Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/ZUauh0EqxNGadxiI-UTcMEyjQGQ.roa
File: ZUauh0EqxNGadxiI-UTcMEyjQGQ.roa (raw, json)
Hash identifier: dOmGLxc86hJ/0GIAviVDr7N7kRm4l6s19CQUT3YJCbE=
Subject key identifier: 65:46:AE:87:41:2A:C4:D1:9A:77:18:88:F9:44:DC:30:4C:A3:40:64
Certificate issuer: /CN=8a304af55353c03146f7f3a60c6ab5804dda5ce1
Certificate serial: 018CC64B53E7D12C51CF3F87228A3C173602
Authority key identifier: 8A:30:4A:F5:53:53:C0:31:46:F7:F3:A6:0C:6A:B5:80:4D:DA:5C:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ijBK9VNTwDFG9_OmDGq1gE3aXOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/ZUauh0EqxNGadxiI-UTcMEyjQGQ.roa
Signing time: Mon 01 Jan 2024 18:31:14 +0000
ROA not before: Mon 01 Jan 2024 18:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13105
IP address blocks: 82.118.134.0/24 maxlen: 24
82.118.148.0/24 maxlen: 24
82.118.149.0/24 maxlen: 24
82.118.146.0/23 maxlen: 23
82.118.158.0/23 maxlen: 23
95.171.224.0/24 maxlen: 24
212.38.102.0/24 maxlen: 24
95.171.227.0/24 maxlen: 24
82.118.128.0/23 maxlen: 23
95.171.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/ijBK9VNTwDFG9_OmDGq1gE3aXOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/ijBK9VNTwDFG9_OmDGq1gE3aXOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ijBK9VNTwDFG9_OmDGq1gE3aXOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:53:e7:d1:2c:51:cf:3f:87:22:8a:3c:17:36:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a304af55353c03146f7f3a60c6ab5804dda5ce1
Validity
Not Before: Jan 1 18:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6546ae87412ac4d19a771888f944dc304ca34064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8b:6d:9f:fa:fb:59:14:65:a7:9b:0f:78:56:
df:ab:3b:52:c0:3e:69:d9:69:f1:ef:64:76:6d:3e:
55:b2:f6:49:4e:18:c8:eb:f8:7e:74:36:6e:c5:fb:
ba:06:5f:93:27:f3:96:2f:59:1c:75:57:47:ad:19:
c0:c3:f9:b2:a5:b7:a8:36:b2:e4:29:8c:41:f8:a9:
c6:e1:05:3a:98:b4:56:95:15:76:81:fb:92:af:b3:
df:0a:2a:62:bd:70:5a:93:a2:a7:88:59:50:55:ad:
37:f8:4f:96:7c:f5:4c:ed:b7:37:27:38:cd:b2:c3:
db:65:c0:1d:8d:26:ca:53:17:2a:08:74:db:5b:ca:
d1:f2:aa:79:00:0a:97:2c:4b:3c:c0:5b:cc:ac:19:
2c:36:2e:ec:b1:d8:09:31:84:59:1d:cc:69:6f:ae:
b9:6e:f7:da:4d:1b:c4:19:7c:ed:28:ee:b4:b8:ef:
ec:df:94:07:dc:fe:cf:c0:a8:a4:6a:83:cc:36:64:
96:f3:07:07:f4:66:31:d8:32:c4:f0:77:6d:d3:40:
97:a9:d3:2a:18:7f:65:9f:f1:cb:48:f5:6a:a3:55:
b5:7f:0a:70:64:01:96:32:69:50:04:49:d5:f0:d1:
52:51:1a:0d:59:66:ef:96:48:ee:64:69:c9:88:74:
24:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:46:AE:87:41:2A:C4:D1:9A:77:18:88:F9:44:DC:30:4C:A3:40:64
X509v3 Authority Key Identifier:
keyid:8A:30:4A:F5:53:53:C0:31:46:F7:F3:A6:0C:6A:B5:80:4D:DA:5C:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ijBK9VNTwDFG9_OmDGq1gE3aXOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/ZUauh0EqxNGadxiI-UTcMEyjQGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/ijBK9VNTwDFG9_OmDGq1gE3aXOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.128.0/23
82.118.134.0/24
82.118.146.0-82.118.149.255
82.118.158.0/23
95.171.224.0/24
95.171.227.0/24
95.171.248.0/24
212.38.102.0/24
Signature Algorithm: sha256WithRSAEncryption
67:01:97:d5:2a:fa:39:3c:b9:d1:1a:86:af:a4:a2:32:6e:3b:
d4:7c:8b:57:4c:53:69:fd:a1:5e:21:ae:61:91:c0:d1:66:f5:
d4:0f:e6:20:97:d1:a9:67:6a:1e:30:40:ba:ea:c1:78:02:49:
49:71:eb:6f:83:c7:05:2c:4c:63:2b:a4:ee:e1:32:fc:bc:28:
92:06:a7:78:87:61:54:e9:c2:8c:9e:b2:a1:e0:88:10:c1:f7:
93:2f:ad:01:19:34:39:13:3e:19:8c:1a:a1:ae:e0:48:6a:32:
f3:79:4f:6a:e4:72:a2:59:27:3b:b0:f5:18:d7:13:b3:bf:46:
28:9b:3b:44:79:da:d7:00:c6:a1:59:e9:ab:25:cf:bc:87:27:
03:12:db:44:67:11:fd:99:52:43:f5:c2:d2:e2:0d:63:f5:2e:
4b:1c:76:e0:cd:28:39:f3:64:51:e9:3e:18:a4:7d:95:de:c1:
84:57:49:ed:72:28:73:40:7d:10:20:00:c5:f9:18:2e:0f:d1:
b0:6b:f6:c0:10:c2:bc:51:2d:cb:9a:70:30:f6:0f:1c:b3:6b:
fe:09:3a:35:81:8e:8a:0a:bb:6c:b5:d2:a4:be:eb:b9:af:53:
72:2d:40:0e:b7:25:a1:4e:d4:e9:9b:1d:a4:0c:9d:76:49:ae:
a4:cc:3a:a5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzGS1Pn0SxRzz+HIoo8FzYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMzA0YWY1NTM1M2MwMzE0NmY3ZjNhNjBjNmFiNTgwNGRk
YTVjZTEwHhcNMjQwMTAxMTgzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQ2YWU4NzQxMmFjNGQxOWE3NzE4ODhmOTQ0ZGMzMDRjYTM0MDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIttn/r7WRRlp5sPeFbfqztSwD5p
2Wnx72R2bT5VsvZJThjI6/h+dDZuxfu6Bl+TJ/OWL1kcdVdHrRnAw/mypbeoNrLk
KYxB+KnG4QU6mLRWlRV2gfuSr7PfCipivXBak6KniFlQVa03+E+WfPVM7bc3JzjN
ssPbZcAdjSbKUxcqCHTbW8rR8qp5AAqXLEs8wFvMrBksNi7ssdgJMYRZHcxpb665
bvfaTRvEGXztKO60uO/s35QH3P7PwKikaoPMNmSW8wcH9GYx2DLE8Hdt00CXqdMq
GH9ln/HLSPVqo1W1fwpwZAGWMmlQBEnV8NFSURoNWWbvlkjuZGnJiHQk4QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGVGrodBKsTRmncYiPlE3DBMo0BkMB8GA1UdIwQY
MBaAFIowSvVTU8AxRvfzpgxqtYBN2lzhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWpCSzlWTlR3REZHOV9PbURHcTFnRTNhWE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC82N2Y2MzEtN2YwNy00ZDhlLTllOTYt
MWY0NzE0MjhiMzYzLzEvWlVhdWgwRXF4TkdhZHhpSS1VVGNNRXlqUUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC82N2Y2MzEtN2YwNy00ZDhlLTllOTYtMWY0NzE0MjhiMzYz
LzEvaWpCSzlWTlR3REZHOV9PbURHcTFnRTNhWE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBUnaAAwQA
UnaGMAwDBAFSdpIDBAFSdpQDBAFSdp4DBABfq+ADBABfq+MDBABfq/gDBADUJmYw
DQYJKoZIhvcNAQELBQADggEBAGcBl9Uq+jk8udEahq+kojJuO9R8i1dMU2n9oV4h
rmGRwNFm9dQP5iCX0alnah4wQLrqwXgCSUlx62+DxwUsTGMrpO7hMvy8KJIGp3iH
YVTpwoyesqHgiBDB95MvrQEZNDkTPhmMGqGu4EhqMvN5T2rkcqJZJzuw9RjXE7O/
RiibO0R52tcAxqFZ6aslz7yHJwMS20RnEf2ZUkP1wtLiDWP1LkscduDNKDnzZFHp
PhikfZXewYRXSe1yKHNAfRAgAMX5GC4P0bBr9sAQwrxRLcuacDD2Dxyza/4JOjWB
jooKu2y10qS+67mvU3ItQA63JaFO1OmbHaQMnXZJrqTMOqU=
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:26:45 2024 by rpki-client on console-ams.rpki-client.org