Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c8492d-c364-4d83-85b4-137b6e3b8c20/1/Z8XBLeR-2Xlkw6m3kfyBnxoSWNA.roa
File: Z8XBLeR-2Xlkw6m3kfyBnxoSWNA.roa (raw, json)
Hash identifier: qLtb6qbHcnq6TdyAxEVzsPNdjYdqjm7800GoDlMyjN4=
Subject key identifier: 67:C5:C1:2D:E4:7E:D9:79:64:C3:A9:B7:91:FC:81:9F:1A:12:58:D0
Certificate issuer: /CN=e29471ae0aaacab83e293f1f8ea1bd7070ec335b
Certificate serial: 018CC8DF4F455F6EACE4A6E44961941199B9
Authority key identifier: E2:94:71:AE:0A:AA:CA:B8:3E:29:3F:1F:8E:A1:BD:70:70:EC:33:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4pRxrgqqyrg-KT8fjqG9cHDsM1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c8492d-c364-4d83-85b4-137b6e3b8c20/1/Z8XBLeR-2Xlkw6m3kfyBnxoSWNA.roa
Signing time: Tue 02 Jan 2024 06:32:07 +0000
ROA not before: Tue 02 Jan 2024 06:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52157
IP address blocks: 185.237.36.0/22 maxlen: 22
185.193.92.0/22 maxlen: 22
185.209.224.0/22 maxlen: 22
93.89.112.0/20 maxlen: 20
2a02:25e8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c8492d-c364-4d83-85b4-137b6e3b8c20/1/4pRxrgqqyrg-KT8fjqG9cHDsM1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/c8492d-c364-4d83-85b4-137b6e3b8c20/1/4pRxrgqqyrg-KT8fjqG9cHDsM1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4pRxrgqqyrg-KT8fjqG9cHDsM1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:4f:45:5f:6e:ac:e4:a6:e4:49:61:94:11:99:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29471ae0aaacab83e293f1f8ea1bd7070ec335b
Validity
Not Before: Jan 2 06:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c5c12de47ed97964c3a9b791fc819f1a1258d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:79:8a:1e:7d:52:4d:c8:f1:0f:70:b0:35:f9:
06:24:20:9b:c1:ab:be:69:b4:04:ae:c8:57:cd:bb:
a8:1b:d0:dd:25:34:b5:d0:77:94:6f:64:dd:db:50:
52:12:ba:4a:fa:ab:18:bf:3e:67:b2:84:fa:18:f6:
04:78:20:d9:ee:43:e4:50:90:8e:cd:77:3b:c1:2a:
3a:60:bf:e8:ec:e3:b9:e1:da:29:62:0f:4e:82:f1:
20:ba:25:17:87:2f:d3:1e:51:56:27:9f:3b:b3:6c:
20:38:e3:4c:2f:99:da:12:39:dc:9b:51:6d:3c:71:
46:05:4d:2c:94:a9:e9:4e:7c:e9:b1:14:1e:b0:00:
ec:57:77:88:d8:1b:4d:98:b7:b5:7b:4f:03:50:8f:
46:65:d3:73:09:b3:2c:51:02:88:a2:36:16:29:d0:
8d:35:bf:bc:b9:eb:0f:3a:2a:ca:8c:a1:24:8d:13:
e0:e0:fe:b5:83:62:bf:0e:3c:f1:7c:1f:64:ec:ec:
11:4e:16:c4:95:3e:1b:60:30:cb:32:78:df:0d:b9:
00:b9:33:ac:ff:5d:b5:9e:2b:42:da:21:80:39:ab:
cd:37:c5:31:05:45:6c:de:d8:60:85:6d:82:73:1a:
9e:1a:90:79:22:fc:77:da:9e:9b:66:8a:92:7b:7f:
d8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C5:C1:2D:E4:7E:D9:79:64:C3:A9:B7:91:FC:81:9F:1A:12:58:D0
X509v3 Authority Key Identifier:
keyid:E2:94:71:AE:0A:AA:CA:B8:3E:29:3F:1F:8E:A1:BD:70:70:EC:33:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4pRxrgqqyrg-KT8fjqG9cHDsM1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c8492d-c364-4d83-85b4-137b6e3b8c20/1/Z8XBLeR-2Xlkw6m3kfyBnxoSWNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c8492d-c364-4d83-85b4-137b6e3b8c20/1/4pRxrgqqyrg-KT8fjqG9cHDsM1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.112.0/20
185.193.92.0/22
185.209.224.0/22
185.237.36.0/22
IPv6:
2a02:25e8::/29
Signature Algorithm: sha256WithRSAEncryption
9d:5e:36:e3:7a:97:18:8c:7d:f2:e5:21:4d:1c:4f:a4:b8:ca:
ae:5d:95:5f:ee:75:e3:23:95:78:42:44:8f:7c:7a:db:e5:3b:
c3:a2:8a:72:fa:4f:19:72:1f:fa:1d:81:14:c8:1b:75:54:e2:
19:a7:c9:87:00:c9:7d:2b:3d:d5:37:e0:a2:32:c4:5c:da:0b:
30:87:fc:60:45:7b:8b:ef:c1:7e:47:28:4d:44:a5:bf:10:5a:
7f:fd:73:d5:8f:69:6e:64:aa:ec:35:df:be:6d:d2:7e:67:75:
18:d5:4e:74:a7:a1:64:bb:44:1f:ca:67:7a:58:af:df:bc:a7:
61:cb:96:b0:13:21:44:41:4f:49:d5:74:59:05:e6:73:92:08:
39:43:e6:c5:0b:04:a9:9c:ef:98:1f:7c:4d:8c:7f:07:3d:33:
e0:93:8a:b8:78:df:0d:ff:3c:21:51:ee:64:3d:df:d2:05:a5:
b0:95:aa:53:a6:a8:d1:9c:42:c0:f7:4d:6c:68:57:5d:86:eb:
2a:83:01:16:b4:11:ce:9d:e0:a5:70:08:0a:64:ad:1a:90:44:
f0:21:b4:28:62:cc:6a:1b:38:fc:5d:16:1e:61:cf:85:7b:d4:
0f:84:80:7e:ee:ba:ed:ae:50:21:04:ed:b4:b8:46:23:1d:af:
69:8f:1e:e6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzI309FX26s5KbkSWGUEZm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOTQ3MWFlMGFhYWNhYjgzZTI5M2YxZjhlYTFiZDcwNzBl
YzMzNWIwHhcNMjQwMTAyMDYzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2M1YzEyZGU0N2VkOTc5NjRjM2E5Yjc5MWZjODE5ZjFhMTI1OGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3mKHn1STcjxD3CwNfkGJCCbwau+
abQErshXzbuoG9DdJTS10HeUb2Td21BSErpK+qsYvz5nsoT6GPYEeCDZ7kPkUJCO
zXc7wSo6YL/o7OO54dopYg9OgvEguiUXhy/THlFWJ587s2wgOONML5naEjncm1Ft
PHFGBU0slKnpTnzpsRQesADsV3eI2BtNmLe1e08DUI9GZdNzCbMsUQKIojYWKdCN
Nb+8uesPOirKjKEkjRPg4P61g2K/DjzxfB9k7OwRThbElT4bYDDLMnjfDbkAuTOs
/121nitC2iGAOavNN8UxBUVs3thghW2CcxqeGpB5Ivx32p6bZoqSe3/YKwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGfFwS3kftl5ZMOpt5H8gZ8aEljQMB8GA1UdIwQY
MBaAFOKUca4Kqsq4Pik/H46hvXBw7DNbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHBSeHJncXF5cmctS1Q4ZmpxRzljSERzTTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODQ5MmQtYzM2NC00ZDgzLTg1YjQt
MTM3YjZlM2I4YzIwLzEvWjhYQkxlUi0yWGxrdzZtM2tmeUJueG9TV05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jODQ5MmQtYzM2NC00ZDgzLTg1YjQtMTM3YjZlM2I4YzIw
LzEvNHBSeHJncXF5cmctS1Q4ZmpxRzljSERzTTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEXVlwAwQC
ucFcAwQCudHgAwQCue0kMA0EAgACMAcDBQMqAiXoMA0GCSqGSIb3DQEBCwUAA4IB
AQCdXjbjepcYjH3y5SFNHE+kuMquXZVf7nXjI5V4QkSPfHrb5TvDoopy+k8Zch/6
HYEUyBt1VOIZp8mHAMl9Kz3VN+CiMsRc2gswh/xgRXuL78F+RyhNRKW/EFp//XPV
j2luZKrsNd++bdJ+Z3UY1U50p6Fku0Qfymd6WK/fvKdhy5awEyFEQU9J1XRZBeZz
kgg5Q+bFCwSpnO+YH3xNjH8HPTPgk4q4eN8N/zwhUe5kPd/SBaWwlapTpqjRnELA
901saFddhusqgwEWtBHOneClcAgKZK0akETwIbQoYsxqGzj8XRYeYc+Fe9QPhIB+
7rrtrlAhBO20uEYjHa9pjx7m
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:39:28 2024 by rpki-client on console-ams.rpki-client.org