Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/7fd12f-b054-4dd2-9d87-1365875c7e85/1/ZMGQbIrWPW_qshOhGoodUFskIps.roa
File: ZMGQbIrWPW_qshOhGoodUFskIps.roa (raw, json)
Hash identifier: V4WJ3AZAbMjMo/OJbN9aqckeJS2H33MH2TCPjK1QGbc=
Subject key identifier: 64:C1:90:6C:8A:D6:3D:6F:EA:B2:13:A1:1A:8A:1D:50:5B:24:22:9B
Certificate issuer: /CN=fc17cbccee36b24ecbd463f7d102abc4fe40e14d
Certificate serial: 018CC500246582D71DA6DD6239C7F68DAC75
Authority key identifier: FC:17:CB:CC:EE:36:B2:4E:CB:D4:63:F7:D1:02:AB:C4:FE:40:E1:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BfLzO42sk7L1GP30QKrxP5A4U0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/7fd12f-b054-4dd2-9d87-1365875c7e85/1/ZMGQbIrWPW_qshOhGoodUFskIps.roa
Signing time: Mon 01 Jan 2024 12:29:30 +0000
ROA not before: Mon 01 Jan 2024 12:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204198
IP address blocks: 185.111.84.0/24 maxlen: 24
185.111.85.0/24 maxlen: 24
185.111.87.0/24 maxlen: 24
185.111.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/7fd12f-b054-4dd2-9d87-1365875c7e85/1/_BfLzO42sk7L1GP30QKrxP5A4U0.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/7fd12f-b054-4dd2-9d87-1365875c7e85/1/_BfLzO42sk7L1GP30QKrxP5A4U0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_BfLzO42sk7L1GP30QKrxP5A4U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:24:65:82:d7:1d:a6:dd:62:39:c7:f6:8d:ac:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc17cbccee36b24ecbd463f7d102abc4fe40e14d
Validity
Not Before: Jan 1 12:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64c1906c8ad63d6feab213a11a8a1d505b24229b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:19:ad:18:60:ce:01:94:31:5f:52:90:01:e5:
a6:13:92:67:43:50:0c:e0:8d:0d:35:69:a8:c4:bd:
d2:bc:08:f6:04:71:8b:ff:2c:75:5a:eb:78:35:3f:
00:1a:6d:7d:1f:f4:63:23:11:f0:a6:50:af:8f:a7:
ca:8e:64:97:ed:97:4b:a0:4f:34:fe:1b:5a:1e:00:
8c:29:78:97:03:1f:a3:40:41:92:73:d8:59:a2:96:
ec:77:e4:81:5a:a2:9f:30:6c:58:10:47:d1:06:60:
2e:6d:59:b0:9e:96:dd:ca:42:52:47:65:9a:97:3d:
96:03:c5:7b:0a:c5:3d:79:54:4d:62:d3:bc:57:2f:
9e:91:af:6f:be:17:3a:c0:f2:52:a3:4d:9d:7e:03:
e0:7a:27:99:b9:68:75:a0:4c:fd:21:b7:2d:db:2e:
ea:2f:00:5f:42:96:d1:e8:16:9a:8f:aa:2b:0a:75:
75:a1:90:c4:ac:92:79:66:46:ca:88:ef:80:7c:81:
69:0a:07:27:30:88:f3:40:3a:ed:84:15:67:dc:45:
d8:12:62:c2:c9:db:68:a5:29:4f:e4:94:3e:62:58:
d2:c9:7a:09:2d:4e:d5:5d:22:50:7e:cb:82:9d:bd:
97:ce:8b:98:8d:e5:6d:e5:c3:00:16:88:98:03:ee:
ef:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C1:90:6C:8A:D6:3D:6F:EA:B2:13:A1:1A:8A:1D:50:5B:24:22:9B
X509v3 Authority Key Identifier:
keyid:FC:17:CB:CC:EE:36:B2:4E:CB:D4:63:F7:D1:02:AB:C4:FE:40:E1:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BfLzO42sk7L1GP30QKrxP5A4U0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/7fd12f-b054-4dd2-9d87-1365875c7e85/1/ZMGQbIrWPW_qshOhGoodUFskIps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/7fd12f-b054-4dd2-9d87-1365875c7e85/1/_BfLzO42sk7L1GP30QKrxP5A4U0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.84.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:3b:6d:88:a3:c5:08:d9:cb:0c:a9:cf:8a:ff:a5:0e:1b:ce:
c5:9d:b5:5e:e6:4e:8e:22:79:b9:4b:8e:0e:9c:50:f4:a4:84:
01:39:44:01:00:0f:d5:19:78:ce:76:fb:3a:44:68:0e:ea:7a:
30:41:3c:6e:1f:d7:15:60:61:02:70:d6:c9:9c:6a:7a:d7:87:
ac:a5:dd:7a:17:97:23:42:9c:b3:0a:37:38:ef:a6:05:46:82:
af:87:4b:7f:e1:54:11:9a:d1:19:19:2e:90:7c:02:60:50:7a:
d6:a4:31:bf:0e:fe:c5:a7:d2:5c:db:5d:8d:ff:64:a4:68:cb:
3e:65:58:6f:fd:58:8f:07:a2:66:a6:b9:39:5e:96:17:ee:24:
9f:89:d6:b3:49:c8:c8:a0:9c:7f:4e:0b:ea:fd:cd:38:ec:77:
22:cd:ce:d3:d3:02:d0:f8:b9:aa:12:7e:86:90:d3:b5:0f:d3:
0f:9c:c2:94:4e:22:a9:2e:2b:3b:91:f0:6a:38:11:6f:5c:db:
75:39:20:c9:2c:80:63:38:f7:b0:74:41:44:3d:a1:73:d6:eb:
2b:75:bf:32:fd:f1:23:89:3f:4a:81:70:2a:a0:3a:0c:82:7f:
02:d7:bb:9f:d2:fc:ce:45:2d:ca:5f:b9:c8:e3:f7:bd:17:2b:
58:83:5e:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFACRlgtcdpt1iOcf2jax1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTdjYmNjZWUzNmIyNGVjYmQ0NjNmN2QxMDJhYmM0ZmU0
MGUxNGQwHhcNMjQwMTAxMTIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGMxOTA2YzhhZDYzZDZmZWFiMjEzYTExYThhMWQ1MDViMjQyMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxmtGGDOAZQxX1KQAeWmE5JnQ1AM
4I0NNWmoxL3SvAj2BHGL/yx1Wut4NT8AGm19H/RjIxHwplCvj6fKjmSX7ZdLoE80
/htaHgCMKXiXAx+jQEGSc9hZopbsd+SBWqKfMGxYEEfRBmAubVmwnpbdykJSR2Wa
lz2WA8V7CsU9eVRNYtO8Vy+eka9vvhc6wPJSo02dfgPgeieZuWh1oEz9Ibct2y7q
LwBfQpbR6Baaj6orCnV1oZDErJJ5ZkbKiO+AfIFpCgcnMIjzQDrthBVn3EXYEmLC
ydtopSlP5JQ+YljSyXoJLU7VXSJQfsuCnb2XzouYjeVt5cMAFoiYA+7vKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTBkGyK1j1v6rIToRqKHVBbJCKbMB8GA1UdIwQY
MBaAFPwXy8zuNrJOy9Rj99ECq8T+QOFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JmTHpPNDJzazdMMUdQMzBRS3J4UDVBNFUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83ZmQxMmYtYjA1NC00ZGQyLTlkODct
MTM2NTg3NWM3ZTg1LzEvWk1HUWJJcldQV19xc2hPaEdvb2RVRnNrSXBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83ZmQxMmYtYjA1NC00ZGQyLTlkODctMTM2NTg3NWM3ZTg1
LzEvX0JmTHpPNDJzazdMMUdQMzBRS3J4UDVBNFUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW9UMA0G
CSqGSIb3DQEBCwUAA4IBAQA7O22Io8UI2csMqc+K/6UOG87FnbVe5k6OInm5S44O
nFD0pIQBOUQBAA/VGXjOdvs6RGgO6nowQTxuH9cVYGECcNbJnGp614espd16F5cj
QpyzCjc476YFRoKvh0t/4VQRmtEZGS6QfAJgUHrWpDG/Dv7Fp9Jc212N/2SkaMs+
ZVhv/ViPB6Jmprk5XpYX7iSfidazScjIoJx/Tgvq/c047Hcizc7T0wLQ+LmqEn6G
kNO1D9MPnMKUTiKpLis7kfBqOBFvXNt1OSDJLIBjOPewdEFEPaFz1usrdb8y/fEj
iT9KgXAqoDoMgn8C17uf0vzORS3KX7nI4/e9FytYg17m
-----END CERTIFICATE-----
Generated at Tue Nov 26 19:58:29 2024 by rpki-client on console-ams.rpki-client.org