Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/ZYyHVOQdAu1k7r-_cfRNNM-hH08.roa
File: ZYyHVOQdAu1k7r-_cfRNNM-hH08.roa (raw, json)
Hash identifier: 04RNe0VFiJk+3fv0FIM6RuRR/P2ih4zmT74XZODAeQk=
Subject key identifier: 65:8C:87:54:E4:1D:02:ED:64:EE:BF:BF:71:F4:4D:34:CF:A1:1F:4F
Certificate issuer: /CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd
Certificate serial: 018CC8DEF088E6E80365EDBD342C09927EA2
Authority key identifier: 99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/ZYyHVOQdAu1k7r-_cfRNNM-hH08.roa
Signing time: Tue 02 Jan 2024 06:31:42 +0000
ROA not before: Tue 02 Jan 2024 06:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25227
IP address blocks: 85.236.0.0/19 maxlen: 24
81.95.137.0/24 maxlen: 24
81.95.134.0/24 maxlen: 24
81.95.140.0/24 maxlen: 24
213.134.192.0/19 maxlen: 24
141.136.112.0/21 maxlen: 24
94.230.0.0/20 maxlen: 24
92.60.80.0/20 maxlen: 24
92.60.80.0/24 maxlen: 24
46.28.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f0:88:e6:e8:03:65:ed:bd:34:2c:09:92:7e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd
Validity
Not Before: Jan 2 06:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=658c8754e41d02ed64eebfbf71f44d34cfa11f4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3a:1d:6c:a0:9c:8a:7b:0f:3f:1e:25:f4:c0:
e5:6d:53:24:65:71:9e:e0:5f:d4:a7:44:fe:75:70:
18:ea:7a:d9:53:a3:05:77:8b:5a:59:aa:17:7d:bb:
64:f9:35:cc:91:96:1a:20:2a:3a:fa:76:30:26:68:
f1:4e:2f:f7:be:ae:dc:41:70:a9:8c:30:c0:e5:c8:
17:44:05:1c:c9:e5:20:4f:f4:4a:44:b5:52:d7:42:
01:9c:80:c0:55:77:8f:e0:b2:e9:bd:0d:26:95:9f:
29:e6:6f:82:77:25:09:97:ea:5f:b0:8d:42:97:88:
29:bc:b2:aa:77:73:be:ef:9f:ac:71:a5:76:87:ad:
09:d7:e3:95:c6:29:c5:bc:44:4a:a3:8e:b6:87:9f:
2a:fc:2a:fb:8a:7f:36:0d:10:0a:ea:8f:51:c8:86:
9f:ae:f7:04:c7:76:f3:ec:78:b6:aa:e7:5e:fe:bb:
1e:7e:29:28:3c:5b:c9:a9:b4:0f:3a:70:75:5d:be:
63:14:04:46:36:53:45:d1:55:2a:ab:72:03:6a:8e:
d9:c1:c5:5f:07:3c:fd:d5:c3:4a:c4:54:af:9e:20:
11:05:47:0e:e4:79:3b:f5:72:bf:4f:21:fa:5d:db:
d4:55:87:ce:c8:60:09:8c:9a:91:2b:e8:e5:2a:ff:
61:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8C:87:54:E4:1D:02:ED:64:EE:BF:BF:71:F4:4D:34:CF:A1:1F:4F
X509v3 Authority Key Identifier:
keyid:99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/ZYyHVOQdAu1k7r-_cfRNNM-hH08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.94.0/24
81.95.134.0/24
81.95.137.0/24
81.95.140.0/24
85.236.0.0/19
92.60.80.0/20
94.230.0.0/20
141.136.112.0/21
213.134.192.0/19
Signature Algorithm: sha256WithRSAEncryption
0e:28:5d:39:0f:a2:66:4a:3a:5c:6f:a3:a9:5d:cf:9a:06:6e:
d6:18:6d:d7:10:98:41:9c:22:ee:90:a2:8f:4b:c4:36:e2:fd:
95:15:b4:44:3a:91:72:f5:6a:cc:0b:fa:7a:aa:c6:66:d0:2f:
35:36:93:61:9d:ed:90:e1:de:43:1c:a5:1e:23:7b:bc:8c:1c:
35:90:7d:13:18:98:45:73:51:5d:ab:45:4b:df:d5:ed:51:1f:
0e:8f:ee:f9:1d:80:10:4a:f2:54:2a:26:3d:ec:98:f0:1c:d2:
e8:9b:ea:ec:5a:f9:0d:54:62:ed:96:f1:bf:07:71:72:55:07:
d2:fb:f7:19:9e:9c:10:02:7c:d5:22:8c:b1:5a:83:20:fa:3b:
bc:fc:c2:02:be:f9:71:6a:ff:4d:bd:c1:44:ef:b1:a6:1c:bf:
d3:ec:9d:c0:b9:f2:8e:7a:5c:73:ea:7a:9b:f2:d4:37:47:92:
65:43:d2:3f:77:3c:2f:89:2d:6e:20:ad:73:df:0c:1e:ad:00:
9e:06:9c:5d:f0:be:9e:01:37:0f:a8:4b:35:ad:20:62:6e:23:
da:99:81:3c:90:02:4a:0e:d7:a0:2e:96:44:f0:c1:29:e9:4e:
f9:cf:99:18:a6:79:cd:9c:57:40:82:07:c0:b1:4f:20:9f:dc:
eb:ad:15:de
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzI3vCI5ugDZe29NCwJkn6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NGI3ZDMwYzFjNGY2MjQzMTgyZDNlY2QzZDA1MzlmNDJm
YWFjZmQwHhcNMjQwMTAyMDYzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NThjODc1NGU0MWQwMmVkNjRlZWJmYmY3MWY0NGQzNGNmYTExZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jodbKCcinsPPx4l9MDlbVMkZXGe
4F/Up0T+dXAY6nrZU6MFd4taWaoXfbtk+TXMkZYaICo6+nYwJmjxTi/3vq7cQXCp
jDDA5cgXRAUcyeUgT/RKRLVS10IBnIDAVXeP4LLpvQ0mlZ8p5m+CdyUJl+pfsI1C
l4gpvLKqd3O+75+scaV2h60J1+OVxinFvERKo462h58q/Cr7in82DRAK6o9RyIaf
rvcEx3bz7Hi2qude/rsefikoPFvJqbQPOnB1Xb5jFARGNlNF0VUqq3IDao7ZwcVf
Bzz91cNKxFSvniARBUcO5Hk79XK/TyH6XdvUVYfOyGAJjJqRK+jlKv9heQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGWMh1TkHQLtZO6/v3H0TTTPoR9PMB8GA1UdIwQY
MBaAFJlLfTDBxPYkMYLT7NPQU59C+qz9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVV0OU1NSEU5aVF4Z3RQczA5QlRuMEw2clAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80YWI4MWUtNDViOC00MWE1LWFhNWUt
NTY0NmVlZGQ5OWJmLzEvWll5SFZPUWRBdTFrN3ItX2NmUk5OTS1oSDA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80YWI4MWUtNDViOC00MWE1LWFhNWUtNTY0NmVlZGQ5OWJm
LzEvbVV0OU1NSEU5aVF4Z3RQczA5QlRuMEw2clAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALhxeAwQA
UV+GAwQAUV+JAwQAUV+MAwQFVewAAwQEXDxQAwQEXuYAAwQDjYhwAwQF1YbAMA0G
CSqGSIb3DQEBCwUAA4IBAQAOKF05D6JmSjpcb6OpXc+aBm7WGG3XEJhBnCLukKKP
S8Q24v2VFbREOpFy9WrMC/p6qsZm0C81NpNhne2Q4d5DHKUeI3u8jBw1kH0TGJhF
c1Fdq0VL39XtUR8Oj+75HYAQSvJUKiY97JjwHNLom+rsWvkNVGLtlvG/B3FyVQfS
+/cZnpwQAnzVIoyxWoMg+ju8/MICvvlxav9NvcFE77GmHL/T7J3AufKOelxz6nqb
8tQ3R5JlQ9I/dzwviS1uIK1z3wwerQCeBpxd8L6eATcPqEs1rSBibiPamYE8kAJK
DtegLpZE8MEp6U75z5kYpnnNnFdAggfAsU8gn9zrrRXe
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:45 2024 by rpki-client on console-fra.rpki-client.org