Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/ZBXjjBFqAkHxQ0uog168lnOjFhQ.roa
File: ZBXjjBFqAkHxQ0uog168lnOjFhQ.roa (raw, json)
Hash identifier: 6ghg/kJy6xjTKzDWHhwntVnTUy7+IXaKCThB5YmIpMs=
Subject key identifier: 64:15:E3:8C:11:6A:02:41:F1:43:4B:A8:83:5E:BC:96:73:A3:16:14
Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial: 018E849ADC65B02E76BF3CC1BCAD8F8EBC84
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/ZBXjjBFqAkHxQ0uog168lnOjFhQ.roa
Signing time: Thu 28 Mar 2024 10:28:45 +0000
ROA not before: Thu 28 Mar 2024 10:28:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8426
IP address blocks: 31.3.136.0/21 maxlen: 21
46.18.128.0/21 maxlen: 21
62.240.224.0/19 maxlen: 19
79.99.32.0/21 maxlen: 21
89.185.32.0/19 maxlen: 19
94.198.144.0/21 maxlen: 21
185.7.36.0/22 maxlen: 24
185.29.40.0/22 maxlen: 22
185.88.104.0/22 maxlen: 22
185.93.36.0/22 maxlen: 22
194.146.172.0/22 maxlen: 22
212.43.192.0/18 maxlen: 18
2001:a70::/32 maxlen: 32
2a01:4580::/29 maxlen: 29
2a02:1f8::/32 maxlen: 32
2a02:2328::/32 maxlen: 32
2a03:7300::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 10:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:9a:dc:65:b0:2e:76:bf:3c:c1:bc:ad:8f:8e:bc:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
Validity
Not Before: Mar 28 10:28:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6415e38c116a0241f1434ba8835ebc9673a31614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d6:05:05:e6:cb:d1:34:ec:f5:d7:33:e8:1f:
cb:63:47:8a:04:21:7c:6d:38:2e:79:9a:6f:f8:18:
0d:ae:f2:db:d5:78:f8:f5:ce:a7:74:3e:da:33:76:
9f:10:a7:9a:c6:94:d7:24:bb:8f:72:42:f2:d5:69:
84:ee:54:5e:c6:c1:c5:29:d6:ba:46:31:c0:dc:1b:
a4:f5:54:33:de:ef:e5:f2:1c:66:35:d1:84:06:45:
73:bc:a9:be:25:49:74:eb:4c:fd:c7:57:e9:0b:17:
92:37:69:22:5d:65:34:20:44:07:e2:5e:2f:18:53:
a8:d4:24:e5:5a:8f:2c:7a:f0:31:a0:91:55:04:d0:
fa:ff:69:85:9f:75:7c:3d:9a:24:66:17:5c:db:42:
36:bd:85:20:3c:45:16:e3:83:8f:2e:35:0f:e1:06:
5b:c6:b3:a2:5b:07:cf:92:79:73:15:ba:e9:37:af:
bc:06:9f:6e:c3:8b:01:26:aa:d0:fc:99:b2:47:2e:
bf:25:5e:d4:ed:d2:a5:ae:18:9c:e7:27:b3:0b:68:
34:f1:7d:8e:bf:3f:51:31:27:10:a0:99:8d:ac:e1:
ce:d8:61:96:e3:b0:b3:b8:eb:22:9c:e2:5f:33:84:
4a:e5:65:7b:46:5d:8c:81:2c:9f:57:6d:18:73:c7:
ed:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:15:E3:8C:11:6A:02:41:F1:43:4B:A8:83:5E:BC:96:73:A3:16:14
X509v3 Authority Key Identifier:
keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/ZBXjjBFqAkHxQ0uog168lnOjFhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.136.0/21
46.18.128.0/21
62.240.224.0/19
79.99.32.0/21
89.185.32.0/19
94.198.144.0/21
185.7.36.0/22
185.29.40.0/22
185.88.104.0/22
185.93.36.0/22
194.146.172.0/22
212.43.192.0/18
IPv6:
2001:a70::/32
2a01:4580::/29
2a02:1f8::/32
2a02:2328::/32
2a03:7300::/32
Signature Algorithm: sha256WithRSAEncryption
65:82:16:0f:08:a7:39:c8:24:94:e0:ce:5e:ab:89:b4:65:51:
05:d7:3b:f3:7f:18:ba:88:d3:12:60:c3:b3:29:83:71:5b:a6:
91:6d:be:81:cd:e1:df:bc:ed:ea:65:7f:5a:ab:a2:3f:77:81:
c8:59:60:11:45:ec:8d:6c:6b:50:ea:9a:a1:e5:35:9a:0a:31:
c3:c7:fc:0b:00:3b:f5:85:f8:e5:81:f6:5f:f6:3a:ae:d8:85:
57:5c:c9:e4:ba:43:a6:cb:d0:33:27:8d:a3:c3:91:10:71:8b:
b2:5d:4d:84:a7:57:58:16:62:d9:9c:d1:a7:50:56:f2:14:7c:
8d:2d:cf:13:c9:eb:87:fa:7f:00:ea:a1:e6:16:5b:1f:66:63:
bd:57:88:ba:ed:53:5a:e7:80:23:8a:dc:a4:3c:18:9a:a4:a4:
5d:00:20:fb:fc:d4:94:83:59:2a:51:f8:5b:af:83:48:4d:56:
72:77:b7:07:e6:63:24:eb:4b:c4:b5:27:ca:0f:89:cd:ca:e1:
74:10:65:ba:0b:cf:52:4b:04:e9:38:0c:8d:46:52:5e:52:da:
93:fa:5b:d2:06:1a:4e:85:07:45:45:92:6f:ec:b1:e4:a7:1b:
b2:45:cf:9c:25:ac:4d:ce:75:81:e4:87:eb:9a:55:14:14:cc:
d6:08:1b:21
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAY6EmtxlsC52vzzBvK2PjryEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjQwMzI4MTAyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDE1ZTM4YzExNmEwMjQxZjE0MzRiYTg4MzVlYmM5NjczYTMxNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotYFBebL0TTs9dcz6B/LY0eKBCF8
bTgueZpv+BgNrvLb1Xj49c6ndD7aM3afEKeaxpTXJLuPckLy1WmE7lRexsHFKda6
RjHA3Buk9VQz3u/l8hxmNdGEBkVzvKm+JUl060z9x1fpCxeSN2kiXWU0IEQH4l4v
GFOo1CTlWo8sevAxoJFVBND6/2mFn3V8PZokZhdc20I2vYUgPEUW44OPLjUP4QZb
xrOiWwfPknlzFbrpN6+8Bp9uw4sBJqrQ/JmyRy6/JV7U7dKlrhic5yezC2g08X2O
vz9RMScQoJmNrOHO2GGW47CzuOsinOJfM4RK5WV7Rl2MgSyfV20Yc8ftgwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFGQV44wRagJB8UNLqINevJZzoxYUMB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvWkJYampCRnFBa0h4UTB1b2cxNjhsbk9qRmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswTgQCAAEwSAMEAx8DiAME
Ay4SgAMEBT7w4AMEA09jIAMEBVm5IAMEA17GkAMEArkHJAMEArkdKAMEArlYaAME
ArldJAMEAsKSrAMEBtQrwDApBAIAAjAjAwUAIAEKcAMFAyoBRYADBQAqAgH4AwUA
KgIjKAMFACoDcwAwDQYJKoZIhvcNAQELBQADggEBAGWCFg8IpznIJJTgzl6ribRl
UQXXO/N/GLqI0xJgw7Mpg3FbppFtvoHN4d+87eplf1qroj93gchZYBFF7I1sa1Dq
mqHlNZoKMcPH/AsAO/WF+OWB9l/2Oq7YhVdcyeS6Q6bL0DMnjaPDkRBxi7JdTYSn
V1gWYtmc0adQVvIUfI0tzxPJ64f6fwDqoeYWWx9mY71XiLrtU1rngCOK3KQ8GJqk
pF0AIPv81JSDWSpR+Fuvg0hNVnJ3twfmYyTrS8S1J8oPic3K4XQQZboLz1JLBOk4
DI1GUl5S2pP6W9IGGk6FB0VFkm/sseSnG7JFz5wlrE3OdYHkh+uaVRQUzNYIGyE=
-----END CERTIFICATE-----
Generated at Sun May 12 16:29:41 2024 by rpki-client on console-ams.rpki-client.org