Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ZO6yR2gn-HZJwrCW4QOBPSH_5lA.roa
File: ZO6yR2gn-HZJwrCW4QOBPSH_5lA.roa (raw, json)
Hash identifier: mfPl+0tyFkXe6oLSuJz8af3R/8A7QWSOPwf4DTWzjNM=
Subject key identifier: 64:EE:B2:47:68:27:F8:76:49:C2:B0:96:E1:03:81:3D:21:FF:E6:50
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0193054D23004A2B90210FD9F2A9E3AE5004
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ZO6yR2gn-HZJwrCW4QOBPSH_5lA.roa
Signing time: Thu 07 Nov 2024 06:26:01 +0000
ROA not before: Thu 07 Nov 2024 06:26:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39407
IP address blocks: 87.103.232.0/24 maxlen: 24
87.103.234.0/24 maxlen: 24
95.189.113.0/24 maxlen: 24
95.189.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:4d:23:00:4a:2b:90:21:0f:d9:f2:a9:e3:ae:50:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Nov 7 06:26:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64eeb2476827f87649c2b096e103813d21ffe650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b7:48:b1:a7:e1:98:e6:fa:93:14:90:cc:88:
c9:7b:07:db:b4:ac:2a:9e:fc:24:a5:ac:3d:04:75:
5c:5c:08:a2:43:ea:fa:f7:a7:96:ad:ea:a8:0b:98:
4e:f3:31:ad:35:9b:bb:35:18:6b:13:1f:a9:64:a7:
23:68:35:87:4e:c9:0d:b9:86:dd:27:68:35:44:f0:
d9:7f:1c:cd:63:4b:f3:f5:bd:52:63:ce:ba:12:54:
16:d6:9d:0c:96:7b:2f:f1:f1:62:cf:f8:34:cc:d7:
e8:d3:40:d6:3b:57:2e:6a:24:af:99:d7:a7:3a:69:
cc:ec:60:b8:a2:c6:3d:ec:0e:04:86:99:35:92:44:
b6:ca:26:66:1d:33:4d:28:ea:e8:16:24:14:e1:81:
99:0c:79:ca:5e:5e:1f:53:e8:96:b5:ae:46:fd:6e:
e0:5a:9b:9a:d8:04:c7:3a:68:93:0b:a1:e8:e8:3b:
f7:44:6e:d3:c2:17:11:58:6f:3f:4f:5e:14:25:10:
a5:d6:00:74:21:3c:cd:12:42:8b:fc:fb:43:b6:62:
1c:68:26:6f:53:a7:f0:27:42:69:58:8a:4d:82:f4:
9a:aa:69:15:7f:25:e7:4f:18:9b:a2:64:3e:79:4b:
48:ce:fe:1a:00:55:5f:ab:75:29:88:1f:e8:4c:13:
f7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:EE:B2:47:68:27:F8:76:49:C2:B0:96:E1:03:81:3D:21:FF:E6:50
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ZO6yR2gn-HZJwrCW4QOBPSH_5lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.103.232.0/24
87.103.234.0/24
95.189.113.0-95.189.114.255
Signature Algorithm: sha256WithRSAEncryption
7b:91:4b:2b:f9:4c:f5:76:fc:96:1d:3e:a8:a7:df:82:e8:0d:
74:25:ff:9c:72:da:42:a3:28:f2:b7:1c:8e:dc:e7:93:9f:ca:
c1:64:03:16:f2:a9:5d:c1:a0:bd:b7:99:c7:b3:20:a2:8b:f7:
83:94:72:ee:81:ef:fb:f8:3e:05:73:53:c7:88:39:00:2d:72:
14:4d:b9:8f:e6:7c:ce:08:04:b9:05:6a:10:01:80:34:ab:a1:
54:c4:e7:e4:a8:13:12:5a:32:97:e8:5c:b5:73:49:11:15:9c:
a9:5f:9b:05:50:73:b9:1c:c6:de:e6:79:fe:39:be:ed:80:b0:
f4:1e:97:e1:5f:9f:e5:dd:4c:d5:63:e7:85:ec:c2:e1:4d:7c:
09:c4:59:32:b1:e2:6a:38:a9:6d:2f:ce:ac:1c:9d:0d:09:ea:
9f:0f:d9:e7:5a:e3:98:17:35:a0:83:c7:ac:76:f6:a8:f7:a5:
f8:a8:70:c3:f9:95:27:d8:f2:c3:f6:a4:6c:40:f5:0b:12:12:
34:50:65:a2:75:0e:6d:52:a7:88:66:97:6b:fd:41:a4:81:87:
07:0b:b1:7c:9c:35:49:d1:fd:e8:d5:2b:ad:59:a6:7a:9b:96:
8a:e3:44:16:16:9e:3a:e5:0a:e3:eb:03:4c:78:69:5b:a4:b6:
ba:37:c2:7f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZMFTSMASiuQIQ/Z8qnjrlAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQxMTA3MDYyNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGVlYjI0NzY4MjdmODc2NDljMmIwOTZlMTAzODEzZDIxZmZlNjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirdIsafhmOb6kxSQzIjJewfbtKwq
nvwkpaw9BHVcXAiiQ+r696eWreqoC5hO8zGtNZu7NRhrEx+pZKcjaDWHTskNuYbd
J2g1RPDZfxzNY0vz9b1SY866ElQW1p0Mlnsv8fFiz/g0zNfo00DWO1cuaiSvmden
OmnM7GC4osY97A4Ehpk1kkS2yiZmHTNNKOroFiQU4YGZDHnKXl4fU+iWta5G/W7g
Wpua2ATHOmiTC6Ho6Dv3RG7TwhcRWG8/T14UJRCl1gB0ITzNEkKL/PtDtmIcaCZv
U6fwJ0JpWIpNgvSaqmkVfyXnTxibomQ+eUtIzv4aAFVfq3UpiB/oTBP3ZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGTuskdoJ/h2ScKwluEDgT0h/+ZQMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvWk82eVIyZ24tSFpKd3JDVzRRT0JQU0hfNWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAV2foAwQA
V2fqMAwDBABfvXEDBABfvXIwDQYJKoZIhvcNAQELBQADggEBAHuRSyv5TPV2/JYd
Pqin34LoDXQl/5xy2kKjKPK3HI7c55OfysFkAxbyqV3BoL23mcezIKKL94OUcu6B
7/v4PgVzU8eIOQAtchRNuY/mfM4IBLkFahABgDSroVTE5+SoExJaMpfoXLVzSREV
nKlfmwVQc7kcxt7mef45vu2AsPQel+Ffn+XdTNVj54XswuFNfAnEWTKx4mo4qW0v
zqwcnQ0J6p8P2eda45gXNaCDx6x29qj3pfiocMP5lSfY8sP2pGxA9QsSEjRQZaJ1
Dm1Sp4hml2v9QaSBhwcLsXycNUnR/ejVK61ZpnqblorjRBYWnjrlCuPrA0x4aVuk
tro3wn8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:26 2024 by rpki-client on console-fra.rpki-client.org