Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/zkzr2l1aP0Uzlf7G7ROTnD5S774.roa
File: zkzr2l1aP0Uzlf7G7ROTnD5S774.roa (raw, json)
Hash identifier: CYTLmjqCLjv28b2fBHu9e2JY/s6S3Lw+3COyJhVmoFQ=
Subject key identifier: CE:4C:EB:DA:5D:5A:3F:45:33:95:FE:C6:ED:13:93:9C:3E:52:EF:BE
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 018CC6B7E064BC0BDDD048F550160DFBFC93
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/zkzr2l1aP0Uzlf7G7ROTnD5S774.roa
Signing time: Mon 01 Jan 2024 20:29:48 +0000
ROA not before: Mon 01 Jan 2024 20:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211895
IP address blocks: 185.39.18.0/24 maxlen: 24
194.61.120.0/24 maxlen: 24
2a10:1fc0:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:e0:64:bc:0b:dd:d0:48:f5:50:16:0d:fb:fc:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Jan 1 20:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce4cebda5d5a3f453395fec6ed13939c3e52efbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d9:71:12:fc:e0:f9:d2:9f:62:00:f7:df:82:
ae:9f:2a:86:70:9d:40:89:e9:c1:bd:d4:1f:6e:38:
84:7c:87:dd:e9:85:17:7e:a1:65:48:57:e9:1b:27:
c7:d1:02:a1:0e:00:01:0a:2e:e4:b7:bc:c2:36:90:
e3:d3:0a:44:6a:25:d7:6d:ef:c6:d1:02:b1:71:94:
ae:7f:21:8c:0f:bb:d6:44:a6:05:be:02:03:b2:b2:
7b:9c:38:3b:a2:fb:0b:7e:68:c9:d5:4a:3d:b1:66:
94:16:32:d6:a4:18:ed:1c:2c:41:93:45:f7:cf:6e:
bd:d5:9c:6b:b6:d4:64:cb:31:2b:0d:47:f8:b2:c6:
ee:80:29:ea:e0:91:9c:fc:dc:d8:d0:4b:ee:81:37:
e3:67:42:34:5d:a0:7e:64:44:46:57:af:a3:e0:71:
af:d1:ff:8e:1b:45:e2:03:d0:80:50:96:4d:9c:46:
37:e4:a1:20:e3:bd:6c:93:dd:9c:bb:59:e8:b5:cf:
3d:f9:4e:96:d1:5a:3a:59:14:37:f2:19:fe:51:b3:
89:dc:04:be:5a:d3:da:01:7a:d9:88:17:58:a8:73:
63:38:27:1f:83:24:1d:13:da:91:bf:eb:95:fc:69:
25:8a:47:f6:da:fe:19:1a:e0:2c:82:94:f1:7d:72:
24:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4C:EB:DA:5D:5A:3F:45:33:95:FE:C6:ED:13:93:9C:3E:52:EF:BE
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/zkzr2l1aP0Uzlf7G7ROTnD5S774.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.18.0/24
194.61.120.0/24
IPv6:
2a10:1fc0:c::/48
Signature Algorithm: sha256WithRSAEncryption
b4:23:4c:09:98:7b:15:ea:73:56:5d:2b:b9:c0:b0:78:3e:c1:
21:34:f1:dc:93:26:18:3d:8b:5c:82:eb:ac:d2:46:6f:09:f2:
4c:03:d9:88:a3:c4:f8:f9:3f:d3:4a:f3:76:cb:98:3e:4c:ca:
dd:d1:4d:49:2b:e0:58:08:a9:70:a2:84:89:77:eb:5b:36:3f:
48:94:b2:6e:4e:4d:a7:e2:36:66:b7:d7:e2:29:20:9d:cc:95:
26:49:24:0a:b9:4f:4a:fb:cb:d5:09:cd:5a:88:8b:7e:9d:ba:
5e:05:d2:d6:b7:21:a3:44:97:a7:29:69:49:6c:c8:4c:2d:2d:
ff:db:09:02:4e:9e:9e:3b:67:5f:76:e6:ac:24:13:ff:53:da:
da:14:76:08:d6:63:b9:d1:8f:ec:ff:24:3f:31:68:df:b5:75:
4f:ca:93:37:5d:60:5b:5d:0d:f8:a8:9a:e2:7e:64:8b:11:ee:
ca:a9:f6:5a:e7:0b:05:b2:63:01:eb:e2:b6:a5:11:fb:2f:09:
59:80:54:2c:a5:e4:08:c9:d2:29:b9:3a:8e:25:fe:51:0f:28:
74:7c:8a:15:16:83:87:bb:b6:e1:f5:11:f1:b4:7c:90:c5:74:
5c:44:29:76:76:29:2d:83:65:7c:85:30:79:9b:3d:56:4d:5d:
d0:2d:cf:da
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGt+BkvAvd0Ej1UBYN+/yTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjQwMTAxMjAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTRjZWJkYTVkNWEzZjQ1MzM5NWZlYzZlZDEzOTM5YzNlNTJlZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtlxEvzg+dKfYgD334KunyqGcJ1A
ienBvdQfbjiEfIfd6YUXfqFlSFfpGyfH0QKhDgABCi7kt7zCNpDj0wpEaiXXbe/G
0QKxcZSufyGMD7vWRKYFvgIDsrJ7nDg7ovsLfmjJ1Uo9sWaUFjLWpBjtHCxBk0X3
z2691ZxrttRkyzErDUf4ssbugCnq4JGc/NzY0EvugTfjZ0I0XaB+ZERGV6+j4HGv
0f+OG0XiA9CAUJZNnEY35KEg471sk92cu1notc89+U6W0Vo6WRQ38hn+UbOJ3AS+
WtPaAXrZiBdYqHNjOCcfgyQdE9qRv+uV/Gklikf22v4ZGuAsgpTxfXIkfQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFM5M69pdWj9FM5X+xu0Tk5w+Uu++MB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvemt6cjJsMWFQMFV6bGY3RzdST1RuRDVTNzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuScSAwQA
wj14MA8EAgACMAkDBwAqEB/AAAwwDQYJKoZIhvcNAQELBQADggEBALQjTAmYexXq
c1ZdK7nAsHg+wSE08dyTJhg9i1yC66zSRm8J8kwD2YijxPj5P9NK83bLmD5Myt3R
TUkr4FgIqXCihIl361s2P0iUsm5OTafiNma31+IpIJ3MlSZJJAq5T0r7y9UJzVqI
i36dul4F0ta3IaNEl6cpaUlsyEwtLf/bCQJOnp47Z1925qwkE/9T2toUdgjWY7nR
j+z/JD8xaN+1dU/KkzddYFtdDfiomuJ+ZIsR7sqp9lrnCwWyYwHr4ralEfsvCVmA
VCyl5AjJ0im5Oo4l/lEPKHR8ihUWg4e7tuH1EfG0fJDFdFxEKXZ2KS2DZXyFMHmb
PVZNXdAtz9o=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:31:37 2024 by rpki-client on console-fra.rpki-client.org