Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZIPhmZF_92zDBa30Mz33fAcOdck.roa
File: ZIPhmZF_92zDBa30Mz33fAcOdck.roa (raw, json)
Hash identifier: H/8mN9yK7lgTPKvG/65CsFHAOQz5YFGFPI5BgVQy+ok=
Subject key identifier: 64:83:E1:99:91:7F:F7:6C:C3:05:AD:F4:33:3D:F7:7C:07:0E:75:C9
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018D34DBBA77814DAD25BC3F98779BCAAED3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZIPhmZF_92zDBa30Mz33fAcOdck.roa
Signing time: Tue 23 Jan 2024 05:47:11 +0000
ROA not before: Tue 23 Jan 2024 05:47:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142299
IP address blocks: 45.141.26.0/23 maxlen: 24
89.38.101.0/24 maxlen: 24
185.241.210.0/24 maxlen: 24
188.212.158.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:03:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:34:db:ba:77:81:4d:ad:25:bc:3f:98:77:9b:ca:ae:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 23 05:47:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6483e199917ff76cc305adf4333df77c070e75c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:62:e8:69:8a:87:e3:24:01:00:3a:c9:99:74:
36:cf:98:55:31:f5:02:7c:1f:7c:ce:f5:19:9d:1a:
c3:45:54:37:ab:b6:f2:91:d1:86:0a:05:1c:8f:7e:
ad:b9:c5:d7:22:51:8a:ed:a6:93:13:22:f8:35:bd:
2f:1c:82:f8:76:8d:64:4c:8b:b6:89:78:c5:42:5c:
c5:fb:08:83:07:64:d3:da:66:b3:58:a1:90:4d:ee:
9e:c7:a2:a0:39:3c:63:80:01:49:14:03:bc:50:ee:
91:8b:3d:1b:a3:f0:0a:cf:fd:40:ae:19:5f:8e:12:
7c:db:ca:89:e9:2f:82:f8:c7:bf:27:2a:2d:7c:12:
71:6e:c4:e6:72:c9:35:e2:09:4e:d0:0d:25:a0:b1:
8c:ca:23:a3:3a:e8:ac:de:2a:07:c5:a2:f6:87:1c:
91:93:e6:2c:b6:16:81:e1:3d:61:39:fe:47:a6:33:
c6:23:37:c1:cc:c7:6f:5d:f5:04:88:52:cc:91:9f:
36:3f:c6:ee:9d:13:b2:dd:c6:27:f8:c3:85:9d:57:
32:57:c2:76:7a:5f:44:f8:05:f4:01:60:33:36:4f:
5a:06:0e:b1:09:2f:22:1a:ba:e0:cd:7b:83:58:fa:
7b:8f:40:30:b6:b4:25:dc:41:ab:e5:97:d1:b8:76:
12:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:83:E1:99:91:7F:F7:6C:C3:05:AD:F4:33:3D:F7:7C:07:0E:75:C9
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZIPhmZF_92zDBa30Mz33fAcOdck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.26.0/23
89.38.101.0/24
185.241.210.0/24
188.212.158.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:9a:a9:cd:7c:38:6c:72:51:30:e8:6e:9f:af:c5:b5:5b:59:
11:fa:c6:8c:51:15:f6:09:34:be:d3:51:bb:5f:7e:6c:84:c7:
e6:0a:fd:c8:de:89:5c:25:ec:fc:38:c3:b7:da:98:af:51:1e:
e6:6d:3b:66:f6:64:b7:69:42:50:65:7f:3e:20:f9:00:db:5a:
83:73:65:88:7a:94:28:f9:4e:22:36:91:1b:d8:de:5f:42:ca:
b4:d9:49:fe:ad:86:c8:69:5a:45:90:f8:de:b0:59:63:db:4d:
7a:18:94:d8:b4:ab:4d:d0:42:c5:3e:f4:5b:4e:48:1d:6e:24:
5e:9a:8b:d5:ea:cd:20:01:5c:7e:6f:c4:8d:5a:58:05:0c:4e:
c3:89:83:b1:f2:22:64:cb:84:60:8b:02:d3:8b:e8:fe:21:5e:
42:c4:aa:45:1c:e3:06:53:f4:f7:0f:ee:62:dd:de:c9:98:83:
5b:c3:f2:fb:aa:b0:db:a2:bd:18:e0:d8:30:9c:e1:78:ce:32:
1a:d4:00:a6:6b:a8:91:f1:11:e2:5d:30:3a:a4:0f:a5:e6:c0:
59:64:32:df:09:6c:93:4e:f7:b6:af:c7:e4:e3:e1:84:2f:bc:
a3:f5:80:7e:8d:0a:4b:8d:86:77:a9:a6:80:a0:87:45:35:a7:
fb:ae:b1:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0027p3gU2tJbw/mHebyq7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTIzMDU0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDgzZTE5OTkxN2ZmNzZjYzMwNWFkZjQzMzNkZjc3YzA3MGU3NWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGLoaYqH4yQBADrJmXQ2z5hVMfUC
fB98zvUZnRrDRVQ3q7bykdGGCgUcj36tucXXIlGK7aaTEyL4Nb0vHIL4do1kTIu2
iXjFQlzF+wiDB2TT2mazWKGQTe6ex6KgOTxjgAFJFAO8UO6Riz0bo/AKz/1Arhlf
jhJ828qJ6S+C+Me/JyotfBJxbsTmcsk14glO0A0loLGMyiOjOuis3ioHxaL2hxyR
k+YsthaB4T1hOf5HpjPGIzfBzMdvXfUEiFLMkZ82P8bunROy3cYn+MOFnVcyV8J2
el9E+AX0AWAzNk9aBg6xCS8iGrrgzXuDWPp7j0AwtrQl3EGr5ZfRuHYSBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGSD4ZmRf/dswwWt9DM993wHDnXJMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWklQaG1aRl85MnpEQmEzME16MzNmQWNPZGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLY0aAwQA
WSZlAwQAufHSAwQBvNSeMA0GCSqGSIb3DQEBCwUAA4IBAQCLmqnNfDhsclEw6G6f
r8W1W1kR+saMURX2CTS+01G7X35shMfmCv3I3olcJez8OMO32pivUR7mbTtm9mS3
aUJQZX8+IPkA21qDc2WIepQo+U4iNpEb2N5fQsq02Un+rYbIaVpFkPjesFlj2016
GJTYtKtN0ELFPvRbTkgdbiRemovV6s0gAVx+b8SNWlgFDE7DiYOx8iJky4RgiwLT
i+j+IV5CxKpFHOMGU/T3D+5i3d7JmINbw/L7qrDbor0Y4NgwnOF4zjIa1ACma6iR
8RHiXTA6pA+l5sBZZDLfCWyTTve2r8fk4+GEL7yj9YB+jQpLjYZ3qaaAoIdFNaf7
rrEI
-----END CERTIFICATE-----
Generated at Mon May 6 04:43:33 2024 by rpki-client on console-ams.rpki-client.org