Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/pZQfa7LZBnHar0epaU622h4x7iA.roa
File: pZQfa7LZBnHar0epaU622h4x7iA.roa (raw, json)
Hash identifier: A/1n5KGghwN80sIHHmoEyN9YAGwA6UClFBft8pI7Tew=
Subject key identifier: A5:94:1F:6B:B2:D9:06:71:DA:AF:47:A9:69:4E:B6:DA:1E:31:EE:20
Certificate issuer: /CN=35902c9b640fc6d57c237714ed24da17f2d3e474
Certificate serial: 018CC9BCA6572EF0825AEF7C8E00B002147C
Authority key identifier: 35:90:2C:9B:64:0F:C6:D5:7C:23:77:14:ED:24:DA:17:F2:D3:E4:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZAsm2QPxtV8I3cU7STaF_LT5HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/pZQfa7LZBnHar0epaU622h4x7iA.roa
Signing time: Tue 02 Jan 2024 10:33:52 +0000
ROA not before: Tue 02 Jan 2024 10:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16007
IP address blocks: 217.25.192.0/20 maxlen: 20
185.120.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/NZAsm2QPxtV8I3cU7STaF_LT5HQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/NZAsm2QPxtV8I3cU7STaF_LT5HQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZAsm2QPxtV8I3cU7STaF_LT5HQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 07:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a6:57:2e:f0:82:5a:ef:7c:8e:00:b0:02:14:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35902c9b640fc6d57c237714ed24da17f2d3e474
Validity
Not Before: Jan 2 10:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5941f6bb2d90671daaf47a9694eb6da1e31ee20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d6:ec:e8:7b:05:d0:e4:00:63:02:22:f9:f6:
f6:47:14:55:f9:d4:f3:db:67:a7:ad:61:fe:0a:2d:
b6:2d:a8:7f:45:e9:de:52:3e:a0:7d:e9:29:7a:6d:
e7:78:17:93:3f:0b:bb:8f:48:e8:cd:76:44:e1:1b:
95:e3:6e:84:fe:41:ae:62:75:30:c3:95:e6:cc:3a:
26:f2:23:91:7a:cb:32:8c:74:07:fa:60:77:e8:fa:
66:20:4c:b8:46:c2:a6:da:5b:61:a2:38:d1:3e:8e:
df:b8:be:f7:f6:2e:ab:99:9e:52:69:45:96:79:64:
24:cd:8e:3a:33:64:54:af:ba:7d:35:1a:1a:b2:21:
da:c4:31:32:e7:e0:59:d5:78:a0:da:31:7d:bd:14:
2f:a0:19:2b:78:18:c6:60:76:32:f6:9a:a3:b2:50:
09:ad:af:70:2d:ca:e3:9d:34:06:5f:7f:c6:ac:af:
63:04:e0:1c:5a:87:c3:15:e6:ec:c5:4a:5c:74:f0:
86:b3:72:fd:47:35:2c:71:f1:4a:3c:98:d9:07:75:
b0:49:da:70:a6:8a:df:e6:0f:18:79:47:c6:9b:0a:
bd:30:9e:c5:f9:fa:45:7e:2e:d8:45:fb:40:6a:bb:
53:a8:29:9f:54:b0:fa:9c:ce:47:1c:0a:c0:07:f5:
bd:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:94:1F:6B:B2:D9:06:71:DA:AF:47:A9:69:4E:B6:DA:1E:31:EE:20
X509v3 Authority Key Identifier:
keyid:35:90:2C:9B:64:0F:C6:D5:7C:23:77:14:ED:24:DA:17:F2:D3:E4:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZAsm2QPxtV8I3cU7STaF_LT5HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/pZQfa7LZBnHar0epaU622h4x7iA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f96baf-41f3-4986-b93a-417b4fa564ea/1/NZAsm2QPxtV8I3cU7STaF_LT5HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.132.0/22
217.25.192.0/20
Signature Algorithm: sha256WithRSAEncryption
4f:ee:79:1b:89:2e:82:bb:e9:6c:aa:35:63:16:20:f9:fb:2a:
d0:94:a7:a6:a1:69:19:39:04:63:fb:77:67:b3:90:cc:c7:05:
06:32:96:7f:10:9c:4c:c2:8c:7f:ed:37:bd:4c:da:06:d7:5f:
1c:6b:a7:59:97:f9:7f:1f:68:ea:40:7b:5f:c0:fe:9f:2d:06:
0b:4b:cd:0c:d0:c2:00:1e:31:ab:8c:5a:c7:44:fa:85:c0:c9:
14:df:87:9c:cf:19:a6:e0:4d:bb:de:6e:b2:fc:44:0b:94:04:
42:3e:5c:ed:f5:99:86:2d:2f:0f:a0:c0:3b:f6:04:f2:16:dd:
eb:10:10:ca:ea:52:d1:5e:9f:4d:cb:2c:e1:14:8c:49:b4:11:
c7:dc:39:8d:d8:20:d7:83:75:2f:00:be:21:cf:14:2d:19:68:
1d:b8:82:e5:27:90:d4:0f:53:e5:4d:b4:b5:aa:a4:e0:75:65:
05:82:2e:5f:48:4f:e9:5b:3e:70:1e:80:aa:a3:6a:29:66:22:
26:82:2c:49:36:2b:28:83:92:2c:07:c1:16:b3:91:c1:e1:0b:
7c:58:da:c3:7d:1b:86:ec:6b:5e:b6:5b:bd:96:83:20:34:50:
a9:c7:1e:04:5c:f3:ad:3f:ad:f1:93:e6:b2:5e:fe:c0:60:0e:
e0:69:89:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvKZXLvCCWu98jgCwAhR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OTAyYzliNjQwZmM2ZDU3YzIzNzcxNGVkMjRkYTE3ZjJk
M2U0NzQwHhcNMjQwMTAyMTAzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTk0MWY2YmIyZDkwNjcxZGFhZjQ3YTk2OTRlYjZkYTFlMzFlZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNbs6HsF0OQAYwIi+fb2RxRV+dTz
22enrWH+Ci22Lah/ReneUj6gfekpem3neBeTPwu7j0jozXZE4RuV426E/kGuYnUw
w5XmzDom8iORessyjHQH+mB36PpmIEy4RsKm2lthojjRPo7fuL739i6rmZ5SaUWW
eWQkzY46M2RUr7p9NRoasiHaxDEy5+BZ1Xig2jF9vRQvoBkreBjGYHYy9pqjslAJ
ra9wLcrjnTQGX3/GrK9jBOAcWofDFebsxUpcdPCGs3L9RzUscfFKPJjZB3WwSdpw
porf5g8YeUfGmwq9MJ7F+fpFfi7YRftAartTqCmfVLD6nM5HHArAB/W9TwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKWUH2uy2QZx2q9HqWlOttoeMe4gMB8GA1UdIwQY
MBaAFDWQLJtkD8bVfCN3FO0k2hfy0+R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlpBc20yUVB4dFY4STNjVTdTVGFGX0xUNUhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mOTZiYWYtNDFmMy00OTg2LWI5M2Et
NDE3YjRmYTU2NGVhLzEvcFpRZmE3TFpCbkhhcjBlcGFVNjIyaDR4N2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9mOTZiYWYtNDFmMy00OTg2LWI5M2EtNDE3YjRmYTU2NGVh
LzEvTlpBc20yUVB4dFY4STNjVTdTVGFGX0xUNUhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXiEAwQE
2RnAMA0GCSqGSIb3DQEBCwUAA4IBAQBP7nkbiS6Cu+lsqjVjFiD5+yrQlKemoWkZ
OQRj+3dns5DMxwUGMpZ/EJxMwox/7Te9TNoG118ca6dZl/l/H2jqQHtfwP6fLQYL
S80M0MIAHjGrjFrHRPqFwMkU34eczxmm4E273m6y/EQLlARCPlzt9ZmGLS8PoMA7
9gTyFt3rEBDK6lLRXp9NyyzhFIxJtBHH3DmN2CDXg3UvAL4hzxQtGWgduILlJ5DU
D1PlTbS1qqTgdWUFgi5fSE/pWz5wHoCqo2opZiImgixJNisog5IsB8EWs5HB4Qt8
WNrDfRuG7Gtetlu9loMgNFCpxx4EXPOtP63xk+ayXv7AYA7gaYkk
-----END CERTIFICATE-----
Generated at Mon Jun 17 12:46:59 2024 by rpki-client on console-fra.rpki-client.org