Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b70c-18bf-4502-bf9f-4f8913a915d3/1/ZIajMDIP_TaW_PLCAo2Wd8NKxnQ.roa
File: ZIajMDIP_TaW_PLCAo2Wd8NKxnQ.roa (raw, json)
Hash identifier: sQtLq2tRw9fHzRComsDG0qCMvBU4N5kuo3KSj2YvmcY=
Subject key identifier: 64:86:A3:30:32:0F:FD:36:96:FC:F2:C2:02:8D:96:77:C3:4A:C6:74
Certificate issuer: /CN=06defa1311f53f6c441463da8fab3403ad688011
Certificate serial: 018CC500A8A31EE9C0ABD3EF0E4B575A9420
Authority key identifier: 06:DE:FA:13:11:F5:3F:6C:44:14:63:DA:8F:AB:34:03:AD:68:80:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bt76ExH1P2xEFGPaj6s0A61ogBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b70c-18bf-4502-bf9f-4f8913a915d3/1/ZIajMDIP_TaW_PLCAo2Wd8NKxnQ.roa
Signing time: Mon 01 Jan 2024 12:30:03 +0000
ROA not before: Mon 01 Jan 2024 12:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8661
IP address blocks: 213.163.96.0/19 maxlen: 19
213.163.96.0/22 maxlen: 22
213.163.97.0/24 maxlen: 24
213.163.96.0/24 maxlen: 24
213.163.98.0/24 maxlen: 24
213.163.99.0/24 maxlen: 24
213.163.100.0/22 maxlen: 22
213.163.104.0/21 maxlen: 21
213.163.112.0/20 maxlen: 20
178.175.64.0/18 maxlen: 18
213.163.121.0/24 maxlen: 24
178.175.0.0/17 maxlen: 17
178.175.0.0/18 maxlen: 18
185.47.188.0/22 maxlen: 22
2a02:e540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b70c-18bf-4502-bf9f-4f8913a915d3/1/Bt76ExH1P2xEFGPaj6s0A61ogBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b70c-18bf-4502-bf9f-4f8913a915d3/1/Bt76ExH1P2xEFGPaj6s0A61ogBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bt76ExH1P2xEFGPaj6s0A61ogBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:a8:a3:1e:e9:c0:ab:d3:ef:0e:4b:57:5a:94:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06defa1311f53f6c441463da8fab3403ad688011
Validity
Not Before: Jan 1 12:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6486a330320ffd3696fcf2c2028d9677c34ac674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:99:ef:75:9f:a3:21:82:94:83:44:ec:b2:9f:
7f:a9:06:d2:0e:2f:1b:4c:89:4b:42:b9:f1:f0:ec:
71:ed:6a:80:ee:af:28:b4:19:f7:78:32:cb:f6:2e:
1f:44:09:0f:8f:47:1d:08:49:68:94:07:c5:b5:44:
08:8f:d3:40:89:01:12:a2:79:f0:2b:92:dc:ca:77:
b3:cc:3a:b5:b6:fe:56:28:0a:94:e9:01:34:7d:f1:
bb:79:1b:8e:a8:06:3e:29:f0:5c:95:b0:7b:c5:41:
57:fa:9e:83:8c:47:b9:70:28:40:a0:1b:18:3d:06:
73:68:59:5d:00:6a:bf:43:65:00:9e:b1:8c:2d:6a:
4f:38:16:a0:ad:17:10:6d:14:44:f3:c1:c5:d9:b9:
e0:6c:01:7f:3e:a8:69:83:2e:ec:98:51:e1:84:f0:
09:e8:71:0e:51:e0:a6:a6:d4:3f:b2:2c:a1:05:f9:
25:38:db:f4:52:eb:c6:9b:9b:8d:0c:23:ae:84:bd:
e7:c4:53:a6:dc:d1:48:5e:73:bb:58:a9:1b:68:d4:
d3:c1:e2:3a:f5:09:8b:4c:3d:2d:dd:5b:b6:37:56:
70:7f:4f:ca:2e:a7:e5:be:cf:ea:0c:5a:bf:bd:20:
8d:ae:67:1b:e3:78:34:c1:4d:a8:33:3f:85:d8:60:
3c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:86:A3:30:32:0F:FD:36:96:FC:F2:C2:02:8D:96:77:C3:4A:C6:74
X509v3 Authority Key Identifier:
keyid:06:DE:FA:13:11:F5:3F:6C:44:14:63:DA:8F:AB:34:03:AD:68:80:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bt76ExH1P2xEFGPaj6s0A61ogBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b70c-18bf-4502-bf9f-4f8913a915d3/1/ZIajMDIP_TaW_PLCAo2Wd8NKxnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b70c-18bf-4502-bf9f-4f8913a915d3/1/Bt76ExH1P2xEFGPaj6s0A61ogBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.0.0/17
185.47.188.0/22
213.163.96.0/19
IPv6:
2a02:e540::/29
Signature Algorithm: sha256WithRSAEncryption
b5:ee:23:8b:b0:57:78:89:3b:33:dd:fe:8c:03:d4:53:ce:76:
34:f1:f1:3d:3d:46:dc:e9:46:b2:b1:78:47:02:ba:65:7b:5e:
72:6d:1c:c9:0d:fc:0b:ab:7b:dd:f4:46:56:17:c6:70:df:bc:
16:7d:fe:43:09:c0:4b:45:b7:4c:a3:bf:73:89:5f:60:c4:39:
32:70:de:be:30:a4:f1:5d:4b:fe:1e:ba:7b:86:d2:09:dd:af:
94:d2:a6:cb:21:12:14:c4:59:b1:8d:cd:6e:20:a7:83:88:ae:
65:b4:1c:00:8d:a8:ca:9f:af:43:34:7c:67:98:1c:b8:49:3d:
13:31:b7:e8:5b:b0:39:18:58:c6:79:52:fb:9d:d9:86:7b:6b:
ea:a2:c9:16:7d:e6:3e:69:d6:d0:2a:9a:1a:4d:fe:21:f0:71:
fa:fc:3c:2d:37:fb:01:eb:b8:a1:28:ee:24:9d:cb:01:7b:bd:
80:ff:0a:a6:9b:78:8d:be:29:d4:c0:f3:15:d8:a8:95:cf:cc:
17:f8:50:5a:48:58:75:e8:bd:07:80:45:4a:d2:46:bd:78:86:
52:20:ea:84:53:dd:fd:e4:97:36:ae:74:9f:77:54:13:22:c6:
f1:87:5e:bd:3c:64:fb:e3:46:a9:52:bc:c0:85:77:7b:3c:b2:
bd:98:ec:61
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFAKijHunAq9PvDktXWpQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZGVmYTEzMTFmNTNmNmM0NDE0NjNkYThmYWIzNDAzYWQ2
ODgwMTEwHhcNMjQwMTAxMTIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg2YTMzMDMyMGZmZDM2OTZmY2YyYzIwMjhkOTY3N2MzNGFjNjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5nvdZ+jIYKUg0Tssp9/qQbSDi8b
TIlLQrnx8Oxx7WqA7q8otBn3eDLL9i4fRAkPj0cdCElolAfFtUQIj9NAiQESonnw
K5LcynezzDq1tv5WKAqU6QE0ffG7eRuOqAY+KfBclbB7xUFX+p6DjEe5cChAoBsY
PQZzaFldAGq/Q2UAnrGMLWpPOBagrRcQbRRE88HF2bngbAF/Pqhpgy7smFHhhPAJ
6HEOUeCmptQ/siyhBfklONv0UuvGm5uNDCOuhL3nxFOm3NFIXnO7WKkbaNTTweI6
9QmLTD0t3Vu2N1Zwf0/KLqflvs/qDFq/vSCNrmcb43g0wU2oMz+F2GA8tQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGSGozAyD/02lvzywgKNlnfDSsZ0MB8GA1UdIwQY
MBaAFAbe+hMR9T9sRBRj2o+rNAOtaIARMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnQ3NkV4SDFQMnhFRkdQYWo2czBBNjFvZ0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI3MGMtMThiZi00NTAyLWJmOWYt
NGY4OTEzYTkxNWQzLzEvWklhak1ESVBfVGFXX1BMQ0FvMldkOE5LeG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI3MGMtMThiZi00NTAyLWJmOWYtNGY4OTEzYTkxNWQz
LzEvQnQ3NkV4SDFQMnhFRkdQYWo2czBBNjFvZ0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHsq8AAwQC
uS+8AwQF1aNgMA0EAgACMAcDBQMqAuVAMA0GCSqGSIb3DQEBCwUAA4IBAQC17iOL
sFd4iTsz3f6MA9RTznY08fE9PUbc6UaysXhHArple15ybRzJDfwLq3vd9EZWF8Zw
37wWff5DCcBLRbdMo79ziV9gxDkycN6+MKTxXUv+Hrp7htIJ3a+U0qbLIRIUxFmx
jc1uIKeDiK5ltBwAjajKn69DNHxnmBy4ST0TMbfoW7A5GFjGeVL7ndmGe2vqoskW
feY+adbQKpoaTf4h8HH6/DwtN/sB67ihKO4kncsBe72A/wqmm3iNvinUwPMV2KiV
z8wX+FBaSFh16L0HgEVK0ka9eIZSIOqEU9395Jc2rnSfd1QTIsbxh169PGT740ap
UrzAhXd7PLK9mOxh
-----END CERTIFICATE-----
Generated at Mon Jun 24 09:32:23 2024 by rpki-client on console-fra.rpki-client.org