Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/zbF9iBDlM6Sl-WEqS_yr5e3Hqc0.roa
File: zbF9iBDlM6Sl-WEqS_yr5e3Hqc0.roa (raw, json)
Hash identifier: gX09Gx5AalSkonjzItgCo1RG2Lxb0z3w7CN8tzlNScE=
Subject key identifier: CD:B1:7D:88:10:E5:33:A4:A5:F9:61:2A:4B:FC:AB:E5:ED:C7:A9:CD
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 0193062189ECE881ADE671DC6CEC0FF3FFBD
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/zbF9iBDlM6Sl-WEqS_yr5e3Hqc0.roa
Signing time: Thu 07 Nov 2024 10:18:01 +0000
ROA not before: Thu 07 Nov 2024 10:18:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25534
IP address blocks: 185.146.16.0/22 maxlen: 24
185.146.16.0/23 maxlen: 24
217.15.176.0/20 maxlen: 24
217.15.176.0/22 maxlen: 24
217.15.180.0/22 maxlen: 24
217.15.184.0/22 maxlen: 24
217.15.188.0/22 maxlen: 24
2a00:1a08::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.mft
rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:06:21:89:ec:e8:81:ad:e6:71:dc:6c:ec:0f:f3:ff:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: Nov 7 10:18:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdb17d8810e533a4a5f9612a4bfcabe5edc7a9cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e5:3f:5a:b8:ac:8c:83:74:99:02:dd:44:4a:
b8:c2:cc:75:f8:81:48:82:c2:29:ac:80:29:6d:11:
31:7c:07:38:87:4f:f9:c2:16:99:fe:da:cd:d3:c9:
b3:86:d5:ee:1e:f3:11:ee:3b:f3:07:05:47:de:9e:
b8:d2:80:89:5e:ed:36:3c:12:3c:28:43:70:c6:7e:
aa:21:fd:55:06:be:aa:01:1b:87:4b:40:33:79:90:
d5:f1:e4:a8:00:11:2c:ad:4c:56:41:7d:2e:1a:de:
6e:91:6a:3c:ca:42:89:65:19:0d:b0:82:15:da:42:
63:49:8c:70:59:49:e2:d7:00:47:42:e9:44:f0:af:
4d:18:47:21:a7:9d:41:e9:33:b5:ae:c9:32:42:94:
74:87:41:20:b7:99:f9:ac:ea:60:86:5a:12:c8:94:
8a:29:19:b3:80:8e:77:2c:8a:02:ab:dc:aa:04:3d:
15:e3:ad:cc:0d:a8:01:6d:23:e9:58:05:42:b6:8b:
bf:f1:7b:17:42:cb:b4:77:b8:6a:3d:96:b6:1c:df:
06:a4:85:e0:4a:90:fe:60:6a:84:87:ca:34:59:73:
4e:1f:72:aa:ed:b6:a2:22:17:27:1d:26:3e:7d:63:
6c:8e:4d:3e:3d:da:f7:df:2c:20:5e:ce:98:d3:ea:
6a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B1:7D:88:10:E5:33:A4:A5:F9:61:2A:4B:FC:AB:E5:ED:C7:A9:CD
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/zbF9iBDlM6Sl-WEqS_yr5e3Hqc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.16.0/22
217.15.176.0/20
IPv6:
2a00:1a08::/32
Signature Algorithm: sha256WithRSAEncryption
08:6f:4e:7e:8b:22:33:dd:33:b9:05:38:8a:be:be:5c:e5:b6:
f6:01:39:d9:3c:f3:b8:25:c9:be:a0:53:a9:4a:ab:82:5b:6f:
06:73:00:4c:87:e0:2e:41:0b:0e:1d:c7:d8:06:05:3f:ac:46:
59:bc:60:29:9d:7d:77:1e:e6:de:0e:e7:d1:80:72:67:8e:2d:
92:63:68:8a:0a:8d:b4:8a:e2:69:14:5e:ce:b8:01:22:ef:af:
c3:3d:db:14:e6:36:7f:f6:0b:38:2d:72:d5:6f:69:ba:1e:3f:
55:bc:a7:60:6e:0b:d6:06:f2:a5:96:a1:fc:5e:41:d5:27:7b:
38:37:67:de:62:83:fc:81:1a:83:7f:08:dd:7b:93:5f:ab:12:
9d:b1:dc:df:2d:8f:ed:68:75:d1:7a:b9:08:bb:5c:6f:1e:d3:
2c:b5:2e:4a:04:0f:51:5c:92:70:20:48:a0:d3:de:e1:17:a7:
c8:0a:05:2e:1b:b8:d0:b7:c2:39:63:d1:dd:4c:8f:7a:fa:19:
53:ee:ce:ff:c9:d2:ff:e0:b0:6c:c0:f4:f9:59:1d:21:8b:fe:
28:42:d2:a4:f8:11:25:c6:42:a3:02:bf:cf:a7:bc:ec:ad:79:
fd:69:ff:41:ae:7e:6e:bd:7e:a6:30:73:be:c6:4b:ec:2a:de:
b8:e0:8d:0e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMGIYns6IGt5nHcbOwP8/+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjQxMTA3MTAxODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGIxN2Q4ODEwZTUzM2E0YTVmOTYxMmE0YmZjYWJlNWVkYzdhOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveU/WrisjIN0mQLdREq4wsx1+IFI
gsIprIApbRExfAc4h0/5whaZ/trN08mzhtXuHvMR7jvzBwVH3p640oCJXu02PBI8
KENwxn6qIf1VBr6qARuHS0AzeZDV8eSoABEsrUxWQX0uGt5ukWo8ykKJZRkNsIIV
2kJjSYxwWUni1wBHQulE8K9NGEchp51B6TO1rskyQpR0h0Egt5n5rOpghloSyJSK
KRmzgI53LIoCq9yqBD0V463MDagBbSPpWAVCtou/8XsXQsu0d7hqPZa2HN8GpIXg
SpD+YGqEh8o0WXNOH3Kq7baiIhcnHSY+fWNsjk0+Pdr33ywgXs6Y0+pqMQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM2xfYgQ5TOkpflhKkv8q+Xtx6nNMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvemJGOWlCRGxNNlNsLVdFcVNfeXI1ZTNIcWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZIQAwQE
2Q+wMA0EAgACMAcDBQAqABoIMA0GCSqGSIb3DQEBCwUAA4IBAQAIb05+iyIz3TO5
BTiKvr5c5bb2ATnZPPO4Jcm+oFOpSquCW28GcwBMh+AuQQsOHcfYBgU/rEZZvGAp
nX13HubeDufRgHJnji2SY2iKCo20iuJpFF7OuAEi76/DPdsU5jZ/9gs4LXLVb2m6
Hj9VvKdgbgvWBvKllqH8XkHVJ3s4N2feYoP8gRqDfwjde5NfqxKdsdzfLY/taHXR
erkIu1xvHtMstS5KBA9RXJJwIEig097hF6fICgUuG7jQt8I5Y9HdTI96+hlT7s7/
ydL/4LBswPT5WR0hi/4oQtKk+BElxkKjAr/Pp7zsrXn9af9Brn5uvX6mMHO+xkvs
Kt644I0O
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:55:33 2024 by rpki-client on console-fra.rpki-client.org