Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/d796e4-d654-4e7b-84d4-f01a62400821/1/aZIo2iIyd4nYuuJb-e7kq7z5hXw.roa
File: aZIo2iIyd4nYuuJb-e7kq7z5hXw.roa (raw, json)
Hash identifier: QN7c8ArqlniZjNI4BJgmpxqtuMz26rKAUXgSmrCm5Go=
Subject key identifier: 69:92:28:DA:22:32:77:89:D8:BA:E2:5B:F9:EE:E4:AB:BC:F9:85:7C
Certificate issuer: /CN=64ff41a24fc48271b992327a2dae5a433bded050
Certificate serial: 018CC4250EACB5B2B5068BB18907E3104A5E
Authority key identifier: 64:FF:41:A2:4F:C4:82:71:B9:92:32:7A:2D:AE:5A:43:3B:DE:D0:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZP9Bok_EgnG5kjJ6La5aQzve0FA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/d796e4-d654-4e7b-84d4-f01a62400821/1/aZIo2iIyd4nYuuJb-e7kq7z5hXw.roa
Signing time: Mon 01 Jan 2024 08:30:12 +0000
ROA not before: Mon 01 Jan 2024 08:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200600
IP address blocks: 185.101.220.0/22 maxlen: 22
2a06:2140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/d796e4-d654-4e7b-84d4-f01a62400821/1/ZP9Bok_EgnG5kjJ6La5aQzve0FA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/d796e4-d654-4e7b-84d4-f01a62400821/1/ZP9Bok_EgnG5kjJ6La5aQzve0FA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZP9Bok_EgnG5kjJ6La5aQzve0FA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0e:ac:b5:b2:b5:06:8b:b1:89:07:e3:10:4a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ff41a24fc48271b992327a2dae5a433bded050
Validity
Not Before: Jan 1 08:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=699228da22327789d8bae25bf9eee4abbcf9857c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e7:6d:e0:91:26:23:40:ba:0a:2e:70:ef:81:
ce:78:67:57:50:2f:f3:57:7d:6f:92:d9:e7:1f:91:
2c:b8:34:26:ee:ac:c6:e3:01:44:ca:88:30:a2:10:
0f:4b:bf:d9:3f:88:d4:ce:58:ae:65:4a:64:ba:ed:
38:46:54:98:14:97:db:0b:ee:a5:d4:43:68:7e:d5:
59:8c:42:a9:86:c8:f2:e4:d2:d6:08:82:04:03:93:
48:15:e0:71:fb:7a:0e:a7:e4:57:98:05:8b:a7:1b:
e9:1f:e5:f0:ec:0b:50:4a:c4:0d:db:71:08:7f:2c:
ee:33:dc:8e:fc:31:17:e4:8c:5c:2e:7c:4e:23:df:
5e:5a:89:da:db:ed:74:3d:4c:c0:fc:0e:71:48:bc:
47:38:6c:62:61:39:d5:3d:94:f6:89:78:d0:8d:c8:
50:c7:30:a3:92:00:35:2d:84:ee:24:0c:ab:68:9a:
3c:b8:aa:7b:89:90:28:a0:77:2b:fd:3a:7e:bb:97:
e4:cb:cc:0a:89:37:db:f5:6a:4c:bf:3a:48:4f:e8:
87:4a:3f:92:ee:20:43:5d:b1:b5:1a:38:80:c0:00:
6e:e7:ff:bf:fb:58:c8:54:26:28:f9:f6:f0:be:d4:
f7:62:93:9c:83:b6:25:7b:5f:0a:fe:b6:96:93:04:
4e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:92:28:DA:22:32:77:89:D8:BA:E2:5B:F9:EE:E4:AB:BC:F9:85:7C
X509v3 Authority Key Identifier:
keyid:64:FF:41:A2:4F:C4:82:71:B9:92:32:7A:2D:AE:5A:43:3B:DE:D0:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZP9Bok_EgnG5kjJ6La5aQzve0FA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d796e4-d654-4e7b-84d4-f01a62400821/1/aZIo2iIyd4nYuuJb-e7kq7z5hXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d796e4-d654-4e7b-84d4-f01a62400821/1/ZP9Bok_EgnG5kjJ6La5aQzve0FA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.220.0/22
IPv6:
2a06:2140::/29
Signature Algorithm: sha256WithRSAEncryption
20:25:93:11:df:8e:da:93:44:a9:24:b5:e3:8c:3d:97:6f:bf:
68:52:00:0c:41:68:1a:4e:65:45:b2:96:c0:53:d4:d6:2b:28:
f2:fe:7a:b5:64:68:47:a5:90:9a:02:cc:e6:0b:5a:8c:ac:d2:
68:80:65:b8:69:44:c9:b5:20:ed:88:f5:ee:7e:11:45:98:5f:
d7:33:94:ac:2f:71:f7:89:e6:cb:ab:22:8e:4d:f0:62:81:26:
84:39:46:65:fe:e7:29:95:93:2e:42:38:f8:eb:2e:62:19:a9:
10:28:79:21:15:7c:08:9e:39:69:e0:f9:9e:93:6b:7d:f8:26:
65:81:8e:05:1f:4d:0b:e4:f4:b8:4f:10:b8:a6:46:ef:ef:ed:
42:90:5e:56:1f:84:0f:b9:ee:71:4a:f0:3f:88:31:8e:06:82:
84:76:8a:e9:93:a4:85:53:83:79:a7:00:f6:80:45:77:c9:6e:
22:0a:33:71:98:17:41:86:c7:a6:e6:01:f5:69:51:ee:d1:f2:
43:50:4c:93:d3:1c:76:2f:78:a2:e8:1a:1f:b2:01:82:1f:55:
48:f9:a9:b5:fe:bf:14:b2:98:50:0e:58:d8:93:d0:88:be:c8:
73:0a:6f:31:39:e0:4f:8b:f6:8b:22:09:bc:00:79:65:48:fd:
81:df:cc:a3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJQ6stbK1BouxiQfjEEpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmY0MWEyNGZjNDgyNzFiOTkyMzI3YTJkYWU1YTQzM2Jk
ZWQwNTAwHhcNMjQwMTAxMDgzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTkyMjhkYTIyMzI3Nzg5ZDhiYWUyNWJmOWVlZTRhYmJjZjk4NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmudt4JEmI0C6Ci5w74HOeGdXUC/z
V31vktnnH5EsuDQm7qzG4wFEyogwohAPS7/ZP4jUzliuZUpkuu04RlSYFJfbC+6l
1ENoftVZjEKphsjy5NLWCIIEA5NIFeBx+3oOp+RXmAWLpxvpH+Xw7AtQSsQN23EI
fyzuM9yO/DEX5IxcLnxOI99eWona2+10PUzA/A5xSLxHOGxiYTnVPZT2iXjQjchQ
xzCjkgA1LYTuJAyraJo8uKp7iZAooHcr/Tp+u5fky8wKiTfb9WpMvzpIT+iHSj+S
7iBDXbG1GjiAwABu5/+/+1jIVCYo+fbwvtT3YpOcg7Yle18K/raWkwROIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGmSKNoiMneJ2LriW/nu5Ku8+YV8MB8GA1UdIwQY
MBaAFGT/QaJPxIJxuZIyei2uWkM73tBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlA5Qm9rX0Vnbkc1a2pKNkxhNWFRenZlMEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9kNzk2ZTQtZDY1NC00ZTdiLTg0ZDQt
ZjAxYTYyNDAwODIxLzEvYVpJbzJpSXlkNG5ZdXVKYi1lN2txN3o1aFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9kNzk2ZTQtZDY1NC00ZTdiLTg0ZDQtZjAxYTYyNDAwODIx
LzEvWlA5Qm9rX0Vnbkc1a2pKNkxhNWFRenZlMEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWXcMA0E
AgACMAcDBQMqBiFAMA0GCSqGSIb3DQEBCwUAA4IBAQAgJZMR347ak0SpJLXjjD2X
b79oUgAMQWgaTmVFspbAU9TWKyjy/nq1ZGhHpZCaAszmC1qMrNJogGW4aUTJtSDt
iPXufhFFmF/XM5SsL3H3iebLqyKOTfBigSaEOUZl/ucplZMuQjj46y5iGakQKHkh
FXwInjlp4Pmek2t9+CZlgY4FH00L5PS4TxC4pkbv7+1CkF5WH4QPue5xSvA/iDGO
BoKEdorpk6SFU4N5pwD2gEV3yW4iCjNxmBdBhsem5gH1aVHu0fJDUEyT0xx2L3ii
6BofsgGCH1VI+am1/r8UsphQDljYk9CIvshzCm8xOeBPi/aLIgm8AHllSP2B38yj
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:05:27 2024 by rpki-client on console-fra.rpki-client.org