Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/ef3608-acd4-45e1-9d32-c3bb847600cd/1/ZQ-gbvdXKyU25Jiod4zEpRpBNnk.roa
File: ZQ-gbvdXKyU25Jiod4zEpRpBNnk.roa (raw, json)
Hash identifier: rbDCoOvM3bx3WWQkmKpG939AG+ybXSm3Cp2+3DHIz/k=
Subject key identifier: 65:0F:A0:6E:F7:57:2B:25:36:E4:98:A8:77:8C:C4:A5:1A:41:36:79
Certificate issuer: /CN=2f593b254a9c3fac81652502f1c43c2201c16a85
Certificate serial: 018CC7957D89EA40D6D482A4009DC727FF83
Authority key identifier: 2F:59:3B:25:4A:9C:3F:AC:81:65:25:02:F1:C4:3C:22:01:C1:6A:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1k7JUqcP6yBZSUC8cQ8IgHBaoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/ef3608-acd4-45e1-9d32-c3bb847600cd/1/ZQ-gbvdXKyU25Jiod4zEpRpBNnk.roa
Signing time: Tue 02 Jan 2024 00:31:52 +0000
ROA not before: Tue 02 Jan 2024 00:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42830
IP address blocks: 176.105.128.0/20 maxlen: 20
91.193.160.0/22 maxlen: 22
185.212.164.0/22 maxlen: 22
2a0b:78c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/ef3608-acd4-45e1-9d32-c3bb847600cd/1/L1k7JUqcP6yBZSUC8cQ8IgHBaoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/ef3608-acd4-45e1-9d32-c3bb847600cd/1/L1k7JUqcP6yBZSUC8cQ8IgHBaoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/L1k7JUqcP6yBZSUC8cQ8IgHBaoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:7d:89:ea:40:d6:d4:82:a4:00:9d:c7:27:ff:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f593b254a9c3fac81652502f1c43c2201c16a85
Validity
Not Before: Jan 2 00:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=650fa06ef7572b2536e498a8778cc4a51a413679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:84:9e:11:35:2e:b8:70:30:4e:ef:d5:ef:6a:
8e:4d:2a:9d:66:5d:48:bc:95:f0:26:15:cd:84:54:
c3:9b:40:13:43:ce:54:3e:a6:8e:51:72:33:35:ec:
e3:ef:05:d1:e5:2b:84:75:a2:f8:3e:59:75:6d:9f:
35:d1:8d:be:dd:4f:ee:de:ba:14:90:f0:7f:e8:e4:
5a:b4:9f:ef:c2:6a:b5:9c:6e:08:fa:a6:99:34:70:
a3:f4:18:c5:4b:d5:3c:e3:3e:cb:f4:60:af:30:78:
3b:ab:aa:1e:68:18:50:d6:4f:3a:40:df:2c:d2:ed:
27:b3:0c:78:3c:e0:5b:53:bf:17:0c:5f:ed:27:2b:
dd:af:c2:6e:2d:1b:68:82:cf:2a:c4:92:f2:26:47:
52:a9:33:c5:ad:fd:f1:7c:a5:78:55:99:1a:bb:68:
e4:57:b5:07:b9:a3:32:19:90:2a:23:4e:7a:37:9b:
c2:a2:05:ee:9a:b0:b1:b8:80:35:d5:65:67:97:33:
a9:e0:34:d1:44:d0:3d:0c:c4:b8:b4:e3:b1:bf:75:
6e:9f:a3:51:f0:b8:2f:b7:86:96:7d:de:bb:4a:cb:
34:c2:64:77:c3:7f:7b:8b:23:1a:07:0f:46:54:3d:
7d:5c:f3:d5:db:70:25:d7:08:dc:f1:9a:a3:fd:55:
17:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:0F:A0:6E:F7:57:2B:25:36:E4:98:A8:77:8C:C4:A5:1A:41:36:79
X509v3 Authority Key Identifier:
keyid:2F:59:3B:25:4A:9C:3F:AC:81:65:25:02:F1:C4:3C:22:01:C1:6A:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1k7JUqcP6yBZSUC8cQ8IgHBaoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/ef3608-acd4-45e1-9d32-c3bb847600cd/1/ZQ-gbvdXKyU25Jiod4zEpRpBNnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/ef3608-acd4-45e1-9d32-c3bb847600cd/1/L1k7JUqcP6yBZSUC8cQ8IgHBaoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.160.0/22
176.105.128.0/20
185.212.164.0/22
IPv6:
2a0b:78c0::/32
Signature Algorithm: sha256WithRSAEncryption
08:d6:07:58:6e:fd:0a:8c:00:70:c7:cb:df:74:95:01:6a:ff:
e1:f2:00:ee:4c:08:ba:48:21:e3:0d:17:1c:53:e6:ab:4b:f4:
16:7b:1f:8b:5c:46:74:63:12:db:6d:12:42:76:8b:1f:94:35:
fa:13:87:91:a9:1d:7d:60:b8:c0:24:88:c5:f1:7c:38:0c:6c:
66:5c:cd:a3:ee:5a:3f:9d:15:18:c7:5f:73:70:44:be:aa:28:
44:26:56:d0:14:10:77:6e:7b:62:ca:48:3a:a5:73:41:f4:0c:
95:6c:85:0a:18:02:aa:94:51:57:99:f4:0b:f4:08:a3:c0:fb:
5c:31:b6:ca:53:9b:91:32:e5:44:ba:2b:70:e3:9e:64:cc:d6:
bd:b8:b2:76:b1:58:fe:a9:ec:4c:0a:45:ef:60:cd:bc:c2:6e:
43:85:de:7b:f1:45:fa:70:75:67:db:87:df:a2:8e:54:1d:15:
60:87:a7:32:1a:67:5a:2b:b0:4e:48:4d:6d:e0:a3:19:b5:2f:
aa:2d:01:4d:f0:ff:b6:1e:53:e8:bd:c4:c6:7b:8e:89:d3:83:
c6:ee:8a:3e:7d:3e:da:bf:01:df:f6:81:5e:66:00:87:13:0b:
d5:4b:f6:7f:b2:ab:14:1c:21:ad:e2:fa:5b:95:1a:8f:80:c6:
02:b7:f8:67
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHlX2J6kDW1IKkAJ3HJ/+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNTkzYjI1NGE5YzNmYWM4MTY1MjUwMmYxYzQzYzIyMDFj
MTZhODUwHhcNMjQwMTAyMDAzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTBmYTA2ZWY3NTcyYjI1MzZlNDk4YTg3NzhjYzRhNTFhNDEzNjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYSeETUuuHAwTu/V72qOTSqdZl1I
vJXwJhXNhFTDm0ATQ85UPqaOUXIzNezj7wXR5SuEdaL4Pll1bZ810Y2+3U/u3roU
kPB/6ORatJ/vwmq1nG4I+qaZNHCj9BjFS9U84z7L9GCvMHg7q6oeaBhQ1k86QN8s
0u0nswx4POBbU78XDF/tJyvdr8JuLRtogs8qxJLyJkdSqTPFrf3xfKV4VZkau2jk
V7UHuaMyGZAqI056N5vCogXumrCxuIA11WVnlzOp4DTRRNA9DMS4tOOxv3Vun6NR
8Lgvt4aWfd67Sss0wmR3w397iyMaBw9GVD19XPPV23Al1wjc8Zqj/VUXgQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGUPoG73VyslNuSYqHeMxKUaQTZ5MB8GA1UdIwQY
MBaAFC9ZOyVKnD+sgWUlAvHEPCIBwWqFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDFrN0pVcWNQNnlCWlNVQzhjUThJZ0hCYW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lZjM2MDgtYWNkNC00NWUxLTlkMzIt
YzNiYjg0NzYwMGNkLzEvWlEtZ2J2ZFhLeVUyNUppb2Q0ekVwUnBCTm5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lZjM2MDgtYWNkNC00NWUxLTlkMzItYzNiYjg0NzYwMGNk
LzEvTDFrN0pVcWNQNnlCWlNVQzhjUThJZ0hCYW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8GgAwQE
sGmAAwQCudSkMA0EAgACMAcDBQAqC3jAMA0GCSqGSIb3DQEBCwUAA4IBAQAI1gdY
bv0KjABwx8vfdJUBav/h8gDuTAi6SCHjDRccU+arS/QWex+LXEZ0YxLbbRJCdosf
lDX6E4eRqR19YLjAJIjF8Xw4DGxmXM2j7lo/nRUYx19zcES+qihEJlbQFBB3bnti
ykg6pXNB9AyVbIUKGAKqlFFXmfQL9AijwPtcMbbKU5uRMuVEuitw455kzNa9uLJ2
sVj+qexMCkXvYM28wm5Dhd578UX6cHVn24ffoo5UHRVgh6cyGmdaK7BOSE1t4KMZ
tS+qLQFN8P+2HlPovcTGe46J04PG7oo+fT7avwHf9oFeZgCHEwvVS/Z/sqsUHCGt
4vpblRqPgMYCt/hn
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:22:53 2024 by rpki-client on console-ams.rpki-client.org