Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/ZaopL2C3OzYYo2pf5sUL9ClL2qA.roa
File: ZaopL2C3OzYYo2pf5sUL9ClL2qA.roa (raw, json)
Hash identifier: pJMn7f45dvXjf92/8Qt/egXmI118oiUMuNdtB0GoC1M=
Subject key identifier: 65:AA:29:2F:60:B7:3B:36:18:A3:6A:5F:E6:C5:0B:F4:29:4B:DA:A0
Certificate issuer: /CN=8ecf78ba0275d1d3b6492a8e9d610613c0306a17
Certificate serial: 018CC425335F32D1612436A4D10C3B7DE36C
Authority key identifier: 8E:CF:78:BA:02:75:D1:D3:B6:49:2A:8E:9D:61:06:13:C0:30:6A:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/js94ugJ10dO2SSqOnWEGE8Awahc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/ZaopL2C3OzYYo2pf5sUL9ClL2qA.roa
Signing time: Mon 01 Jan 2024 08:30:21 +0000
ROA not before: Mon 01 Jan 2024 08:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.34.191.0/24 maxlen: 24
185.34.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/js94ugJ10dO2SSqOnWEGE8Awahc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/js94ugJ10dO2SSqOnWEGE8Awahc.mft
rsync://rpki.ripe.net/repository/DEFAULT/js94ugJ10dO2SSqOnWEGE8Awahc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:33:5f:32:d1:61:24:36:a4:d1:0c:3b:7d:e3:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ecf78ba0275d1d3b6492a8e9d610613c0306a17
Validity
Not Before: Jan 1 08:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65aa292f60b73b3618a36a5fe6c50bf4294bdaa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:37:ce:81:2b:da:04:d2:34:5e:c8:06:6b:35:
ca:94:0e:30:5c:2a:54:d0:7e:9b:cb:cf:10:85:6b:
54:09:df:fe:64:51:67:53:2d:84:28:24:42:74:21:
e4:a8:41:7c:d1:ec:a1:9c:25:74:2e:69:78:03:4a:
53:bd:1e:5b:5c:d7:56:fb:61:95:72:02:65:fe:82:
88:ea:3a:f0:bc:07:78:06:3c:dc:02:0e:53:26:53:
43:04:d7:5c:5b:68:34:87:4e:e3:ea:d6:af:3f:88:
64:45:e3:8d:93:35:1e:37:2d:fc:67:8b:ce:05:25:
5b:2a:59:f6:82:e5:42:ee:42:ad:ea:5f:4d:78:d2:
14:d0:3a:68:2a:3d:03:78:ed:1a:99:e0:1d:26:27:
89:79:a5:78:1b:4d:ab:80:2a:fa:d5:50:9a:96:dd:
26:7c:70:75:f8:78:65:4d:4a:71:37:64:4e:76:3f:
a8:23:2c:be:fc:0d:a3:37:4d:76:54:24:64:03:63:
c9:76:2e:b7:75:13:1a:b1:71:83:9b:b0:39:ea:5e:
3c:3c:a1:ed:14:5f:a4:c3:c5:92:3c:51:b4:28:d9:
35:0a:1e:bc:ad:ed:09:c4:7d:81:18:65:e6:c2:aa:
14:c1:ec:34:1c:93:40:6f:0d:eb:82:03:68:ea:51:
57:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AA:29:2F:60:B7:3B:36:18:A3:6A:5F:E6:C5:0B:F4:29:4B:DA:A0
X509v3 Authority Key Identifier:
keyid:8E:CF:78:BA:02:75:D1:D3:B6:49:2A:8E:9D:61:06:13:C0:30:6A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/js94ugJ10dO2SSqOnWEGE8Awahc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/ZaopL2C3OzYYo2pf5sUL9ClL2qA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/js94ugJ10dO2SSqOnWEGE8Awahc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.188.0/24
185.34.191.0/24
Signature Algorithm: sha256WithRSAEncryption
05:d4:d7:63:40:29:64:e2:78:3d:52:7a:52:26:88:c5:ad:b2:
a1:79:50:e0:1d:2b:70:0f:1d:9e:e5:14:7e:c5:27:35:80:a2:
83:81:fa:a4:3b:64:ee:cd:2a:98:ab:2a:12:4d:cc:78:c2:dc:
91:07:a7:fe:4c:ce:19:33:94:b9:bc:0e:4b:02:02:89:a0:2e:
68:ab:df:b7:19:25:56:44:14:4f:f4:d9:68:64:9c:7a:29:ee:
97:24:e4:61:e4:10:3c:3f:3d:71:af:c4:9a:e9:1f:d7:5e:00:
1c:ee:a4:81:e0:da:62:48:67:9b:c3:71:51:1d:62:35:41:ba:
f3:da:de:0f:79:38:14:4d:0a:19:de:bc:51:a7:8f:d4:da:8f:
4d:b7:a3:fa:f9:90:49:7e:b2:a2:7a:56:e7:76:92:85:26:57:
39:42:8a:21:45:db:d9:61:07:58:a7:a5:2e:78:a0:90:82:df:
1b:be:33:b7:8b:4d:90:ed:62:e2:50:d7:2c:f1:b0:10:df:97:
65:24:54:99:b1:6b:3f:2d:32:c9:3f:50:f3:9c:91:ce:32:50:
ab:a4:5b:f8:60:bd:dc:74:eb:b6:5c:8d:59:1e:52:f6:47:e5:
fc:4f:b2:c9:a8:64:e8:1f:13:a2:2f:0d:f8:e5:cb:7a:13:54:
be:7e:ad:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJTNfMtFhJDak0Qw7feNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlY2Y3OGJhMDI3NWQxZDNiNjQ5MmE4ZTlkNjEwNjEzYzAz
MDZhMTcwHhcNMjQwMTAxMDgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWFhMjkyZjYwYjczYjM2MThhMzZhNWZlNmM1MGJmNDI5NGJkYWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzfOgSvaBNI0XsgGazXKlA4wXCpU
0H6by88QhWtUCd/+ZFFnUy2EKCRCdCHkqEF80eyhnCV0Lml4A0pTvR5bXNdW+2GV
cgJl/oKI6jrwvAd4BjzcAg5TJlNDBNdcW2g0h07j6tavP4hkReONkzUeNy38Z4vO
BSVbKln2guVC7kKt6l9NeNIU0DpoKj0DeO0ameAdJieJeaV4G02rgCr61VCalt0m
fHB1+HhlTUpxN2ROdj+oIyy+/A2jN012VCRkA2PJdi63dRMasXGDm7A56l48PKHt
FF+kw8WSPFG0KNk1Ch68re0JxH2BGGXmwqoUwew0HJNAbw3rggNo6lFX/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGWqKS9gtzs2GKNqX+bFC/QpS9qgMB8GA1UdIwQY
MBaAFI7PeLoCddHTtkkqjp1hBhPAMGoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanM5NHVnSjEwZE8yU1NxT25XRUdFOEF3YWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iMmEyZGMtYzA3Ni00NWUxLWJlYzQt
MmJiZjhmYWEwMGNhLzEvWmFvcEwyQzNPellZbzJwZjVzVUw5Q2xMMnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iMmEyZGMtYzA3Ni00NWUxLWJlYzQtMmJiZjhmYWEwMGNh
LzEvanM5NHVnSjEwZE8yU1NxT25XRUdFOEF3YWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSK8AwQA
uSK/MA0GCSqGSIb3DQEBCwUAA4IBAQAF1NdjQClk4ng9UnpSJojFrbKheVDgHStw
Dx2e5RR+xSc1gKKDgfqkO2TuzSqYqyoSTcx4wtyRB6f+TM4ZM5S5vA5LAgKJoC5o
q9+3GSVWRBRP9NloZJx6Ke6XJORh5BA8Pz1xr8Sa6R/XXgAc7qSB4NpiSGebw3FR
HWI1Qbrz2t4PeTgUTQoZ3rxRp4/U2o9Nt6P6+ZBJfrKielbndpKFJlc5QoohRdvZ
YQdYp6UueKCQgt8bvjO3i02Q7WLiUNcs8bAQ35dlJFSZsWs/LTLJP1DznJHOMlCr
pFv4YL3cdOu2XI1ZHlL2R+X8T7LJqGToHxOiLw345ct6E1S+fq2r
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:27:44 2024 by rpki-client on console-ams.rpki-client.org