Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zMQ9S7mv5PJCO25bYmKTKG3loBs.roa
File: zMQ9S7mv5PJCO25bYmKTKG3loBs.roa (raw, json)
Hash identifier: 41tffzG/FW+bZmKTa9me0//+FMCtND6Ja2MNxctrVa8=
Subject key identifier: CC:C4:3D:4B:B9:AF:E4:F2:42:3B:6E:5B:62:62:93:28:6D:E5:A0:1B
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CC3B6BA64878F22E1AE7C3DFD2D80D12E
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zMQ9S7mv5PJCO25bYmKTKG3loBs.roa
Signing time: Mon 01 Jan 2024 06:29:41 +0000
ROA not before: Mon 01 Jan 2024 06:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47169
IP address blocks: 88.209.250.0/23 maxlen: 23
45.88.92.0/24 maxlen: 24
92.52.192.0/21 maxlen: 21
45.14.8.0/23 maxlen: 23
92.52.200.0/22 maxlen: 22
88.209.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ba:64:87:8f:22:e1:ae:7c:3d:fd:2d:80:d1:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 06:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccc43d4bb9afe4f2423b6e5b626293286de5a01b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:db:29:60:12:0a:16:f6:10:e3:f4:e0:fd:72:
d2:67:58:87:41:f7:b5:84:42:66:35:92:55:36:54:
83:cc:32:9b:93:01:3f:42:8a:15:62:1e:b3:07:11:
3e:0e:1c:56:d8:24:90:30:42:5f:b6:d1:ba:df:00:
9f:61:de:9b:42:37:68:ed:04:e1:0b:ee:a3:a0:be:
b9:ce:ce:b9:05:33:56:a7:42:06:87:c2:a4:3c:b1:
3a:1d:fd:29:32:61:2a:8c:25:3d:bb:a0:b5:d4:f6:
23:ac:2f:3a:97:b1:96:57:35:19:8d:88:2c:58:a8:
3b:27:36:14:1c:ee:89:13:be:97:88:72:04:c8:a3:
43:7b:2d:4e:05:6b:73:54:02:20:b1:ed:3b:ac:29:
64:1e:60:2a:e5:36:4c:cf:f3:c1:00:04:63:aa:4b:
6f:cc:db:e7:e8:16:d6:93:b6:d4:79:57:49:75:19:
3d:59:40:53:cb:16:23:4a:d3:82:f3:54:98:36:e2:
40:35:7d:f7:23:c7:31:91:69:c8:47:46:62:dc:b4:
e8:c4:e7:d3:cf:bc:58:58:e0:7f:b4:36:c5:90:21:
6b:69:e2:31:96:e6:96:b2:85:b5:29:da:e7:b2:e1:
2d:cd:4e:6e:b2:f8:ac:8d:79:79:bb:c6:c1:5d:d7:
f7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C4:3D:4B:B9:AF:E4:F2:42:3B:6E:5B:62:62:93:28:6D:E5:A0:1B
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zMQ9S7mv5PJCO25bYmKTKG3loBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.8.0/23
45.88.92.0/24
88.209.218.0/24
88.209.250.0/23
92.52.192.0-92.52.203.255
Signature Algorithm: sha256WithRSAEncryption
08:45:1d:bc:7f:84:b9:35:a6:79:c8:6c:8b:ce:1e:30:7e:8d:
71:1d:57:1c:7c:b7:1e:ca:23:68:6d:1f:03:20:72:a4:71:eb:
31:ca:71:95:ac:00:8f:ef:8c:97:1f:04:dd:3b:15:f6:a6:75:
7a:4f:00:bf:df:1b:d2:94:77:26:8a:95:dc:4a:9e:38:a8:12:
d5:a1:19:1d:6e:2c:3b:56:c8:17:5c:8d:df:48:22:ca:b8:33:
d9:64:df:b8:7e:44:ae:46:04:bc:69:65:94:d8:49:de:89:dc:
a1:49:a9:ba:3f:5d:ab:15:b0:77:7d:68:13:22:d0:23:06:c6:
3c:27:23:da:32:0b:71:d6:b2:de:88:87:99:8f:00:0f:28:f1:
47:09:7b:65:ee:4a:47:fb:09:40:95:32:b2:ec:62:d4:9c:4c:
ae:82:b2:9b:ab:8a:45:fa:1e:a4:c7:6d:3a:3b:26:be:6c:13:
d1:83:00:2b:b0:84:35:fc:4e:72:6e:94:8f:21:20:56:d0:63:
05:6e:52:9b:b4:c3:96:80:b2:00:d4:4f:2a:8d:1a:f4:12:3f:
df:94:7f:b7:49:8a:5b:65:bb:6e:56:38:60:6e:4c:fe:c0:df:
59:4d:3e:80:47:f3:8c:18:77:80:65:5b:88:b2:d2:6f:e4:86:
10:d3:f0:6f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDtrpkh48i4a58Pf0tgNEuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMDYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2M0M2Q0YmI5YWZlNGYyNDIzYjZlNWI2MjYyOTMyODZkZTVhMDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9spYBIKFvYQ4/Tg/XLSZ1iHQfe1
hEJmNZJVNlSDzDKbkwE/QooVYh6zBxE+DhxW2CSQMEJfttG63wCfYd6bQjdo7QTh
C+6joL65zs65BTNWp0IGh8KkPLE6Hf0pMmEqjCU9u6C11PYjrC86l7GWVzUZjYgs
WKg7JzYUHO6JE76XiHIEyKNDey1OBWtzVAIgse07rClkHmAq5TZMz/PBAARjqktv
zNvn6BbWk7bUeVdJdRk9WUBTyxYjStOC81SYNuJANX33I8cxkWnIR0Zi3LToxOfT
z7xYWOB/tDbFkCFraeIxluaWsoW1KdrnsuEtzU5usvisjXl5u8bBXdf3xwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMzEPUu5r+TyQjtuW2Jikyht5aAbMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvek1ROVM3bXY1UEpDTzI1YlltS1RLRzNsb0JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBLQ4IAwQA
LVhcAwQAWNHaAwQBWNH6MAwDBAZcNMADBAJcNMgwDQYJKoZIhvcNAQELBQADggEB
AAhFHbx/hLk1pnnIbIvOHjB+jXEdVxx8tx7KI2htHwMgcqRx6zHKcZWsAI/vjJcf
BN07FfamdXpPAL/fG9KUdyaKldxKnjioEtWhGR1uLDtWyBdcjd9IIsq4M9lk37h+
RK5GBLxpZZTYSd6J3KFJqbo/XasVsHd9aBMi0CMGxjwnI9oyC3HWst6Ih5mPAA8o
8UcJe2XuSkf7CUCVMrLsYtScTK6CspurikX6HqTHbTo7Jr5sE9GDACuwhDX8TnJu
lI8hIFbQYwVuUpu0w5aAsgDUTyqNGvQSP9+Uf7dJiltlu25WOGBuTP7A31lNPoBH
84wYd4BlW4iy0m/khhDT8G8=
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:33:34 2024 by rpki-client on console-fra.rpki-client.org