Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/zkVnB8J6tboWxKXjMNgQQdq8WZ4.roa
File: zkVnB8J6tboWxKXjMNgQQdq8WZ4.roa (raw, json)
Hash identifier: iahrD9l+DxAt/Lzni6pU5Oo/ZHCZJ/R8lB5qZ3xAYRE=
Subject key identifier: CE:45:67:07:C2:7A:B5:BA:16:C4:A5:E3:30:D8:10:41:DA:BC:59:9E
Certificate issuer: /CN=13764a52c85e07e33749743d23a5a24d096df147
Certificate serial: 018CC56E66FFFBBBD4034E0E6260121265DF
Authority key identifier: 13:76:4A:52:C8:5E:07:E3:37:49:74:3D:23:A5:A2:4D:09:6D:F1:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/zkVnB8J6tboWxKXjMNgQQdq8WZ4.roa
Signing time: Mon 01 Jan 2024 14:29:55 +0000
ROA not before: Mon 01 Jan 2024 14:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 185.147.148.0/22 maxlen: 24
95.131.240.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.mft
rsync://rpki.ripe.net/repository/DEFAULT/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:66:ff:fb:bb:d4:03:4e:0e:62:60:12:12:65:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13764a52c85e07e33749743d23a5a24d096df147
Validity
Not Before: Jan 1 14:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce456707c27ab5ba16c4a5e330d81041dabc599e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a3:c8:17:9f:06:df:ff:8e:98:7f:5c:97:cc:
59:4b:42:60:7e:77:0c:1b:5a:c0:29:48:60:86:e3:
4c:ed:cc:15:d9:c7:08:c1:99:d5:9a:99:07:93:dc:
76:87:a8:27:cd:cc:b4:4b:e1:d0:10:9f:e1:b6:c6:
36:0e:68:41:6a:24:b6:fc:95:ad:59:e3:82:d0:e2:
0a:51:f5:6c:c6:32:94:29:a7:e9:13:d1:42:8b:7c:
40:f2:67:6d:83:b5:8d:b8:ac:13:1f:8e:92:d4:c5:
07:01:b8:e3:10:1d:d8:56:cc:75:37:b8:c4:c3:91:
2e:f8:ef:1e:f7:9d:c8:ba:3b:46:82:e9:a4:13:b0:
18:67:2f:61:5d:dc:47:ba:6e:fd:b6:3d:ec:7c:70:
79:63:33:a2:3f:55:71:e5:d5:4f:0d:f5:5b:35:79:
ec:d5:fd:20:2a:c1:1b:2d:f5:af:56:85:28:19:19:
31:d2:33:5a:37:26:17:88:ad:5d:4c:44:f0:28:65:
55:f0:2c:ad:8b:9c:ea:7c:34:86:bf:d1:73:6f:5b:
34:a8:87:c8:9c:2e:e0:99:22:af:04:19:a9:b1:b8:
58:fa:f7:85:41:4b:4e:69:a2:be:5e:e8:60:aa:d6:
3f:4c:8e:7f:ef:67:98:15:ee:87:01:45:d6:0a:4f:
8e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:45:67:07:C2:7A:B5:BA:16:C4:A5:E3:30:D8:10:41:DA:BC:59:9E
X509v3 Authority Key Identifier:
keyid:13:76:4A:52:C8:5E:07:E3:37:49:74:3D:23:A5:A2:4D:09:6D:F1:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/zkVnB8J6tboWxKXjMNgQQdq8WZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e4e531-6bee-4189-ba7c-203e45616306/1/E3ZKUsheB-M3SXQ9I6WiTQlt8Uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.240.0/21
185.147.148.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:72:8e:11:3e:71:6d:3a:4b:fc:22:f3:95:44:d5:46:97:d3:
7f:18:9c:75:21:7d:b1:1c:26:ae:95:5a:73:f9:e9:a5:37:9e:
89:fc:60:b4:c2:c3:df:46:03:9b:69:a8:89:c3:30:82:bb:ff:
ea:17:88:c0:36:99:cf:32:6e:83:3f:34:71:05:56:e9:0e:df:
06:9b:2d:8d:6c:91:0e:93:ba:d2:ec:61:27:8c:b5:88:45:55:
5a:3e:ab:0b:19:a8:3d:aa:21:df:39:3e:96:e6:b7:4b:96:9c:
14:f0:67:6d:0e:c7:79:9a:dd:5b:e2:f2:af:a8:94:27:c6:5d:
26:cb:a4:90:0f:75:d6:26:6e:0c:44:c0:75:7e:9b:b3:5e:2c:
ca:65:16:25:dc:8c:df:8d:6f:61:ce:78:cb:f4:4c:5a:33:f5:
89:23:b4:cc:a5:82:f5:0e:b8:92:93:39:47:b1:9a:97:c6:7d:
ac:13:d3:10:cb:a1:99:70:9c:df:56:d8:0c:c7:f9:4a:b9:d6:
24:0b:a9:ff:b7:87:8a:f8:66:31:a8:7a:4d:1e:e4:5e:eb:76:
83:9e:f8:9a:5b:c9:bc:fa:9b:e2:5b:bf:b5:3c:3f:69:bd:80:
0c:6f:69:0d:37:38:ba:02:12:5a:76:c5:34:7b:d4:67:cd:98:
6a:3f:b6:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbmb/+7vUA04OYmASEmXfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzY0YTUyYzg1ZTA3ZTMzNzQ5NzQzZDIzYTVhMjRkMDk2
ZGYxNDcwHhcNMjQwMTAxMTQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTQ1NjcwN2MyN2FiNWJhMTZjNGE1ZTMzMGQ4MTA0MWRhYmM1OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6PIF58G3/+OmH9cl8xZS0JgfncM
G1rAKUhghuNM7cwV2ccIwZnVmpkHk9x2h6gnzcy0S+HQEJ/htsY2DmhBaiS2/JWt
WeOC0OIKUfVsxjKUKafpE9FCi3xA8mdtg7WNuKwTH46S1MUHAbjjEB3YVsx1N7jE
w5Eu+O8e953IujtGgumkE7AYZy9hXdxHum79tj3sfHB5YzOiP1Vx5dVPDfVbNXns
1f0gKsEbLfWvVoUoGRkx0jNaNyYXiK1dTETwKGVV8Cyti5zqfDSGv9Fzb1s0qIfI
nC7gmSKvBBmpsbhY+veFQUtOaaK+XuhgqtY/TI5/72eYFe6HAUXWCk+O5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM5FZwfCerW6FsSl4zDYEEHavFmeMB8GA1UdIwQY
MBaAFBN2SlLIXgfjN0l0PSOlok0JbfFHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNaS1VzaGVCLU0zU1hROUk2V2lUUWx0OFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9lNGU1MzEtNmJlZS00MTg5LWJhN2Mt
MjAzZTQ1NjE2MzA2LzEvemtWbkI4SjZ0Ym9XeEtYak1OZ1FRZHE4V1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9lNGU1MzEtNmJlZS00MTg5LWJhN2MtMjAzZTQ1NjE2MzA2
LzEvRTNaS1VzaGVCLU0zU1hROUk2V2lUUWx0OFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX4PwAwQC
uZOUMA0GCSqGSIb3DQEBCwUAA4IBAQA6co4RPnFtOkv8IvOVRNVGl9N/GJx1IX2x
HCaulVpz+emlN56J/GC0wsPfRgObaaiJwzCCu//qF4jANpnPMm6DPzRxBVbpDt8G
my2NbJEOk7rS7GEnjLWIRVVaPqsLGag9qiHfOT6W5rdLlpwU8GdtDsd5mt1b4vKv
qJQnxl0my6SQD3XWJm4MRMB1fpuzXizKZRYl3IzfjW9hznjL9ExaM/WJI7TMpYL1
DriSkzlHsZqXxn2sE9MQy6GZcJzfVtgMx/lKudYkC6n/t4eK+GYxqHpNHuRe63aD
nviaW8m8+pviW7+1PD9pvYAMb2kNNzi6AhJadsU0e9RnzZhqP7Z0
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:34:37 2024 by rpki-client on console-ams.rpki-client.org