Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/iD2e9jj2FURZ0z43r6XFfCwcNWo.roa
File: iD2e9jj2FURZ0z43r6XFfCwcNWo.roa (raw, json)
Hash identifier: PAFNCRFY2z5l5Z8cAOJfI7ipbo7vUuo77NiXeFsA/F8=
Subject key identifier: 88:3D:9E:F6:38:F6:15:44:59:D3:3E:37:AF:A5:C5:7C:2C:1C:35:6A
Certificate issuer: /CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3
Certificate serial: 018CC794D1219C954BE9EAD86DCB02042329
Authority key identifier: 64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/iD2e9jj2FURZ0z43r6XFfCwcNWo.roa
Signing time: Tue 02 Jan 2024 00:31:08 +0000
ROA not before: Tue 02 Jan 2024 00:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205806
IP address blocks: 149.249.240.0/22 maxlen: 22
185.206.44.0/22 maxlen: 22
185.147.168.0/22 maxlen: 22
149.249.160.0/19 maxlen: 22
185.178.24.0/22 maxlen: 22
149.249.192.0/19 maxlen: 22
213.208.40.0/21 maxlen: 22
213.208.40.0/22 maxlen: 22
213.208.44.0/22 maxlen: 22
149.249.224.0/20 maxlen: 20
213.208.48.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d1:21:9c:95:4b:e9:ea:d8:6d:cb:02:04:23:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3
Validity
Not Before: Jan 2 00:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=883d9ef638f6154459d33e37afa5c57c2c1c356a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:61:8e:17:52:a4:a5:3c:05:54:c8:4c:71:31:
22:ef:f8:22:36:20:fb:eb:2c:11:a8:24:0a:53:18:
9f:b0:4c:43:7a:4b:40:df:d0:06:1b:3a:d0:29:f3:
74:0c:f7:78:96:f1:f2:f4:ba:42:45:ae:d3:8f:5b:
af:ce:60:32:2d:7f:9f:04:26:c1:66:01:7b:d0:43:
50:c4:3b:0e:cc:7e:63:8a:21:0c:01:48:14:c3:11:
d6:1f:38:78:2c:06:74:c4:fd:3e:b4:43:fa:6e:56:
96:76:20:91:9e:cd:eb:bc:20:d7:e2:ed:cd:92:5c:
91:2b:16:6d:e9:cd:12:2f:7a:ff:d0:99:69:8c:bb:
e6:1c:0c:83:4b:49:f2:b6:6e:36:59:6b:c3:07:40:
5f:6e:40:f9:5e:36:e8:c6:21:74:fd:79:73:ee:50:
b7:50:a3:85:93:23:6d:62:91:77:b4:e9:a4:03:a7:
d6:e0:05:d2:d0:de:1f:d8:29:56:63:cf:f7:98:77:
9c:03:98:04:8c:b4:b3:99:e1:94:3b:1d:ae:26:82:
94:ca:e9:98:54:b1:5a:01:c0:11:ef:e4:24:67:f2:
52:dd:e9:e9:83:d1:37:4a:dd:aa:65:0f:9c:c8:11:
24:81:01:f8:ca:95:48:c8:87:73:87:28:e3:73:c0:
2d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3D:9E:F6:38:F6:15:44:59:D3:3E:37:AF:A5:C5:7C:2C:1C:35:6A
X509v3 Authority Key Identifier:
keyid:64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/iD2e9jj2FURZ0z43r6XFfCwcNWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.249.160.0-149.249.243.255
185.147.168.0/22
185.178.24.0/22
185.206.44.0/22
213.208.40.0-213.208.51.255
Signature Algorithm: sha256WithRSAEncryption
07:cc:19:d0:29:bd:66:91:ba:68:2a:11:ba:77:4b:06:af:c4:
92:75:39:5a:66:f4:49:9b:cf:a4:08:55:1f:d0:8b:9d:dc:6f:
6c:f9:61:50:8a:8f:20:79:d3:2a:55:c5:3f:93:85:6b:58:b2:
cc:aa:fa:4d:cc:c3:e6:31:b5:90:3e:09:e8:db:ba:37:a9:cc:
ea:0c:ac:bd:05:08:a2:72:fd:a9:78:2a:a4:02:07:d1:87:c6:
96:30:68:57:d7:3c:29:b7:f0:fc:84:a0:c9:98:45:2f:5b:2a:
61:8e:3b:d9:b3:69:4b:5e:09:07:16:cf:03:12:51:0e:bd:ba:
d0:7e:12:ba:81:8b:9b:05:32:e3:fc:dd:b4:24:e2:d1:d4:f2:
33:6b:e9:a3:9c:b0:4b:3b:24:3c:38:60:b1:23:2a:49:a5:15:
e0:41:cc:44:ec:22:2b:3c:62:94:29:e7:d6:62:14:be:cb:b5:
c0:02:eb:d6:ed:81:73:93:f3:96:52:6f:2f:09:e5:31:a8:1f:
3c:d9:59:80:c3:08:25:ab:ef:2a:3f:6e:66:8f:d5:ce:d8:e3:
b6:3d:f5:1f:5c:ec:88:3b:f4:7e:ab:4a:36:83:a9:90:33:07:
9f:8b:7c:aa:0a:ca:87:c4:48:10:b9:54:c5:ba:91:52:04:1c:
4a:0a:09:15
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzHlNEhnJVL6erYbcsCBCMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZWY5OGFkYmY0MmQ1YmFjZDI0Y2FkYjBhZGYwOTJjNDU3
NmRhZjMwHhcNMjQwMTAyMDAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODNkOWVmNjM4ZjYxNTQ0NTlkMzNlMzdhZmE1YzU3YzJjMWMzNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2GOF1KkpTwFVMhMcTEi7/giNiD7
6ywRqCQKUxifsExDektA39AGGzrQKfN0DPd4lvHy9LpCRa7Tj1uvzmAyLX+fBCbB
ZgF70ENQxDsOzH5jiiEMAUgUwxHWHzh4LAZ0xP0+tEP6blaWdiCRns3rvCDX4u3N
klyRKxZt6c0SL3r/0JlpjLvmHAyDS0nytm42WWvDB0BfbkD5XjboxiF0/Xlz7lC3
UKOFkyNtYpF3tOmkA6fW4AXS0N4f2ClWY8/3mHecA5gEjLSzmeGUOx2uJoKUyumY
VLFaAcAR7+QkZ/JS3enpg9E3St2qZQ+cyBEkgQH4ypVIyIdzhyjjc8AtPwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFIg9nvY49hVEWdM+N6+lxXwsHDVqMB8GA1UdIwQY
MBaAFGTvmK2/QtW6zSTK2wrfCSxFdtrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk8tWXJiOUMxYnJOSk1yYkN0OEpMRVYyMnZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lNDliYzUtNjhjNS00Y2UyLWE5Yjkt
MDNjNmZlYWYxZDlmLzEvaUQyZTlqajJGVVJaMHo0M3I2WEZmQ3djTldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lNDliYzUtNjhjNS00Y2UyLWE5YjktMDNjNmZlYWYxZDlm
LzEvWk8tWXJiOUMxYnJOSk1yYkN0OEpMRVYyMnZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAWV+aAD
BAKV+fADBAK5k6gDBAK5shgDBAK5ziwwDAMEA9XQKAMEAtXQMDANBgkqhkiG9w0B
AQsFAAOCAQEAB8wZ0Cm9ZpG6aCoRundLBq/EknU5Wmb0SZvPpAhVH9CLndxvbPlh
UIqPIHnTKlXFP5OFa1iyzKr6TczD5jG1kD4J6Nu6N6nM6gysvQUIonL9qXgqpAIH
0YfGljBoV9c8Kbfw/ISgyZhFL1sqYY472bNpS14JBxbPAxJRDr260H4SuoGLmwUy
4/zdtCTi0dTyM2vpo5ywSzskPDhgsSMqSaUV4EHMROwiKzxilCnn1mIUvsu1wALr
1u2Bc5PzllJvLwnlMagfPNlZgMMIJavvKj9uZo/Vztjjtj31H1zsiDv0fqtKNoOp
kDMHn4t8qgrKh8RIELlUxbqRUgQcSgoJFQ==
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:37:28 2024 by rpki-client on console-ams.rpki-client.org