Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/_Zl3RIgF1MTfp9OivbM2P67TD68.roa
File: _Zl3RIgF1MTfp9OivbM2P67TD68.roa (raw, json)
Hash identifier: HDjmdS6gWOdFNcac5Yx8clUzUXlhap6nsHS3e/TobS8=
Subject key identifier: FD:99:77:44:88:05:D4:C4:DF:A7:D3:A2:BD:B3:36:3F:AE:D3:0F:AF
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018CCA2A001A27D60FB0C90CE6990989BC2B
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/_Zl3RIgF1MTfp9OivbM2P67TD68.roa
Signing time: Tue 02 Jan 2024 12:33:19 +0000
ROA not before: Tue 02 Jan 2024 12:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36218
IP address blocks: 192.250.238.0/24 maxlen: 24
192.250.237.0/24 maxlen: 24
208.88.4.0/22 maxlen: 22
199.103.56.0/23 maxlen: 23
199.103.59.0/24 maxlen: 24
199.103.60.0/22 maxlen: 22
208.69.56.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:00:1a:27:d6:0f:b0:c9:0c:e6:99:09:89:bc:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jan 2 12:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd9977448805d4c4dfa7d3a2bdb3363faed30faf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8e:77:af:e8:49:88:27:df:54:45:06:4f:72:
f3:f7:02:18:61:4b:71:c2:78:86:33:c6:eb:34:ef:
d1:d0:00:c9:b0:d9:d6:1a:e4:2e:ce:aa:4f:37:89:
b5:a7:c7:38:59:96:27:3f:12:0f:97:3e:ec:d3:4a:
14:9d:bc:50:6c:f5:47:f3:13:95:55:3c:25:9c:82:
7c:a1:ee:98:34:c4:d1:3e:a3:62:70:12:76:77:1d:
b0:e7:37:68:4f:24:16:c1:86:67:9e:8e:e2:73:a2:
f1:f7:0c:f5:41:e9:18:48:83:76:76:f0:2e:87:4f:
ab:8e:df:dc:bc:f9:5c:7a:0c:ce:2d:a0:55:f3:a6:
10:f7:88:06:51:7b:d8:ce:2e:9e:2b:e1:c1:59:70:
9b:ff:b0:5c:66:99:91:a7:c3:b0:bf:b8:3f:eb:6d:
e8:fe:0a:71:ed:10:b1:69:00:10:3d:fa:89:35:1a:
e3:7e:ee:25:c3:66:ca:52:74:df:d4:74:1e:6f:00:
f0:29:c9:ba:7b:50:a1:c1:a0:d6:92:f6:4c:d5:d5:
54:4f:0a:e5:4a:67:6d:1f:bb:98:6d:5f:c6:8c:23:
e1:a5:5c:79:5e:15:d1:6d:d6:e1:36:38:fd:67:68:
d3:02:c3:ba:ac:59:2c:0a:35:da:82:fb:f6:5c:7e:
1a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:99:77:44:88:05:D4:C4:DF:A7:D3:A2:BD:B3:36:3F:AE:D3:0F:AF
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/_Zl3RIgF1MTfp9OivbM2P67TD68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.250.237.0-192.250.238.255
199.103.56.0/23
199.103.59.0-199.103.63.255
208.69.56.0/22
208.88.4.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:2f:b0:fe:3f:aa:2c:f5:fa:1d:34:08:db:a0:bc:a0:71:76:
1f:d3:bb:d6:5e:a1:ec:5d:2e:6b:94:1d:ed:fb:97:6a:e5:67:
c5:e0:88:10:44:6d:2e:fd:8b:71:d0:39:b6:44:8b:1f:e4:99:
f1:b4:18:fd:52:85:59:93:f3:e4:4e:f3:ad:d3:d2:20:88:d0:
67:5b:34:67:f6:62:ed:3d:99:40:2b:08:5b:d3:e4:ab:8f:08:
e6:23:50:38:69:36:40:4f:e7:f1:65:1d:ad:4a:44:f7:ff:4d:
2e:df:9d:fe:40:7e:1c:96:f4:b7:c8:7d:91:5b:96:ea:9e:79:
d0:5f:bc:a2:15:dc:39:42:4f:a1:49:2c:77:76:0e:71:c9:2d:
fb:81:2c:80:f8:e7:dc:5a:9f:9a:9a:6b:57:20:1f:db:bb:16:
38:22:5b:25:97:d4:d9:23:78:97:a4:2e:c1:a5:43:6f:41:d3:
99:94:0d:f6:df:a3:01:b8:83:67:b2:2e:ce:59:6e:95:9b:f7:
b5:33:de:df:8d:13:cd:b9:89:35:77:e7:19:95:40:b1:7a:bf:
d0:aa:66:b4:21:4d:4a:0c:b4:a7:d4:64:6a:c9:88:b3:e5:c1:
ea:f6:14:f9:f8:42:bd:11:6f:c6:ae:fc:e0:70:fb:5f:1a:da:
8f:4d:9b:61
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzKKgAaJ9YPsMkM5pkJibwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwMTAyMTIzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDk5Nzc0NDg4MDVkNGM0ZGZhN2QzYTJiZGIzMzYzZmFlZDMwZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI53r+hJiCffVEUGT3Lz9wIYYUtx
wniGM8brNO/R0ADJsNnWGuQuzqpPN4m1p8c4WZYnPxIPlz7s00oUnbxQbPVH8xOV
VTwlnIJ8oe6YNMTRPqNicBJ2dx2w5zdoTyQWwYZnno7ic6Lx9wz1QekYSIN2dvAu
h0+rjt/cvPlcegzOLaBV86YQ94gGUXvYzi6eK+HBWXCb/7BcZpmRp8Owv7g/623o
/gpx7RCxaQAQPfqJNRrjfu4lw2bKUnTf1HQebwDwKcm6e1ChwaDWkvZM1dVUTwrl
SmdtH7uYbV/GjCPhpVx5XhXRbdbhNjj9Z2jTAsO6rFksCjXagvv2XH4aKwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFP2Zd0SIBdTE36fTor2zNj+u0w+vMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvX1psM1JJZ0YxTVRmcDlPaXZiTTJQNjdURDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBADA+u0D
BADA+u4DBAHHZzgwDAMEAMdnOwMEBsdnAAMEAtBFOAMEAtBYBDANBgkqhkiG9w0B
AQsFAAOCAQEATS+w/j+qLPX6HTQI26C8oHF2H9O71l6h7F0ua5Qd7fuXauVnxeCI
EERtLv2LcdA5tkSLH+SZ8bQY/VKFWZPz5E7zrdPSIIjQZ1s0Z/Zi7T2ZQCsIW9Pk
q48I5iNQOGk2QE/n8WUdrUpE9/9NLt+d/kB+HJb0t8h9kVuW6p550F+8ohXcOUJP
oUksd3YOcckt+4EsgPjn3FqfmpprVyAf27sWOCJbJZfU2SN4l6QuwaVDb0HTmZQN
9t+jAbiDZ7IuzllulZv3tTPe340TzbmJNXfnGZVAsXq/0KpmtCFNSgy0p9RkasmI
s+XB6vYU+fhCvRFvxq784HD7Xxraj02bYQ==
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:46:07 2024 by rpki-client on console-fra.rpki-client.org