Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/Dzz8lSgdAM34jupQS2OUCKz5e5g.roa
File: Dzz8lSgdAM34jupQS2OUCKz5e5g.roa (raw, json)
Hash identifier: ijmIxeM/CNiDGFUpx2l2bINB/CbwFcNsyH7ejnTN9OE=
Subject key identifier: 0F:3C:FC:95:28:1D:00:CD:F8:8E:EA:50:4B:63:94:08:AC:F9:7B:98
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 0192BE93E8022085C192590888287C7B7D64
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/Dzz8lSgdAM34jupQS2OUCKz5e5g.roa
Signing time: Thu 24 Oct 2024 12:50:17 +0000
ROA not before: Thu 24 Oct 2024 12:50:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50611
IP address blocks: 185.119.136.0/22 maxlen: 24
195.253.64.0/24 maxlen: 24
195.253.65.0/24 maxlen: 24
195.253.66.0/24 maxlen: 24
195.253.88.0/23 maxlen: 23
195.253.90.0/23 maxlen: 23
195.253.96.0/19 maxlen: 24
195.253.126.0/24 maxlen: 24
2a01:5b0:4::/48 maxlen: 48
2a01:5b0:5::/48 maxlen: 48
2a01:5b0:6::/48 maxlen: 48
2a01:5b0:8::/46 maxlen: 48
2a01:5b0:10::/45 maxlen: 48
2a01:5b0:12::/47 maxlen: 47
2a01:5b0:20::/43 maxlen: 48
2a01:5b0:2a::/48 maxlen: 48
2a01:5b0:2b::/48 maxlen: 48
2a01:5b0:2e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:93:e8:02:20:85:c1:92:59:08:88:28:7c:7b:7d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: Oct 24 12:50:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f3cfc95281d00cdf88eea504b639408acf97b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:14:4c:eb:c9:9d:04:e7:94:3e:ce:de:ad:41:
ef:32:a6:48:1d:4d:1e:7b:5a:fb:23:43:dd:83:98:
b1:4c:9b:2e:05:e0:b9:f7:d5:25:48:f8:7a:2f:38:
36:70:07:04:41:ab:5b:b5:92:3c:6e:e4:84:c1:61:
cd:f3:74:70:21:88:c6:18:94:a4:0f:5c:29:cc:f8:
c6:d0:a3:7a:ca:dc:3b:7f:5f:42:7a:8b:1e:87:06:
c3:fd:60:0d:31:40:a7:30:27:2e:5a:a3:3a:b6:cb:
47:65:7f:98:12:90:98:4e:d2:43:6f:e7:c9:c5:c9:
ae:9b:b3:21:ee:44:6c:5c:57:e0:e3:73:de:a6:f2:
df:c8:b1:93:08:c5:fd:dd:be:d3:b4:3f:4f:cb:e9:
19:e8:92:9c:50:53:e9:70:9d:87:a3:45:ec:fb:d6:
82:28:f7:ac:8f:1d:b0:86:bb:a2:b5:d9:59:eb:44:
54:8b:d7:ab:e6:cf:55:60:9d:15:31:b4:fc:c7:1b:
2b:68:6d:10:25:03:2f:fc:66:12:7d:85:ba:27:8a:
72:dc:89:86:18:33:48:52:61:3a:42:9c:88:c5:8f:
9b:a2:d0:94:ef:2c:81:dc:8a:b8:98:14:69:4f:e1:
4a:94:cf:00:82:2f:67:c7:8d:04:09:88:08:c6:e3:
4f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3C:FC:95:28:1D:00:CD:F8:8E:EA:50:4B:63:94:08:AC:F9:7B:98
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/Dzz8lSgdAM34jupQS2OUCKz5e5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.136.0/22
195.253.64.0-195.253.66.255
195.253.88.0/22
195.253.96.0/19
IPv6:
2a01:5b0:4::-2a01:5b0:6:ffff:ffff:ffff:ffff:ffff
2a01:5b0:8::/46
2a01:5b0:10::/45
2a01:5b0:20::/43
Signature Algorithm: sha256WithRSAEncryption
50:e1:fd:1b:02:73:4d:8b:70:95:29:dd:ba:4e:f3:0f:34:68:
91:8f:1d:f3:47:6d:cb:9e:87:74:03:ce:0b:58:ca:b4:7a:23:
07:5d:81:6d:62:ac:f2:8f:2c:23:33:e1:5d:35:44:d7:9e:70:
c4:dc:80:92:3b:e8:a2:a2:81:48:bc:de:f6:a1:24:de:e7:ec:
50:12:78:40:d0:0c:e1:36:ca:09:8e:1a:70:bd:8e:30:c1:69:
66:40:28:77:b5:8c:d3:64:c3:18:af:f5:87:db:f4:16:02:2a:
82:88:d2:30:5a:6a:fd:37:f9:d7:fc:49:46:94:17:34:67:3c:
7a:12:7c:ca:bb:de:81:56:21:1e:13:2c:d8:fb:81:71:88:f1:
a8:e4:4e:35:d9:f0:5b:ac:9c:ce:dc:50:bb:5c:08:f9:c3:77:
a6:ff:18:18:60:84:ab:8c:49:d1:cb:fe:52:9d:09:ac:85:3c:
9f:29:f7:08:57:77:11:3c:ce:06:e5:84:94:3a:20:5c:b4:20:
c5:c9:54:d0:8e:5c:3b:3d:cf:c0:2f:7a:83:07:0c:40:cd:af:
4d:d5:13:15:4f:cb:b8:41:7b:f4:10:24:53:62:b8:3a:8b:c7:
06:63:13:81:d9:23:f9:7a:a5:a8:7f:c2:fe:ca:e1:c3:72:24:
6b:75:9b:ed
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZK+k+gCIIXBklkIiCh8e31kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjQxMDI0MTI1MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjNjZmM5NTI4MWQwMGNkZjg4ZWVhNTA0YjYzOTQwOGFjZjk3Yjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBRM68mdBOeUPs7erUHvMqZIHU0e
e1r7I0Pdg5ixTJsuBeC599UlSPh6Lzg2cAcEQatbtZI8buSEwWHN83RwIYjGGJSk
D1wpzPjG0KN6ytw7f19CeosehwbD/WANMUCnMCcuWqM6tstHZX+YEpCYTtJDb+fJ
xcmum7Mh7kRsXFfg43PepvLfyLGTCMX93b7TtD9Py+kZ6JKcUFPpcJ2Ho0Xs+9aC
KPesjx2whruitdlZ60RUi9er5s9VYJ0VMbT8xxsraG0QJQMv/GYSfYW6J4py3ImG
GDNIUmE6QpyIxY+botCU7yyB3Iq4mBRpT+FKlM8Agi9nx40ECYgIxuNPdwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFA88/JUoHQDN+I7qUEtjlAis+XuYMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvRHp6OGxTZ2RBTTM0anVwUVMyT1VDS3o1ZTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk
LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzAmBAIAATAgAwQCuXeIMAwD
BAbD/UADBADD/UIDBALD/VgDBAXD/WAwNQQCAAIwLzASAwcCKgEFsAAEAwcAKgEF
sAAGAwcCKgEFsAAIAwcDKgEFsAAQAwcFKgEFsAAgMA0GCSqGSIb3DQEBCwUAA4IB
AQBQ4f0bAnNNi3CVKd26TvMPNGiRjx3zR23Lnod0A84LWMq0eiMHXYFtYqzyjywj
M+FdNUTXnnDE3ICSO+iiooFIvN72oSTe5+xQEnhA0AzhNsoJjhpwvY4wwWlmQCh3
tYzTZMMYr/WH2/QWAiqCiNIwWmr9N/nX/ElGlBc0Zzx6EnzKu96BViEeEyzY+4Fx
iPGo5E412fBbrJzO3FC7XAj5w3em/xgYYISrjEnRy/5SnQmshTyfKfcIV3cRPM4G
5YSUOiBctCDFyVTQjlw7Pc/AL3qDBwxAza9N1RMVT8u4QXv0ECRTYrg6i8cGYxOB
2SP5eqWof8L+yuHDciRrdZvt
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:53:06 2024 by rpki-client on console-ams.rpki-client.org