Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/ZihuU3yA2pGn3aVCEhC00_TtWkA.roa
File: ZihuU3yA2pGn3aVCEhC00_TtWkA.roa (raw, json)
Hash identifier: 5421cmoCkOmYZj5qaY4QXemVNoVODdoa4BsQ0VCScKU=
Subject key identifier: 66:28:6E:53:7C:80:DA:91:A7:DD:A5:42:12:10:B4:D3:F4:ED:5A:40
Certificate issuer: /CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Certificate serial: 018CC56E02BB7E8CA5C2379799FD58CB9FD0
Authority key identifier: D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/ZihuU3yA2pGn3aVCEhC00_TtWkA.roa
Signing time: Mon 01 Jan 2024 14:29:30 +0000
ROA not before: Mon 01 Jan 2024 14:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42846
IP address blocks: 89.252.179.0/24 maxlen: 24
89.252.178.0/24 maxlen: 24
89.252.186.0/24 maxlen: 24
89.252.185.0/24 maxlen: 24
89.252.184.0/24 maxlen: 24
89.252.183.0/24 maxlen: 24
89.252.182.0/24 maxlen: 24
89.252.181.0/24 maxlen: 24
89.252.180.0/24 maxlen: 24
89.252.187.0/24 maxlen: 24
185.106.211.0/24 maxlen: 24
185.106.210.0/24 maxlen: 24
185.106.209.0/24 maxlen: 24
185.106.208.0/24 maxlen: 24
45.84.189.0/24 maxlen: 24
45.84.188.0/24 maxlen: 24
45.84.191.0/24 maxlen: 24
45.84.190.0/24 maxlen: 24
2a06:41c0:1::/48 maxlen: 48
2a06:41c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/0coacGq8--G4WGUjjYQ17jPnWCA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/0coacGq8--G4WGUjjYQ17jPnWCA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:02:bb:7e:8c:a5:c2:37:97:99:fd:58:cb:9f:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Validity
Not Before: Jan 1 14:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66286e537c80da91a7dda5421210b4d3f4ed5a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:aa:13:30:e0:12:b5:64:00:75:85:37:7c:3c:
af:7a:b8:b2:e7:7b:e9:3a:e4:1a:a0:a8:d7:c7:16:
1b:ae:87:13:de:65:6d:a5:00:64:c0:71:8d:b2:ac:
06:15:ab:89:ed:2d:a4:11:7c:c6:07:57:9e:50:13:
7a:f9:ba:47:de:4e:f7:67:f7:3c:df:2b:e4:3f:96:
15:a8:42:83:2f:e8:62:31:05:a1:58:c1:6f:52:e9:
20:93:06:54:b9:02:f0:df:a9:9b:ed:44:67:b2:51:
39:7d:e4:1a:e6:2f:a8:5a:fb:d2:08:b5:a3:cf:6f:
44:8a:b6:33:d2:08:e5:85:cf:f1:13:63:2d:aa:fc:
5c:5d:84:48:bf:cd:85:c2:c3:f7:d0:13:86:b9:72:
9d:78:74:3b:4f:54:3f:c5:71:18:e4:80:f2:a8:08:
90:f0:ea:cc:44:c8:37:f7:8e:56:ef:23:6d:25:fa:
f2:16:4b:ac:5e:36:d9:31:b4:09:b0:25:57:96:98:
ba:9c:57:a0:97:0b:d2:99:d0:b7:0d:c8:e5:13:e9:
01:26:7d:56:38:0a:30:3d:07:13:1e:d2:df:ac:37:
ba:76:b8:ea:a5:a6:f3:19:17:51:e5:4a:60:ea:1e:
08:92:b7:8f:6d:35:98:87:0c:50:51:0b:08:f7:9d:
75:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:28:6E:53:7C:80:DA:91:A7:DD:A5:42:12:10:B4:D3:F4:ED:5A:40
X509v3 Authority Key Identifier:
keyid:D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/ZihuU3yA2pGn3aVCEhC00_TtWkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/0coacGq8--G4WGUjjYQ17jPnWCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.188.0/22
89.252.178.0-89.252.187.255
185.106.208.0/22
IPv6:
2a06:41c0::/47
Signature Algorithm: sha256WithRSAEncryption
5d:43:63:e2:5b:ab:7a:fa:bb:09:1c:ef:ac:e3:23:b7:e9:8b:
38:4a:22:e0:67:53:8d:7d:fe:54:bd:b2:4f:3c:65:8e:b1:dd:
ea:86:3e:33:62:cc:fb:28:80:1b:7b:15:b5:c9:40:81:46:aa:
35:5c:be:b6:51:b1:43:f8:b7:09:c9:35:e3:fd:21:19:18:53:
e7:71:23:cd:b1:f9:c4:b8:7d:a4:8e:7e:2a:d8:81:5a:10:85:
ac:83:69:df:71:76:40:f2:42:df:41:5a:17:f8:de:61:4c:28:
23:3e:a5:bb:f7:65:b0:fc:cd:aa:5c:d9:02:0e:f0:c2:bf:e5:
fc:8b:eb:93:13:4d:e6:d0:dc:a8:21:01:7e:3c:b9:8e:e0:2e:
c9:e0:57:a9:e6:38:e1:f4:1c:ec:03:4d:7c:63:64:85:c8:7e:
58:83:cf:f1:fd:11:ac:1d:8e:48:4e:c0:81:f3:b0:31:29:bf:
61:dc:32:5c:2c:5c:1e:12:58:e9:86:2a:69:4d:1e:f2:56:8b:
e2:69:c3:00:7e:61:6e:51:ac:98:63:35:d7:cc:88:10:1c:0f:
f2:2c:70:72:96:7e:15:c0:ce:a3:08:d7:f4:76:f8:1e:0f:b8:
f0:82:04:cb:42:71:a1:d1:d1:8c:c5:41:35:5b:e8:37:ac:94:
3e:d4:01:76
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzFbgK7foylwjeXmf1Yy5/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2ExYTcwNmFiY2ZiZTFiODU4NjUyMzhkODQzNWVlMzNl
NzU4MjAwHhcNMjQwMTAxMTQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjI4NmU1MzdjODBkYTkxYTdkZGE1NDIxMjEwYjRkM2Y0ZWQ1YTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6oTMOAStWQAdYU3fDyveriy53vp
OuQaoKjXxxYbrocT3mVtpQBkwHGNsqwGFauJ7S2kEXzGB1eeUBN6+bpH3k73Z/c8
3yvkP5YVqEKDL+hiMQWhWMFvUukgkwZUuQLw36mb7URnslE5feQa5i+oWvvSCLWj
z29EirYz0gjlhc/xE2MtqvxcXYRIv82FwsP30BOGuXKdeHQ7T1Q/xXEY5IDyqAiQ
8OrMRMg3945W7yNtJfryFkusXjbZMbQJsCVXlpi6nFeglwvSmdC3DcjlE+kBJn1W
OAowPQcTHtLfrDe6drjqpabzGRdR5Upg6h4IkrePbTWYhwxQUQsI9511WQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFGYoblN8gNqRp92lQhIQtNP07VpAMB8GA1UdIwQY
MBaAFNHKGnBqvPvhuFhlI42ENe4z51ggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzIt
ZThmN2ZkM2E0MDc4LzEvWmlodVUzeUEycEduM2FWQ0VoQzAwX1R0V2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzItZThmN2ZkM2E0MDc4
LzEvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQCLVS8MAwD
BAFZ/LIDBAJZ/LgDBAK5atAwDwQCAAIwCQMHASoGQcAAADANBgkqhkiG9w0BAQsF
AAOCAQEAXUNj4lurevq7CRzvrOMjt+mLOEoi4GdTjX3+VL2yTzxljrHd6oY+M2LM
+yiAG3sVtclAgUaqNVy+tlGxQ/i3Cck14/0hGRhT53EjzbH5xLh9pI5+KtiBWhCF
rINp33F2QPJC30FaF/jeYUwoIz6lu/dlsPzNqlzZAg7wwr/l/IvrkxNN5tDcqCEB
fjy5juAuyeBXqeY44fQc7ANNfGNkhch+WIPP8f0RrB2OSE7AgfOwMSm/YdwyXCxc
HhJY6YYqaU0e8laL4mnDAH5hblGsmGM118yIEBwP8ixwcpZ+FcDOowjX9Hb4Hg+4
8IIEy0JxodHRjMVBNVvoN6yUPtQBdg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:23:51 2024 by rpki-client on console-ams.rpki-client.org