Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/zYbMkRrgu81Ql8bM-vCqldNdjeI.roa
File: zYbMkRrgu81Ql8bM-vCqldNdjeI.roa (raw, json)
Hash identifier: 2j3W3orBJw9IWu2g+puT4L3yYHqD1a19iT+vtQnoHn0=
Subject key identifier: CD:86:CC:91:1A:E0:BB:CD:50:97:C6:CC:FA:F0:AA:95:D3:5D:8D:E2
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01908C6CB884559993F169E04A17DADF4CCF
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/zYbMkRrgu81Ql8bM-vCqldNdjeI.roa
Signing time: Sun 07 Jul 2024 09:00:53 +0000
ROA not before: Sun 07 Jul 2024 09:00:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 31.186.176.0/22 maxlen: 24
82.163.60.0/22 maxlen: 24
82.163.104.0/21 maxlen: 24
92.114.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8c:6c:b8:84:55:99:93:f1:69:e0:4a:17:da:df:4c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 7 09:00:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd86cc911ae0bbcd5097c6ccfaf0aa95d35d8de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e6:4a:cf:ee:63:7e:e2:b3:c2:46:eb:c7:28:
b6:d2:6e:86:4c:0c:d2:ee:00:46:35:fc:45:73:a2:
38:72:e9:4d:f4:dd:e1:8f:96:31:f2:22:51:78:47:
25:3f:8a:f4:a6:d5:9a:d7:e7:b3:fa:e7:15:5f:7f:
fa:22:0b:c3:bd:db:eb:fe:2a:e5:d7:3c:23:38:da:
68:1c:55:46:20:03:ec:e7:5e:1d:6d:f6:1f:0f:5d:
3a:80:f4:4f:01:41:e9:2c:ee:d2:f1:02:2a:49:9f:
e3:21:27:3c:e5:28:3d:ed:eb:c0:c9:35:68:5a:98:
68:be:2e:02:ef:b6:02:f5:00:a4:1f:a6:da:74:59:
ac:90:b1:6b:55:35:50:25:90:cc:b7:32:b6:85:c5:
1b:a3:cf:bb:95:87:cd:9e:25:ec:88:39:de:91:7d:
fa:56:d2:43:6e:6b:a0:bf:4d:25:9e:41:88:c7:9f:
ca:26:38:0a:be:b6:98:ef:a1:91:cc:94:8e:da:99:
12:29:55:17:14:79:e9:4c:a6:0d:e8:bb:f9:d4:1c:
4f:99:58:2e:1f:34:b2:e8:b1:9b:c9:75:b8:d0:e7:
37:93:d1:d8:18:2c:65:c9:c0:ba:90:c5:31:e2:20:
31:dc:d4:08:b9:cf:b4:04:c5:f6:f5:32:0c:ae:dd:
b5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:86:CC:91:1A:E0:BB:CD:50:97:C6:CC:FA:F0:AA:95:D3:5D:8D:E2
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/zYbMkRrgu81Ql8bM-vCqldNdjeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
82.163.60.0/22
82.163.104.0/21
92.114.44.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:3b:44:7d:42:ce:66:07:e8:8c:f4:15:0a:dc:47:a7:ca:e2:
fe:26:88:1e:e9:6f:e0:5b:9f:a6:70:89:8b:4f:67:e9:fa:52:
54:f8:2e:16:05:c5:09:30:7c:72:4e:00:c3:f3:3f:fc:df:fe:
26:29:43:60:96:e4:c7:48:f3:d8:99:08:bf:4d:7c:be:2a:6d:
c3:9e:95:1c:5e:b1:d2:d0:cd:de:18:77:11:d2:9a:3e:fd:99:
06:bb:bf:c1:f1:45:5d:67:25:ec:a0:f0:93:aa:44:b2:bf:9e:
0b:27:52:f7:3b:76:0c:f4:9c:e1:e9:5a:6d:82:3e:82:a5:86:
53:3d:ce:b2:0f:f5:ae:fc:15:31:9b:c3:23:1b:3c:80:ee:f4:
5e:31:45:d5:dc:f3:a5:4b:c9:fb:df:2b:99:c8:76:74:87:ba:
5e:45:f2:b7:32:4e:00:6f:fa:c3:90:8f:ac:09:7f:19:1a:03:
52:cc:83:f7:ab:c8:19:83:6c:f2:7a:66:37:ca:ab:15:86:b2:
31:7b:3e:6a:10:3d:ef:c5:7f:c2:3e:1b:1b:80:bd:79:08:56:
e2:c8:77:c9:0b:9f:e2:9a:e4:1a:11:87:30:a3:8b:93:4a:7b:
1b:83:02:40:11:7e:ce:99:25:33:af:43:38:6b:eb:e5:65:76:
72:4f:c9:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCMbLiEVZmT8WngShfa30zPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzA3MDkwMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDg2Y2M5MTFhZTBiYmNkNTA5N2M2Y2NmYWYwYWE5NWQzNWQ4ZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOZKz+5jfuKzwkbrxyi20m6GTAzS
7gBGNfxFc6I4culN9N3hj5Yx8iJReEclP4r0ptWa1+ez+ucVX3/6IgvDvdvr/irl
1zwjONpoHFVGIAPs514dbfYfD106gPRPAUHpLO7S8QIqSZ/jISc85Sg97evAyTVo
Wphovi4C77YC9QCkH6badFmskLFrVTVQJZDMtzK2hcUbo8+7lYfNniXsiDnekX36
VtJDbmugv00lnkGIx5/KJjgKvraY76GRzJSO2pkSKVUXFHnpTKYN6Lv51BxPmVgu
HzSy6LGbyXW40Oc3k9HYGCxlycC6kMUx4iAx3NQIuc+0BMX29TIMrt21bQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM2GzJEa4LvNUJfGzPrwqpXTXY3iMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvelliTWtScmd1ODFRbDhiTS12Q3FsZE5kamVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7qwAwQC
UqM8AwQDUqNoAwQCXHIsMA0GCSqGSIb3DQEBCwUAA4IBAQANO0R9Qs5mB+iM9BUK
3EenyuL+Joge6W/gW5+mcImLT2fp+lJU+C4WBcUJMHxyTgDD8z/83/4mKUNgluTH
SPPYmQi/TXy+Km3DnpUcXrHS0M3eGHcR0po+/ZkGu7/B8UVdZyXsoPCTqkSyv54L
J1L3O3YM9Jzh6Vptgj6CpYZTPc6yD/Wu/BUxm8MjGzyA7vReMUXV3POlS8n73yuZ
yHZ0h7peRfK3Mk4Ab/rDkI+sCX8ZGgNSzIP3q8gZg2zyemY3yqsVhrIxez5qED3v
xX/CPhsbgL15CFbiyHfJC5/imuQaEYcwo4uTSnsbgwJAEX7OmSUzr0M4a+vlZXZy
T8nb
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:49:02 2024 by rpki-client on console-fra.rpki-client.org