Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/zWd7HivjqlpNj6N4gLv7ZRH5Ue0.roa
File: zWd7HivjqlpNj6N4gLv7ZRH5Ue0.roa (raw, json)
Hash identifier: 4p8wsmlHmphaDgLqEb3HjaWbudyK5byuWziCfX7s4ew=
Subject key identifier: CD:67:7B:1E:2B:E3:AA:5A:4D:8F:A3:78:80:BB:FB:65:11:F9:51:ED
Certificate issuer: /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial: 018DF017CE82E8C25A26C29D630CFF950B98
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/zWd7HivjqlpNj6N4gLv7ZRH5Ue0.roa
Signing time: Wed 28 Feb 2024 14:21:48 +0000
ROA not before: Wed 28 Feb 2024 14:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50810
IP address blocks: 37.98.64.0/18 maxlen: 22
37.98.114.0/24 maxlen: 24
62.102.128.0/20 maxlen: 22
93.117.176.0/20 maxlen: 22
93.119.208.0/20 maxlen: 22
178.131.0.0/18 maxlen: 22
178.131.4.0/24 maxlen: 24
178.131.64.0/18 maxlen: 22
178.131.128.0/18 maxlen: 22
188.211.0.0/20 maxlen: 20
188.212.240.0/21 maxlen: 21
188.213.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:17:ce:82:e8:c2:5a:26:c2:9d:63:0c:ff:95:0b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Validity
Not Before: Feb 28 14:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd677b1e2be3aa5a4d8fa37880bbfb6511f951ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3e:a4:9a:aa:9d:7e:51:43:99:3d:42:21:3a:
97:a5:57:1f:30:99:df:48:db:8c:f0:12:71:31:4f:
ad:50:c6:b6:d4:e2:ce:19:16:7b:72:f5:aa:d1:6e:
93:ca:57:1e:30:98:80:12:4b:5b:3e:8f:59:3b:bd:
aa:a3:4d:4e:1f:d0:57:07:98:ee:98:fa:cd:f0:47:
9c:68:59:3c:5d:c0:96:bb:6b:ac:f6:a9:60:3a:e7:
e7:bd:15:24:a4:55:f0:29:8e:59:93:e3:f7:92:a7:
b5:87:9a:aa:40:ec:cc:81:3c:94:4f:9a:da:6d:75:
cc:9a:ad:fb:e3:41:f7:06:5c:6d:e7:3b:6d:58:99:
7f:7e:76:8c:ff:0e:1f:2a:b3:66:e2:68:6b:89:bb:
77:c2:84:6d:c0:67:7c:76:91:2c:1d:7d:19:a1:cf:
dc:61:b4:d7:19:78:77:98:87:56:de:8b:b9:88:f3:
16:c6:a7:70:c2:af:e8:a7:11:14:b7:d8:8e:fd:ba:
e9:7f:22:3e:66:fc:da:83:95:77:8d:79:26:05:ad:
99:f9:6b:b5:da:e4:ae:a8:57:76:c8:9e:1f:0b:f6:
49:01:66:d3:3b:87:3f:ff:09:36:e5:2c:88:8a:e7:
62:3b:83:38:fa:47:b1:d1:c3:b5:1e:7b:a0:00:74:
2f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:67:7B:1E:2B:E3:AA:5A:4D:8F:A3:78:80:BB:FB:65:11:F9:51:ED
X509v3 Authority Key Identifier:
keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/zWd7HivjqlpNj6N4gLv7ZRH5Ue0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.64.0/18
62.102.128.0/20
93.117.176.0/20
93.119.208.0/20
178.131.0.0-178.131.191.255
188.211.0.0/20
188.212.240.0/21
188.213.192.0/22
Signature Algorithm: sha256WithRSAEncryption
50:5c:7c:74:c1:54:fe:73:db:4e:08:d2:f0:56:9b:d4:dd:ec:
59:64:f0:aa:4f:51:04:b1:c3:62:ae:a4:20:d7:b2:93:bd:3e:
22:0e:ab:07:25:1d:29:d7:a5:cc:02:95:3e:7d:cf:06:0d:24:
1e:36:0c:54:45:aa:91:e1:ef:ca:d6:1d:05:70:3a:5f:6d:42:
be:cf:02:cc:34:71:66:5a:ee:55:90:84:0d:1d:cf:0b:54:33:
5c:d9:e9:d7:2b:d9:e2:95:83:49:db:45:40:c0:6a:24:d3:6b:
92:5d:0b:17:cc:a6:cd:bd:49:45:bd:76:71:8f:b8:46:9f:12:
14:54:24:83:1b:58:80:fa:6e:cf:e8:ab:33:b4:af:39:84:5c:
73:8d:7e:d5:d1:60:36:2f:cc:fa:12:57:13:b1:a6:ba:19:01:
50:8d:f7:51:11:f5:76:22:72:58:8f:b3:45:44:e9:f9:3f:00:
73:7b:df:92:a1:5d:57:f4:51:2f:9b:54:cc:78:84:8d:d2:11:
e9:81:27:df:73:2a:41:91:20:81:bc:6c:c1:83:35:00:07:b3:
ac:ab:c2:35:de:44:cb:ac:74:a7:d3:e8:54:03:de:9b:dc:16:
1f:75:1d:41:33:30:b3:35:55:45:b6:d5:c4:00:5e:43:86:a8:
35:22:1c:25
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY3wF86C6MJaJsKdYwz/lQuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjQwMjI4MTQyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDY3N2IxZTJiZTNhYTVhNGQ4ZmEzNzg4MGJiZmI2NTExZjk1MWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5T6kmqqdflFDmT1CITqXpVcfMJnf
SNuM8BJxMU+tUMa21OLOGRZ7cvWq0W6TylceMJiAEktbPo9ZO72qo01OH9BXB5ju
mPrN8EecaFk8XcCWu2us9qlgOufnvRUkpFXwKY5Zk+P3kqe1h5qqQOzMgTyUT5ra
bXXMmq3740H3Blxt5zttWJl/fnaM/w4fKrNm4mhribt3woRtwGd8dpEsHX0Zoc/c
YbTXGXh3mIdW3ou5iPMWxqdwwq/opxEUt9iO/brpfyI+Zvzag5V3jXkmBa2Z+Wu1
2uSuqFd2yJ4fC/ZJAWbTO4c//wk25SyIiudiO4M4+kex0cO1HnugAHQvIQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFM1nex4r46paTY+jeIC7+2UR+VHtMB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEveldkN0hpdmpxbHBOajZONGdMdjdaUkg1VWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzA9BAIAATA3AwQGJWJAAwQE
PmaAAwQEXXWwAwQEXXfQMAsDAwCygwMEBrKDgAMEBLzTAAMEA7zU8AMEArzVwDAN
BgkqhkiG9w0BAQsFAAOCAQEAUFx8dMFU/nPbTgjS8Fab1N3sWWTwqk9RBLHDYq6k
INeyk70+Ig6rByUdKdelzAKVPn3PBg0kHjYMVEWqkeHvytYdBXA6X21Cvs8CzDRx
ZlruVZCEDR3PC1QzXNnp1yvZ4pWDSdtFQMBqJNNrkl0LF8ymzb1JRb12cY+4Rp8S
FFQkgxtYgPpuz+irM7SvOYRcc41+1dFgNi/M+hJXE7GmuhkBUI33URH1diJyWI+z
RUTp+T8Ac3vfkqFdV/RRL5tUzHiEjdIR6YEn33MqQZEggbxswYM1AAezrKvCNd5E
y6x0p9PoVAPem9wWH3UdQTMwszVVRbbVxABeQ4aoNSIcJQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:47:15 2024 by rpki-client on console-ams.rpki-client.org