Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1d19ad-73f6-450b-b97c-2be25f9d5ed2/1/ZMAwMb7VDQsTeztaVHjSn3g81Sk.roa
File: ZMAwMb7VDQsTeztaVHjSn3g81Sk.roa (raw, json)
Hash identifier: GrTyAz1DcUiUmutPuFy+vnSgtRYCK+PdUzfNRqCdQMg=
Subject key identifier: 64:C0:30:31:BE:D5:0D:0B:13:7B:3B:5A:54:78:D2:9F:78:3C:D5:29
Certificate issuer: /CN=cd269482ba261b88005608ec50b7b909d3f3fd4e
Certificate serial: 018CC3B694DEA5F1A7999B24A93D4CDFC495
Authority key identifier: CD:26:94:82:BA:26:1B:88:00:56:08:EC:50:B7:B9:09:D3:F3:FD:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zSaUgromG4gAVgjsULe5CdPz_U4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1d19ad-73f6-450b-b97c-2be25f9d5ed2/1/ZMAwMb7VDQsTeztaVHjSn3g81Sk.roa
Signing time: Mon 01 Jan 2024 06:29:31 +0000
ROA not before: Mon 01 Jan 2024 06:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52200
IP address blocks: 194.35.180.0/23 maxlen: 24
194.35.80.0/23 maxlen: 24
46.226.168.0/21 maxlen: 24
2a00:b600::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/1d19ad-73f6-450b-b97c-2be25f9d5ed2/1/zSaUgromG4gAVgjsULe5CdPz_U4.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/1d19ad-73f6-450b-b97c-2be25f9d5ed2/1/zSaUgromG4gAVgjsULe5CdPz_U4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zSaUgromG4gAVgjsULe5CdPz_U4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:94:de:a5:f1:a7:99:9b:24:a9:3d:4c:df:c4:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd269482ba261b88005608ec50b7b909d3f3fd4e
Validity
Not Before: Jan 1 06:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64c03031bed50d0b137b3b5a5478d29f783cd529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bf:ac:99:da:8a:f7:98:c4:5e:59:95:99:8a:
bd:fd:3f:a5:f8:51:40:bd:bc:ed:88:4f:26:82:5e:
19:ae:b2:3b:8d:a0:e4:7e:0b:d9:d3:c2:41:4e:01:
c4:a5:be:ca:b2:e8:62:c3:4f:ed:2e:c1:c0:7a:5b:
7d:bd:63:68:74:20:75:84:10:fd:2c:48:ba:f3:09:
4d:02:c6:74:64:c2:79:1d:3b:af:08:d2:8d:63:a8:
fb:0d:9c:6d:9c:03:69:98:ee:e6:28:2c:f6:d4:ad:
66:f5:79:d5:01:71:4f:7d:22:b5:d2:88:1b:1f:71:
86:8b:e6:b5:b5:e9:66:da:c0:df:ba:ef:1f:ee:3a:
13:ac:2b:c5:80:54:a1:11:23:c4:6c:2c:42:d3:15:
2a:ec:2b:46:d3:7d:df:3c:60:5d:09:fd:8b:9d:1b:
e9:9d:e8:c2:10:06:f4:f4:d0:8e:e4:a0:4d:db:fe:
f3:40:72:81:27:27:93:18:87:38:91:8a:18:40:b4:
6a:26:94:f7:7d:7d:12:45:a9:e0:4c:bc:8e:97:0d:
94:1f:a3:0b:eb:5b:30:41:02:b9:62:6d:d0:e1:80:
cf:30:57:a9:dc:b9:e4:d2:ae:98:76:bc:be:bb:55:
dd:e9:ba:bc:fe:b3:aa:24:d1:c9:27:fc:1b:48:07:
23:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C0:30:31:BE:D5:0D:0B:13:7B:3B:5A:54:78:D2:9F:78:3C:D5:29
X509v3 Authority Key Identifier:
keyid:CD:26:94:82:BA:26:1B:88:00:56:08:EC:50:B7:B9:09:D3:F3:FD:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zSaUgromG4gAVgjsULe5CdPz_U4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1d19ad-73f6-450b-b97c-2be25f9d5ed2/1/ZMAwMb7VDQsTeztaVHjSn3g81Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1d19ad-73f6-450b-b97c-2be25f9d5ed2/1/zSaUgromG4gAVgjsULe5CdPz_U4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.168.0/21
194.35.80.0/23
194.35.180.0/23
IPv6:
2a00:b600::/29
Signature Algorithm: sha256WithRSAEncryption
9f:ce:13:8f:b0:c8:a5:c2:f7:b8:5f:6c:4a:f0:f4:f4:86:57:
cb:c4:e7:39:c5:5d:e9:9d:b3:43:4b:7f:81:95:56:20:f9:fa:
97:65:13:50:38:6c:25:ab:2f:3f:d1:30:e5:d5:ef:d7:7f:11:
4a:4a:c8:4a:f3:6d:6c:8d:29:5e:6a:e5:bb:7b:d8:4f:6e:c3:
ed:b6:97:27:33:1d:cb:fd:e4:39:95:72:01:6c:f7:a5:72:09:
18:1f:5f:90:a1:29:30:45:4f:17:7e:77:61:71:d6:fb:6b:10:
a6:bf:f6:85:b7:e0:17:85:41:02:ca:28:0b:bf:28:6e:1d:f2:
d1:ad:6a:58:42:9c:5e:4c:d9:cc:bf:86:2e:19:73:2c:80:ae:
a3:8d:1b:87:65:bb:ea:f6:d6:7f:82:2c:35:20:c9:ad:67:00:
7d:0a:87:fd:4d:01:ad:3a:dc:ea:90:0c:7d:2a:5a:05:80:af:
49:ec:9e:b2:8d:91:06:d2:2b:b4:41:e4:3f:a8:5d:ce:fb:6b:
0c:aa:ed:1b:37:e7:fe:1d:02:23:c3:d6:e0:9b:48:44:70:12:
30:be:50:e9:96:41:2d:20:bb:04:a9:3d:fc:8f:8a:48:a4:71:
60:e5:0c:4a:07:97:48:53:d0:56:1b:69:8f:03:9a:3e:42:61:
b1:67:47:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtpTepfGnmZskqT1M38SVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMjY5NDgyYmEyNjFiODgwMDU2MDhlYzUwYjdiOTA5ZDNm
M2ZkNGUwHhcNMjQwMTAxMDYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGMwMzAzMWJlZDUwZDBiMTM3YjNiNWE1NDc4ZDI5Zjc4M2NkNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL+smdqK95jEXlmVmYq9/T+l+FFA
vbztiE8mgl4ZrrI7jaDkfgvZ08JBTgHEpb7Ksuhiw0/tLsHAelt9vWNodCB1hBD9
LEi68wlNAsZ0ZMJ5HTuvCNKNY6j7DZxtnANpmO7mKCz21K1m9XnVAXFPfSK10ogb
H3GGi+a1telm2sDfuu8f7joTrCvFgFShESPEbCxC0xUq7CtG033fPGBdCf2LnRvp
nejCEAb09NCO5KBN2/7zQHKBJyeTGIc4kYoYQLRqJpT3fX0SRangTLyOlw2UH6ML
61swQQK5Ym3Q4YDPMFep3Lnk0q6Ydry+u1Xd6bq8/rOqJNHJJ/wbSAcjSwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGTAMDG+1Q0LE3s7WlR40p94PNUpMB8GA1UdIwQY
MBaAFM0mlIK6JhuIAFYI7FC3uQnT8/1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelNhVWdyb21HNGdBVmdqc1VMZTVDZFB6X1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xZDE5YWQtNzNmNi00NTBiLWI5N2Mt
MmJlMjVmOWQ1ZWQyLzEvWk1Bd01iN1ZEUXNUZXp0YVZIalNuM2c4MVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xZDE5YWQtNzNmNi00NTBiLWI5N2MtMmJlMjVmOWQ1ZWQy
LzEvelNhVWdyb21HNGdBVmdqc1VMZTVDZFB6X1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLuKoAwQB
wiNQAwQBwiO0MA0EAgACMAcDBQMqALYAMA0GCSqGSIb3DQEBCwUAA4IBAQCfzhOP
sMilwve4X2xK8PT0hlfLxOc5xV3pnbNDS3+BlVYg+fqXZRNQOGwlqy8/0TDl1e/X
fxFKSshK821sjSleauW7e9hPbsPttpcnMx3L/eQ5lXIBbPelcgkYH1+QoSkwRU8X
fndhcdb7axCmv/aFt+AXhUECyigLvyhuHfLRrWpYQpxeTNnMv4YuGXMsgK6jjRuH
Zbvq9tZ/giw1IMmtZwB9Cof9TQGtOtzqkAx9KloFgK9J7J6yjZEG0iu0QeQ/qF3O
+2sMqu0bN+f+HQIjw9bgm0hEcBIwvlDplkEtILsEqT38j4pIpHFg5QxKB5dIU9BW
G2mPA5o+QmGxZ0dt
-----END CERTIFICATE-----
Generated at Sat Sep 28 10:34:14 2024 by rpki-client on console-ams.rpki-client.org