Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/zusl5kx5siSMXaPGT_nX3jNEZKw.roa
File: zusl5kx5siSMXaPGT_nX3jNEZKw.roa (raw, json)
Hash identifier: wf6cO6vckxIQXFYuRJAVxwWvuClVEXfJm1T4Kd7pCRo=
Subject key identifier: CE:EB:25:E6:4C:79:B2:24:8C:5D:A3:C6:4F:F9:D7:DE:33:44:64:AC
Certificate issuer: /CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
Certificate serial: 018CC8DF0DBBA60A25A7B45B9886324BC960
Authority key identifier: 79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/zusl5kx5siSMXaPGT_nX3jNEZKw.roa
Signing time: Tue 02 Jan 2024 06:31:50 +0000
ROA not before: Tue 02 Jan 2024 06:31:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16032
IP address blocks: 194.46.136.0/21 maxlen: 21
194.46.144.0/22 maxlen: 22
194.46.148.0/22 maxlen: 22
194.46.156.0/22 maxlen: 22
194.46.126.0/23 maxlen: 23
194.46.132.0/22 maxlen: 22
194.46.128.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:0d:bb:a6:0a:25:a7:b4:5b:98:86:32:4b:c9:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=797a48cc13e200e2d3f38af83318d1bcaf6f6331
Validity
Not Before: Jan 2 06:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceeb25e64c79b2248c5da3c64ff9d7de334464ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4f:1d:0e:c9:79:51:af:6d:b9:92:90:09:91:
03:2a:82:47:8b:88:ec:f3:1f:98:2a:b6:0a:04:7a:
e2:c8:15:92:0a:5e:79:e9:de:47:bd:81:c8:60:3a:
28:e0:e3:22:81:05:4b:a3:5a:c4:72:4d:fb:20:4a:
ca:5d:e3:bb:49:f5:6a:bf:36:75:82:fd:ee:ba:44:
ec:85:dd:da:c2:e4:73:d8:8f:d4:c7:dd:d1:c3:4b:
58:36:f7:53:4d:3e:b1:d7:5f:79:1a:1f:46:9c:43:
88:e0:84:56:47:9a:6e:fd:2e:24:df:35:eb:f1:40:
7f:15:28:e8:0f:96:d8:e2:f9:44:12:f3:fd:f4:f0:
dd:84:92:ef:f1:91:82:2e:5c:f0:83:79:a5:59:be:
8d:c5:8f:fa:63:33:91:7d:f5:d3:5e:b2:eb:01:6f:
10:42:80:18:35:d7:25:11:4b:8c:dd:62:00:7c:78:
91:48:5c:ae:ab:71:f9:ac:eb:30:70:62:eb:9d:76:
0f:df:ae:ae:a4:41:ae:60:42:0f:d6:7e:bf:f1:04:
b0:ec:c6:31:40:c1:fe:fa:33:da:5b:50:01:b8:e2:
70:01:78:a8:ed:f7:ec:a1:2f:17:77:8e:7f:0c:b2:
44:14:f6:44:77:38:0e:0a:ff:ae:9a:d4:be:d8:fb:
b6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:EB:25:E6:4C:79:B2:24:8C:5D:A3:C6:4F:F9:D7:DE:33:44:64:AC
X509v3 Authority Key Identifier:
keyid:79:7A:48:CC:13:E2:00:E2:D3:F3:8A:F8:33:18:D1:BC:AF:6F:63:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXpIzBPiAOLT84r4MxjRvK9vYzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/zusl5kx5siSMXaPGT_nX3jNEZKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b9cea0-6928-4584-b321-7d7f4b634849/1/eXpIzBPiAOLT84r4MxjRvK9vYzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.46.126.0-194.46.151.255
194.46.156.0/22
Signature Algorithm: sha256WithRSAEncryption
83:ce:d5:50:0c:69:34:7b:1f:1e:ea:44:3a:a1:6c:a0:90:d9:
6e:48:4e:bf:67:a3:73:fc:d8:5c:99:0e:04:52:1c:2c:aa:ae:
a7:a8:96:a4:bf:59:b2:3c:2a:0d:2b:77:3b:60:bc:6e:9b:07:
d1:21:ba:22:bb:47:ad:98:0b:45:e2:11:21:2b:65:fa:75:48:
1b:4a:5c:7d:8d:10:bb:f9:b1:fe:ad:fe:c8:32:f7:4e:77:94:
e8:84:96:6c:1e:10:bc:1f:01:c0:69:59:e3:84:6d:5a:55:0b:
54:6a:a7:2d:6d:6e:88:6c:c6:7f:38:24:ce:6f:a4:28:4c:4c:
b0:bd:30:c6:06:9c:d7:db:32:58:0d:27:4a:0c:e8:f1:a9:25:
26:8c:f1:32:cd:3b:8a:27:16:c8:75:c7:87:80:4b:76:40:6d:
c6:30:d9:72:75:63:d6:81:cc:51:6f:11:13:4b:64:a1:48:4d:
ee:dc:79:05:e4:90:71:73:29:38:c4:14:09:c6:ab:0d:9d:dd:
65:c5:07:2a:2f:86:cf:1f:83:eb:90:47:f7:52:2e:0b:ae:fd:
e4:50:af:49:22:a8:f5:a9:9c:6c:0f:82:40:ec:b5:1a:e0:5d:
ce:af:3c:36:41:3b:74:4e:83:bc:af:15:29:6e:b2:af:ef:0c:
8c:b0:24:3e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzI3w27pgolp7RbmIYyS8lgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5N2E0OGNjMTNlMjAwZTJkM2YzOGFmODMzMThkMWJjYWY2
ZjYzMzEwHhcNMjQwMTAyMDYzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWViMjVlNjRjNzliMjI0OGM1ZGEzYzY0ZmY5ZDdkZTMzNDQ2NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA108dDsl5Ua9tuZKQCZEDKoJHi4js
8x+YKrYKBHriyBWSCl556d5HvYHIYDoo4OMigQVLo1rEck37IErKXeO7SfVqvzZ1
gv3uukTshd3awuRz2I/Ux93Rw0tYNvdTTT6x1195Gh9GnEOI4IRWR5pu/S4k3zXr
8UB/FSjoD5bY4vlEEvP99PDdhJLv8ZGCLlzwg3mlWb6NxY/6YzORffXTXrLrAW8Q
QoAYNdclEUuM3WIAfHiRSFyuq3H5rOswcGLrnXYP366upEGuYEIP1n6/8QSw7MYx
QMH++jPaW1ABuOJwAXio7ffsoS8Xd45/DLJEFPZEdzgOCv+umtS+2Pu23wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFM7rJeZMebIkjF2jxk/5194zRGSsMB8GA1UdIwQY
MBaAFHl6SMwT4gDi0/OK+DMY0byvb2MxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEt
N2Q3ZjRiNjM0ODQ5LzEvenVzbDVreDVzaVNNWGFQR1Rfblgzak5FWkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iOWNlYTAtNjkyOC00NTg0LWIzMjEtN2Q3ZjRiNjM0ODQ5
LzEvZVhwSXpCUGlBT0xUODRyNE14alJ2Szl2WXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAHCLn4D
BAPCLpADBALCLpwwDQYJKoZIhvcNAQELBQADggEBAIPO1VAMaTR7Hx7qRDqhbKCQ
2W5ITr9no3P82FyZDgRSHCyqrqeolqS/WbI8Kg0rdztgvG6bB9EhuiK7R62YC0Xi
ESErZfp1SBtKXH2NELv5sf6t/sgy9053lOiElmweELwfAcBpWeOEbVpVC1Rqpy1t
bohsxn84JM5vpChMTLC9MMYGnNfbMlgNJ0oM6PGpJSaM8TLNO4onFsh1x4eAS3ZA
bcYw2XJ1Y9aBzFFvERNLZKFITe7ceQXkkHFzKTjEFAnGqw2d3WXFByovhs8fg+uQ
R/dSLguu/eRQr0kiqPWpnGwPgkDstRrgXc6vPDZBO3ROg7yvFSlusq/vDIywJD4=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:34:56 2024 by rpki-client on console-fra.rpki-client.org