Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a07342-1742-41a1-8bc7-01a28a76ccf4/1/zkiX-qKG36HzVecQXyksTqLIrW0.roa
File: zkiX-qKG36HzVecQXyksTqLIrW0.roa (raw, json)
Hash identifier: +eiHmZ0L9XXVWYdW4ydfyuSs4EPJlkYwkbTQPrlzNhk=
Subject key identifier: CE:48:97:FA:A2:86:DF:A1:F3:55:E7:10:5F:29:2C:4E:A2:C8:AD:6D
Certificate issuer: /CN=07090fba663b072bb54cc7d49e88a0380374cb6e
Certificate serial: 018CC56E1E492CB87474BC4E29CAA70EFFAD
Authority key identifier: 07:09:0F:BA:66:3B:07:2B:B5:4C:C7:D4:9E:88:A0:38:03:74:CB:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BwkPumY7Byu1TMfUnoigOAN0y24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a07342-1742-41a1-8bc7-01a28a76ccf4/1/zkiX-qKG36HzVecQXyksTqLIrW0.roa
Signing time: Mon 01 Jan 2024 14:29:37 +0000
ROA not before: Mon 01 Jan 2024 14:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197161
IP address blocks: 94.154.14.0/24 maxlen: 24
195.42.149.0/24 maxlen: 24
195.42.148.0/23 maxlen: 23
185.65.80.0/22 maxlen: 24
195.42.148.0/24 maxlen: 24
2a03:1a60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a07342-1742-41a1-8bc7-01a28a76ccf4/1/BwkPumY7Byu1TMfUnoigOAN0y24.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a07342-1742-41a1-8bc7-01a28a76ccf4/1/BwkPumY7Byu1TMfUnoigOAN0y24.mft
rsync://rpki.ripe.net/repository/DEFAULT/BwkPumY7Byu1TMfUnoigOAN0y24.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1e:49:2c:b8:74:74:bc:4e:29:ca:a7:0e:ff:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07090fba663b072bb54cc7d49e88a0380374cb6e
Validity
Not Before: Jan 1 14:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce4897faa286dfa1f355e7105f292c4ea2c8ad6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4f:90:db:d5:2f:97:21:53:66:77:28:64:ad:
3c:36:35:7b:5f:80:3c:0d:b7:11:4d:b6:7c:0a:c4:
a9:be:51:4a:ae:48:7b:bc:4b:6b:0c:68:31:75:44:
92:40:ad:23:dc:94:8d:db:19:4e:8c:bc:9e:ef:f8:
6e:07:1d:c2:39:b9:88:3a:4d:2e:92:7f:b9:5f:f3:
32:06:3b:30:f3:00:98:79:39:ba:d9:7c:4e:a3:2b:
83:4e:48:f3:74:d3:33:25:f3:44:35:23:71:47:2d:
98:06:9f:82:01:a7:30:81:7f:cd:52:ca:e8:4d:8f:
57:6a:e8:51:69:70:88:9e:a7:39:9e:52:b2:b2:ef:
19:55:51:61:71:c8:0f:a1:b9:3f:8f:cf:f8:be:3a:
5e:15:0e:23:d1:0f:f2:11:5a:39:b5:46:80:5d:7f:
57:aa:69:01:b6:74:0b:12:a4:9f:ad:1a:da:ad:b0:
b8:40:38:9c:83:96:f0:92:55:4b:8b:2d:5f:63:52:
46:37:42:30:e3:80:a9:93:1c:07:a7:08:ee:3c:4e:
93:59:9e:7c:aa:69:b0:36:0f:7d:ac:f2:c7:87:f7:
a1:db:17:9e:0b:c0:88:65:e9:81:3f:3c:b3:2f:8d:
ca:5a:5c:f0:16:50:50:b4:7c:36:ba:97:07:ed:83:
8f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:48:97:FA:A2:86:DF:A1:F3:55:E7:10:5F:29:2C:4E:A2:C8:AD:6D
X509v3 Authority Key Identifier:
keyid:07:09:0F:BA:66:3B:07:2B:B5:4C:C7:D4:9E:88:A0:38:03:74:CB:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BwkPumY7Byu1TMfUnoigOAN0y24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a07342-1742-41a1-8bc7-01a28a76ccf4/1/zkiX-qKG36HzVecQXyksTqLIrW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a07342-1742-41a1-8bc7-01a28a76ccf4/1/BwkPumY7Byu1TMfUnoigOAN0y24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.14.0/24
185.65.80.0/22
195.42.148.0/23
IPv6:
2a03:1a60::/32
Signature Algorithm: sha256WithRSAEncryption
1d:29:24:0e:25:ed:97:38:8c:78:45:4b:11:30:89:d4:8e:ae:
40:8a:bb:e8:78:ec:86:43:e6:62:8c:e8:40:0d:38:18:a2:c3:
d5:64:34:f1:72:3f:7e:37:d2:54:ee:64:e7:a9:5e:bf:75:8c:
68:38:49:29:ff:75:9c:d5:59:0e:54:46:20:5d:41:36:57:2f:
e8:e9:b6:59:32:d8:6c:68:05:3c:82:02:1a:2b:11:57:3f:c9:
ae:ee:64:7a:c6:d7:97:26:53:4d:8a:96:4b:f4:28:5c:0d:87:
69:dd:4f:55:20:f2:a1:f5:8c:df:a0:ee:d9:d1:40:7c:68:76:
47:43:99:16:5d:33:06:37:9b:b7:95:84:4d:f1:f4:cd:25:2e:
17:5f:b6:8d:92:af:8d:9d:bd:b8:4a:14:c0:40:02:7e:2d:3c:
a3:82:4f:0c:25:bc:aa:78:23:8f:f5:87:42:a6:97:98:df:37:
a4:d2:19:b9:3a:78:b4:ca:e4:b3:ba:7f:6f:c4:f9:87:b0:7a:
36:9c:cc:43:e8:0f:6c:b8:0a:73:c3:6b:bd:4a:d9:d3:d9:da:
d4:58:44:9a:b3:02:48:f2:1f:96:60:8e:14:59:ec:40:2d:b6:
a1:f9:59:08:15:f4:3e:8f:89:81:08:2e:f5:52:20:4b:b6:25:
bd:c5:ca:75
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFbh5JLLh0dLxOKcqnDv+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MDkwZmJhNjYzYjA3MmJiNTRjYzdkNDllODhhMDM4MDM3
NGNiNmUwHhcNMjQwMTAxMTQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTQ4OTdmYWEyODZkZmExZjM1NWU3MTA1ZjI5MmM0ZWEyYzhhZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k+Q29UvlyFTZncoZK08NjV7X4A8
DbcRTbZ8CsSpvlFKrkh7vEtrDGgxdUSSQK0j3JSN2xlOjLye7/huBx3CObmIOk0u
kn+5X/MyBjsw8wCYeTm62XxOoyuDTkjzdNMzJfNENSNxRy2YBp+CAacwgX/NUsro
TY9XauhRaXCInqc5nlKysu8ZVVFhccgPobk/j8/4vjpeFQ4j0Q/yEVo5tUaAXX9X
qmkBtnQLEqSfrRrarbC4QDicg5bwklVLiy1fY1JGN0Iw44CpkxwHpwjuPE6TWZ58
qmmwNg99rPLHh/eh2xeeC8CIZemBPzyzL43KWlzwFlBQtHw2upcH7YOPQwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM5Il/qiht+h81XnEF8pLE6iyK1tMB8GA1UdIwQY
MBaAFAcJD7pmOwcrtUzH1J6IoDgDdMtuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQndrUHVtWTdCeXUxVE1mVW5vaWdPQU4weTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hMDczNDItMTc0Mi00MWExLThiYzct
MDFhMjhhNzZjY2Y0LzEvemtpWC1xS0czNkh6VmVjUVh5a3NUcUxJclcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hMDczNDItMTc0Mi00MWExLThiYzctMDFhMjhhNzZjY2Y0
LzEvQndrUHVtWTdCeXUxVE1mVW5vaWdPQU4weTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXpoOAwQC
uUFQAwQBwyqUMA0EAgACMAcDBQAqAxpgMA0GCSqGSIb3DQEBCwUAA4IBAQAdKSQO
Je2XOIx4RUsRMInUjq5AirvoeOyGQ+ZijOhADTgYosPVZDTxcj9+N9JU7mTnqV6/
dYxoOEkp/3Wc1VkOVEYgXUE2Vy/o6bZZMthsaAU8ggIaKxFXP8mu7mR6xteXJlNN
ipZL9ChcDYdp3U9VIPKh9YzfoO7Z0UB8aHZHQ5kWXTMGN5u3lYRN8fTNJS4XX7aN
kq+Nnb24ShTAQAJ+LTyjgk8MJbyqeCOP9YdCppeY3zek0hm5Oni0yuSzun9vxPmH
sHo2nMxD6A9suApzw2u9StnT2drUWESaswJI8h+WYI4UWexALbah+VkIFfQ+j4mB
CC71UiBLtiW9xcp1
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:37:43 2024 by rpki-client on console-ams.rpki-client.org