Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/zpF5Kp4VKdLaWEdEZZ1qyt_oXGQ.roa
File: zpF5Kp4VKdLaWEdEZZ1qyt_oXGQ.roa (raw, json)
Hash identifier: Dtm+c+uU7/4+m6dTBv7WnbSpU02cmzAxJ8K9he1sJ8g=
Subject key identifier: CE:91:79:2A:9E:15:29:D2:DA:58:47:44:65:9D:6A:CA:DF:E8:5C:64
Certificate issuer: /CN=c2ce0814167eaa8189fd84d390270eadf29482cb
Certificate serial: 018CF3954010E8AF3CB26EB0C7E9C9F6D26B
Authority key identifier: C2:CE:08:14:16:7E:AA:81:89:FD:84:D3:90:27:0E:AD:F2:94:82:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/zpF5Kp4VKdLaWEdEZZ1qyt_oXGQ.roa
Signing time: Wed 10 Jan 2024 13:34:53 +0000
ROA not before: Wed 10 Jan 2024 13:34:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210220
IP address blocks: 193.162.101.0/24 maxlen: 24
178.218.244.0/22 maxlen: 22
2a0d:bfc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.mft
rsync://rpki.ripe.net/repository/DEFAULT/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:95:40:10:e8:af:3c:b2:6e:b0:c7:e9:c9:f6:d2:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ce0814167eaa8189fd84d390270eadf29482cb
Validity
Not Before: Jan 10 13:34:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce91792a9e1529d2da584744659d6acadfe85c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6d:66:be:37:54:d4:dc:ea:3f:30:fb:f3:e5:
11:bc:95:47:68:58:a7:26:64:60:c3:1f:67:a5:9b:
2e:1d:8f:e9:9a:7d:dd:74:18:e7:b7:05:99:10:40:
d6:30:6f:94:55:33:5f:30:b2:a1:0d:e5:fa:94:dd:
e8:be:43:ca:bd:61:86:24:1a:9a:00:0e:9e:d0:66:
62:da:40:1f:ae:ce:20:86:77:af:8a:16:11:26:6b:
5f:97:f9:72:28:8a:13:fe:08:86:8f:f6:28:f7:27:
9c:a5:d3:fd:fb:9e:18:94:68:84:b3:a6:f1:bf:ac:
d8:d6:d8:e7:fd:23:35:fc:14:f3:84:77:d1:1e:45:
3b:3a:45:36:ab:e8:57:90:d8:5f:38:5c:41:f3:10:
83:4b:2a:11:10:5f:c3:02:fd:9a:a1:15:15:8e:2e:
6a:28:eb:b7:e0:47:9b:63:72:5b:e3:41:23:cf:54:
b4:b3:64:43:21:4a:fb:09:4d:a2:9b:33:0d:84:7d:
f5:b9:75:5c:e8:12:c6:a6:90:c4:39:48:fd:df:b4:
12:ec:1a:39:8a:9f:dd:e7:1e:ae:67:36:4f:6f:0b:
5e:4c:58:29:91:a3:9d:10:28:3c:f8:a3:8d:8b:ac:
95:f8:59:47:f3:d5:ce:ec:93:da:a8:df:1a:4f:4b:
19:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:91:79:2A:9E:15:29:D2:DA:58:47:44:65:9D:6A:CA:DF:E8:5C:64
X509v3 Authority Key Identifier:
keyid:C2:CE:08:14:16:7E:AA:81:89:FD:84:D3:90:27:0E:AD:F2:94:82:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/zpF5Kp4VKdLaWEdEZZ1qyt_oXGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.218.244.0/22
193.162.101.0/24
IPv6:
2a0d:bfc0::/32
Signature Algorithm: sha256WithRSAEncryption
06:4a:e3:fc:9b:01:cf:8a:cd:14:89:ac:58:b8:7d:0a:04:2c:
27:c3:07:79:d8:2b:21:a7:4b:c2:95:b5:49:84:29:80:c4:d5:
b4:0b:c6:6a:73:63:0b:d1:8d:6a:c6:3a:e4:0c:a8:d2:36:ae:
b7:33:ba:08:89:77:c4:bb:ad:94:32:c0:d6:13:53:82:a2:fc:
81:2d:17:d0:0e:18:3e:66:d1:df:2e:88:b0:a8:b9:d5:a0:1d:
f6:6b:3c:cc:18:a7:e8:05:dd:b5:ef:af:94:75:f7:d9:0d:f1:
16:a7:e5:f3:e9:39:a3:44:2b:38:03:23:25:15:29:4e:51:59:
77:13:45:0b:fc:b2:69:73:9a:7c:01:a4:ca:e1:79:c7:8c:2b:
81:7d:45:17:6e:51:67:60:5e:b3:b7:46:19:1b:95:ff:41:f8:
74:2f:a2:0b:11:e2:80:d0:3a:75:60:34:da:80:44:c5:9a:b8:
c0:c0:4b:2d:73:15:8c:61:01:b0:2f:e7:6f:67:af:f2:6c:16:
b6:10:f7:eb:60:9f:98:77:57:70:93:4c:32:be:14:b4:85:05:
fd:fa:9a:a1:67:ca:bd:ae:4c:5e:94:c2:7c:b0:3c:e6:61:a5:
91:6f:15:4c:32:6d:69:af:86:b4:bd:3e:50:a0:51:e4:d8:a9:
73:25:fc:c6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzzlUAQ6K88sm6wx+nJ9tJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyY2UwODE0MTY3ZWFhODE4OWZkODRkMzkwMjcwZWFkZjI5
NDgyY2IwHhcNMjQwMTEwMTMzNDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTkxNzkyYTllMTUyOWQyZGE1ODQ3NDQ2NTlkNmFjYWRmZTg1YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm1mvjdU1NzqPzD78+URvJVHaFin
JmRgwx9npZsuHY/pmn3ddBjntwWZEEDWMG+UVTNfMLKhDeX6lN3ovkPKvWGGJBqa
AA6e0GZi2kAfrs4ghnevihYRJmtfl/lyKIoT/giGj/Yo9yecpdP9+54YlGiEs6bx
v6zY1tjn/SM1/BTzhHfRHkU7OkU2q+hXkNhfOFxB8xCDSyoREF/DAv2aoRUVji5q
KOu34EebY3Jb40Ejz1S0s2RDIUr7CU2imzMNhH31uXVc6BLGppDEOUj937QS7Bo5
ip/d5x6uZzZPbwteTFgpkaOdECg8+KONi6yV+FlH89XO7JPaqN8aT0sZ5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM6ReSqeFSnS2lhHRGWdasrf6FxkMB8GA1UdIwQY
MBaAFMLOCBQWfqqBif2E05AnDq3ylILLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3M0SUZCWi1xb0dKX1lUVGtDY09yZktVZ3NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOTVlNzktMjcwMi00MGUwLTliOGEt
ZTc3MTdiMjg3MDY2LzEvenBGNUtwNFZLZExhV0VkRVpaMXF5dF9vWEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOTVlNzktMjcwMi00MGUwLTliOGEtZTc3MTdiMjg3MDY2
LzEvd3M0SUZCWi1xb0dKX1lUVGtDY09yZktVZ3NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCstr0AwQA
waJlMA0EAgACMAcDBQAqDb/AMA0GCSqGSIb3DQEBCwUAA4IBAQAGSuP8mwHPis0U
iaxYuH0KBCwnwwd52Cshp0vClbVJhCmAxNW0C8Zqc2ML0Y1qxjrkDKjSNq63M7oI
iXfEu62UMsDWE1OCovyBLRfQDhg+ZtHfLoiwqLnVoB32azzMGKfoBd2176+UdffZ
DfEWp+Xz6TmjRCs4AyMlFSlOUVl3E0UL/LJpc5p8AaTK4XnHjCuBfUUXblFnYF6z
t0YZG5X/Qfh0L6ILEeKA0Dp1YDTagETFmrjAwEstcxWMYQGwL+dvZ6/ybBa2EPfr
YJ+Yd1dwk0wyvhS0hQX9+pqhZ8q9rkxelMJ8sDzmYaWRbxVMMm1pr4a0vT5QoFHk
2KlzJfzG
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:39:01 2024 by rpki-client on console-ams.rpki-client.org