Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/zI4FpdIghtPCZyOnqG0wx03B6uE.roa
File: zI4FpdIghtPCZyOnqG0wx03B6uE.roa (raw, json)
Hash identifier: tuKRfX4LXd/ZcZQ09EzOh/eWKFCz3S2F6Cx8w9PCC+c=
Subject key identifier: CC:8E:05:A5:D2:20:86:D3:C2:67:23:A7:A8:6D:30:C7:4D:C1:EA:E1
Certificate issuer: /CN=80bd00829536d47745f47da9d1a8a72f6dd462d4
Certificate serial: 018CC94DC883EE68D675F4532D5D22553EFB
Authority key identifier: 80:BD:00:82:95:36:D4:77:45:F4:7D:A9:D1:A8:A7:2F:6D:D4:62:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gL0AgpU21HdF9H2p0ainL23UYtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/zI4FpdIghtPCZyOnqG0wx03B6uE.roa
Signing time: Tue 02 Jan 2024 08:32:47 +0000
ROA not before: Tue 02 Jan 2024 08:32:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50297
IP address blocks: 193.200.209.0/24 maxlen: 24
185.110.132.0/24 maxlen: 24
2a06:5600:28f8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/gL0AgpU21HdF9H2p0ainL23UYtQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/gL0AgpU21HdF9H2p0ainL23UYtQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/gL0AgpU21HdF9H2p0ainL23UYtQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:c8:83:ee:68:d6:75:f4:53:2d:5d:22:55:3e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80bd00829536d47745f47da9d1a8a72f6dd462d4
Validity
Not Before: Jan 2 08:32:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc8e05a5d22086d3c26723a7a86d30c74dc1eae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:44:36:3d:64:53:c5:86:d5:00:3a:5c:d6:68:
41:58:2a:56:f0:8f:8a:64:13:6c:b6:2b:54:8e:8c:
5e:04:44:aa:d3:6a:01:99:22:95:89:3f:34:49:ff:
5b:5d:ef:c4:9e:9b:de:ca:69:06:a4:ed:9e:98:43:
82:de:2f:9d:35:23:71:db:27:9f:32:cd:87:f3:58:
ef:75:1c:2e:b9:d0:bb:05:f1:c3:6d:be:47:50:31:
ff:41:05:89:d2:39:ba:52:96:b5:c7:c7:c4:4c:ec:
6b:9b:56:54:a5:fb:e2:59:d3:83:30:5f:4f:2b:b3:
44:bc:40:96:b8:2c:6c:5b:b4:bd:51:a9:d5:9b:5d:
b1:2f:50:17:87:6e:e1:5f:80:31:3b:5b:7a:72:ae:
42:a9:fc:d0:29:6a:de:be:cb:51:b9:33:90:fb:83:
35:0f:d0:17:ae:b4:93:26:9c:ee:3e:83:01:87:62:
18:5e:78:25:62:ea:51:74:37:67:89:1d:71:6b:2d:
55:69:d0:0b:f7:4a:c5:52:fe:5c:bc:a8:66:d4:a7:
a5:c8:ef:f8:bd:9c:bf:6b:24:3b:9e:c9:83:fe:f0:
d6:f5:97:ca:e2:90:84:09:cc:02:6f:4b:2c:0e:f5:
fc:8d:19:b8:b8:d4:50:06:49:0f:45:62:5e:f9:73:
2b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:8E:05:A5:D2:20:86:D3:C2:67:23:A7:A8:6D:30:C7:4D:C1:EA:E1
X509v3 Authority Key Identifier:
keyid:80:BD:00:82:95:36:D4:77:45:F4:7D:A9:D1:A8:A7:2F:6D:D4:62:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gL0AgpU21HdF9H2p0ainL23UYtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/zI4FpdIghtPCZyOnqG0wx03B6uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/gL0AgpU21HdF9H2p0ainL23UYtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.132.0/24
193.200.209.0/24
IPv6:
2a06:5600:28f8::/48
Signature Algorithm: sha256WithRSAEncryption
80:dc:0b:9e:49:93:fa:96:c2:d7:e6:27:8c:ad:25:9d:3d:94:
33:93:18:cc:8c:10:f4:44:dc:a4:3e:17:8d:69:0f:01:8c:77:
54:b2:77:bf:d3:4c:0a:97:65:8e:8b:44:a0:a2:44:ae:87:08:
6a:0c:a0:c8:04:31:da:86:5d:b6:a5:ad:c6:36:03:fc:0d:71:
ec:e1:e3:7c:29:b3:c3:af:55:6d:0e:ca:86:87:98:f0:f2:5f:
af:f5:5b:5d:86:da:16:89:f9:6c:7f:e5:b9:b2:8d:bd:d0:5e:
f4:39:54:89:9f:51:c9:7c:72:28:64:01:bc:d8:ea:27:56:a2:
19:6a:9d:8e:e9:9c:98:4c:a4:9c:8b:de:60:10:41:1c:e4:db:
55:24:6e:fb:84:ac:4d:5c:bd:35:18:a6:af:51:60:08:09:cc:
3a:a4:5d:de:9d:b1:4b:1c:76:59:fd:e5:5c:d0:ab:f6:30:ff:
2a:97:7e:c3:b2:df:de:18:e3:22:ad:f0:d0:07:a6:44:28:de:
cc:a0:71:c9:c7:ba:2c:95:6f:c8:f0:eb:10:bc:d9:95:f1:7f:
d3:53:08:46:32:ef:34:9c:5e:8f:fe:7e:45:ca:96:cb:77:93:
1c:6b:9d:d4:d4:3b:37:38:e9:16:e5:de:9b:1d:96:e0:1f:ca:
fd:b6:6f:8c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJTciD7mjWdfRTLV0iVT77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYmQwMDgyOTUzNmQ0Nzc0NWY0N2RhOWQxYThhNzJmNmRk
NDYyZDQwHhcNMjQwMTAyMDgzMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzhlMDVhNWQyMjA4NmQzYzI2NzIzYTdhODZkMzBjNzRkYzFlYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0Q2PWRTxYbVADpc1mhBWCpW8I+K
ZBNstitUjoxeBESq02oBmSKViT80Sf9bXe/EnpveymkGpO2emEOC3i+dNSNx2yef
Ms2H81jvdRwuudC7BfHDbb5HUDH/QQWJ0jm6Upa1x8fETOxrm1ZUpfviWdODMF9P
K7NEvECWuCxsW7S9UanVm12xL1AXh27hX4AxO1t6cq5CqfzQKWrevstRuTOQ+4M1
D9AXrrSTJpzuPoMBh2IYXnglYupRdDdniR1xay1VadAL90rFUv5cvKhm1KelyO/4
vZy/ayQ7nsmD/vDW9ZfK4pCECcwCb0ssDvX8jRm4uNRQBkkPRWJe+XMrJwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMyOBaXSIIbTwmcjp6htMMdNwerhMB8GA1UdIwQY
MBaAFIC9AIKVNtR3RfR9qdGopy9t1GLUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0wwQWdwVTIxSGRGOUgycDBhaW5MMjNVWXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi82NGUxOWYtZmU1NC00MmNkLTg5MjMt
MDliOTkyMGZlMDBmLzEvekk0RnBkSWdodFBDWnlPbnFHMHd4MDNCNnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi82NGUxOWYtZmU1NC00MmNkLTg5MjMtMDliOTkyMGZlMDBm
LzEvZ0wwQWdwVTIxSGRGOUgycDBhaW5MMjNVWXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuW6EAwQA
wcjRMA8EAgACMAkDBwAqBlYAKPgwDQYJKoZIhvcNAQELBQADggEBAIDcC55Jk/qW
wtfmJ4ytJZ09lDOTGMyMEPRE3KQ+F41pDwGMd1Syd7/TTAqXZY6LRKCiRK6HCGoM
oMgEMdqGXbalrcY2A/wNcezh43wps8OvVW0OyoaHmPDyX6/1W12G2haJ+Wx/5bmy
jb3QXvQ5VImfUcl8cihkAbzY6idWohlqnY7pnJhMpJyL3mAQQRzk21UkbvuErE1c
vTUYpq9RYAgJzDqkXd6dsUscdln95VzQq/Yw/yqXfsOy394Y4yKt8NAHpkQo3syg
ccnHuiyVb8jw6xC82ZXxf9NTCEYy7zScXo/+fkXKlst3kxxrndTUOzc46Rbl3psd
luAfyv22b4w=
-----END CERTIFICATE-----
Generated at Sat Jun 15 22:08:36 2024 by rpki-client on console-ams.rpki-client.org