Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/zeUGjIpQPzh4iPsKYAPFhkkaFUc.roa
File: zeUGjIpQPzh4iPsKYAPFhkkaFUc.roa (raw, json)
Hash identifier: +n5+jVpFG1bJn6J+JoYIcXDJ1LiNO6FL+O4hd4l9hZY=
Subject key identifier: CD:E5:06:8C:8A:50:3F:38:78:88:FB:0A:60:03:C5:86:49:1A:15:47
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B72D946F457C5CE79BDDA6432E6E07
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/zeUGjIpQPzh4iPsKYAPFhkkaFUc.roa
Signing time: Mon 01 Jan 2024 06:30:11 +0000
ROA not before: Mon 01 Jan 2024 06:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8953
IP address blocks: 92.180.0.0/17 maxlen: 24
90.84.224.0/20 maxlen: 24
90.95.0.0/16 maxlen: 24
90.84.208.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 10:36:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2d:94:6f:45:7c:5c:e7:9b:dd:a6:43:2e:6e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cde5068c8a503f387888fb0a6003c586491a1547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:83:2e:73:44:cc:ca:89:e1:bf:5f:ca:b9:76:
be:9f:30:eb:7f:5d:44:6b:59:36:f1:ff:1d:b3:cb:
ba:71:53:de:90:69:bc:6f:5f:23:a8:1f:af:3c:a8:
a4:ec:4d:60:f9:1c:71:88:c6:73:2d:c4:48:9e:6b:
4c:2e:c0:e0:9c:84:ff:ef:05:cd:5c:eb:b8:65:be:
6f:85:11:66:16:a1:2b:04:09:32:1b:e3:7c:97:b0:
bb:d3:2f:c0:15:fb:35:32:ac:ca:29:9f:61:a5:7d:
4e:c5:12:d0:51:64:98:53:bb:00:30:2b:28:64:77:
c9:99:2d:4e:39:79:eb:4c:1f:6a:7b:31:42:d3:d5:
49:b3:56:78:60:a3:db:3e:9a:af:03:64:dd:75:bc:
39:f1:b6:2a:45:aa:20:15:4a:2d:5a:5f:c2:cd:ee:
27:4f:95:a9:66:c6:3f:66:01:87:e0:d0:9d:83:19:
7f:e5:6a:4b:99:ed:55:48:9c:51:bb:8c:22:33:8d:
dc:44:04:52:4f:d3:3a:fa:0f:a2:9e:ba:57:84:53:
c4:70:3a:10:cc:a7:cb:4d:ec:39:16:3b:64:a4:bb:
21:51:e2:0c:2b:0d:85:b9:f0:24:3a:d6:65:71:58:
91:ec:1a:e9:d7:f6:1b:06:5d:ce:7c:95:34:53:f3:
64:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E5:06:8C:8A:50:3F:38:78:88:FB:0A:60:03:C5:86:49:1A:15:47
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/zeUGjIpQPzh4iPsKYAPFhkkaFUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.84.208.0/21
90.84.224.0/20
90.95.0.0/16
92.180.0.0/17
Signature Algorithm: sha256WithRSAEncryption
63:90:fe:36:86:1e:ca:6a:52:38:b1:26:26:d9:47:cd:de:43:
bb:bd:ce:e4:a8:c8:cc:28:bf:60:31:9d:2e:b0:71:f3:c0:c8:
63:f9:aa:b4:08:85:04:ce:db:80:ef:b1:02:2b:84:ee:a0:72:
5e:7a:e4:f5:5f:5f:76:12:94:36:d2:f1:3e:4e:a6:38:76:e3:
d6:c3:77:9f:17:99:87:fc:02:84:bb:ee:f3:32:70:03:ad:e9:
81:8d:6d:19:2a:dc:b0:ea:93:bd:7b:e9:d6:14:ee:8b:5a:4b:
77:9a:c4:3f:b2:55:d4:23:4e:0a:d9:60:49:a7:eb:a4:ca:bb:
e6:c2:6d:55:f5:fd:fa:84:83:16:01:2a:2b:38:d6:e9:99:c7:
7a:f2:f2:3f:47:b1:11:f4:ee:75:ff:eb:cc:1e:a4:f8:cd:46:
cf:74:4c:37:ba:d2:b3:5c:30:27:e5:5b:93:dc:77:6a:8e:2f:
31:d0:9a:1c:6c:f6:93:55:cb:a5:49:8b:4f:53:51:ac:af:cc:
92:a9:d3:c2:c4:1c:a3:fe:6f:75:83:bc:6a:08:24:d3:64:98:
33:8d:54:f0:00:cd:f8:a9:ad:dd:d8:7b:57:91:0b:34:90:a0:
c8:2f:ef:f9:d2:d8:28:1b:4e:f4:58:d3:2a:e6:fa:f9:23:c4:
a9:4b:37:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDty2Ub0V8XOeb3aZDLm4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGU1MDY4YzhhNTAzZjM4Nzg4OGZiMGE2MDAzYzU4NjQ5MWExNTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4Muc0TMyonhv1/KuXa+nzDrf11E
a1k28f8ds8u6cVPekGm8b18jqB+vPKik7E1g+RxxiMZzLcRInmtMLsDgnIT/7wXN
XOu4Zb5vhRFmFqErBAkyG+N8l7C70y/AFfs1MqzKKZ9hpX1OxRLQUWSYU7sAMCso
ZHfJmS1OOXnrTB9qezFC09VJs1Z4YKPbPpqvA2Tddbw58bYqRaogFUotWl/Cze4n
T5WpZsY/ZgGH4NCdgxl/5WpLme1VSJxRu4wiM43cRARST9M6+g+inrpXhFPEcDoQ
zKfLTew5FjtkpLshUeIMKw2FufAkOtZlcViR7Brp1/YbBl3OfJU0U/NkJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM3lBoyKUD84eIj7CmADxYZJGhVHMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvemVVR2pJcFFQemg0aVBzS1lBUEZoa2thRlVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwQDWlTQAwQE
WlTgAwMAWl8DBAdctAAwDQYJKoZIhvcNAQELBQADggEBAGOQ/jaGHspqUjixJibZ
R83eQ7u9zuSoyMwov2AxnS6wcfPAyGP5qrQIhQTO24DvsQIrhO6gcl565PVfX3YS
lDbS8T5Opjh249bDd58XmYf8AoS77vMycAOt6YGNbRkq3LDqk7176dYU7otaS3ea
xD+yVdQjTgrZYEmn66TKu+bCbVX1/fqEgxYBKis41umZx3ry8j9HsRH07nX/68we
pPjNRs90TDe60rNcMCflW5Pcd2qOLzHQmhxs9pNVy6VJi09TUayvzJKp08LEHKP+
b3WDvGoIJNNkmDONVPAAzfiprd3Ye1eRCzSQoMgv7/nS2CgbTvRY0yrm+vkjxKlL
Nwo=
-----END CERTIFICATE-----
Generated at Thu May 30 16:22:53 2024 by rpki-client on console-ams.rpki-client.org