Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/Z_uOcNVsYYI4KtdO5467b21uykI.roa
File: Z_uOcNVsYYI4KtdO5467b21uykI.roa (raw, json)
Hash identifier: cHk7vKN94MUj/YYcRH3lXsw40gXCk2630NLCO8IJbCA=
Subject key identifier: 67:FB:8E:70:D5:6C:61:82:38:2A:D7:4E:E7:8E:BB:6F:6D:6E:CA:42
Certificate issuer: /CN=8e52a3954e30e4753e2e00a0ef816966d6d60db6
Certificate serial: 018CC26D2976919A706AB345BA421DF72655
Authority key identifier: 8E:52:A3:95:4E:30:E4:75:3E:2E:00:A0:EF:81:69:66:D6:D6:0D:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jlKjlU4w5HU-LgCg74FpZtbWDbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/Z_uOcNVsYYI4KtdO5467b21uykI.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205697
IP address blocks: 195.216.234.0/24 maxlen: 24
195.216.238.0/24 maxlen: 24
185.161.98.0/24 maxlen: 24
185.161.96.0/22 maxlen: 24
185.161.96.0/24 maxlen: 24
195.216.245.0/24 maxlen: 24
185.161.97.0/24 maxlen: 24
195.216.247.0/24 maxlen: 24
185.161.99.0/24 maxlen: 24
2a0b:ef01::/32 maxlen: 32
2a0b:ef04::/32 maxlen: 32
2a0b:ef05::/32 maxlen: 32
2a0b:ef02::/32 maxlen: 32
2a0b:ef00::/29 maxlen: 32
2a0b:ef03::/32 maxlen: 32
2a0b:ef07::/32 maxlen: 32
2a0b:ef00::/32 maxlen: 32
2a0b:ef06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/jlKjlU4w5HU-LgCg74FpZtbWDbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/jlKjlU4w5HU-LgCg74FpZtbWDbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jlKjlU4w5HU-LgCg74FpZtbWDbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:29:76:91:9a:70:6a:b3:45:ba:42:1d:f7:26:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e52a3954e30e4753e2e00a0ef816966d6d60db6
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67fb8e70d56c6182382ad74ee78ebb6f6d6eca42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ac:25:fa:45:b6:3b:3e:12:3e:eb:ff:e2:12:
43:f2:0f:df:6f:07:7a:34:c6:31:17:2d:6b:96:06:
6e:2d:4c:34:92:c0:ca:58:25:dd:1b:2e:04:3c:34:
76:c2:20:69:a3:6d:46:c3:79:11:3f:29:b4:16:dc:
d8:8b:ea:2a:47:b8:fa:0c:8e:e5:49:93:57:53:49:
d2:c4:fc:7e:a6:83:e8:33:9f:ad:a8:3a:ae:90:29:
28:96:d5:07:31:0e:8d:8d:70:36:3f:3a:65:d6:d5:
ce:86:bf:c7:a7:e7:72:75:e0:20:4d:da:b6:f6:d2:
64:bf:f4:cd:9a:84:73:e1:19:d5:e1:c4:91:02:0b:
6f:4f:ca:a3:bd:bd:fd:66:42:3d:93:b4:af:c3:d5:
66:bf:a3:32:05:64:16:65:28:1d:fb:7e:a1:e1:ff:
4c:b8:cb:0a:98:73:3b:a5:0d:3e:01:e3:a4:73:b8:
b3:68:a1:4e:44:be:e4:fa:86:15:8c:e9:ea:95:b8:
ea:50:51:36:dc:7b:c1:5c:35:41:02:be:ba:49:df:
bf:67:d4:4c:64:a6:54:9c:69:65:40:36:f7:bd:48:
b2:21:e5:6c:3f:1c:c9:05:c3:e2:76:28:47:42:ea:
32:12:35:ce:44:32:cf:5d:87:0f:57:7d:1b:e9:f3:
98:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FB:8E:70:D5:6C:61:82:38:2A:D7:4E:E7:8E:BB:6F:6D:6E:CA:42
X509v3 Authority Key Identifier:
keyid:8E:52:A3:95:4E:30:E4:75:3E:2E:00:A0:EF:81:69:66:D6:D6:0D:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jlKjlU4w5HU-LgCg74FpZtbWDbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/Z_uOcNVsYYI4KtdO5467b21uykI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/jlKjlU4w5HU-LgCg74FpZtbWDbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.96.0/22
195.216.234.0/24
195.216.238.0/24
195.216.245.0/24
195.216.247.0/24
IPv6:
2a0b:ef00::/29
Signature Algorithm: sha256WithRSAEncryption
c0:df:58:55:84:bb:fd:b5:26:cf:be:f7:a6:b0:f5:03:c0:f1:
70:0e:8c:72:22:8b:63:d5:6a:e6:ca:c9:7b:28:1c:98:1d:05:
f5:0d:2a:d3:3d:97:98:56:81:fa:04:18:9f:81:f5:9a:cb:ae:
5b:cd:20:54:42:7b:46:a3:8d:3e:89:a7:6d:bf:58:37:71:e6:
b0:ba:dc:e7:00:87:e1:4e:75:29:11:65:28:1d:38:09:05:ed:
f1:e3:c2:60:5c:97:e2:88:37:35:fb:22:55:52:45:af:52:55:
b1:1b:a5:94:7a:7f:73:f4:a0:68:b1:aa:bb:16:e1:41:63:b9:
ab:35:41:76:8f:c2:85:22:15:c4:7b:8a:63:b4:12:f7:f3:b7:
55:04:d4:6c:19:d3:d4:50:95:7a:c7:1c:1c:18:66:96:29:72:
2e:0d:7c:60:9f:18:20:3a:90:dc:69:40:1a:f4:61:07:de:b2:
a8:50:06:ce:57:e6:54:3b:6a:9b:46:d4:c8:21:bb:2a:18:7a:
05:64:a9:22:1a:3a:6b:91:91:c6:66:83:2f:03:6b:b0:9f:8f:
30:78:83:ea:cc:6f:6e:d0:bc:7d:dc:c4:02:36:e8:a6:23:e9:
1d:2b:aa:7a:8f:19:ec:6e:cc:9e:22:68:a7:66:73:73:46:82:
9b:d9:27:bc
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzCbSl2kZpwarNFukId9yZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNTJhMzk1NGUzMGU0NzUzZTJlMDBhMGVmODE2OTY2ZDZk
NjBkYjYwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZiOGU3MGQ1NmM2MTgyMzgyYWQ3NGVlNzhlYmI2ZjZkNmVjYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6wl+kW2Oz4SPuv/4hJD8g/fbwd6
NMYxFy1rlgZuLUw0ksDKWCXdGy4EPDR2wiBpo21Gw3kRPym0FtzYi+oqR7j6DI7l
SZNXU0nSxPx+poPoM5+tqDqukCkoltUHMQ6NjXA2Pzpl1tXOhr/Hp+dydeAgTdq2
9tJkv/TNmoRz4RnV4cSRAgtvT8qjvb39ZkI9k7Svw9Vmv6MyBWQWZSgd+36h4f9M
uMsKmHM7pQ0+AeOkc7izaKFORL7k+oYVjOnqlbjqUFE23HvBXDVBAr66Sd+/Z9RM
ZKZUnGllQDb3vUiyIeVsPxzJBcPidihHQuoyEjXORDLPXYcPV30b6fOYJwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGf7jnDVbGGCOCrXTueOu29tbspCMB8GA1UdIwQY
MBaAFI5So5VOMOR1Pi4AoO+BaWbW1g22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamxLamxVNHc1SFUtTGdDZzc0RnBadGJXRGJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8xMTc3YTItMjE5Yy00YjYwLWI5MDEt
Yjg1NmRiMzNjNmM2LzEvWl91T2NOVnNZWUk0S3RkTzU0NjdiMjF1eWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8xMTc3YTItMjE5Yy00YjYwLWI5MDEtYjg1NmRiMzNjNmM2
LzEvamxLamxVNHc1SFUtTGdDZzc0RnBadGJXRGJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuaFgAwQA
w9jqAwQAw9juAwQAw9j1AwQAw9j3MA0EAgACMAcDBQMqC+8AMA0GCSqGSIb3DQEB
CwUAA4IBAQDA31hVhLv9tSbPvvemsPUDwPFwDoxyIotj1Wrmysl7KByYHQX1DSrT
PZeYVoH6BBifgfWay65bzSBUQntGo40+iadtv1g3ceawutznAIfhTnUpEWUoHTgJ
Be3x48JgXJfiiDc1+yJVUkWvUlWxG6WUen9z9KBosaq7FuFBY7mrNUF2j8KFIhXE
e4pjtBL387dVBNRsGdPUUJV6xxwcGGaWKXIuDXxgnxggOpDcaUAa9GEH3rKoUAbO
V+ZUO2qbRtTIIbsqGHoFZKkiGjprkZHGZoMvA2uwn48weIPqzG9u0Lx93MQCNuim
I+kdK6p6jxnsbsyeIminZnNzRoKb2Se8
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:43:44 2024 by rpki-client on console-ams.rpki-client.org