Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/zze7Q0F58p7wZWN9AowpZQ1IRfM.roa
File: zze7Q0F58p7wZWN9AowpZQ1IRfM.roa (raw, json)
Hash identifier: ErmlACFhGlTmMy9Os7y4tpN3kYnOZYWKkGxXtiUX/b4=
Subject key identifier: CF:37:BB:43:41:79:F2:9E:F0:65:63:7D:02:8C:29:65:0D:48:45:F3
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 018CC42559C3975344833613A8AE6DE72482
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/zze7Q0F58p7wZWN9AowpZQ1IRfM.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12849
IP address blocks: 194.88.108.0/22 maxlen: 24
185.131.144.0/24 maxlen: 24
185.131.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:59:c3:97:53:44:83:36:13:a8:ae:6d:e7:24:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf37bb434179f29ef065637d028c29650d4845f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fa:60:b7:5f:da:9a:00:1b:fa:12:eb:dd:a2:
f5:88:4f:2e:2e:d2:51:b6:0a:d3:77:1d:09:26:17:
87:24:4d:a9:71:b8:f2:75:7d:c8:d9:ec:42:c1:c9:
6d:02:dd:93:c3:3d:08:ad:65:f3:53:20:4f:81:31:
36:66:d7:8c:04:40:21:da:ea:22:5e:67:15:e4:ba:
e2:ff:51:91:e5:d4:25:1f:0c:2b:33:4b:7b:63:ac:
fb:e7:6c:e3:31:b2:55:17:11:28:55:59:1b:9c:13:
bf:28:f6:d2:80:35:3e:1c:00:5a:a9:c6:61:3d:7c:
c5:62:78:13:8c:4a:54:a6:3e:39:5f:01:ec:68:bd:
a5:ac:44:1c:78:d4:66:7d:7e:ca:e4:0e:31:7b:3e:
a8:0c:1f:03:70:b2:c1:e8:22:1c:a2:7a:f3:c7:07:
46:71:0c:6c:5a:15:b1:42:97:80:b4:78:a5:b4:0a:
f0:55:d3:03:0e:8d:00:81:06:e8:4a:bb:6a:fe:89:
c0:19:4d:ce:9e:7c:94:de:a0:93:aa:7d:1c:fa:85:
af:51:e0:48:c6:ca:42:8e:30:94:92:63:fd:54:13:
ad:46:47:e0:89:0f:ed:d0:d4:04:06:0e:c6:8a:0d:
58:fc:0b:eb:55:da:6b:0d:64:34:36:21:16:91:86:
7a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:37:BB:43:41:79:F2:9E:F0:65:63:7D:02:8C:29:65:0D:48:45:F3
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/zze7Q0F58p7wZWN9AowpZQ1IRfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.144.0/23
194.88.108.0/22
Signature Algorithm: sha256WithRSAEncryption
27:15:4f:64:56:10:f1:37:29:86:b1:d8:79:06:3b:d5:d3:cc:
4a:72:e0:b5:ee:a5:cb:9e:92:7f:a5:b6:f0:13:93:ab:95:1b:
9d:68:ff:97:d5:09:4c:31:75:fd:ab:29:ad:8a:b8:24:d6:66:
66:23:0d:50:11:fc:92:a1:8e:12:0b:e0:a4:a6:ea:93:c0:bd:
34:e3:e9:d9:9d:ac:ff:d5:62:59:ce:fd:e6:f4:1f:62:dd:43:
cd:78:42:6d:95:09:47:7c:c2:5a:b7:98:1b:80:a8:d4:bb:ba:
a7:d7:7c:39:ac:4d:58:ed:ed:12:9b:18:e6:f5:9b:26:bc:b0:
a1:24:1f:c9:36:17:d0:d4:52:51:9c:0a:9c:e2:c3:5d:d9:ed:
d1:40:58:db:15:ef:14:76:99:2e:5c:7f:55:41:14:61:92:7d:
9f:fe:fb:34:e4:3d:53:c7:74:c0:d6:1a:fd:72:c0:0b:5e:14:
be:22:48:6c:20:b2:7d:41:c0:e8:e0:b2:c5:7c:e6:60:78:52:
26:5b:e2:18:eb:88:47:27:eb:f9:30:cb:72:47:42:4c:b9:d4:
f5:d8:38:f7:5e:06:8f:0f:52:68:2b:1e:ef:ba:c2:7f:23:0d:
c9:22:97:29:2a:42:10:22:dd:16:b8:a2:8f:00:2f:e9:19:0a:
3f:33:e1:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJVnDl1NEgzYTqK5t5ySCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM3YmI0MzQxNzlmMjllZjA2NTYzN2QwMjhjMjk2NTBkNDg0NWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfpgt1/amgAb+hLr3aL1iE8uLtJR
tgrTdx0JJheHJE2pcbjydX3I2exCwcltAt2Twz0IrWXzUyBPgTE2ZteMBEAh2uoi
XmcV5Lri/1GR5dQlHwwrM0t7Y6z752zjMbJVFxEoVVkbnBO/KPbSgDU+HABaqcZh
PXzFYngTjEpUpj45XwHsaL2lrEQceNRmfX7K5A4xez6oDB8DcLLB6CIconrzxwdG
cQxsWhWxQpeAtHiltArwVdMDDo0AgQboSrtq/onAGU3OnnyU3qCTqn0c+oWvUeBI
xspCjjCUkmP9VBOtRkfgiQ/t0NQEBg7Gig1Y/AvrVdprDWQ0NiEWkYZ6swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM83u0NBefKe8GVjfQKMKWUNSEXzMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvenplN1EwRjU4cDd3WldOOUFvd3BaUTFJUmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuYOQAwQC
wlhsMA0GCSqGSIb3DQEBCwUAA4IBAQAnFU9kVhDxNymGsdh5BjvV08xKcuC17qXL
npJ/pbbwE5OrlRudaP+X1QlMMXX9qymtirgk1mZmIw1QEfySoY4SC+CkpuqTwL00
4+nZnaz/1WJZzv3m9B9i3UPNeEJtlQlHfMJat5gbgKjUu7qn13w5rE1Y7e0Smxjm
9ZsmvLChJB/JNhfQ1FJRnAqc4sNd2e3RQFjbFe8UdpkuXH9VQRRhkn2f/vs05D1T
x3TA1hr9csALXhS+IkhsILJ9QcDo4LLFfOZgeFImW+IY64hHJ+v5MMtyR0JMudT1
2Dj3XgaPD1JoKx7vusJ/Iw3JIpcpKkIQIt0WuKKPAC/pGQo/M+GV
-----END CERTIFICATE-----
Generated at Wed May 15 19:10:47 2024 by rpki-client on console-fra.rpki-client.org