Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/ZZ2Dgbdug0Oh1Nflww8g78Hh08E.roa
File: ZZ2Dgbdug0Oh1Nflww8g78Hh08E.roa (raw, json)
Hash identifier: jn0TooU6a+qXV934jT9392C4tCc6ka2rdTNzY6lkVdo=
Subject key identifier: 65:9D:83:81:B7:6E:83:43:A1:D4:D7:E5:C3:0F:20:EF:C1:E1:D3:C1
Certificate issuer: /CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
Certificate serial: 018ECEE746881B87837F26A39FF6FF853A66
Authority key identifier: 9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/ZZ2Dgbdug0Oh1Nflww8g78Hh08E.roa
Signing time: Thu 11 Apr 2024 20:44:07 +0000
ROA not before: Thu 11 Apr 2024 20:44:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30764
IP address blocks: 46.47.128.0/18 maxlen: 18
62.129.32.0/19 maxlen: 19
78.157.128.0/19 maxlen: 19
82.209.0.0/18 maxlen: 18
85.135.0.0/17 maxlen: 17
89.29.0.0/17 maxlen: 17
91.106.240.0/20 maxlen: 20
94.242.64.0/18 maxlen: 18
128.0.176.0/20 maxlen: 20
164.215.112.0/20 maxlen: 20
185.5.68.0/22 maxlen: 22
193.165.0.0/16 maxlen: 16
193.165.0.0/24 maxlen: 24
193.165.57.0/24 maxlen: 24
193.165.58.0/23 maxlen: 23
193.165.61.0/24 maxlen: 24
193.165.96.0/23 maxlen: 23
193.165.236.0/23 maxlen: 23
212.109.176.0/20 maxlen: 20
213.216.32.0/19 maxlen: 19
2a00:ca8::/32 maxlen: 32
2a02:c38::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 20:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ce:e7:46:88:1b:87:83:7f:26:a3:9f:f6:ff:85:3a:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
Validity
Not Before: Apr 11 20:44:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=659d8381b76e8343a1d4d7e5c30f20efc1e1d3c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c9:89:02:8e:78:b8:a3:52:fb:4a:16:67:10:
b7:27:10:2e:8d:28:a6:a3:4f:f9:9d:f2:b4:30:5d:
61:1b:4c:36:fa:b5:7e:80:b4:07:bc:82:5f:d8:78:
ac:21:53:6b:6e:73:ed:ab:32:ca:34:8f:66:f8:e4:
71:4d:65:f0:d2:50:6b:cf:51:fe:2a:bf:3f:d2:8f:
16:db:26:22:c9:a1:2b:4c:d8:22:d5:8e:f4:de:b3:
d7:0f:2a:0c:0b:88:09:41:77:bf:4d:43:e0:25:52:
d1:2e:79:9d:01:1b:43:90:ff:29:2d:b8:5c:3f:6d:
2a:e1:22:30:f9:ab:db:15:a8:d3:e9:91:9c:e5:38:
dd:d3:5f:22:71:48:df:5a:5e:fd:f5:50:6d:72:46:
9c:fe:39:4d:9d:3a:49:08:30:b8:3f:a6:33:80:ba:
81:60:ca:56:45:3d:87:e2:ad:0e:20:39:03:1e:91:
b1:51:67:0a:5c:47:f1:7e:3a:7a:ba:56:3b:21:4a:
b7:fe:2a:26:a7:58:b9:83:c9:8e:84:10:fb:64:b8:
9e:8a:af:97:68:0b:c6:30:00:bc:9d:7b:00:74:65:
b7:ca:1a:df:9c:ec:3d:1e:07:82:76:1f:3c:33:30:
01:4e:92:f2:20:cf:bd:44:c4:85:e8:b8:a7:8d:5b:
3a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:9D:83:81:B7:6E:83:43:A1:D4:D7:E5:C3:0F:20:EF:C1:E1:D3:C1
X509v3 Authority Key Identifier:
keyid:9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/ZZ2Dgbdug0Oh1Nflww8g78Hh08E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.128.0/18
62.129.32.0/19
78.157.128.0/19
82.209.0.0/18
85.135.0.0/17
89.29.0.0/17
91.106.240.0/20
94.242.64.0/18
128.0.176.0/20
164.215.112.0/20
185.5.68.0/22
193.165.0.0/16
212.109.176.0/20
213.216.32.0/19
IPv6:
2a00:ca8::/32
2a02:c38::/32
Signature Algorithm: sha256WithRSAEncryption
2d:2b:91:fd:8f:cc:57:4e:25:61:cb:94:f0:46:6a:0e:5b:01:
f6:6b:06:74:be:0d:b7:c7:38:ec:42:84:bb:e1:12:d7:1d:4c:
92:a2:5c:6a:e8:8c:d0:67:74:d6:64:9d:7b:ee:0d:05:d1:9d:
14:65:82:30:ce:a4:bf:f8:a0:90:ca:cd:9e:58:c0:5a:27:2a:
b4:3b:74:39:2c:ca:f2:f7:0b:fc:cd:38:cb:6b:41:83:5b:a6:
01:91:d3:69:6a:63:cb:9f:68:80:6f:4a:08:f1:9a:43:74:20:
04:57:e8:87:84:ae:c8:f5:fd:71:63:da:8e:ae:eb:45:90:22:
b4:0d:b0:9f:05:69:58:eb:f4:4c:e8:d1:ed:8b:f7:ce:7e:44:
d1:d1:99:3a:88:08:d6:aa:77:58:cf:c6:7b:18:52:67:f5:12:
b5:01:e0:d7:9f:1e:a1:39:43:d8:43:e2:56:68:78:4e:5d:3f:
8b:69:9d:75:35:1b:0e:e9:6b:13:45:09:22:4d:75:3f:46:8e:
18:e3:dd:6e:e2:aa:ab:2b:33:75:76:8d:63:1a:b2:0b:e9:07:
a6:6c:0c:09:b5:08:66:1a:83:24:c8:e8:27:94:a2:bd:49:46:
af:ac:0c:50:d7:30:2b:04:7b:09:30:c8:0f:68:3d:68:c9:9d:
b2:c3:7b:dc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAY7O50aIG4eDfyajn/b/hTpmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzE3ZWQxZGM0ODgwNDRlNWUyYWIwMDc1NDMzNTU4Y2Zk
ZThjODUwHhcNMjQwNDExMjA0NDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTlkODM4MWI3NmU4MzQzYTFkNGQ3ZTVjMzBmMjBlZmMxZTFkM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcmJAo54uKNS+0oWZxC3JxAujSim
o0/5nfK0MF1hG0w2+rV+gLQHvIJf2HisIVNrbnPtqzLKNI9m+ORxTWXw0lBrz1H+
Kr8/0o8W2yYiyaErTNgi1Y703rPXDyoMC4gJQXe/TUPgJVLRLnmdARtDkP8pLbhc
P20q4SIw+avbFajT6ZGc5Tjd018icUjfWl799VBtckac/jlNnTpJCDC4P6YzgLqB
YMpWRT2H4q0OIDkDHpGxUWcKXEfxfjp6ulY7IUq3/iomp1i5g8mOhBD7ZLieiq+X
aAvGMAC8nXsAdGW3yhrfnOw9HgeCdh88MzABTpLyIM+9RMSF6LinjVs6XwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFGWdg4G3boNDodTX5cMPIO/B4dPBMB8GA1UdIwQY
MBaAFJpxftHcSIBE5eKrAHVDNVjP3oyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYt
MTA5NDM5MTY2OWVmLzEvWloyRGdiZHVnME9oMU5mbHd3OGc3OEhoMDhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYtMTA5NDM5MTY2OWVm
LzEvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwWQQCAAEwUwMEBi4vgAME
BT6BIAMEBU6dgAMEBlLRAAMEB1WHAAMEB1kdAAMEBFtq8AMEBl7yQAMEBIAAsAME
BKTXcAMEArkFRAMDAMGlAwQE1G2wAwQF1dggMBQEAgACMA4DBQAqAAyoAwUAKgIM
ODANBgkqhkiG9w0BAQsFAAOCAQEALSuR/Y/MV04lYcuU8EZqDlsB9msGdL4Nt8c4
7EKEu+ES1x1MkqJcauiM0Gd01mSde+4NBdGdFGWCMM6kv/igkMrNnljAWicqtDt0
OSzK8vcL/M04y2tBg1umAZHTaWpjy59ogG9KCPGaQ3QgBFfoh4SuyPX9cWPajq7r
RZAitA2wnwVpWOv0TOjR7Yv3zn5E0dGZOogI1qp3WM/GexhSZ/UStQHg158eoTlD
2EPiVmh4Tl0/i2mddTUbDulrE0UJIk11P0aOGOPdbuKqqyszdXaNYxqyC+kHpmwM
CbUIZhqDJMjoJ5SivUlGr6wMUNcwKwR7CTDID2g9aMmdssN73A==
-----END CERTIFICATE-----
Generated at Sun Jun 23 02:29:01 2024 by rpki-client on console-ams.rpki-client.org