Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/2a591c-3c4a-4288-be91-c39adb98f429/1/Pz6HHWKbg2a-wZAZvOGHIaMZutw.roa
File: Pz6HHWKbg2a-wZAZvOGHIaMZutw.roa (raw, json)
Hash identifier: sENOMg1urRUAQZXH8zHjSkiE1YP5j2Yf/PvcPcyx1bI=
Subject key identifier: 3F:3E:87:1D:62:9B:83:66:BE:C1:90:19:BC:E1:87:21:A3:19:BA:DC
Certificate issuer: /CN=ec6d47b47e05b13d058b1cb42529a7c1866dcdf2
Certificate serial: 018CC424806A85F9FA3CE041CF30080A36AC
Authority key identifier: EC:6D:47:B4:7E:05:B1:3D:05:8B:1C:B4:25:29:A7:C1:86:6D:CD:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7G1HtH4FsT0Fixy0JSmnwYZtzfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/2a591c-3c4a-4288-be91-c39adb98f429/1/Pz6HHWKbg2a-wZAZvOGHIaMZutw.roa
Signing time: Mon 01 Jan 2024 08:29:35 +0000
ROA not before: Mon 01 Jan 2024 08:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60532
IP address blocks: 88.218.228.0/22 maxlen: 22
185.23.190.0/23 maxlen: 23
185.23.189.0/24 maxlen: 24
2a04:26c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/2a591c-3c4a-4288-be91-c39adb98f429/1/7G1HtH4FsT0Fixy0JSmnwYZtzfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/2a591c-3c4a-4288-be91-c39adb98f429/1/7G1HtH4FsT0Fixy0JSmnwYZtzfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7G1HtH4FsT0Fixy0JSmnwYZtzfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:80:6a:85:f9:fa:3c:e0:41:cf:30:08:0a:36:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6d47b47e05b13d058b1cb42529a7c1866dcdf2
Validity
Not Before: Jan 1 08:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f3e871d629b8366bec19019bce18721a319badc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d7:76:37:a5:0e:ef:0e:38:97:9a:d5:d6:b9:
1b:53:a7:bb:22:17:5e:2e:a9:15:e5:fa:2f:78:51:
83:27:d7:34:c9:56:88:fb:2d:9c:14:a0:b6:83:5e:
bc:c5:8c:ca:f1:21:24:e3:de:01:89:1a:50:c7:c6:
f0:4c:0d:09:0f:ce:b2:22:e6:c4:b2:76:03:21:63:
dc:ca:16:44:38:3d:2c:99:f8:6c:8a:ed:30:09:35:
e8:14:f9:d8:5a:aa:aa:95:74:f5:65:f2:c4:a1:c2:
4b:31:df:b5:e0:a1:77:d1:5a:c9:d7:cf:93:7a:f0:
1a:dc:f9:b0:d4:ad:f4:7a:8e:3e:76:f2:8d:09:3e:
34:cb:17:fa:c2:f9:23:df:21:67:85:b2:3d:64:a8:
f0:53:00:79:fa:66:ba:f0:f4:cf:c0:5b:4b:b0:d5:
db:7a:f0:35:13:11:6e:a8:9b:fd:fa:07:a6:b9:fd:
83:6c:d2:3c:2d:fc:28:21:aa:f7:c4:c6:8a:14:ce:
ae:5e:bd:0c:da:25:81:08:1a:61:47:3f:74:60:f3:
5d:23:38:58:1e:24:6c:ad:57:4a:ea:c2:45:7d:d0:
3d:8b:8e:cc:08:54:2f:61:fd:e0:53:98:7d:89:90:
53:9c:a5:b9:a3:4f:c9:0a:af:24:94:90:d1:89:a1:
a8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3E:87:1D:62:9B:83:66:BE:C1:90:19:BC:E1:87:21:A3:19:BA:DC
X509v3 Authority Key Identifier:
keyid:EC:6D:47:B4:7E:05:B1:3D:05:8B:1C:B4:25:29:A7:C1:86:6D:CD:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7G1HtH4FsT0Fixy0JSmnwYZtzfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2a591c-3c4a-4288-be91-c39adb98f429/1/Pz6HHWKbg2a-wZAZvOGHIaMZutw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2a591c-3c4a-4288-be91-c39adb98f429/1/7G1HtH4FsT0Fixy0JSmnwYZtzfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.228.0/22
185.23.189.0-185.23.191.255
IPv6:
2a04:26c0::/29
Signature Algorithm: sha256WithRSAEncryption
c7:5e:fb:cc:90:b1:c9:02:7b:a3:56:ac:b2:45:c4:7c:64:0e:
d4:f6:9a:52:83:07:8a:24:58:cf:b4:37:53:8d:22:87:89:63:
59:27:47:c9:09:a1:88:bc:e2:19:82:2b:15:98:07:4d:e5:1d:
f0:c7:6c:ab:ed:c7:12:5e:ff:05:a6:bc:8b:d4:ce:a3:98:63:
8b:ec:6a:fe:19:77:f0:8a:83:e9:87:de:ef:ac:97:2f:41:51:
66:ae:db:92:35:c3:f1:6b:e7:08:ac:f3:14:6d:06:01:71:5f:
55:48:d5:d0:05:5f:1e:fd:3a:b6:a3:26:99:6e:39:84:a8:2c:
58:66:08:85:fe:d3:bf:01:eb:81:67:9c:d1:bd:b7:c9:7f:ba:
be:67:b2:dc:c4:ca:5b:77:b7:97:0c:88:35:2e:6c:31:7e:0d:
fa:62:e3:94:80:03:08:08:58:ce:3d:2a:77:6b:17:8f:e1:da:
af:1d:52:48:64:24:d6:02:89:12:3e:33:45:13:46:07:6f:9f:
1c:5e:8c:7d:47:c5:45:83:58:42:c7:2b:02:ae:c1:1c:1c:1e:
8e:4a:b3:52:29:35:94:15:45:ee:0f:2f:97:f1:77:7f:32:39:
7f:0f:60:a0:85:ad:ab:1d:65:0b:c9:80:62:9c:f0:82:3e:4e:
96:72:ea:55
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEJIBqhfn6POBBzzAICjasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmQ0N2I0N2UwNWIxM2QwNThiMWNiNDI1MjlhN2MxODY2
ZGNkZjIwHhcNMjQwMTAxMDgyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjNlODcxZDYyOWI4MzY2YmVjMTkwMTliY2UxODcyMWEzMTliYWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdd2N6UO7w44l5rV1rkbU6e7Ihde
LqkV5foveFGDJ9c0yVaI+y2cFKC2g168xYzK8SEk494BiRpQx8bwTA0JD86yIubE
snYDIWPcyhZEOD0smfhsiu0wCTXoFPnYWqqqlXT1ZfLEocJLMd+14KF30VrJ18+T
evAa3Pmw1K30eo4+dvKNCT40yxf6wvkj3yFnhbI9ZKjwUwB5+ma68PTPwFtLsNXb
evA1ExFuqJv9+gemuf2DbNI8LfwoIar3xMaKFM6uXr0M2iWBCBphRz90YPNdIzhY
HiRsrVdK6sJFfdA9i47MCFQvYf3gU5h9iZBTnKW5o0/JCq8klJDRiaGoGwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFD8+hx1im4NmvsGQGbzhhyGjGbrcMB8GA1UdIwQY
MBaAFOxtR7R+BbE9BYsctCUpp8GGbc3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0cxSHRINEZzVDBGaXh5MEpTbW53WVp0emZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8yYTU5MWMtM2M0YS00Mjg4LWJlOTEt
YzM5YWRiOThmNDI5LzEvUHo2SEhXS2JnMmEtd1pBWnZPR0hJYU1adXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8yYTU5MWMtM2M0YS00Mjg4LWJlOTEtYzM5YWRiOThmNDI5
LzEvN0cxSHRINEZzVDBGaXh5MEpTbW53WVp0emZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCWNrkMAwD
BAC5F70DBAa5F4AwDQQCAAIwBwMFAyoEJsAwDQYJKoZIhvcNAQELBQADggEBAMde
+8yQsckCe6NWrLJFxHxkDtT2mlKDB4okWM+0N1ONIoeJY1knR8kJoYi84hmCKxWY
B03lHfDHbKvtxxJe/wWmvIvUzqOYY4vsav4Zd/CKg+mH3u+sly9BUWau25I1w/Fr
5wis8xRtBgFxX1VI1dAFXx79OrajJpluOYSoLFhmCIX+078B64FnnNG9t8l/ur5n
stzEylt3t5cMiDUubDF+Dfpi45SAAwgIWM49KndrF4/h2q8dUkhkJNYCiRI+M0UT
RgdvnxxejH1HxUWDWELHKwKuwRwcHo5Ks1IpNZQVRe4PL5fxd38yOX8PYKCFrasd
ZQvJgGKc8II+TpZy6lU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:15 2024 by rpki-client on console-ams.rpki-client.org