Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/zHE-SgU4gukSatALeKuBjSpz9R4.roa
File: zHE-SgU4gukSatALeKuBjSpz9R4.roa (raw, json)
Hash identifier: raBXsfFiXhcqnRtCmrarnVAR9U4kh4Whf7QDbs9Hq9c=
Subject key identifier: CC:71:3E:4A:05:38:82:E9:12:6A:D0:0B:78:AB:81:8D:2A:73:F5:1E
Certificate issuer: /CN=5ce1aae0c93ad04b7298082b68bf6a54fa68bcf0
Certificate serial: 018CC8DEE836EBCC8774B4FB18A164507D52
Authority key identifier: 5C:E1:AA:E0:C9:3A:D0:4B:72:98:08:2B:68:BF:6A:54:FA:68:BC:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XOGq4Mk60EtymAgraL9qVPpovPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/zHE-SgU4gukSatALeKuBjSpz9R4.roa
Signing time: Tue 02 Jan 2024 06:31:40 +0000
ROA not before: Tue 02 Jan 2024 06:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44901
IP address blocks: 185.196.101.0/24 maxlen: 24
185.196.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/XOGq4Mk60EtymAgraL9qVPpovPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/XOGq4Mk60EtymAgraL9qVPpovPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XOGq4Mk60EtymAgraL9qVPpovPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 18:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:e8:36:eb:cc:87:74:b4:fb:18:a1:64:50:7d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ce1aae0c93ad04b7298082b68bf6a54fa68bcf0
Validity
Not Before: Jan 2 06:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc713e4a053882e9126ad00b78ab818d2a73f51e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:21:00:21:c3:dd:dd:c3:5d:23:30:ff:2e:a8:
d8:e3:cc:4e:18:37:a8:13:7e:c1:e2:2c:f0:8b:68:
f6:3f:be:6d:f6:67:43:0b:fd:ad:86:1a:f7:be:c1:
61:7f:09:ae:14:ea:e8:14:dd:aa:64:b0:96:a5:53:
c3:ba:bc:e7:f8:ce:d0:41:b8:51:cf:cf:1d:59:d3:
02:b9:c9:19:41:68:da:a8:47:c6:ea:f2:05:d3:1e:
65:eb:42:86:b2:b9:70:42:0c:16:35:00:b2:66:f0:
9a:68:03:42:7a:b3:78:81:a5:9c:c8:c1:eb:70:92:
10:66:01:ff:0d:72:e8:d0:35:ff:ca:97:45:14:01:
ae:11:93:45:3f:a3:aa:3a:41:75:45:4d:b5:49:57:
6d:27:6c:de:d2:75:66:df:fa:d1:6e:5a:b4:47:5e:
9c:a8:53:8a:9e:90:60:68:a5:bc:72:b8:74:16:1a:
76:d4:c0:2c:a1:8f:30:7e:93:77:24:56:20:5a:1b:
44:b2:77:a8:5b:f5:8c:b6:b2:c0:97:1f:8d:41:08:
9a:e1:41:3b:8c:fe:e7:40:52:2e:eb:8d:e5:53:14:
ce:12:03:86:a8:9b:12:ef:51:50:9b:bd:1a:d8:52:
a3:be:55:f6:27:7b:40:77:43:ea:23:d9:0e:38:9f:
15:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:71:3E:4A:05:38:82:E9:12:6A:D0:0B:78:AB:81:8D:2A:73:F5:1E
X509v3 Authority Key Identifier:
keyid:5C:E1:AA:E0:C9:3A:D0:4B:72:98:08:2B:68:BF:6A:54:FA:68:BC:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOGq4Mk60EtymAgraL9qVPpovPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/zHE-SgU4gukSatALeKuBjSpz9R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/XOGq4Mk60EtymAgraL9qVPpovPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.101.0/24
185.196.103.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:81:e7:39:2c:1b:10:90:78:72:51:00:90:15:57:ad:7a:16:
65:3a:be:ca:7f:14:4c:55:91:23:70:93:fa:f8:32:93:78:21:
6a:f0:a0:76:94:f2:81:09:1b:9c:fe:79:d6:98:2c:96:a0:1c:
31:f4:3a:51:55:4b:2f:2a:3d:ac:c7:33:69:d1:47:1b:76:d3:
40:38:1e:84:a5:0d:8d:5d:c0:cf:b4:82:2f:e8:aa:19:ce:37:
c7:72:65:9b:ae:17:df:fe:d6:62:76:d8:bd:dd:13:a5:71:93:
9e:c3:62:17:55:01:fe:3c:82:d9:ea:2a:f0:5f:25:1e:71:22:
5c:cc:3c:a6:a7:a2:2e:8e:0e:27:3a:6a:23:f9:e2:81:26:4f:
ff:9e:07:b7:24:00:20:70:8f:7d:b1:35:12:de:b9:51:53:0b:
12:ef:58:9f:ec:af:53:ab:e1:f6:0c:70:b4:75:18:c2:98:8b:
1e:2e:80:85:1b:5c:e2:45:a2:25:02:c2:25:06:17:fe:04:dd:
56:1f:f6:5a:56:2b:79:b5:bc:c8:2a:28:47:c4:fa:92:c6:32:
c9:09:1d:a4:8f:bd:e4:05:1c:be:c1:a8:df:1e:e0:a1:b0:9f:
b7:bf:39:c4:6f:54:59:84:63:fe:79:12:cb:bf:5f:4f:d7:22:
a7:90:b5:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3ug268yHdLT7GKFkUH1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZTFhYWUwYzkzYWQwNGI3Mjk4MDgyYjY4YmY2YTU0ZmE2
OGJjZjAwHhcNMjQwMTAyMDYzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzcxM2U0YTA1Mzg4MmU5MTI2YWQwMGI3OGFiODE4ZDJhNzNmNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyEAIcPd3cNdIzD/LqjY48xOGDeo
E37B4izwi2j2P75t9mdDC/2thhr3vsFhfwmuFOroFN2qZLCWpVPDurzn+M7QQbhR
z88dWdMCuckZQWjaqEfG6vIF0x5l60KGsrlwQgwWNQCyZvCaaANCerN4gaWcyMHr
cJIQZgH/DXLo0DX/ypdFFAGuEZNFP6OqOkF1RU21SVdtJ2ze0nVm3/rRblq0R16c
qFOKnpBgaKW8crh0Fhp21MAsoY8wfpN3JFYgWhtEsneoW/WMtrLAlx+NQQia4UE7
jP7nQFIu643lUxTOEgOGqJsS71FQm70a2FKjvlX2J3tAd0PqI9kOOJ8V9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMxxPkoFOILpEmrQC3irgY0qc/UeMB8GA1UdIwQY
MBaAFFzhquDJOtBLcpgIK2i/alT6aLzwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9HcTRNazYwRXR5bUFncmFMOXFWUHBvdlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mZjM2MTgtNzAzMi00MTQzLTkzNzQt
YmExNDE4ZDIyMDg3LzEvekhFLVNnVTRndWtTYXRBTGVLdUJqU3B6OVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mZjM2MTgtNzAzMi00MTQzLTkzNzQtYmExNDE4ZDIyMDg3
LzEvWE9HcTRNazYwRXR5bUFncmFMOXFWUHBvdlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucRlAwQA
ucRnMA0GCSqGSIb3DQEBCwUAA4IBAQCagec5LBsQkHhyUQCQFVetehZlOr7KfxRM
VZEjcJP6+DKTeCFq8KB2lPKBCRuc/nnWmCyWoBwx9DpRVUsvKj2sxzNp0UcbdtNA
OB6EpQ2NXcDPtIIv6KoZzjfHcmWbrhff/tZidti93ROlcZOew2IXVQH+PILZ6irw
XyUecSJczDymp6Iujg4nOmoj+eKBJk//nge3JAAgcI99sTUS3rlRUwsS71if7K9T
q+H2DHC0dRjCmIseLoCFG1ziRaIlAsIlBhf+BN1WH/ZaVit5tbzIKihHxPqSxjLJ
CR2kj73kBRy+wajfHuChsJ+3vznEb1RZhGP+eRLLv19P1yKnkLXk
-----END CERTIFICATE-----
Generated at Sun May 12 04:10:57 2024 by rpki-client on console-fra.rpki-client.org