Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/zJ1iQnmc4qHvByPlYuDKIL78M2w.roa
File: zJ1iQnmc4qHvByPlYuDKIL78M2w.roa (raw, json)
Hash identifier: FcQRILLO3flwWs8AL1vteBHfSUEyBQzgsAXYrW02Y2U=
Subject key identifier: CC:9D:62:42:79:9C:E2:A1:EF:07:23:E5:62:E0:CA:20:BE:FC:33:6C
Certificate issuer: /CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Certificate serial: 018D40BEF1323B0AFCE80F87EDD80034ACAB
Authority key identifier: AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/zJ1iQnmc4qHvByPlYuDKIL78M2w.roa
Signing time: Thu 25 Jan 2024 13:11:11 +0000
ROA not before: Thu 25 Jan 2024 13:11:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209500
IP address blocks: 45.182.188.0/24 maxlen: 24
46.226.121.0/24 maxlen: 24
85.193.79.0/24 maxlen: 24
103.14.1.0/24 maxlen: 24
193.31.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/rPbqD_sq7k927hoQSJabi1Bl2kU.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/rPbqD_sq7k927hoQSJabi1Bl2kU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:be:f1:32:3b:0a:fc:e8:0f:87:ed:d8:00:34:ac:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Validity
Not Before: Jan 25 13:11:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc9d6242799ce2a1ef0723e562e0ca20befc336c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:dd:ef:cb:75:b4:0c:65:04:88:e4:b5:30:33:
ac:83:4c:5d:c4:0c:86:8c:db:0d:71:26:e5:1f:e4:
e9:0d:6d:1e:a2:90:72:15:70:ca:5a:32:42:3e:da:
09:fe:11:09:c8:db:92:06:3f:36:d8:b9:cc:6b:bb:
34:7b:b0:09:78:42:b2:32:96:44:40:2b:9e:12:22:
ec:c7:55:31:18:dc:64:60:16:1f:c2:1d:3b:90:f9:
40:9e:c3:81:d9:a1:86:ff:ed:04:29:8b:3b:90:9b:
37:79:88:7f:dd:0a:49:34:13:d5:d7:8e:45:de:70:
e1:be:fe:b5:01:43:69:02:c4:ad:10:d5:a8:2b:a2:
a0:45:ff:b0:d3:c2:ea:58:2b:6c:ea:fa:15:3b:92:
7c:79:7a:ee:ae:c9:8e:3b:69:4b:b2:9e:a6:30:fe:
1f:a2:ef:79:01:99:28:70:4b:a2:22:cd:ca:db:c0:
19:c1:48:5b:fe:15:a7:07:c5:96:6d:b1:56:25:88:
70:14:57:17:b0:3d:4b:6a:41:e7:d5:de:5e:48:6e:
d9:c3:37:d7:e0:54:fd:20:24:da:59:af:ff:bd:9e:
ee:ef:fe:b6:df:65:a1:16:73:a0:93:00:6e:19:a0:
e5:47:3e:24:7b:e8:ed:fd:a7:c3:b9:f5:ae:21:9c:
0c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9D:62:42:79:9C:E2:A1:EF:07:23:E5:62:E0:CA:20:BE:FC:33:6C
X509v3 Authority Key Identifier:
keyid:AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/zJ1iQnmc4qHvByPlYuDKIL78M2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/rPbqD_sq7k927hoQSJabi1Bl2kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.182.188.0/24
46.226.121.0/24
85.193.79.0/24
103.14.1.0/24
193.31.7.0/24
Signature Algorithm: sha256WithRSAEncryption
23:da:b4:e4:ec:a4:01:66:5e:2e:ca:4d:2d:d6:17:71:22:c2:
29:39:1f:06:fb:9c:d7:10:dd:88:69:b3:80:58:e3:b0:d7:0b:
7b:b8:41:71:b3:d3:1e:11:3a:62:e5:c6:d8:a1:26:15:95:18:
90:d8:53:ab:8d:5a:e6:8c:3d:4a:d3:30:72:46:a4:9b:7a:c1:
63:25:a6:10:5f:ad:c5:59:a2:94:7f:88:56:a1:aa:f2:81:26:
67:dd:74:58:db:c0:1e:77:d6:e8:79:1f:1b:a6:8b:a3:ad:15:
35:6e:7b:45:2c:52:02:51:ff:14:80:2d:04:af:40:ce:f1:e2:
a2:46:af:35:63:b3:ba:77:e0:03:b8:25:6c:23:0d:ed:01:18:
a2:f9:50:01:25:ec:2f:8a:4b:1d:d7:47:a2:07:0e:f5:33:8b:
1e:52:0a:32:e1:7e:e8:7c:a1:0f:a9:be:cf:09:8c:8f:8a:f0:
8e:f8:03:0d:a9:22:de:d1:7f:0e:da:d9:c6:4e:54:6a:65:eb:
21:6e:a3:c9:59:3e:25:49:fe:1f:30:37:3c:c7:b5:38:9c:32:
31:a7:d4:a1:d2:35:13:d7:98:a3:a6:5f:93:3e:47:ff:23:ae:
e9:41:bd:27:14:71:7c:f9:67:14:8a:4e:76:0a:09:5a:45:ed:
70:fc:f2:2e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY1AvvEyOwr86A+H7dgANKyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjZlYTBmZmIyYWVlNGY3NmVlMWExMDQ4OTY5YjhiNTA2
NWRhNDUwHhcNMjQwMTI1MTMxMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzlkNjI0Mjc5OWNlMmExZWYwNzIzZTU2MmUwY2EyMGJlZmMzMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy93vy3W0DGUEiOS1MDOsg0xdxAyG
jNsNcSblH+TpDW0eopByFXDKWjJCPtoJ/hEJyNuSBj822LnMa7s0e7AJeEKyMpZE
QCueEiLsx1UxGNxkYBYfwh07kPlAnsOB2aGG/+0EKYs7kJs3eYh/3QpJNBPV145F
3nDhvv61AUNpAsStENWoK6KgRf+w08LqWCts6voVO5J8eXrursmOO2lLsp6mMP4f
ou95AZkocEuiIs3K28AZwUhb/hWnB8WWbbFWJYhwFFcXsD1LakHn1d5eSG7ZwzfX
4FT9ICTaWa//vZ7u7/6232WhFnOgkwBuGaDlRz4ke+jt/afDufWuIZwMcQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMydYkJ5nOKh7wcj5WLgyiC+/DNsMB8GA1UdIwQY
MBaAFKz26g/7Ku5Pdu4aEEiWm4tQZdpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQt
NTU1ZjNmMThlNTRmLzEvekoxaVFubWM0cUh2QnlQbFl1REtJTDc4TTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQtNTU1ZjNmMThlNTRm
LzEvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALba8AwQA
LuJ5AwQAVcFPAwQAZw4BAwQAwR8HMA0GCSqGSIb3DQEBCwUAA4IBAQAj2rTk7KQB
Zl4uyk0t1hdxIsIpOR8G+5zXEN2IabOAWOOw1wt7uEFxs9MeETpi5cbYoSYVlRiQ
2FOrjVrmjD1K0zByRqSbesFjJaYQX63FWaKUf4hWoarygSZn3XRY28Aed9boeR8b
poujrRU1bntFLFICUf8UgC0Er0DO8eKiRq81Y7O6d+ADuCVsIw3tARii+VABJewv
iksd10eiBw71M4seUgoy4X7ofKEPqb7PCYyPivCO+AMNqSLe0X8O2tnGTlRqZesh
bqPJWT4lSf4fMDc8x7U4nDIxp9Sh0jUT15ijpl+TPkf/I67pQb0nFHF8+WcUik52
CglaRe1w/PIu
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:58:42 2024 by rpki-client on console-fra.rpki-client.org