Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/ZRi96_Jcu83-Ta6mxUZyJLpwhgs.roa
File: ZRi96_Jcu83-Ta6mxUZyJLpwhgs.roa (raw, json)
Hash identifier: pr9oMhGcNDQD5DsxPXgarMsStPLgDetpXwbn9zwElF0=
Subject key identifier: 65:18:BD:EB:F2:5C:BB:CD:FE:4D:AE:A6:C5:46:72:24:BA:70:86:0B
Certificate issuer: /CN=f9503c075a690556bd462122b24699e1b6b19278
Certificate serial: 018E565C2D9FC8D713F311AD678CAB6793BE
Authority key identifier: F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/ZRi96_Jcu83-Ta6mxUZyJLpwhgs.roa
Signing time: Tue 19 Mar 2024 10:57:45 +0000
ROA not before: Tue 19 Mar 2024 10:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60350
IP address blocks: 45.137.176.0/22 maxlen: 24
91.221.146.0/23 maxlen: 24
185.45.180.0/22 maxlen: 24
185.183.112.0/22 maxlen: 24
193.105.141.0/24 maxlen: 24
193.105.151.0/24 maxlen: 24
193.148.6.0/23 maxlen: 24
193.161.254.0/23 maxlen: 24
193.164.2.0/23 maxlen: 24
195.189.178.0/23 maxlen: 24
2a0b:c80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1-VA8B1ppBVa9RiEiskaZ4baxkng.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1-VA8B1ppBVa9RiEiskaZ4baxkng.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 01:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:5c:2d:9f:c8:d7:13:f3:11:ad:67:8c:ab:67:93:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9503c075a690556bd462122b24699e1b6b19278
Validity
Not Before: Mar 19 10:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6518bdebf25cbbcdfe4daea6c5467224ba70860b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:70:70:f1:53:4a:56:da:5c:ad:71:f3:fa:2a:
d8:12:7a:8d:07:36:42:06:5b:f1:d3:61:b1:87:4b:
13:7c:a6:41:da:de:c6:4d:d9:4f:d3:04:a5:81:ce:
d9:9c:1f:e3:2d:a8:82:df:68:23:bd:2e:6d:7c:cf:
4e:aa:09:3f:e7:af:eb:d1:c3:5e:6a:f5:82:dc:80:
3b:c5:54:55:75:92:54:96:35:1e:77:92:78:89:d2:
6d:ab:a5:83:40:66:60:7d:e7:a1:94:30:ca:d8:41:
84:e5:b7:95:4c:a4:ea:fa:3c:96:db:e5:12:8a:f7:
5d:d9:21:14:f5:42:70:84:05:cf:b8:c0:8f:94:08:
b8:45:2a:09:0b:c4:21:aa:23:63:b3:47:73:46:82:
03:70:69:2b:16:30:86:d2:ab:16:cf:cc:81:84:5c:
97:ef:00:5b:b8:fb:54:10:43:ca:ad:c3:56:b4:08:
f3:22:55:b3:b4:a5:f0:db:c4:27:22:f3:ed:f4:fa:
d2:65:17:16:9c:0a:ed:62:df:8a:ff:35:f9:f4:cf:
6c:a2:9d:58:11:f4:11:83:dc:3d:a0:a3:16:e4:51:
24:4c:17:3a:2f:1b:1e:e6:fe:c4:fb:d3:93:fa:ee:
37:5f:99:ed:e5:49:39:e7:9e:56:dd:56:ec:14:b9:
00:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:18:BD:EB:F2:5C:BB:CD:FE:4D:AE:A6:C5:46:72:24:BA:70:86:0B
X509v3 Authority Key Identifier:
keyid:F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/ZRi96_Jcu83-Ta6mxUZyJLpwhgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1-VA8B1ppBVa9RiEiskaZ4baxkng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.176.0/22
91.221.146.0/23
185.45.180.0/22
185.183.112.0/22
193.105.141.0/24
193.105.151.0/24
193.148.6.0/23
193.161.254.0/23
193.164.2.0/23
195.189.178.0/23
IPv6:
2a0b:c80::/29
Signature Algorithm: sha256WithRSAEncryption
3f:d0:76:29:f5:8a:b6:60:e9:64:2b:8c:cc:08:88:7b:bb:de:
ab:05:b9:d6:47:c4:16:e2:2f:a5:ad:95:be:39:b8:2b:ee:02:
93:c8:f8:3e:1e:0d:45:bb:3d:5d:05:8a:b7:24:28:d1:00:a8:
e6:5f:c9:83:76:bd:f8:f8:44:c7:0c:8d:07:c9:26:40:32:58:
ff:ef:7c:62:74:97:e8:8f:6c:f2:64:83:2d:eb:06:c0:3f:fa:
ac:f3:a8:6d:2e:c8:d7:c4:15:40:3e:88:eb:ce:04:06:75:b7:
eb:e3:04:e1:76:d9:e7:9a:16:02:17:9b:cd:d9:e8:e2:f6:c5:
e0:d6:14:45:d9:98:17:8f:99:98:9d:5b:84:60:d1:07:fc:26:
70:ad:e0:1a:2a:85:71:7f:03:71:bd:a7:85:40:ff:63:54:3c:
23:a9:45:84:33:d9:da:6b:17:4d:fe:42:1e:aa:d2:47:42:8a:
8b:af:76:cf:17:d0:9f:50:d6:01:94:5b:bf:13:97:5b:6e:fe:
34:be:55:6d:ed:72:a9:84:21:bb:01:82:54:8c:c7:8f:53:d1:
4b:2c:3c:f5:9c:62:52:e6:f7:aa:46:56:2e:1e:81:6d:a0:d1:
e0:32:d7:e7:e7:1e:25:c0:e5:1c:c2:83:ae:6c:3a:6b:87:7a:
09:83:7c:bf
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY5WXC2fyNcT8xGtZ4yrZ5O+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NTAzYzA3NWE2OTA1NTZiZDQ2MjEyMmIyNDY5OWUxYjZi
MTkyNzgwHhcNMjQwMzE5MTA1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTE4YmRlYmYyNWNiYmNkZmU0ZGFlYTZjNTQ2NzIyNGJhNzA4NjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HBw8VNKVtpcrXHz+irYEnqNBzZC
Blvx02Gxh0sTfKZB2t7GTdlP0wSlgc7ZnB/jLaiC32gjvS5tfM9Oqgk/56/r0cNe
avWC3IA7xVRVdZJUljUed5J4idJtq6WDQGZgfeehlDDK2EGE5beVTKTq+jyW2+US
ivdd2SEU9UJwhAXPuMCPlAi4RSoJC8QhqiNjs0dzRoIDcGkrFjCG0qsWz8yBhFyX
7wBbuPtUEEPKrcNWtAjzIlWztKXw28QnIvPt9PrSZRcWnArtYt+K/zX59M9sop1Y
EfQRg9w9oKMW5FEkTBc6Lxse5v7E+9OT+u43X5nt5Uk5555W3VbsFLkAUwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFGUYvevyXLvN/k2upsVGciS6cIYLMB8GA1UdIwQY
MBaAFPlQPAdaaQVWvUYhIrJGmeG2sZJ4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WQThCMXBwQlZhOVJpRWlza2FaNGJheGtuZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQw
LTNmMjMxNmI1NTNmNS8xL1pSaTk2X0pjdTgzLVRhNm14VVp5Skxwd2hncy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQwLTNmMjMxNmI1NTNm
NS8xLzEtVkE4QjFwcEJWYTlSaUVpc2thWjRiYXhrbmcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwZAYIKwYBBQUHAQcBAf8EVTBTMEIEAgABMDwDBAItibAD
BAFb3ZIDBAK5LbQDBAK5t3ADBADBaY0DBADBaZcDBAHBlAYDBAHBof4DBAHBpAID
BAHDvbIwDQQCAAIwBwMFAyoLDIAwDQYJKoZIhvcNAQELBQADggEBAD/Qdin1irZg
6WQrjMwIiHu73qsFudZHxBbiL6Wtlb45uCvuApPI+D4eDUW7PV0FirckKNEAqOZf
yYN2vfj4RMcMjQfJJkAyWP/vfGJ0l+iPbPJkgy3rBsA/+qzzqG0uyNfEFUA+iOvO
BAZ1t+vjBOF22eeaFgIXm83Z6OL2xeDWFEXZmBePmZidW4Rg0Qf8JnCt4BoqhXF/
A3G9p4VA/2NUPCOpRYQz2dprF03+Qh6q0kdCiouvds8X0J9Q1gGUW78Tl1tu/jS+
VW3tcqmEIbsBglSMx49T0UssPPWcYlLm96pGVi4egW2g0eAy1+fnHiXA5RzCg65s
OmuHegmDfL8=
-----END CERTIFICATE-----
Generated at Sat Jun 22 08:31:04 2024 by rpki-client on console-fra.rpki-client.org