Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e37d1d-d4fb-496c-af49-3420684c7e41/1/zGikwoIBZvGkRvvwM9IT58X4y3s.roa
File: zGikwoIBZvGkRvvwM9IT58X4y3s.roa (raw, json)
Hash identifier: 7mw6aXf9h8zAOLGZmVNyfwOCk6TOV29Vr9S9MXAF1kI=
Subject key identifier: CC:68:A4:C2:82:01:66:F1:A4:46:FB:F0:33:D2:13:E7:C5:F8:CB:7B
Certificate issuer: /CN=0a41a925f8d6684c86107d2756b4aa93881f02ae
Certificate serial: 018CC94CFBB743DF4BEF3B3C62D6AC6013BC
Authority key identifier: 0A:41:A9:25:F8:D6:68:4C:86:10:7D:27:56:B4:AA:93:88:1F:02:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkGpJfjWaEyGEH0nVrSqk4gfAq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e37d1d-d4fb-496c-af49-3420684c7e41/1/zGikwoIBZvGkRvvwM9IT58X4y3s.roa
Signing time: Tue 02 Jan 2024 08:31:54 +0000
ROA not before: Tue 02 Jan 2024 08:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12601
IP address blocks: 185.113.40.0/22 maxlen: 22
80.94.176.0/22 maxlen: 22
80.94.185.0/24 maxlen: 24
80.94.182.0/23 maxlen: 23
80.94.184.0/24 maxlen: 24
185.211.140.0/22 maxlen: 22
185.194.80.0/22 maxlen: 22
213.159.9.0/24 maxlen: 24
64.126.192.0/23 maxlen: 23
80.94.188.0/23 maxlen: 23
64.126.194.0/23 maxlen: 23
194.5.134.0/24 maxlen: 24
64.126.200.0/22 maxlen: 22
64.126.208.0/24 maxlen: 24
64.126.212.0/22 maxlen: 22
64.126.212.0/24 maxlen: 24
64.126.209.0/24 maxlen: 24
194.126.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/e37d1d-d4fb-496c-af49-3420684c7e41/1/CkGpJfjWaEyGEH0nVrSqk4gfAq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/e37d1d-d4fb-496c-af49-3420684c7e41/1/CkGpJfjWaEyGEH0nVrSqk4gfAq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/CkGpJfjWaEyGEH0nVrSqk4gfAq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:fb:b7:43:df:4b:ef:3b:3c:62:d6:ac:60:13:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a41a925f8d6684c86107d2756b4aa93881f02ae
Validity
Not Before: Jan 2 08:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc68a4c2820166f1a446fbf033d213e7c5f8cb7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e3:f2:0b:ba:6f:d7:24:7d:1f:eb:ab:25:f6:
f4:c9:96:0b:35:7a:33:37:55:8a:6f:3a:f6:17:f4:
24:d6:60:de:c1:e9:2d:1d:bd:c8:9b:1c:4d:01:5e:
c0:43:a2:0b:c4:1b:00:6a:99:7b:e6:56:a2:b2:84:
d5:00:48:d4:0e:52:61:dc:65:b5:67:7d:c6:d3:e7:
e4:c7:e9:24:21:5a:6a:88:5e:d0:3d:df:1e:81:57:
9b:23:ab:a1:49:98:52:bd:13:48:ce:a3:3a:08:38:
7d:b4:a7:14:93:70:5e:45:64:58:7d:13:d8:18:71:
f1:18:88:f7:70:80:81:e2:a9:51:75:c0:de:ea:f9:
e0:cb:e3:31:d4:2a:53:d1:7c:b8:bc:9e:fd:26:75:
7e:44:52:d1:64:8d:cf:fd:29:d4:d8:29:6a:7d:3f:
73:86:eb:4e:4a:5b:32:db:ec:74:94:79:8c:47:02:
66:b1:c9:e9:9d:45:7b:a8:81:6a:4a:ab:9e:7a:19:
a6:da:12:97:8b:fd:c6:ea:75:d5:12:ae:7f:8b:be:
de:cd:48:8a:db:ac:22:d1:1c:a1:a3:26:5c:b9:2b:
81:8d:0c:12:b9:66:02:9a:80:76:da:64:7d:ce:ea:
65:f4:73:66:8a:47:04:c6:60:76:07:30:d8:f1:8b:
15:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:68:A4:C2:82:01:66:F1:A4:46:FB:F0:33:D2:13:E7:C5:F8:CB:7B
X509v3 Authority Key Identifier:
keyid:0A:41:A9:25:F8:D6:68:4C:86:10:7D:27:56:B4:AA:93:88:1F:02:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkGpJfjWaEyGEH0nVrSqk4gfAq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e37d1d-d4fb-496c-af49-3420684c7e41/1/zGikwoIBZvGkRvvwM9IT58X4y3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e37d1d-d4fb-496c-af49-3420684c7e41/1/CkGpJfjWaEyGEH0nVrSqk4gfAq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.126.192.0/22
64.126.200.0/22
64.126.208.0/23
64.126.212.0/22
80.94.176.0/22
80.94.182.0-80.94.185.255
80.94.188.0/23
185.113.40.0/22
185.194.80.0/22
185.211.140.0/22
194.5.134.0/24
194.126.236.0/24
213.159.9.0/24
Signature Algorithm: sha256WithRSAEncryption
20:82:53:1c:9f:ee:12:e0:3c:5a:45:c0:f9:a2:dd:72:c6:3f:
ce:c9:41:54:43:c3:5e:8f:bb:b5:10:d9:a3:ce:68:2f:a4:b6:
0c:67:a4:44:a2:a8:84:99:62:9f:97:f4:b1:c7:03:fc:52:ba:
1f:ed:8f:05:ea:dc:9b:ce:0f:c6:2b:11:44:2e:73:47:51:fd:
b1:35:52:e8:76:4e:48:27:e8:33:65:91:31:e7:f1:27:74:9a:
ee:21:85:65:93:20:cf:19:38:65:3b:96:53:de:16:e6:69:1f:
c6:f9:96:b3:ed:3f:81:54:b4:aa:6f:4e:3f:bf:ba:c1:53:2f:
4f:97:6a:72:13:96:e9:38:83:ed:57:13:a3:60:55:52:a3:6d:
07:8d:f8:a8:2a:e3:9e:70:df:e9:63:e9:33:97:82:a2:17:ea:
bd:b7:2c:d9:b1:0b:1c:cb:9a:47:b7:66:84:75:64:a2:83:33:
71:83:e8:e5:04:6d:6d:25:fd:89:33:03:33:9d:e8:6f:81:94:
fe:94:43:7c:d4:cb:75:bc:bb:fd:73:32:4c:60:c3:fe:87:18:
5a:59:48:d5:15:7f:0c:0e:da:34:de:45:59:99:37:95:b3:83:
27:3c:8b:2e:83:38:0d:f8:69:e8:ed:6a:5c:71:73:d9:6c:65:
81:38:56:0a
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYzJTPu3Q99L7zs8YtasYBO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDFhOTI1ZjhkNjY4NGM4NjEwN2QyNzU2YjRhYTkzODgx
ZjAyYWUwHhcNMjQwMTAyMDgzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzY4YTRjMjgyMDE2NmYxYTQ0NmZiZjAzM2QyMTNlN2M1ZjhjYjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzePyC7pv1yR9H+urJfb0yZYLNXoz
N1WKbzr2F/Qk1mDewektHb3ImxxNAV7AQ6ILxBsAapl75laisoTVAEjUDlJh3GW1
Z33G0+fkx+kkIVpqiF7QPd8egVebI6uhSZhSvRNIzqM6CDh9tKcUk3BeRWRYfRPY
GHHxGIj3cICB4qlRdcDe6vngy+Mx1CpT0Xy4vJ79JnV+RFLRZI3P/SnU2ClqfT9z
hutOSlsy2+x0lHmMRwJmscnpnUV7qIFqSqueehmm2hKXi/3G6nXVEq5/i77ezUiK
26wi0RyhoyZcuSuBjQwSuWYCmoB22mR9zupl9HNmikcExmB2BzDY8YsVRQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFMxopMKCAWbxpEb78DPSE+fF+Mt7MB8GA1UdIwQY
MBaAFApBqSX41mhMhhB9J1a0qpOIHwKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tHcEpmaldhRXlHRUgwblZyU3FrNGdmQXE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lMzdkMWQtZDRmYi00OTZjLWFmNDkt
MzQyMDY4NGM3ZTQxLzEvekdpa3dvSUJadkdrUnZ2d005SVQ1OFg0eTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lMzdkMWQtZDRmYi00OTZjLWFmNDktMzQyMDY4NGM3ZTQx
LzEvQ2tHcEpmaldhRXlHRUgwblZyU3FrNGdmQXE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQCQH7AAwQC
QH7IAwQBQH7QAwQCQH7UAwQCUF6wMAwDBAFQXrYDBAFQXrgDBAFQXrwDBAK5cSgD
BAK5wlADBAK504wDBADCBYYDBADCfuwDBADVnwkwDQYJKoZIhvcNAQELBQADggEB
ACCCUxyf7hLgPFpFwPmi3XLGP87JQVRDw16Pu7UQ2aPOaC+ktgxnpESiqISZYp+X
9LHHA/xSuh/tjwXq3JvOD8YrEUQuc0dR/bE1Uuh2Tkgn6DNlkTHn8Sd0mu4hhWWT
IM8ZOGU7llPeFuZpH8b5lrPtP4FUtKpvTj+/usFTL0+XanITluk4g+1XE6NgVVKj
bQeN+Kgq455w3+lj6TOXgqIX6r23LNmxCxzLmke3ZoR1ZKKDM3GD6OUEbW0l/Ykz
AzOd6G+BlP6UQ3zUy3W8u/1zMkxgw/6HGFpZSNUVfwwO2jTeRVmZN5Wzgyc8iy6D
OA34aejtalxxc9lsZYE4Vgo=
-----END CERTIFICATE-----
Generated at Sat May 18 15:42:54 2024 by rpki-client on console-fra.rpki-client.org