Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/ZVb4XNMxk7lVQgLw6bR0gSmc4Ak.roa
File: ZVb4XNMxk7lVQgLw6bR0gSmc4Ak.roa (raw, json)
Hash identifier: L1IrvePBw0+BLNThDP5YI3pv+tgRsZVnB5HD7lP01T0=
Subject key identifier: 65:56:F8:5C:D3:31:93:B9:55:42:02:F0:E9:B4:74:81:29:9C:E0:09
Certificate issuer: /CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Certificate serial: 018CC348B7E9E23890FB5ABD7418C29976C9
Authority key identifier: FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/ZVb4XNMxk7lVQgLw6bR0gSmc4Ak.roa
Signing time: Mon 01 Jan 2024 04:29:31 +0000
ROA not before: Mon 01 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209689
IP address blocks: 212.87.210.0/23 maxlen: 24
212.87.208.0/23 maxlen: 24
185.174.149.0/24 maxlen: 24
185.174.150.0/24 maxlen: 24
185.174.151.0/24 maxlen: 24
185.174.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/1-3grePIKbktwZDBSvRpArxWlYzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/1-3grePIKbktwZDBSvRpArxWlYzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b7:e9:e2:38:90:fb:5a:bd:74:18:c2:99:76:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Validity
Not Before: Jan 1 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6556f85cd33193b9554202f0e9b47481299ce009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6e:54:b5:dd:fd:26:2d:2d:74:e1:9d:ef:c6:
1d:89:75:de:e6:d4:19:95:95:82:f9:8e:7c:1d:2d:
a8:86:ad:7f:22:1a:cf:70:7c:87:ee:39:3b:bf:ea:
94:6b:48:50:73:e3:cb:29:28:2f:94:3f:dd:d9:c1:
66:11:9d:33:01:31:aa:11:94:d5:f8:26:c9:2d:6e:
af:23:e5:2a:8b:db:4f:c8:5f:36:86:0b:c8:6f:a8:
82:3b:93:5c:8f:da:3b:b6:aa:ec:24:b3:32:a0:b6:
0a:9b:96:d2:ab:6f:fd:08:61:26:66:41:5d:39:6b:
ca:e3:50:bd:cc:44:86:20:81:99:44:c5:64:85:df:
02:20:66:92:cd:82:6a:de:75:1e:8e:5f:0e:e7:ee:
ac:f1:b9:c7:97:24:7f:1d:ab:bc:54:b8:8b:36:6e:
41:ed:54:b4:1a:71:97:38:42:5b:cd:0b:9c:9b:e4:
1e:dc:93:01:64:05:90:6c:96:15:8e:3b:23:70:c5:
48:73:7b:eb:00:9d:7c:c6:94:e2:23:11:ed:65:c6:
d4:fd:cd:ba:b1:29:31:14:34:01:75:98:23:6d:b0:
1a:80:f1:8b:58:87:23:86:46:10:51:38:6f:43:10:
8d:7d:67:ea:0c:e1:1c:5f:79:83:b2:65:73:14:55:
f4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:56:F8:5C:D3:31:93:B9:55:42:02:F0:E9:B4:74:81:29:9C:E0:09
X509v3 Authority Key Identifier:
keyid:FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/ZVb4XNMxk7lVQgLw6bR0gSmc4Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/1-3grePIKbktwZDBSvRpArxWlYzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.148.0/22
212.87.208.0/22
Signature Algorithm: sha256WithRSAEncryption
29:2b:d9:24:86:55:82:be:c1:bb:9b:b4:e4:21:e9:b1:75:ec:
05:e7:ad:63:06:a7:7b:8e:1f:d4:d8:31:8b:66:f6:80:2a:0a:
79:36:7e:b5:af:9a:dc:c8:b5:a3:89:ec:65:6f:f4:19:dc:17:
1c:f0:fd:51:0f:32:78:18:01:78:f8:09:a9:c3:5c:c5:9d:81:
fe:ae:92:ba:5a:ca:7a:70:96:13:46:48:f2:13:ee:c0:d2:47:
11:36:54:05:0b:55:10:e7:90:ba:b8:17:2e:06:3a:c6:3f:63:
a5:b1:00:5f:1f:0c:25:77:15:e7:f9:dc:bd:a8:c4:c2:dc:c2:
5d:9a:0e:85:a8:54:48:5b:63:51:9a:56:85:43:03:ec:fa:25:
c1:9a:85:ec:04:6d:29:fc:75:eb:82:3e:e8:80:ac:a9:c4:31:
a9:9d:38:92:af:97:67:07:ff:08:0b:10:61:6f:06:fb:76:ce:
57:2e:51:1c:bb:1b:0e:0d:32:6f:6a:1c:5e:15:d7:75:10:51:
76:df:2f:2b:98:4a:60:a8:a7:96:66:bb:0e:ae:f6:9c:b5:1e:
71:98:a3:99:d6:eb:ac:33:79:4d:69:db:6e:39:e4:6e:2c:08:
b7:56:6c:29:23:0a:dc:a9:33:3e:f9:72:e1:5e:14:13:7d:0c:
05:cd:df:02
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDSLfp4jiQ+1q9dBjCmXbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzgyYjc4ZjIwYTZlNGI3MDY0MzA1MmJkMWE0MGFmMTVh
NTYzMzgwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTU2Zjg1Y2QzMzE5M2I5NTU0MjAyZjBlOWI0NzQ4MTI5OWNlMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgG5Utd39Ji0tdOGd78YdiXXe5tQZ
lZWC+Y58HS2ohq1/IhrPcHyH7jk7v+qUa0hQc+PLKSgvlD/d2cFmEZ0zATGqEZTV
+CbJLW6vI+Uqi9tPyF82hgvIb6iCO5Ncj9o7tqrsJLMyoLYKm5bSq2/9CGEmZkFd
OWvK41C9zESGIIGZRMVkhd8CIGaSzYJq3nUejl8O5+6s8bnHlyR/Hau8VLiLNm5B
7VS0GnGXOEJbzQucm+Qe3JMBZAWQbJYVjjsjcMVIc3vrAJ18xpTiIxHtZcbU/c26
sSkxFDQBdZgjbbAagPGLWIcjhkYQUThvQxCNfWfqDOEcX3mDsmVzFFX0sQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGVW+FzTMZO5VUIC8Om0dIEpnOAJMB8GA1UdIwQY
MBaAFPt4K3jyCm5LcGQwUr0aQK8VpWM4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zZ3JlUElLYmt0d1pEQlN2UnBBcnhXbFl6Zy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvOWRjOTMzLTVjMGQtNDQ2MS1hNDVk
LThmN2Q1NjkxYzFiZS8xL1pWYjRYTk14azdsVlFnTHc2YlIwZ1NtYzRBay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTMvOWRjOTMzLTVjMGQtNDQ2MS1hNDVkLThmN2Q1NjkxYzFi
ZS8xLzEtM2dyZVBJS2JrdHdaREJTdlJwQXJ4V2xZemcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAK5rpQD
BALUV9AwDQYJKoZIhvcNAQELBQADggEBACkr2SSGVYK+wbubtOQh6bF17AXnrWMG
p3uOH9TYMYtm9oAqCnk2frWvmtzItaOJ7GVv9BncFxzw/VEPMngYAXj4CanDXMWd
gf6ukrpaynpwlhNGSPIT7sDSRxE2VAULVRDnkLq4Fy4GOsY/Y6WxAF8fDCV3Fef5
3L2oxMLcwl2aDoWoVEhbY1GaVoVDA+z6JcGahewEbSn8deuCPuiArKnEMamdOJKv
l2cH/wgLEGFvBvt2zlcuURy7Gw4NMm9qHF4V13UQUXbfLyuYSmCop5Zmuw6u9py1
HnGYo5nW66wzeU1p22455G4sCLdWbCkjCtypMz75cuFeFBN9DAXN3wI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:25:14 2024 by rpki-client on console-ams.rpki-client.org