Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/hZzswK_TTA4PYEn3_4Tk3pPXako.roa
File: hZzswK_TTA4PYEn3_4Tk3pPXako.roa (raw, json)
Hash identifier: Zb2SJMT/fENfgqlCOt7tc66hw642XOlgM7queUrIctQ=
Subject key identifier: 85:9C:EC:C0:AF:D3:4C:0E:0F:60:49:F7:FF:84:E4:DE:93:D7:6A:4A
Certificate issuer: /CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Certificate serial: 018CC492B8BC0298A0492C269A78B7BAABD4
Authority key identifier: 78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/hZzswK_TTA4PYEn3_4Tk3pPXako.roa
Signing time: Mon 01 Jan 2024 10:29:59 +0000
ROA not before: Mon 01 Jan 2024 10:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41275
IP address blocks: 89.207.216.0/21 maxlen: 21
89.207.221.0/24 maxlen: 24
185.136.76.0/22 maxlen: 22
62.217.184.0/21 maxlen: 21
5.35.112.0/22 maxlen: 22
185.155.17.0/24 maxlen: 24
185.155.18.0/23 maxlen: 23
95.131.144.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.mft
rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:b8:bc:02:98:a0:49:2c:26:9a:78:b7:ba:ab:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Validity
Not Before: Jan 1 10:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=859cecc0afd34c0e0f6049f7ff84e4de93d76a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:99:b0:c7:49:92:0e:36:3f:49:93:a9:40:fc:
45:b4:df:18:47:2f:79:ae:b0:87:a3:10:95:ae:cd:
03:b6:44:8e:69:85:f8:e0:47:b6:cd:11:a5:77:02:
61:f0:24:48:98:30:57:8c:be:5f:38:1c:91:ab:1a:
a0:05:55:1a:44:33:88:05:2e:57:0f:a1:5f:b5:a0:
94:90:ba:c7:43:27:62:3c:6a:29:09:ba:f8:4c:12:
76:88:05:2e:3e:2e:cc:09:4a:50:b2:86:63:ca:df:
3f:8a:0f:35:cc:14:b2:5c:9a:e1:5a:39:5a:fb:6d:
49:d8:fc:2c:c4:ec:0c:bc:b9:ff:ee:a2:b3:4b:5d:
44:55:68:cf:c9:ab:ce:b5:3c:31:ba:e7:45:99:55:
17:6c:70:c0:b5:5d:02:b9:59:e0:96:63:39:a6:7a:
65:61:84:93:6d:8f:14:b6:49:0c:fe:b8:8e:8e:f2:
ef:cf:b7:99:81:2a:8d:92:f6:5c:38:2d:d3:bd:69:
c7:95:eb:09:23:d0:39:4d:5b:88:7a:29:08:1c:57:
2f:7d:6c:d8:85:f5:e2:83:0f:8b:f4:5a:27:0a:86:
a6:d4:5c:a9:59:7d:64:61:ce:f9:0b:85:a2:d8:28:
9d:55:d6:d3:9b:a5:c6:41:67:10:9f:a6:86:4a:43:
ae:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9C:EC:C0:AF:D3:4C:0E:0F:60:49:F7:FF:84:E4:DE:93:D7:6A:4A
X509v3 Authority Key Identifier:
keyid:78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/hZzswK_TTA4PYEn3_4Tk3pPXako.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.112.0/22
62.217.184.0/21
89.207.216.0/21
95.131.144.0/21
185.136.76.0/22
185.155.17.0-185.155.19.255
Signature Algorithm: sha256WithRSAEncryption
9c:ea:e3:6e:b4:9a:c9:29:fa:40:bd:35:9d:44:67:02:c8:5e:
be:e4:62:4e:d5:a0:2b:bf:34:15:53:5e:db:da:52:cf:33:0d:
ca:c3:10:44:67:e2:c3:85:c6:10:96:45:78:f1:ca:ad:f4:be:
76:6a:16:f1:37:9d:79:90:ce:ff:45:c1:6a:a7:e0:2f:62:08:
fb:1c:80:59:3b:a2:6e:d5:54:bf:9e:4e:3b:8f:75:8b:f3:38:
5f:78:78:2e:dd:8a:07:c4:b1:5e:f7:30:61:96:82:97:fc:70:
3d:20:37:5f:df:db:8b:0f:7d:48:54:f2:9d:3c:ab:b6:29:ac:
49:2d:dc:5f:2e:89:35:ef:54:62:d9:6d:d5:76:df:14:03:f7:
3f:71:2b:2b:be:15:a4:49:ed:1e:a7:a8:bb:ff:11:24:3b:a9:
80:c0:60:21:4c:dd:9b:b3:45:84:5c:c1:e7:20:85:a4:94:d2:
54:00:88:c4:0a:43:52:b7:70:0c:e5:0e:04:31:45:e8:aa:b9:
15:fa:bb:33:6d:13:52:70:59:4e:55:c5:ef:ba:77:68:b5:f5:
14:66:9c:aa:a9:a6:58:e7:93:62:8c:c5:2d:5f:34:c5:15:9a:
f6:20:9f:b1:00:ef:2a:6c:f2:60:06:0d:0f:e3:77:ca:a6:d4:
82:bd:7d:23
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzEkri8ApigSSwmmni3uqvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NWI0OTBkNzY2ZjRiMWMyMTFkN2RhZGQ2ZWZhNzcwZjZl
YjllMjUwHhcNMjQwMTAxMTAyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTljZWNjMGFmZDM0YzBlMGY2MDQ5ZjdmZjg0ZTRkZTkzZDc2YTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZmwx0mSDjY/SZOpQPxFtN8YRy95
rrCHoxCVrs0DtkSOaYX44Ee2zRGldwJh8CRImDBXjL5fOByRqxqgBVUaRDOIBS5X
D6FftaCUkLrHQydiPGopCbr4TBJ2iAUuPi7MCUpQsoZjyt8/ig81zBSyXJrhWjla
+21J2PwsxOwMvLn/7qKzS11EVWjPyavOtTwxuudFmVUXbHDAtV0CuVnglmM5pnpl
YYSTbY8UtkkM/riOjvLvz7eZgSqNkvZcOC3TvWnHlesJI9A5TVuIeikIHFcvfWzY
hfXigw+L9FonCoam1FypWX1kYc75C4Wi2CidVdbTm6XGQWcQn6aGSkOu1QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIWc7MCv00wOD2BJ9/+E5N6T12pKMB8GA1UdIwQY
MBaAFHhbSQ12b0scIR19rdbvp3D2654lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjct
N2NhZTA0MGU0OWU4LzEvaFp6c3dLX1RUQTRQWUVuM180VGszcFBYYWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjctN2NhZTA0MGU0OWU4
LzEvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCBSNwAwQD
Ptm4AwQDWc/YAwQDX4OQAwQCuYhMMAwDBAC5mxEDBAK5mxAwDQYJKoZIhvcNAQEL
BQADggEBAJzq4260mskp+kC9NZ1EZwLIXr7kYk7VoCu/NBVTXtvaUs8zDcrDEERn
4sOFxhCWRXjxyq30vnZqFvE3nXmQzv9FwWqn4C9iCPscgFk7om7VVL+eTjuPdYvz
OF94eC7digfEsV73MGGWgpf8cD0gN1/f24sPfUhU8p08q7YprEkt3F8uiTXvVGLZ
bdV23xQD9z9xKyu+FaRJ7R6nqLv/ESQ7qYDAYCFM3ZuzRYRcwecghaSU0lQAiMQK
Q1K3cAzlDgQxReiquRX6uzNtE1JwWU5Vxe+6d2i19RRmnKqppljnk2KMxS1fNMUV
mvYgn7EA7yps8mAGDQ/jd8qm1IK9fSM=
-----END CERTIFICATE-----
Generated at Tue Nov 26 20:12:40 2024 by rpki-client on console-ams.rpki-client.org