Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/Z2W9EDrb4X-r7k7wFpYxAvAixLo.roa
File: Z2W9EDrb4X-r7k7wFpYxAvAixLo.roa (raw, json)
Hash identifier: QbXL305nJC/kH+ZUDubb6oFqOgfvsXmeu6Xb9rSKQUE=
Subject key identifier: 67:65:BD:10:3A:DB:E1:7F:AB:EE:4E:F0:16:96:31:02:F0:22:C4:BA
Certificate issuer: /CN=fb95e6594dc37053ce98bd5889063591b35e2d80
Certificate serial: 018CC7265AE81294697ECA4755E36D939059
Authority key identifier: FB:95:E6:59:4D:C3:70:53:CE:98:BD:58:89:06:35:91:B3:5E:2D:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/Z2W9EDrb4X-r7k7wFpYxAvAixLo.roa
Signing time: Mon 01 Jan 2024 22:30:28 +0000
ROA not before: Mon 01 Jan 2024 22:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202421
IP address blocks: 185.204.176.0/23 maxlen: 24
185.204.176.0/24 maxlen: 24
185.204.176.0/22 maxlen: 24
185.204.179.0/24 maxlen: 24
185.204.178.0/24 maxlen: 24
185.204.178.0/23 maxlen: 24
185.204.177.0/24 maxlen: 24
2a0a:fac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:5a:e8:12:94:69:7e:ca:47:55:e3:6d:93:90:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb95e6594dc37053ce98bd5889063591b35e2d80
Validity
Not Before: Jan 1 22:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6765bd103adbe17fabee4ef016963102f022c4ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:71:4d:cd:27:32:1a:9e:20:4c:f8:90:45:c5:
10:23:65:30:10:06:91:be:32:98:b3:19:03:80:91:
68:5c:6e:93:b7:c7:f0:af:8f:99:b2:e5:1d:e9:03:
fb:64:06:3f:9c:f7:83:3a:81:81:9d:95:36:e4:05:
e5:1b:e9:b2:a8:fb:cc:3f:5e:fd:1e:1c:a5:fb:04:
22:67:95:dd:fa:d5:95:e4:40:74:39:f3:a2:6a:14:
d1:d2:11:dd:bb:ee:1f:f5:21:a3:4c:32:26:8e:59:
a4:a9:fb:c7:bf:2f:af:ac:13:bc:ca:61:4b:97:fb:
27:a9:20:98:fc:e6:7c:2a:07:bd:a2:77:b1:45:7a:
ce:92:1c:14:17:1f:94:cd:4f:e2:b8:20:ed:74:c7:
f9:e5:6f:f2:be:1e:ca:8f:b3:03:5f:c3:8d:3e:37:
60:62:6a:cd:66:6f:42:71:bb:d8:e3:ec:2e:18:83:
25:66:4c:ff:08:be:5f:03:0d:6b:d3:fd:14:9c:76:
f7:3a:79:b5:70:23:8c:3c:59:ab:52:3b:99:ed:6b:
db:24:14:4a:53:d8:2e:08:70:75:fe:cf:50:00:35:
33:8a:3e:44:fd:d4:a3:cd:08:75:b8:56:54:26:49:
81:88:d0:ce:ea:2b:4b:11:34:b9:7b:a2:e2:25:25:
e2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:65:BD:10:3A:DB:E1:7F:AB:EE:4E:F0:16:96:31:02:F0:22:C4:BA
X509v3 Authority Key Identifier:
keyid:FB:95:E6:59:4D:C3:70:53:CE:98:BD:58:89:06:35:91:B3:5E:2D:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/Z2W9EDrb4X-r7k7wFpYxAvAixLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/78178f-2199-48e0-901d-bda215b81636/1/1-5XmWU3DcFPOmL1YiQY1kbNeLYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.176.0/22
IPv6:
2a0a:fac0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:a3:7c:ee:26:ca:89:04:b5:4a:81:6e:9d:71:02:6e:04:d0:
17:c7:04:ba:7f:94:67:48:48:d0:8a:8f:10:d8:22:dd:d5:b3:
42:c7:6c:6d:a7:1e:be:1e:e6:2f:93:35:01:61:76:48:3a:b4:
bf:6e:d3:04:6a:84:de:0a:26:76:c6:d3:d9:dc:92:61:91:f3:
14:83:7b:9d:a7:da:1e:03:78:d1:8a:86:00:06:79:66:b0:95:
28:38:c2:25:e1:c2:aa:8d:07:df:3f:74:12:0d:c3:5a:dc:8d:
28:b1:63:3f:4d:90:cb:5d:7d:48:28:97:cc:b3:85:6e:e5:d2:
13:c8:47:fd:ea:52:6f:2d:8b:75:46:5a:d1:b9:ac:a7:b7:61:
8f:26:c7:ce:0c:fb:42:ec:5b:b9:4d:4d:92:e2:33:3e:82:6b:
5e:b4:98:5c:de:bd:40:f9:27:4b:a5:ae:cd:bd:68:c8:af:06:
84:d3:7f:a8:97:ed:9f:ad:8e:62:b5:72:fa:1b:f1:bf:d5:59:
19:24:11:33:1b:72:10:10:43:bf:62:50:de:b1:5c:79:29:38:
79:ba:87:8f:74:f9:8d:1c:12:55:ef:e9:a0:c6:ff:29:66:82:
63:af:95:85:60:fc:16:4e:b7:b6:85:11:dd:27:cd:90:46:f5:
ec:c1:a2:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJlroEpRpfspHVeNtk5BZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTVlNjU5NGRjMzcwNTNjZTk4YmQ1ODg5MDYzNTkxYjM1
ZTJkODAwHhcNMjQwMTAxMjIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzY1YmQxMDNhZGJlMTdmYWJlZTRlZjAxNjk2MzEwMmYwMjJjNGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXFNzScyGp4gTPiQRcUQI2UwEAaR
vjKYsxkDgJFoXG6Tt8fwr4+ZsuUd6QP7ZAY/nPeDOoGBnZU25AXlG+myqPvMP179
Hhyl+wQiZ5Xd+tWV5EB0OfOiahTR0hHdu+4f9SGjTDImjlmkqfvHvy+vrBO8ymFL
l/snqSCY/OZ8Kge9onexRXrOkhwUFx+UzU/iuCDtdMf55W/yvh7Kj7MDX8ONPjdg
YmrNZm9CcbvY4+wuGIMlZkz/CL5fAw1r0/0UnHb3Onm1cCOMPFmrUjuZ7WvbJBRK
U9guCHB1/s9QADUzij5E/dSjzQh1uFZUJkmBiNDO6itLETS5e6LiJSXidQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGdlvRA62+F/q+5O8BaWMQLwIsS6MB8GA1UdIwQY
MBaAFPuV5llNw3BTzpi9WIkGNZGzXi2AMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01WG1XVTNEY0ZQT21MMVlpUVkxa2JOZUxZQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIvNzgxNzhmLTIxOTktNDhlMC05MDFk
LWJkYTIxNWI4MTYzNi8xL1oyVzlFRHJiNFgtcjdrN3dGcFl4QXZBaXhMby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmIvNzgxNzhmLTIxOTktNDhlMC05MDFkLWJkYTIxNWI4MTYz
Ni8xLzEtNVhtV1UzRGNGUE9tTDFZaVFZMWtiTmVMWUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5zLAw
DQQCAAIwBwMFAyoK+sAwDQYJKoZIhvcNAQELBQADggEBAIyjfO4myokEtUqBbp1x
Am4E0BfHBLp/lGdISNCKjxDYIt3Vs0LHbG2nHr4e5i+TNQFhdkg6tL9u0wRqhN4K
JnbG09nckmGR8xSDe52n2h4DeNGKhgAGeWawlSg4wiXhwqqNB98/dBINw1rcjSix
Yz9NkMtdfUgol8yzhW7l0hPIR/3qUm8ti3VGWtG5rKe3YY8mx84M+0LsW7lNTZLi
Mz6Ca160mFzevUD5J0ulrs29aMivBoTTf6iX7Z+tjmK1cvob8b/VWRkkETMbchAQ
Q79iUN6xXHkpOHm6h490+Y0cElXv6aDG/ylmgmOvlYVg/BZOt7aFEd0nzZBG9ezB
ouM=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:58:05 2024 by rpki-client on console-fra.rpki-client.org