:24:2b:f6:00:3b:0a:55:84:b6:c5:85:52:
1c:05:d7:0c:66:e8:84:91:4f:9f:3d:8d:bc:ec:8e:
67:f2:97:c1:14:58:81:d5:44:47:e5:8c:41:18:fc:
4d:6a:0e:e8:6a:cf:93:bd:f4:a9:d9:40:5e:a7:86:
36:be:0a:b7:79:7f:2d:26:68:01:af:e3:d9:b2:09:
11:e8:1d:76:2d:b4:a4:b7:36:35:22:9c:47:ed:a7:
22:91:23:ac:e6:c6:a2:8d:dc:cc:86:49:81:1d:57:
9a:7a:cc:3e:00:8a:1d:c9:fa:ef:47:05:f9:98:55:
6e:42:b7:28:99:5b:70:5a:f9:75:3a:34:db:60:a4:
4a:76:62:73:99:44:65:c3:81:8e:78:c0:ae:20:bf:
d4:7f:7b:5f:22:c9:97:47:96:c0:5f:55:48:8b:56:
9a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1C:DF:40:BB:54:3D:B5:D2:4B:FC:A9:96:82:71:E5:D7:F1:F3:EB
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ZhzfQLtUPbXSS_yploJx5dfx8-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.177.112.0/23
194.183.54.0/23
195.136.18.0/23
195.136.194.0/23
Signature Algorithm: sha256WithRSAEncryption
56:81:e6:78:d2:72:b9:6d:f7:4e:04:38:8c:64:cb:3b:30:8e:
97:6a:69:4f:6f:ce:1f:73:20:9c:37:47:99:3a:62:d8:d7:64:
51:3b:81:83:b0:3c:c2:cb:4f:56:b6:b1:1c:88:96:8f:28:4d:
d8:c6:fe:da:cc:3e:6c:4d:c8:97:7b:45:af:8b:b8:eb:e1:70:
23:ce:f3:5e:6e:4c:e0:ad:5f:ac:01:c2:35:eb:79:01:71:f2:
35:4e:89:d4:96:3b:6b:77:1b:3c:f6:94:47:c9:2c:38:a2:b3:
87:ce:5d:74:68:1e:d4:07:20:02:b0:ff:66:8d:0c:c9:72:81:
a8:5a:0a:04:cc:4b:e5:90:e1:fb:75:08:10:ea:5a:1b:00:e7:
4b:25:50:71:a6:db:99:63:d0:23:da:0e:50:0e:ac:4e:a7:93:
99:31:36:bf:aa:ef:25:97:da:cf:bd:41:f5:a0:d9:13:23:e0:
27:97:34:7f:02:66:1c:a3:97:86:af:d4:26:cf:49:b9:ac:d9:
7e:8c:73:08:5f:c7:f6:40:e8:bf:1f:19:40:0c:7d:45:56:21:
71:5b:22:1a:8a:a1:5a:24:f4:a8:ee:c1:80:e9:45:5e:07:f3:
f0:78:7a:ce:33:83:8b:40:15:c1:42:d2:ae:8b:4c:6b:20:7e:
56:aa:81:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2tkibt/z4Us+5XGm018VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjFjZGY0MGJiNTQzZGI1ZDI0YmZjYTk5NjgyNzFlNWQ3ZjFmM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz2R7DIh6i+FnbnmDczP9vK+Xm9x
xXOFnUsViJO3PBE/Q6bgz1PsJrIGpuV4+9h6d+ZSxc0RxPtNMPbSlZlTCfouJZO1
7DPqD0vHDamtSKuW+WQ2a59OYABucgMkK/YAOwpVhLbFhVIcBdcMZuiEkU+fPY28
7I5n8pfBFFiB1URH5YxBGPxNag7oas+TvfSp2UBep4Y2vgq3eX8tJmgBr+PZsgkR
6B12LbSktzY1IpxH7acikSOs5saijdzMhkmBHVeaesw+AIodyfrvRwX5mFVuQrco
mVtwWvl1OjTbYKRKdmJzmURlw4GOeMCuIL/Uf3tfIsmXR5bAX1VIi1aaFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGYc30C7VD210kv8qZaCceXX8fPrMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvWmh6ZlFMdFVQYlhTU195cGxvSng1ZGZ4OC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUrFwAwQB
wrc2AwQBw4gSAwQBw4jCMA0GCSqGSIb3DQEBCwUAA4IBAQBWgeZ40nK5bfdOBDiM
ZMs7MI6XamlPb84fcyCcN0eZOmLY12RRO4GDsDzCy09WtrEciJaPKE3Yxv7azD5s
TciXe0Wvi7jr4XAjzvNebkzgrV+sAcI163kBcfI1TonUljtrdxs89pRHySw4orOH
zl10aB7UByACsP9mjQzJcoGoWgoEzEvlkOH7dQgQ6lobAOdLJVBxptuZY9Aj2g5Q
DqxOp5OZMTa/qu8ll9rPvUH1oNkTI+AnlzR/AmYco5eGr9Qmz0m5rNl+jHMIX8f2
QOi/HxlADH1FViFxWyIaiqFaJPSo7sGA6UVeB/PweHrOM4OLQBXBQtKui0xrIH5W
qoHC
-----END CERTIFICATE-----
Generated at Mon May 20 10:13:31 2024 by rpki-client on console-ams.rpki-client.org