Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/zm2LB8qXkzNs-l8x03siJbLISpQ.roa
File: zm2LB8qXkzNs-l8x03siJbLISpQ.roa (raw, json)
Hash identifier: hY0ZfPib9FZGdOAdzQbWoLKB4GeAJRGaWAWk18QLt7M=
Subject key identifier: CE:6D:8B:07:CA:97:93:33:6C:FA:5F:31:D3:7B:22:25:B2:C8:4A:94
Certificate issuer: /CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
Certificate serial: 018CC3B6ECC72554246E6F84D963DEEF7495
Authority key identifier: 91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/zm2LB8qXkzNs-l8x03siJbLISpQ.roa
Signing time: Mon 01 Jan 2024 06:29:54 +0000
ROA not before: Mon 01 Jan 2024 06:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 212.142.32.0/19 maxlen: 19
212.83.64.0/22 maxlen: 22
212.83.68.0/22 maxlen: 22
213.46.160.0/19 maxlen: 19
213.46.60.0/22 maxlen: 22
212.142.0.0/18 maxlen: 18
212.142.0.0/19 maxlen: 19
213.46.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ec:c7:25:54:24:6e:6f:84:d9:63:de:ef:74:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c10bfde5813ab47c38c5c1904ec26b32c2a095
Validity
Not Before: Jan 1 06:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce6d8b07ca9793336cfa5f31d37b2225b2c84a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1b:f8:ac:a3:06:54:83:db:2a:db:6b:86:eb:
b6:b1:8b:48:05:9a:bc:e4:3b:5e:5a:12:86:41:c6:
e2:50:37:81:7c:0b:c6:09:e2:22:b7:ee:c1:42:a4:
8b:f9:b3:d9:65:82:e8:9c:9a:4e:45:c3:e8:2a:7a:
5d:8f:51:78:46:2f:0d:e6:35:ee:48:47:c5:5a:ab:
06:0c:5e:22:2c:8d:52:0c:05:b1:c8:36:5e:d4:62:
19:7c:7f:f4:1e:04:f2:6a:10:15:05:ec:cd:61:8e:
d7:cc:0f:77:cf:14:86:65:d1:54:a7:cd:3e:6b:63:
eb:8e:8d:15:04:27:98:d8:0a:39:85:ad:c3:9b:8f:
a6:2f:d2:f7:9d:07:67:63:91:95:81:b3:66:b0:12:
8d:58:5d:7d:49:68:07:3a:46:d0:a3:a7:93:a2:d2:
b1:ac:28:8d:0f:6c:66:41:13:8d:81:73:cc:7a:92:
b8:5b:35:9b:0b:41:d3:4e:82:b5:0a:90:0c:5f:e3:
28:68:9a:60:ee:24:c5:bc:37:e9:68:6c:b6:88:d5:
11:6e:1f:da:85:22:31:74:49:92:98:0f:d5:a6:f0:
93:a2:85:5e:f1:f2:12:65:d4:b0:73:60:f7:83:ae:
05:21:fe:da:6e:41:36:a2:a5:32:a7:6a:35:9c:00:
81:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:6D:8B:07:CA:97:93:33:6C:FA:5F:31:D3:7B:22:25:B2:C8:4A:94
X509v3 Authority Key Identifier:
keyid:91:C1:0B:FD:E5:81:3A:B4:7C:38:C5:C1:90:4E:C2:6B:32:C2:A0:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcEL_eWBOrR8OMXBkE7CazLCoJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/zm2LB8qXkzNs-l8x03siJbLISpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3feb15-6834-43e2-b6e7-04d74f368698/1/kcEL_eWBOrR8OMXBkE7CazLCoJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.83.64.0/21
212.142.0.0/18
213.46.60.0/22
213.46.160.0/19
213.46.224.0/19
Signature Algorithm: sha256WithRSAEncryption
03:97:29:d1:1f:e9:0e:75:a0:a2:ce:e9:d3:d8:29:96:ea:42:
fe:8e:a0:0c:43:11:94:a8:b5:d4:2a:04:f0:77:6c:d0:ed:67:
a9:e5:b5:42:14:00:43:0f:82:e9:9a:7c:9c:c8:76:e6:c1:c2:
fb:cd:41:5b:2d:9c:56:79:90:77:49:85:39:ba:99:ba:84:97:
d0:04:e0:fc:4a:45:60:2b:8a:ba:c3:dd:76:ef:bc:92:da:18:
e8:0d:b6:f0:df:ca:a8:d6:99:08:7b:b7:35:77:cb:25:6d:38:
f3:9b:df:6d:a6:12:ff:db:f0:e1:37:7a:11:76:79:b2:7d:a6:
18:32:24:56:d0:e4:18:5a:32:ef:57:b7:f0:72:c5:08:d1:05:
31:f2:27:6d:c5:f5:a6:72:97:3b:33:bb:8f:81:ec:94:be:b0:
81:d4:9a:ec:e7:32:31:f7:df:c9:95:53:7c:d7:3a:c6:84:00:
16:ff:9c:7f:41:e5:ca:e1:9c:fc:f3:f1:de:ca:3b:3c:d2:16:
09:4d:f8:b3:50:63:d1:ea:ad:f4:d8:b4:18:9a:ba:bd:6f:2a:
86:a3:96:da:e2:ca:da:b7:21:2f:9a:9d:26:98:4d:3b:58:a2:
24:78:65:c3:f6:3b:af:01:9e:bf:0e:9b:2c:c7:6d:63:5a:94:
e0:77:fd:08
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzDtuzHJVQkbm+E2WPe73SVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzEwYmZkZTU4MTNhYjQ3YzM4YzVjMTkwNGVjMjZiMzJj
MmEwOTUwHhcNMjQwMTAxMDYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTZkOGIwN2NhOTc5MzMzNmNmYTVmMzFkMzdiMjIyNWIyYzg0YTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRv4rKMGVIPbKttrhuu2sYtIBZq8
5DteWhKGQcbiUDeBfAvGCeIit+7BQqSL+bPZZYLonJpORcPoKnpdj1F4Ri8N5jXu
SEfFWqsGDF4iLI1SDAWxyDZe1GIZfH/0HgTyahAVBezNYY7XzA93zxSGZdFUp80+
a2Prjo0VBCeY2Ao5ha3Dm4+mL9L3nQdnY5GVgbNmsBKNWF19SWgHOkbQo6eTotKx
rCiND2xmQRONgXPMepK4WzWbC0HTToK1CpAMX+MoaJpg7iTFvDfpaGy2iNURbh/a
hSIxdEmSmA/VpvCTooVe8fISZdSwc2D3g64FIf7abkE2oqUyp2o1nACBMwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM5tiwfKl5MzbPpfMdN7IiWyyEqUMB8GA1UdIwQY
MBaAFJHBC/3lgTq0fDjFwZBOwmsywqCVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTct
MDRkNzRmMzY4Njk4LzEvem0yTEI4cVhrek5zLWw4eDAzc2lKYkxJU3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zZmViMTUtNjgzNC00M2UyLWI2ZTctMDRkNzRmMzY4Njk4
LzEva2NFTF9lV0JPclI4T01YQmtFN0NhekxDb0pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQD1FNAAwQG
1I4AAwQC1S48AwQF1S6gAwQF1S7gMA0GCSqGSIb3DQEBCwUAA4IBAQADlynRH+kO
daCizunT2CmW6kL+jqAMQxGUqLXUKgTwd2zQ7Wep5bVCFABDD4LpmnycyHbmwcL7
zUFbLZxWeZB3SYU5upm6hJfQBOD8SkVgK4q6w91277yS2hjoDbbw38qo1pkIe7c1
d8slbTjzm99tphL/2/DhN3oRdnmyfaYYMiRW0OQYWjLvV7fwcsUI0QUx8idtxfWm
cpc7M7uPgeyUvrCB1Jrs5zIx99/JlVN81zrGhAAW/5x/QeXK4Zz88/Heyjs80hYJ
TfizUGPR6q302LQYmrq9byqGo5ba4sratyEvmp0mmE07WKIkeGXD9juvAZ6/Dpss
x21jWpTgd/0I
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:16:40 2024 by rpki-client on console-ams.rpki-client.org