Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/zk0ED8Y--xe9mXl8kLdTB2GDznE.roa
File: zk0ED8Y--xe9mXl8kLdTB2GDznE.roa (raw, json)
Hash identifier: +qQkC7FSqMzlZZEOmHEMSXeTFmGvjp1AIkaKb8K/FLM=
Subject key identifier: CE:4D:04:0F:C6:3E:FB:17:BD:99:79:7C:90:B7:53:07:61:83:CE:71
Certificate issuer: /CN=8b9b0163eee9e792aaa16b7d5105d347211f3123
Certificate serial: 018CC8DECCBFEABB51A1388C9FC1CCBD02D7
Authority key identifier: 8B:9B:01:63:EE:E9:E7:92:AA:A1:6B:7D:51:05:D3:47:21:1F:31:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i5sBY-7p55KqoWt9UQXTRyEfMSM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/zk0ED8Y--xe9mXl8kLdTB2GDznE.roa
Signing time: Tue 02 Jan 2024 06:31:33 +0000
ROA not before: Tue 02 Jan 2024 06:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44409
IP address blocks: 185.237.178.0/24 maxlen: 24
185.237.177.0/24 maxlen: 24
194.113.166.0/23 maxlen: 23
194.113.174.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/i5sBY-7p55KqoWt9UQXTRyEfMSM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/i5sBY-7p55KqoWt9UQXTRyEfMSM.mft
rsync://rpki.ripe.net/repository/DEFAULT/i5sBY-7p55KqoWt9UQXTRyEfMSM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:cc:bf:ea:bb:51:a1:38:8c:9f:c1:cc:bd:02:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9b0163eee9e792aaa16b7d5105d347211f3123
Validity
Not Before: Jan 2 06:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce4d040fc63efb17bd99797c90b753076183ce71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e6:dd:f3:bf:da:f2:7d:e3:1b:e2:68:f4:f0:
cb:06:d7:a1:b3:3b:59:97:37:e7:cb:24:b4:e5:01:
01:9b:77:e2:02:a8:2d:d9:b7:9f:ef:03:e2:ed:4d:
2a:d0:39:52:df:94:40:93:dd:c3:30:25:e9:ea:9a:
3f:27:95:7e:af:ed:3c:82:3b:29:bf:95:82:c3:d5:
fb:bb:24:a7:c2:53:c2:4d:f2:d4:c6:bf:c0:1e:3f:
71:98:fd:38:53:30:57:74:63:0b:d8:5c:6f:d4:6c:
45:9d:dc:36:46:f2:7d:1f:23:c4:49:c8:a6:36:5b:
c0:74:42:7c:af:d9:39:df:a0:75:23:23:20:0a:11:
78:24:c4:25:81:2c:4e:0c:6d:7f:90:14:ea:36:d9:
25:76:f4:4d:c3:9a:ac:c7:ed:6d:bc:0c:44:d4:8e:
dc:dd:79:61:fb:9d:cd:4f:f5:b4:bb:66:32:35:d9:
6b:04:34:76:36:8f:c4:46:db:22:10:8b:1d:cb:59:
46:30:1f:36:0a:36:f1:f2:f2:e9:d6:49:6d:18:ea:
a7:95:75:16:42:c1:26:97:1a:d5:3f:6c:46:19:58:
0b:9d:9d:46:82:29:4f:7b:33:3f:c8:0b:80:9c:b7:
cc:b7:bd:d7:0b:5c:6d:0e:fb:69:0d:0c:42:b5:33:
82:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4D:04:0F:C6:3E:FB:17:BD:99:79:7C:90:B7:53:07:61:83:CE:71
X509v3 Authority Key Identifier:
keyid:8B:9B:01:63:EE:E9:E7:92:AA:A1:6B:7D:51:05:D3:47:21:1F:31:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i5sBY-7p55KqoWt9UQXTRyEfMSM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/zk0ED8Y--xe9mXl8kLdTB2GDznE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/2b800e-6953-4009-b195-41b26607bf36/1/i5sBY-7p55KqoWt9UQXTRyEfMSM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.177.0-185.237.178.255
194.113.166.0/23
194.113.174.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:ae:00:11:e5:b4:35:16:4d:9a:46:20:da:8f:a9:02:92:29:
c3:b8:92:c5:9c:70:5c:7c:dc:b7:6d:53:49:81:6e:d6:71:41:
94:01:34:12:87:e2:02:15:b5:d9:7d:e3:cb:9f:07:59:1c:0d:
9a:90:2c:68:5b:57:dd:01:c1:fb:81:1e:80:b2:34:01:ad:56:
a5:b4:6e:3b:b0:2f:45:9c:68:e7:b6:ca:1d:34:47:fd:89:0e:
ae:bb:12:3d:18:80:d9:4f:cf:5c:16:7e:a9:24:44:36:7a:5e:
c3:50:5b:20:61:41:e4:0a:fd:0f:8c:4c:8b:23:dd:61:35:3d:
e3:92:2a:5b:ad:b7:35:3f:e4:6f:fc:42:18:3b:3c:dc:a4:92:
22:57:5c:47:15:80:f6:e9:98:db:f1:0a:4e:a6:d3:67:a6:5e:
b6:60:cb:94:10:78:04:26:12:31:95:50:1a:dd:81:a4:34:56:
43:80:ed:0f:34:b9:be:88:86:2d:15:84:2f:83:c7:27:70:07:
e9:47:57:7f:df:87:59:4e:09:dc:f8:9d:69:a1:98:9a:16:93:
eb:88:f1:c3:3e:c3:ed:23:a6:36:95:fa:6f:73:6e:09:08:46:
89:8b:52:db:73:b2:2d:be:1f:f8:15:17:74:45:c0:9f:f4:f1:
c2:51:9d:8b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzI3sy/6rtRoTiMn8HMvQLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOWIwMTYzZWVlOWU3OTJhYWExNmI3ZDUxMDVkMzQ3MjEx
ZjMxMjMwHhcNMjQwMTAyMDYzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTRkMDQwZmM2M2VmYjE3YmQ5OTc5N2M5MGI3NTMwNzYxODNjZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+bd87/a8n3jG+Jo9PDLBtehsztZ
lzfnyyS05QEBm3fiAqgt2bef7wPi7U0q0DlS35RAk93DMCXp6po/J5V+r+08gjsp
v5WCw9X7uySnwlPCTfLUxr/AHj9xmP04UzBXdGML2Fxv1GxFndw2RvJ9HyPEScim
NlvAdEJ8r9k536B1IyMgChF4JMQlgSxODG1/kBTqNtkldvRNw5qsx+1tvAxE1I7c
3Xlh+53NT/W0u2YyNdlrBDR2No/ERtsiEIsdy1lGMB82Cjbx8vLp1kltGOqnlXUW
QsEmlxrVP2xGGVgLnZ1GgilPezM/yAuAnLfMt73XC1xtDvtpDQxCtTOCgQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFM5NBA/GPvsXvZl5fJC3Uwdhg85xMB8GA1UdIwQY
MBaAFIubAWPu6eeSqqFrfVEF00chHzEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTVzQlktN3A1NUtxb1d0OVVRWFRSeUVmTVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yYjgwMGUtNjk1My00MDA5LWIxOTUt
NDFiMjY2MDdiZjM2LzEvemswRUQ4WS0teGU5bVhsOGtMZFRCMkdEem5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yYjgwMGUtNjk1My00MDA5LWIxOTUtNDFiMjY2MDdiZjM2
LzEvaTVzQlktN3A1NUtxb1d0OVVRWFRSeUVmTVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAC57bED
BAC57bIDBAHCcaYDBAHCca4wDQYJKoZIhvcNAQELBQADggEBAKOuABHltDUWTZpG
INqPqQKSKcO4ksWccFx83LdtU0mBbtZxQZQBNBKH4gIVtdl948ufB1kcDZqQLGhb
V90BwfuBHoCyNAGtVqW0bjuwL0WcaOe2yh00R/2JDq67Ej0YgNlPz1wWfqkkRDZ6
XsNQWyBhQeQK/Q+MTIsj3WE1PeOSKluttzU/5G/8Qhg7PNykkiJXXEcVgPbpmNvx
Ck6m02emXrZgy5QQeAQmEjGVUBrdgaQ0VkOA7Q80ub6Ihi0VhC+DxydwB+lHV3/f
h1lOCdz4nWmhmJoWk+uI8cM+w+0jpjaV+m9zbgkIRomLUttzsi2+H/gVF3RFwJ/0
8cJRnYs=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:30:50 2024 by rpki-client on console-fra.rpki-client.org