Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/Pzd4C4PdAXKDTAKnbQSRedFuL5Y.roa
File: Pzd4C4PdAXKDTAKnbQSRedFuL5Y.roa (raw, json)
Hash identifier: Pni1qYnosrYvdQ4iO03B08AJNrDCSkS6ZW06pxQ6890=
Subject key identifier: 3F:37:78:0B:83:DD:01:72:83:4C:02:A7:6D:04:91:79:D1:6E:2F:96
Certificate issuer: /CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Certificate serial: 018D6464124F3A82BE3F008684CA7F90038E
Authority key identifier: 58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/Pzd4C4PdAXKDTAKnbQSRedFuL5Y.roa
Signing time: Thu 01 Feb 2024 11:18:16 +0000
ROA not before: Thu 01 Feb 2024 11:18:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6724
IP address blocks: 81.169.128.0/17 maxlen: 24
85.214.0.0/15 maxlen: 24
192.67.197.0/24 maxlen: 24
192.67.198.0/24 maxlen: 24
193.141.3.0/24 maxlen: 24
194.45.97.0/24 maxlen: 24
2a01:238::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.mft
rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:64:12:4f:3a:82:be:3f:00:86:84:ca:7f:90:03:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58d2d2715f43f747bea762dce166bca4b8e965eb
Validity
Not Before: Feb 1 11:18:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f37780b83dd0172834c02a76d049179d16e2f96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2a:81:0e:ab:de:08:a6:87:42:70:e7:5c:c4:
45:6a:ef:f0:d9:42:1d:36:df:cc:3b:78:3f:83:b8:
06:a4:e8:91:d8:df:9e:4b:d0:b8:d9:17:ae:e7:47:
e7:04:56:fb:d1:64:99:9f:3c:19:2d:c9:ca:7f:f6:
b6:42:8c:e3:0d:67:75:4e:7b:e6:b9:be:4d:49:da:
d6:4c:84:82:83:ba:2a:1e:70:49:ca:29:56:19:4b:
52:23:3b:c3:82:e5:41:18:2a:68:88:0c:83:8f:7d:
1c:04:d7:f6:39:cb:60:7a:af:1f:4b:4a:8d:c3:b0:
c2:84:7d:bd:23:04:07:ff:4c:c4:48:5d:3c:1e:76:
37:4a:0e:b9:8e:37:33:33:7b:97:09:4e:6b:d4:88:
2f:79:39:f3:2c:8d:eb:6c:be:b7:44:47:10:cf:ec:
79:fb:cb:c9:d5:4c:14:f3:a2:44:2e:71:72:5e:bc:
f6:3f:01:12:70:6e:e2:29:bf:ef:fe:c8:e2:e6:21:
05:ec:31:f8:1e:f1:a1:e9:7b:50:97:74:7b:50:37:
98:ce:98:23:ce:56:08:54:ab:51:b1:66:5e:c5:7f:
c3:88:60:7c:c1:44:04:b6:7d:fb:7a:95:19:15:b7:
ff:d7:26:31:63:dc:a6:ca:a3:dd:5e:a8:07:3a:6f:
22:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:37:78:0B:83:DD:01:72:83:4C:02:A7:6D:04:91:79:D1:6E:2F:96
X509v3 Authority Key Identifier:
keyid:58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/Pzd4C4PdAXKDTAKnbQSRedFuL5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.169.128.0/17
85.214.0.0/15
192.67.197.0-192.67.198.255
193.141.3.0/24
194.45.97.0/24
IPv6:
2a01:238::/29
Signature Algorithm: sha256WithRSAEncryption
08:ca:4a:e3:50:10:be:aa:e2:a5:4c:54:e4:07:52:40:26:d7:
11:ac:83:e8:6d:9e:aa:95:a4:32:b4:a6:a6:20:e0:01:b9:0a:
43:92:8f:9e:68:4c:d7:6a:00:0c:cd:7b:d9:07:0e:8f:34:94:
59:63:08:55:29:16:7c:ef:00:50:e4:84:a3:e1:10:2c:d3:f1:
8f:14:76:81:8f:d9:4e:4c:77:5d:c5:4c:aa:01:6b:b0:d7:f3:
d0:c4:ae:8a:37:4c:fe:db:25:c9:66:28:62:f9:c0:ed:c9:72:
dd:4c:ae:1b:20:16:0d:23:6f:2d:fc:eb:25:80:e0:d9:05:78:
41:08:a8:38:4d:14:b3:65:55:75:dd:11:53:8a:ea:5d:cc:6c:
37:62:6f:48:dc:ee:b2:d6:0d:64:1f:87:6c:74:c1:ce:f6:20:
9b:25:df:95:94:69:90:46:bc:0a:4a:93:30:5e:04:47:9f:c1:
ad:9c:9d:76:5a:7d:90:0e:cc:3e:a7:e5:50:28:84:3a:5f:83:
84:f8:37:5d:0f:84:2a:01:4c:93:fe:66:ec:66:85:c7:5f:9b:
02:fe:47:83:91:8b:42:e8:26:c2:6a:2f:5f:75:95:00:6a:72:
c1:29:d0:d0:00:a9:8b:13:3c:d3:ca:66:80:f9:34:af:53:c0:
0f:8e:98:53
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY1kZBJPOoK+PwCGhMp/kAOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZDJkMjcxNWY0M2Y3NDdiZWE3NjJkY2UxNjZiY2E0Yjhl
OTY1ZWIwHhcNMjQwMjAxMTExODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjM3NzgwYjgzZGQwMTcyODM0YzAyYTc2ZDA0OTE3OWQxNmUyZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyqBDqveCKaHQnDnXMRFau/w2UId
Nt/MO3g/g7gGpOiR2N+eS9C42Reu50fnBFb70WSZnzwZLcnKf/a2QozjDWd1Tnvm
ub5NSdrWTISCg7oqHnBJyilWGUtSIzvDguVBGCpoiAyDj30cBNf2Octgeq8fS0qN
w7DChH29IwQH/0zESF08HnY3Sg65jjczM3uXCU5r1IgveTnzLI3rbL63REcQz+x5
+8vJ1UwU86JELnFyXrz2PwEScG7iKb/v/sji5iEF7DH4HvGh6XtQl3R7UDeYzpgj
zlYIVKtRsWZexX/DiGB8wUQEtn37epUZFbf/1yYxY9ymyqPdXqgHOm8i9wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFD83eAuD3QFyg0wCp20EkXnRbi+WMB8GA1UdIwQY
MBaAFFjS0nFfQ/dHvqdi3OFmvKS46WXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjkt
ZTM4MzQ1MTZmYzA4LzEvUHpkNEM0UGRBWEtEVEFLbmJRU1JlZEZ1TDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjktZTM4MzQ1MTZmYzA4
LzEvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwQHUamAAwMB
VdYwDAMEAMBDxQMEAMBDxgMEAMGNAwMEAMItYTANBAIAAjAHAwUDKgECODANBgkq
hkiG9w0BAQsFAAOCAQEACMpK41AQvqripUxU5AdSQCbXEayD6G2eqpWkMrSmpiDg
AbkKQ5KPnmhM12oADM172QcOjzSUWWMIVSkWfO8AUOSEo+EQLNPxjxR2gY/ZTkx3
XcVMqgFrsNfz0MSuijdM/tslyWYoYvnA7cly3UyuGyAWDSNvLfzrJYDg2QV4QQio
OE0Us2VVdd0RU4rqXcxsN2JvSNzustYNZB+HbHTBzvYgmyXflZRpkEa8CkqTMF4E
R5/BrZyddlp9kA7MPqflUCiEOl+DhPg3XQ+EKgFMk/5m7GaFx1+bAv5Hg5GLQugm
wmovX3WVAGpywSnQ0ACpixM808pmgPk0r1PAD46YUw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:50:15 2024 by rpki-client on console-fra.rpki-client.org