Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/ZTxw-HXNQJKX9Jf7XPbC_m64lfA.roa
File: ZTxw-HXNQJKX9Jf7XPbC_m64lfA.roa (raw, json)
Hash identifier: QQa/2dTFQXGwHkzv0XcHlXvOTPXtgyKJvPnah8CCqwM=
Subject key identifier: 65:3C:70:F8:75:CD:40:92:97:F4:97:FB:5C:F6:C2:FE:6E:B8:95:F0
Certificate issuer: /CN=297ae7592ca52491dc166a30fe1477d712bd465d
Certificate serial: 018EF74E467D162EF2C7F18E2CFD0715FF1F
Authority key identifier: 29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/ZTxw-HXNQJKX9Jf7XPbC_m64lfA.roa
Signing time: Fri 19 Apr 2024 17:01:25 +0000
ROA not before: Fri 19 Apr 2024 17:01:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49531
IP address blocks: 91.214.204.0/22 maxlen: 22
93.92.32.0/21 maxlen: 21
93.92.32.0/24 maxlen: 24
93.92.33.0/24 maxlen: 24
93.92.34.0/23 maxlen: 23
93.92.36.0/23 maxlen: 23
93.92.38.0/23 maxlen: 23
93.186.48.0/20 maxlen: 20
93.186.48.0/23 maxlen: 23
93.186.50.0/23 maxlen: 23
93.186.52.0/23 maxlen: 23
93.186.54.0/23 maxlen: 23
93.186.56.0/23 maxlen: 23
93.186.58.0/23 maxlen: 23
93.186.60.0/23 maxlen: 23
93.186.62.0/23 maxlen: 23
94.159.0.0/17 maxlen: 17
94.159.0.0/18 maxlen: 18
94.159.0.0/23 maxlen: 23
94.159.2.0/23 maxlen: 23
94.159.4.0/23 maxlen: 23
94.159.6.0/23 maxlen: 23
94.159.8.0/23 maxlen: 23
94.159.10.0/23 maxlen: 23
94.159.12.0/23 maxlen: 23
94.159.14.0/23 maxlen: 23
94.159.16.0/23 maxlen: 23
94.159.18.0/23 maxlen: 23
94.159.20.0/23 maxlen: 23
94.159.22.0/23 maxlen: 23
94.159.24.0/23 maxlen: 23
94.159.26.0/23 maxlen: 23
94.159.28.0/23 maxlen: 23
94.159.30.0/23 maxlen: 23
94.159.32.0/23 maxlen: 23
94.159.34.0/23 maxlen: 23
94.159.36.0/23 maxlen: 23
94.159.38.0/23 maxlen: 23
94.159.40.0/23 maxlen: 23
94.159.42.0/23 maxlen: 23
94.159.44.0/23 maxlen: 23
94.159.46.0/23 maxlen: 23
94.159.48.0/23 maxlen: 23
94.159.50.0/23 maxlen: 23
94.159.52.0/23 maxlen: 23
94.159.54.0/23 maxlen: 23
94.159.56.0/23 maxlen: 23
94.159.58.0/23 maxlen: 23
94.159.60.0/23 maxlen: 23
94.159.62.0/23 maxlen: 23
94.159.64.0/19 maxlen: 19
94.159.64.0/23 maxlen: 23
94.159.66.0/23 maxlen: 23
94.159.68.0/23 maxlen: 23
94.159.70.0/23 maxlen: 23
94.159.72.0/23 maxlen: 23
94.159.74.0/23 maxlen: 23
94.159.76.0/23 maxlen: 23
94.159.78.0/23 maxlen: 23
94.159.80.0/23 maxlen: 23
94.159.82.0/23 maxlen: 23
94.159.84.0/23 maxlen: 23
94.159.85.0/24 maxlen: 24
94.159.86.0/23 maxlen: 23
94.159.88.0/21 maxlen: 21
94.159.88.0/22 maxlen: 22
94.159.92.0/24 maxlen: 24
94.159.96.0/20 maxlen: 20
94.159.107.0/24 maxlen: 24
94.159.108.0/22 maxlen: 22
94.159.112.0/21 maxlen: 21
94.159.120.0/22 maxlen: 22
94.159.124.0/22 maxlen: 22
185.42.108.0/22 maxlen: 22
2a04:8f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f7:4e:46:7d:16:2e:f2:c7:f1:8e:2c:fd:07:15:ff:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ae7592ca52491dc166a30fe1477d712bd465d
Validity
Not Before: Apr 19 17:01:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=653c70f875cd409297f497fb5cf6c2fe6eb895f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ed:6e:dc:f2:12:3d:16:d5:62:75:b2:01:28:
b2:d0:37:91:77:6c:8c:59:cc:ab:1e:13:03:6b:d9:
f9:6c:c4:75:df:9c:45:9c:2f:04:f0:c2:54:4e:57:
49:b1:99:71:5e:0e:ce:c8:df:94:ea:1f:d9:7b:5f:
ee:de:3c:c1:5b:1e:8f:17:ad:10:01:e5:4f:1c:f2:
52:49:7b:7b:0c:0e:ba:a6:64:73:b7:d6:11:d8:c0:
06:5c:1a:9a:ca:69:4e:9e:de:70:ec:d0:c9:99:e4:
b4:ec:bf:27:54:c3:8a:44:dd:24:f8:66:36:10:47:
89:5d:bd:8b:d8:e1:53:bb:17:c1:89:94:24:73:83:
83:7b:f0:de:b7:a6:ba:6c:bb:5a:14:66:b4:a6:00:
28:b8:7e:4b:c1:11:3e:1b:1e:0c:19:b1:8b:62:c8:
17:02:ba:c8:76:62:50:99:a9:47:35:78:c8:21:06:
5f:b2:32:d0:02:a2:b8:06:b2:5c:5f:38:dc:00:c0:
4d:e6:fe:f7:97:ad:c0:85:78:9d:20:91:db:98:5c:
59:1f:72:59:e8:8e:31:6e:ff:e4:95:a6:31:91:8e:
bd:70:af:d4:77:33:b6:90:73:42:41:78:5b:cd:0e:
02:1a:d3:d1:10:6f:c6:54:c3:07:0e:52:85:82:e7:
af:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3C:70:F8:75:CD:40:92:97:F4:97:FB:5C:F6:C2:FE:6E:B8:95:F0
X509v3 Authority Key Identifier:
keyid:29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/ZTxw-HXNQJKX9Jf7XPbC_m64lfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.204.0/22
93.92.32.0/21
93.186.48.0/20
94.159.0.0/17
185.42.108.0/22
IPv6:
2a04:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
7a:a4:e0:20:fb:8b:7e:1d:ca:80:68:53:82:bc:84:d4:82:f0:
24:87:a7:c7:18:3e:bf:2b:f0:74:17:a9:20:ae:15:08:6a:76:
cc:f5:6d:14:6e:f9:bb:00:38:7e:2c:dc:3a:32:8f:06:5c:ed:
3a:a1:4d:6b:2b:0b:a9:96:e3:0b:28:1a:5b:51:c0:e7:79:d9:
99:bb:d3:61:38:f6:aa:1c:34:ab:a0:df:a8:e2:20:b3:d5:aa:
45:16:29:6e:4e:a2:b4:e2:4d:65:59:00:9f:3e:e0:1a:6d:13:
38:bd:1a:6a:e4:d4:6b:c1:20:a9:bd:31:53:16:a9:d5:21:0f:
51:d4:5b:2e:ba:b5:38:1f:df:92:76:dc:a0:68:7b:8b:ec:e2:
af:fd:ad:31:e8:77:30:5a:f7:04:b0:3d:93:ec:4b:11:29:5b:
22:a9:94:5d:ba:5f:05:f4:5a:75:24:3f:ef:34:72:7f:29:3b:
09:5f:2f:e9:1f:42:16:20:c8:70:20:41:61:fa:a5:d4:2f:0e:
63:a4:88:fa:f2:7d:60:9f:59:90:b8:3c:bd:61:5d:5a:6b:10:
ba:90:2f:1f:52:12:39:82:80:9b:8b:52:93:76:9b:8e:78:f4:
3b:ef:62:f9:bd:98:78:81:84:cf:36:d9:9e:9b:bc:30:61:46:
ff:b9:fd:3e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY73TkZ9Fi7yx/GOLP0HFf8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2FlNzU5MmNhNTI0OTFkYzE2NmEzMGZlMTQ3N2Q3MTJi
ZDQ2NWQwHhcNMjQwNDE5MTcwMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNjNzBmODc1Y2Q0MDkyOTdmNDk3ZmI1Y2Y2YzJmZTZlYjg5NWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre1u3PISPRbVYnWyASiy0DeRd2yM
WcyrHhMDa9n5bMR135xFnC8E8MJUTldJsZlxXg7OyN+U6h/Ze1/u3jzBWx6PF60Q
AeVPHPJSSXt7DA66pmRzt9YR2MAGXBqaymlOnt5w7NDJmeS07L8nVMOKRN0k+GY2
EEeJXb2L2OFTuxfBiZQkc4ODe/Det6a6bLtaFGa0pgAouH5LwRE+Gx4MGbGLYsgX
ArrIdmJQmalHNXjIIQZfsjLQAqK4BrJcXzjcAMBN5v73l63AhXidIJHbmFxZH3JZ
6I4xbv/klaYxkY69cK/UdzO2kHNCQXhbzQ4CGtPREG/GVMMHDlKFguevawIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGU8cPh1zUCSl/SX+1z2wv5uuJXwMB8GA1UdIwQY
MBaAFCl651kspSSR3BZqMP4Ud9cSvUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgt
MzkxMGE1OWExMTIxLzEvWlR4dy1IWE5RSktYOUpmN1hQYkNfbTY0bGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgtMzkxMGE1OWExMTIx
LzEvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCW9bMAwQD
XVwgAwQEXbowAwQHXp8AAwQCuSpsMA0EAgACMAcDBQMqBI8AMA0GCSqGSIb3DQEB
CwUAA4IBAQB6pOAg+4t+HcqAaFOCvITUgvAkh6fHGD6/K/B0F6kgrhUIanbM9W0U
bvm7ADh+LNw6Mo8GXO06oU1rKwupluMLKBpbUcDnedmZu9NhOPaqHDSroN+o4iCz
1apFFiluTqK04k1lWQCfPuAabRM4vRpq5NRrwSCpvTFTFqnVIQ9R1FsuurU4H9+S
dtygaHuL7OKv/a0x6HcwWvcEsD2T7EsRKVsiqZRdul8F9Fp1JD/vNHJ/KTsJXy/p
H0IWIMhwIEFh+qXULw5jpIj68n1gn1mQuDy9YV1aaxC6kC8fUhI5goCbi1KTdpuO
ePQ772L5vZh4gYTPNtmem7wwYUb/uf0+
-----END CERTIFICATE-----
Generated at Sun Jun 23 16:57:30 2024 by rpki-client on console-fra.rpki-client.org