Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/4cc145-967d-4d8d-af5c-877e0e866b24/1/ZNVYMwmbbe50fpds1CZcqc1EwBo.roa
File: ZNVYMwmbbe50fpds1CZcqc1EwBo.roa (raw, json)
Hash identifier: qKQhnTmSv65tclFW8AqCv+C4JVUqhh7x86snZizb3Zs=
Subject key identifier: 64:D5:58:33:09:9B:6D:EE:74:7E:97:6C:D4:26:5C:A9:CD:44:C0:1A
Certificate issuer: /CN=e017872403452f3e008ab798047342db24edb35a
Certificate serial: 018CC5DC1A3C26B92DCFBAF435DF3AFB5029
Authority key identifier: E0:17:87:24:03:45:2F:3E:00:8A:B7:98:04:73:42:DB:24:ED:B3:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4BeHJANFLz4AireYBHNC2yTts1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/4cc145-967d-4d8d-af5c-877e0e866b24/1/ZNVYMwmbbe50fpds1CZcqc1EwBo.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212415
IP address blocks: 193.104.187.0/24 maxlen: 24
194.153.85.0/24 maxlen: 24
2001:67c:28d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/4cc145-967d-4d8d-af5c-877e0e866b24/1/4BeHJANFLz4AireYBHNC2yTts1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/4cc145-967d-4d8d-af5c-877e0e866b24/1/4BeHJANFLz4AireYBHNC2yTts1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/4BeHJANFLz4AireYBHNC2yTts1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1a:3c:26:b9:2d:cf:ba:f4:35:df:3a:fb:50:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e017872403452f3e008ab798047342db24edb35a
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64d55833099b6dee747e976cd4265ca9cd44c01a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:85:82:31:79:f6:ce:47:5d:7b:15:b0:ff:44:
56:27:35:36:e3:73:6b:65:94:2c:ca:1d:8e:75:ba:
5b:a3:a2:69:c4:7e:8e:87:dc:31:1b:3c:7a:52:b0:
a0:56:2f:e9:89:ba:15:2b:80:bd:a5:c5:be:24:14:
a4:62:9c:df:0d:9c:20:62:e0:bd:6f:66:b5:4a:50:
0d:53:10:57:f8:d1:2c:cd:ce:25:6a:b1:66:f9:29:
04:70:f2:19:9c:55:49:ad:27:c5:46:f1:ed:89:ba:
a5:8d:9d:d3:5e:b9:9b:d0:af:46:55:34:9f:e3:bf:
b3:25:3b:d6:72:a0:0e:63:06:dd:ef:a0:a9:49:02:
38:df:b8:21:25:0e:fc:82:de:15:19:2f:89:d9:7e:
80:85:4a:de:67:a1:5e:17:eb:a5:6e:83:2d:07:e0:
8f:78:b2:ad:ae:15:7f:ec:1f:09:23:4b:73:9e:12:
9c:58:55:f8:be:7c:b3:53:39:d3:6c:85:36:2e:04:
36:08:0d:1d:eb:c7:d0:66:00:8b:cf:4a:b0:b8:d0:
2d:4c:2e:4d:42:0c:5c:7e:82:f2:ee:ef:41:4f:d3:
7b:09:75:03:5a:cb:42:7e:d4:a9:a7:72:dc:23:bc:
92:79:8a:02:0b:bd:18:ed:8d:89:86:5f:ea:d2:e8:
eb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D5:58:33:09:9B:6D:EE:74:7E:97:6C:D4:26:5C:A9:CD:44:C0:1A
X509v3 Authority Key Identifier:
keyid:E0:17:87:24:03:45:2F:3E:00:8A:B7:98:04:73:42:DB:24:ED:B3:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BeHJANFLz4AireYBHNC2yTts1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/4cc145-967d-4d8d-af5c-877e0e866b24/1/ZNVYMwmbbe50fpds1CZcqc1EwBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/4cc145-967d-4d8d-af5c-877e0e866b24/1/4BeHJANFLz4AireYBHNC2yTts1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.187.0/24
194.153.85.0/24
IPv6:
2001:67c:28d0::/48
Signature Algorithm: sha256WithRSAEncryption
3c:fb:4b:9e:cd:fa:ea:7d:53:3a:b5:1d:bf:74:6a:f8:91:3e:
6d:20:71:73:02:81:97:01:85:80:f6:09:94:11:7b:89:e2:e4:
37:56:e5:70:c6:29:b0:9d:a9:39:2c:2b:1b:7e:a1:cb:1d:91:
02:77:39:6c:b3:81:f5:92:3f:04:8b:eb:99:95:05:52:a5:12:
a9:4e:db:6f:64:dd:bb:d2:dc:bd:c1:7a:c0:47:b2:93:cc:b5:
d0:55:84:11:d5:a4:71:42:40:69:4a:d5:b1:b0:20:8c:64:9e:
4d:84:0e:48:e6:d6:ae:b8:08:18:45:15:38:f1:a5:4f:c8:14:
d2:54:7b:dc:2c:34:63:5a:5f:5b:1e:ce:37:cf:69:b2:6a:58:
57:a2:f2:71:94:ae:0b:93:23:df:ab:3e:b8:64:47:7c:df:f8:
72:73:e7:a2:88:ca:a2:73:b0:11:f8:b1:82:ff:10:6e:c8:5a:
0b:f4:e2:ca:b4:82:de:1c:e1:64:ab:06:12:7c:c6:70:40:06:
f5:aa:f7:c4:b2:a7:2c:15:aa:d6:2d:5f:1f:bd:e0:bc:d7:5b:
c5:f1:1b:07:63:c2:99:02:35:ee:82:7f:98:cc:46:74:3e:e1:
49:7f:44:8e:07:78:09:f1:0b:61:94:d5:6c:b0:03:be:f5:65:
d0:34:79:a6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzF3Bo8Jrktz7r0Nd86+1ApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMTc4NzI0MDM0NTJmM2UwMDhhYjc5ODA0NzM0MmRiMjRl
ZGIzNWEwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGQ1NTgzMzA5OWI2ZGVlNzQ3ZTk3NmNkNDI2NWNhOWNkNDRjMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYWCMXn2zkddexWw/0RWJzU243Nr
ZZQsyh2Odbpbo6JpxH6Oh9wxGzx6UrCgVi/piboVK4C9pcW+JBSkYpzfDZwgYuC9
b2a1SlANUxBX+NEszc4larFm+SkEcPIZnFVJrSfFRvHtibqljZ3TXrmb0K9GVTSf
47+zJTvWcqAOYwbd76CpSQI437ghJQ78gt4VGS+J2X6AhUreZ6FeF+ulboMtB+CP
eLKtrhV/7B8JI0tznhKcWFX4vnyzUznTbIU2LgQ2CA0d68fQZgCLz0qwuNAtTC5N
QgxcfoLy7u9BT9N7CXUDWstCftSpp3LcI7ySeYoCC70Y7Y2Jhl/q0ujrGwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGTVWDMJm23udH6XbNQmXKnNRMAaMB8GA1UdIwQY
MBaAFOAXhyQDRS8+AIq3mARzQtsk7bNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJlSEpBTkZMejRBaXJlWUJITkMyeVR0czFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS80Y2MxNDUtOTY3ZC00ZDhkLWFmNWMt
ODc3ZTBlODY2YjI0LzEvWk5WWU13bWJiZTUwZnBkczFDWmNxYzFFd0JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS80Y2MxNDUtOTY3ZC00ZDhkLWFmNWMtODc3ZTBlODY2YjI0
LzEvNEJlSEpBTkZMejRBaXJlWUJITkMyeVR0czFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwWi7AwQA
wplVMA8EAgACMAkDBwAgAQZ8KNAwDQYJKoZIhvcNAQELBQADggEBADz7S57N+up9
Uzq1Hb90aviRPm0gcXMCgZcBhYD2CZQRe4ni5DdW5XDGKbCdqTksKxt+ocsdkQJ3
OWyzgfWSPwSL65mVBVKlEqlO229k3bvS3L3BesBHspPMtdBVhBHVpHFCQGlK1bGw
IIxknk2EDkjm1q64CBhFFTjxpU/IFNJUe9wsNGNaX1sezjfPabJqWFei8nGUrguT
I9+rPrhkR3zf+HJz56KIyqJzsBH4sYL/EG7IWgv04sq0gt4c4WSrBhJ8xnBABvWq
98SypywVqtYtXx+94LzXW8XxGwdjwpkCNe6Cf5jMRnQ+4Ul/RI4HeAnxC2GU1Wyw
A771ZdA0eaY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:39 2024 by rpki-client on console-ams.rpki-client.org