Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/z4rt4gyVn-6WHTUSJu7KTenjd7E.roa
File: z4rt4gyVn-6WHTUSJu7KTenjd7E.roa (raw, json)
Hash identifier: pu5RDkkfpflRJWpmIhlyeXI59r7HHU6teQEAyETRbSI=
Subject key identifier: CF:8A:ED:E2:0C:95:9F:EE:96:1D:35:12:26:EE:CA:4D:E9:E3:77:B1
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 0191E5E2C1E4A45288568DBB2B6689D171F3
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/z4rt4gyVn-6WHTUSJu7KTenjd7E.roa
Signing time: Thu 12 Sep 2024 10:58:48 +0000
ROA not before: Thu 12 Sep 2024 10:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 2.59.40.0/24 maxlen: 24
2.59.41.0/24 maxlen: 24
2.59.42.0/24 maxlen: 24
2.59.43.0/24 maxlen: 24
45.93.201.0/24 maxlen: 24
45.153.70.0/24 maxlen: 24
45.153.71.0/24 maxlen: 24
80.76.60.0/24 maxlen: 24
91.198.220.0/24 maxlen: 24
93.93.207.0/24 maxlen: 24
176.53.160.0/24 maxlen: 24
176.53.161.0/24 maxlen: 24
176.53.162.0/24 maxlen: 24
176.53.163.0/24 maxlen: 24
185.192.246.0/24 maxlen: 24
185.192.247.0/24 maxlen: 24
185.251.20.0/24 maxlen: 24
193.160.208.0/24 maxlen: 24
193.160.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:e2:c1:e4:a4:52:88:56:8d:bb:2b:66:89:d1:71:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Sep 12 10:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf8aede20c959fee961d351226eeca4de9e377b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:42:bd:2a:cc:5b:36:57:af:1b:40:cf:b4:34:
fa:8b:35:eb:8d:60:de:cc:bd:c9:e6:aa:f8:38:0e:
40:b3:52:63:3d:04:1f:d7:d9:c1:7e:30:dd:13:1f:
c4:01:77:5f:8a:03:b9:48:90:4d:6b:82:ff:75:2f:
ff:52:de:9a:17:c3:cc:ee:dd:9e:27:26:52:22:35:
fb:f6:b4:14:31:20:91:58:5e:35:cc:b0:ce:75:d4:
4b:28:0e:4d:5a:a5:fa:da:2e:d9:90:39:4a:e6:e6:
07:af:5d:01:56:91:ec:70:1b:08:86:38:9c:ee:ea:
58:a8:df:2f:28:2d:d0:44:fb:56:6a:29:48:2a:73:
bb:6f:97:7d:c8:7f:1f:94:de:35:f8:13:5c:59:d8:
a9:24:67:d2:4b:83:3a:cd:ea:7d:5c:9f:fb:58:40:
9f:90:80:b4:51:61:7b:3e:bc:7b:43:0d:a7:13:63:
4e:07:84:10:fb:be:dc:8b:ca:c0:11:4a:1f:8c:8c:
dc:90:9c:13:bc:f3:d0:b6:d7:eb:9e:94:95:2e:a8:
44:80:c6:26:e0:1a:01:c2:a3:1e:ac:f8:f7:bc:db:
09:5f:5e:ee:9d:7c:10:bf:20:48:b0:78:1e:03:f0:
3f:6c:55:a5:50:43:3c:d3:24:73:da:87:18:38:71:
b1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:8A:ED:E2:0C:95:9F:EE:96:1D:35:12:26:EE:CA:4D:E9:E3:77:B1
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/z4rt4gyVn-6WHTUSJu7KTenjd7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.40.0/22
45.93.201.0/24
45.153.70.0/23
80.76.60.0/24
91.198.220.0/24
93.93.207.0/24
176.53.160.0/22
185.192.246.0/23
185.251.20.0/24
193.160.208.0/23
Signature Algorithm: sha256WithRSAEncryption
46:1f:50:d0:05:bb:20:d0:59:d1:e0:9b:dd:b1:60:a1:96:5d:
26:80:09:c2:19:d1:62:c4:03:80:73:6d:ec:a6:e9:b8:82:bf:
f6:f4:20:23:3e:7e:19:fb:74:6e:9e:9b:59:18:bc:b5:66:a5:
7e:c6:63:57:b1:f7:8b:43:33:56:e3:20:96:21:f3:13:06:c4:
7d:52:46:33:ad:40:3b:32:33:9e:35:e2:e3:80:e5:29:96:98:
43:9a:fd:5a:59:db:04:cc:ad:f4:be:e0:ef:65:f4:20:26:25:
fa:c5:1e:b6:4e:a6:99:df:ed:42:47:5f:6c:b7:43:26:2d:c6:
d2:d6:e7:fa:be:31:45:13:fe:cd:02:1d:65:7a:64:e8:fd:26:
0d:b5:fb:85:f9:67:4e:26:92:5b:04:b2:ea:c8:6a:8e:ad:38:
b1:66:64:27:09:23:94:02:63:89:18:80:99:34:ff:55:42:3d:
01:e8:c2:8f:09:0d:a7:1a:57:e2:0c:1a:21:db:96:0d:8c:66:
05:99:25:22:e8:e4:22:16:8a:ab:f3:4c:b0:20:03:5e:dd:1b:
64:c0:7a:6d:8a:f5:55:8c:8e:9f:d9:ea:c5:13:85:a5:5a:88:
fa:e8:2c:a6:05:6e:8f:5c:da:ea:2f:23:6c:d6:90:2f:e2:53:
87:1c:e6:89
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZHl4sHkpFKIVo27K2aJ0XHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwOTEyMTA1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjhhZWRlMjBjOTU5ZmVlOTYxZDM1MTIyNmVlY2E0ZGU5ZTM3N2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUK9KsxbNlevG0DPtDT6izXrjWDe
zL3J5qr4OA5As1JjPQQf19nBfjDdEx/EAXdfigO5SJBNa4L/dS//Ut6aF8PM7t2e
JyZSIjX79rQUMSCRWF41zLDOddRLKA5NWqX62i7ZkDlK5uYHr10BVpHscBsIhjic
7upYqN8vKC3QRPtWailIKnO7b5d9yH8flN41+BNcWdipJGfSS4M6zep9XJ/7WECf
kIC0UWF7Prx7Qw2nE2NOB4QQ+77ci8rAEUofjIzckJwTvPPQttfrnpSVLqhEgMYm
4BoBwqMerPj3vNsJX17unXwQvyBIsHgeA/A/bFWlUEM80yRz2ocYOHGxLQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFM+K7eIMlZ/ulh01Eibuyk3p43exMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvejRydDRneVZuLTZXSFRVU0p1N0tUZW5qZDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCAjsoAwQA
LV3JAwQBLZlGAwQAUEw8AwQAW8bcAwQAXV3PAwQCsDWgAwQBucD2AwQAufsUAwQB
waDQMA0GCSqGSIb3DQEBCwUAA4IBAQBGH1DQBbsg0FnR4JvdsWChll0mgAnCGdFi
xAOAc23spum4gr/29CAjPn4Z+3RunptZGLy1ZqV+xmNXsfeLQzNW4yCWIfMTBsR9
UkYzrUA7MjOeNeLjgOUplphDmv1aWdsEzK30vuDvZfQgJiX6xR62TqaZ3+1CR19s
t0MmLcbS1uf6vjFFE/7NAh1lemTo/SYNtfuF+WdOJpJbBLLqyGqOrTixZmQnCSOU
AmOJGICZNP9VQj0B6MKPCQ2nGlfiDBoh25YNjGYFmSUi6OQiFoqr80ywIANe3Rtk
wHptivVVjI6f2erFE4WlWoj66CymBW6PXNrqLyNs1pAv4lOHHOaJ
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:48:16 2024 by rpki-client on console-ams.rpki-client.org