Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/zN7_RrZdRYlSPyOBLctAxWQqlO4.roa
File: zN7_RrZdRYlSPyOBLctAxWQqlO4.roa (raw, json)
Hash identifier: LZTXhHdIqM+KvPW3XYV2xi0YG26jh+2LAZY5dpXrZlo=
Subject key identifier: CC:DE:FF:46:B6:5D:45:89:52:3F:23:81:2D:CB:40:C5:64:2A:94:EE
Certificate issuer: /CN=d9f90449509ebf9e3b0f42c1cdc22e3ef4007426
Certificate serial: 018CC8715FD3512256A7102026BC71B7AC61
Authority key identifier: D9:F9:04:49:50:9E:BF:9E:3B:0F:42:C1:CD:C2:2E:3E:F4:00:74:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fkESVCev547D0LBzcIuPvQAdCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/zN7_RrZdRYlSPyOBLctAxWQqlO4.roa
Signing time: Tue 02 Jan 2024 04:32:02 +0000
ROA not before: Tue 02 Jan 2024 04:32:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206102
IP address blocks: 152.89.136.0/24 maxlen: 24
152.89.139.0/24 maxlen: 24
152.89.138.0/24 maxlen: 24
152.89.137.0/24 maxlen: 24
185.195.97.0/24 maxlen: 24
185.195.96.0/24 maxlen: 24
185.195.96.0/23 maxlen: 23
185.195.98.0/23 maxlen: 23
185.195.98.0/24 maxlen: 24
185.195.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/2fkESVCev547D0LBzcIuPvQAdCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/2fkESVCev547D0LBzcIuPvQAdCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2fkESVCev547D0LBzcIuPvQAdCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:5f:d3:51:22:56:a7:10:20:26:bc:71:b7:ac:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f90449509ebf9e3b0f42c1cdc22e3ef4007426
Validity
Not Before: Jan 2 04:32:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccdeff46b65d4589523f23812dcb40c5642a94ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:91:c6:38:bf:0e:f7:cd:ae:a4:e5:95:ab:6d:
a2:c5:04:19:51:19:47:56:ed:44:6b:b1:e0:cc:cd:
aa:df:9e:12:2e:5b:3e:ba:ef:16:02:13:a0:fb:01:
6c:2a:85:03:ba:80:f2:9e:ea:09:1e:df:ec:80:74:
02:12:f8:17:68:35:e8:32:55:94:cb:4b:b1:89:07:
3a:cf:4a:0b:3e:64:c3:c9:b5:b3:99:c0:de:bf:55:
09:98:56:20:23:2a:96:ed:da:b9:35:af:9a:b8:7b:
9e:a2:c6:52:41:da:a4:63:72:76:e0:44:0a:57:f8:
60:f2:0c:e8:3d:f0:78:37:bd:b1:b9:f9:90:1a:93:
61:ff:5e:77:02:70:59:1b:37:30:11:51:b2:42:fc:
8a:dc:66:d6:80:e9:f9:69:4f:12:cb:f6:e5:56:03:
72:a8:cb:11:74:67:fd:8c:07:a8:06:c6:3f:e9:33:
90:a2:5d:c2:9a:c7:3d:fc:3f:56:14:8f:2b:e8:43:
30:81:32:c3:74:82:dd:4b:62:3b:f0:89:b3:7f:f8:
56:c8:94:15:4d:e1:00:20:00:23:5d:45:a8:e1:dd:
df:ea:2a:dd:c9:9e:4b:c2:7b:bb:a2:57:f9:07:d5:
4c:81:85:e0:ae:8a:88:d4:86:66:30:ec:57:07:c2:
91:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DE:FF:46:B6:5D:45:89:52:3F:23:81:2D:CB:40:C5:64:2A:94:EE
X509v3 Authority Key Identifier:
keyid:D9:F9:04:49:50:9E:BF:9E:3B:0F:42:C1:CD:C2:2E:3E:F4:00:74:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fkESVCev547D0LBzcIuPvQAdCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/zN7_RrZdRYlSPyOBLctAxWQqlO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/2fkESVCev547D0LBzcIuPvQAdCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.136.0/22
185.195.96.0/22
Signature Algorithm: sha256WithRSAEncryption
76:d8:b8:80:20:c0:78:e1:66:6b:32:f9:36:68:34:d0:cc:94:
0b:3c:f4:bd:51:d7:54:aa:2e:c2:6b:6b:7c:41:d1:24:e8:69:
e2:50:61:e6:ec:c8:87:f1:09:ab:0f:b5:6b:9b:b9:7f:86:78:
8c:c2:44:e6:7a:f3:b0:e8:02:03:3f:95:b4:c4:c6:8f:e0:4f:
ee:5e:f3:96:4e:88:0d:d8:8e:d4:9a:5c:3d:06:d6:4f:16:d4:
6e:8b:9b:ec:0a:46:80:ba:38:c0:f9:91:e0:34:b3:37:74:2d:
91:59:ed:fc:b8:0f:70:d7:86:a6:5b:5d:5f:2b:7d:59:e8:ef:
c5:4a:5f:7b:84:58:10:ec:b7:e1:a9:ea:e3:ef:cb:79:cd:10:
93:7a:f8:58:f1:37:9b:4b:5a:73:c2:6f:b2:6e:00:72:5b:fc:
81:1f:55:03:3a:6e:91:f0:87:bf:a2:fc:fc:54:34:d4:c6:58:
5f:05:a9:0e:bd:4d:0d:c0:e1:62:ac:f5:f4:37:31:85:ac:19:
40:d6:0f:0a:97:98:74:7b:db:83:e6:05:95:cf:db:b6:61:69:
e3:b9:fa:fa:61:99:c3:ae:f9:59:dd:eb:b6:35:93:72:70:eb:
67:9d:b4:2e:d9:e2:b4:2c:97:d5:57:0e:7b:de:58:b8:60:01:
5d:32:cc:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcV/TUSJWpxAgJrxxt6xhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjkwNDQ5NTA5ZWJmOWUzYjBmNDJjMWNkYzIyZTNlZjQw
MDc0MjYwHhcNMjQwMTAyMDQzMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2RlZmY0NmI2NWQ0NTg5NTIzZjIzODEyZGNiNDBjNTY0MmE5NGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpHGOL8O982upOWVq22ixQQZURlH
Vu1Ea7HgzM2q354SLls+uu8WAhOg+wFsKoUDuoDynuoJHt/sgHQCEvgXaDXoMlWU
y0uxiQc6z0oLPmTDybWzmcDev1UJmFYgIyqW7dq5Na+auHueosZSQdqkY3J24EQK
V/hg8gzoPfB4N72xufmQGpNh/153AnBZGzcwEVGyQvyK3GbWgOn5aU8Sy/blVgNy
qMsRdGf9jAeoBsY/6TOQol3Cmsc9/D9WFI8r6EMwgTLDdILdS2I78Imzf/hWyJQV
TeEAIAAjXUWo4d3f6irdyZ5Lwnu7olf5B9VMgYXgroqI1IZmMOxXB8KR+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMze/0a2XUWJUj8jgS3LQMVkKpTuMB8GA1UdIwQY
MBaAFNn5BElQnr+eOw9Cwc3CLj70AHQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZrRVNWQ2V2NTQ3RDBMQnpjSXVQdlFBZENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My85YzVjZWYtZDRlNC00NGUxLWFiZjUt
YmI0ODgyOGM5ZjA1LzEvek43X1JyWmRSWWxTUHlPQkxjdEF4V1FxbE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My85YzVjZWYtZDRlNC00NGUxLWFiZjUtYmI0ODgyOGM5ZjA1
LzEvMmZrRVNWQ2V2NTQ3RDBMQnpjSXVQdlFBZENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmFmIAwQC
ucNgMA0GCSqGSIb3DQEBCwUAA4IBAQB22LiAIMB44WZrMvk2aDTQzJQLPPS9UddU
qi7Ca2t8QdEk6GniUGHm7MiH8QmrD7Vrm7l/hniMwkTmevOw6AIDP5W0xMaP4E/u
XvOWTogN2I7Umlw9BtZPFtRui5vsCkaAujjA+ZHgNLM3dC2RWe38uA9w14amW11f
K31Z6O/FSl97hFgQ7Lfhqerj78t5zRCTevhY8TebS1pzwm+ybgByW/yBH1UDOm6R
8Ie/ovz8VDTUxlhfBakOvU0NwOFirPX0NzGFrBlA1g8Kl5h0e9uD5gWVz9u2YWnj
ufr6YZnDrvlZ3eu2NZNycOtnnbQu2eK0LJfVVw573li4YAFdMsyM
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:05:52 2024 by rpki-client on console-ams.rpki-client.org