Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/rze4WmvSnlmha3EQ_tiLjlLIFCc.roa
File: rze4WmvSnlmha3EQ_tiLjlLIFCc.roa (raw, json)
Hash identifier: e1pFKuYCZX7VwN6vXFpohewO44A3sr2aQ0KUXDzwqsc=
Subject key identifier: AF:37:B8:5A:6B:D2:9E:59:A1:6B:71:10:FE:D8:8B:8E:52:C8:14:27
Certificate issuer: /CN=a608db43964b6986ec740f0b5e33f627589ac560
Certificate serial: 018CC2DB0F82E242EF565631846CD399E15A
Authority key identifier: A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/rze4WmvSnlmha3EQ_tiLjlLIFCc.roa
Signing time: Mon 01 Jan 2024 02:29:45 +0000
ROA not before: Mon 01 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60042
IP address blocks: 185.42.228.0/22 maxlen: 22
176.118.209.0/24 maxlen: 24
176.118.208.0/22 maxlen: 22
176.118.213.0/24 maxlen: 24
176.118.214.0/23 maxlen: 23
176.118.216.0/22 maxlen: 22
176.118.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.mft
rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:0f:82:e2:42:ef:56:56:31:84:6c:d3:99:e1:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a608db43964b6986ec740f0b5e33f627589ac560
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af37b85a6bd29e59a16b7110fed88b8e52c81427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4e:85:85:9a:57:f5:50:db:3f:a5:98:85:ad:
0d:1e:90:2c:4f:a9:c8:9a:bb:80:59:de:19:96:42:
78:e6:69:53:e4:c0:85:c0:a0:c3:7f:48:42:31:36:
e2:17:ea:26:8b:6a:2b:9f:07:6d:5c:03:38:35:de:
22:5d:e1:f0:d5:f6:38:93:87:ba:bb:da:b3:54:b4:
80:3d:e7:75:8c:82:34:28:c3:36:11:0e:72:33:c1:
73:ac:58:e0:3d:41:00:73:79:8d:cc:73:18:1d:95:
7d:ef:22:3a:02:29:bc:28:73:3f:5a:85:30:fa:4e:
74:29:a1:0e:14:6d:12:56:7b:5c:5c:90:54:7f:3f:
eb:32:27:81:ec:c0:e6:65:28:c6:19:39:47:27:56:
3b:36:1c:28:77:53:0f:fe:cc:06:9a:0e:13:76:78:
cc:96:c7:12:7d:9c:c1:ba:4f:c2:22:ec:b8:1e:4f:
df:d7:c4:d2:df:fb:d0:88:5c:12:43:83:4e:ad:8c:
98:91:ec:ae:82:d2:af:e8:50:10:2b:8e:56:34:4e:
02:ee:56:c2:66:86:8f:ef:b1:23:e7:82:a1:30:ac:
20:fd:a5:f1:a2:6a:c3:b6:0d:80:2b:86:f3:44:4e:
61:1c:53:91:19:d3:56:4c:5d:7b:90:50:87:f1:1d:
23:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:37:B8:5A:6B:D2:9E:59:A1:6B:71:10:FE:D8:8B:8E:52:C8:14:27
X509v3 Authority Key Identifier:
keyid:A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/rze4WmvSnlmha3EQ_tiLjlLIFCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.208.0/22
176.118.213.0-176.118.223.255
185.42.228.0/22
Signature Algorithm: sha256WithRSAEncryption
60:c0:88:a4:b1:3e:59:ad:c1:9f:66:46:44:ef:ef:db:e7:03:
17:ad:d1:49:f0:3c:bf:9c:f6:48:52:a0:05:a1:44:c6:c6:82:
16:f5:78:6f:2a:35:66:aa:53:f2:6f:73:2d:9a:a2:08:89:eb:
cf:a8:94:f1:a4:0c:ad:4d:c4:2c:54:5b:36:96:21:64:f7:18:
3f:59:ac:0a:4d:b0:19:a2:07:39:f7:94:2f:6c:ed:9d:01:b1:
31:95:58:40:fb:85:44:ad:76:b8:50:58:cd:ec:b7:5a:69:62:
a6:e9:57:2a:71:64:65:7b:02:5d:db:b8:59:03:5d:8d:c5:43:
c7:b9:f1:fb:ab:b8:e9:a0:c0:8d:d9:6f:95:9f:a7:96:97:b7:
42:2f:52:b1:42:64:fc:7e:b2:fd:0d:91:db:13:25:d6:cc:26:
44:b9:ee:b3:85:e2:7d:a0:09:2a:3b:b8:7b:a2:54:a5:b7:3b:
72:76:3d:d1:48:9a:c7:2b:d1:35:0d:7e:fb:e5:f1:8b:43:d3:
20:98:8c:7f:c2:f7:63:74:b6:d5:e1:42:49:6b:23:22:e2:3c:
b8:2b:ef:ea:df:60:cb:4d:e1:df:97:78:94:39:38:29:e9:4e:
2d:8e:17:64:a8:e8:0f:39:22:ed:3a:7a:a9:fa:47:4c:b5:98:
a5:81:72:24
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzC2w+C4kLvVlYxhGzTmeFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDhkYjQzOTY0YjY5ODZlYzc0MGYwYjVlMzNmNjI3NTg5
YWM1NjAwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM3Yjg1YTZiZDI5ZTU5YTE2YjcxMTBmZWQ4OGI4ZTUyYzgxNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlE6FhZpX9VDbP6WYha0NHpAsT6nI
mruAWd4ZlkJ45mlT5MCFwKDDf0hCMTbiF+omi2ornwdtXAM4Nd4iXeHw1fY4k4e6
u9qzVLSAPed1jII0KMM2EQ5yM8FzrFjgPUEAc3mNzHMYHZV97yI6Aim8KHM/WoUw
+k50KaEOFG0SVntcXJBUfz/rMieB7MDmZSjGGTlHJ1Y7Nhwod1MP/swGmg4TdnjM
lscSfZzBuk/CIuy4Hk/f18TS3/vQiFwSQ4NOrYyYkeyugtKv6FAQK45WNE4C7lbC
ZoaP77Ej54KhMKwg/aXxomrDtg2AK4bzRE5hHFORGdNWTF17kFCH8R0jjQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK83uFpr0p5ZoWtxEP7Yi45SyBQnMB8GA1UdIwQY
MBaAFKYI20OWS2mG7HQPC14z9idYmsVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQt
ZDY0NjgzY2VlMTZmLzEvcnplNFdtdlNubG1oYTNFUV90aUxqbExJRkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81MDAxNTAtMTU1MS00N2RlLWI1MDQtZDY0NjgzY2VlMTZm
LzEvcGdqYlE1WkxhWWJzZEE4TFhqUDJKMWlheFdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCsHbQMAwD
BACwdtUDBAWwdsADBAK5KuQwDQYJKoZIhvcNAQELBQADggEBAGDAiKSxPlmtwZ9m
RkTv79vnAxet0UnwPL+c9khSoAWhRMbGghb1eG8qNWaqU/Jvcy2aogiJ68+olPGk
DK1NxCxUWzaWIWT3GD9ZrApNsBmiBzn3lC9s7Z0BsTGVWED7hUStdrhQWM3st1pp
YqbpVypxZGV7Al3buFkDXY3FQ8e58furuOmgwI3Zb5Wfp5aXt0IvUrFCZPx+sv0N
kdsTJdbMJkS57rOF4n2gCSo7uHuiVKW3O3J2PdFImscr0TUNfvvl8YtD0yCYjH/C
92N0ttXhQklrIyLiPLgr7+rfYMtN4d+XeJQ5OCnpTi2OF2So6A85Iu06eqn6R0y1
mKWBciQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:46:37 2024 by rpki-client on console-ams.rpki-client.org