Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ZSCklI3F85J6edhWPWtQPLG3USE.roa
File: ZSCklI3F85J6edhWPWtQPLG3USE.roa (raw, json)
Hash identifier: z0wgWId8/HnqybZRqnWeaNvoqt5ry7ABUymXhtq25z4=
Subject key identifier: 65:20:A4:94:8D:C5:F3:92:7A:79:D8:56:3D:6B:50:3C:B1:B7:51:21
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 018FEE6FFE2C4BB25AEC1C311E2989BE39C4
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ZSCklI3F85J6edhWPWtQPLG3USE.roa
Signing time: Thu 06 Jun 2024 16:44:27 +0000
ROA not before: Thu 06 Jun 2024 16:44:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60695
IP address blocks: 155.133.33.0/24 maxlen: 24
155.133.60.0/23 maxlen: 23
185.225.100.0/22 maxlen: 22
185.228.108.0/22 maxlen: 22
2a06:1e00::/29 maxlen: 48
2a0d:a00::/29 maxlen: 29
2a0d:b400::/29 maxlen: 48
2a0e:4d00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ee:6f:fe:2c:4b:b2:5a:ec:1c:31:1e:29:89:be:39:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Jun 6 16:44:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6520a4948dc5f3927a79d8563d6b503cb1b75121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0f:9f:4c:55:61:eb:97:18:1e:1b:f1:ad:54:
67:9b:7e:b2:91:8f:5b:9b:63:14:f2:24:5e:c9:90:
b8:1e:af:62:80:04:3a:e2:86:c6:40:a3:9a:0c:00:
fc:e5:ac:fa:8d:82:a0:38:9d:a2:06:15:b7:e6:56:
4a:33:bb:df:36:52:5b:bf:b1:4a:f8:36:50:e6:d3:
11:f6:d4:1e:d3:fa:c6:63:cf:27:08:d4:3f:83:c4:
90:a7:f6:9c:99:5d:df:bc:70:9a:06:37:67:5f:8e:
01:d9:98:d3:4e:15:0f:89:76:d1:2d:b1:d1:29:61:
13:6f:91:54:48:de:31:57:a1:f5:2a:ce:b5:7f:be:
33:7e:07:4d:a4:5d:57:f2:30:29:27:94:7a:5f:24:
63:33:6b:37:90:4e:dc:f6:81:6c:93:4f:a3:61:55:
a4:9c:52:67:44:b8:97:0c:ce:40:f1:7a:8e:54:07:
02:8a:a0:3d:e1:79:5f:c6:57:42:ed:2b:e3:d5:86:
1f:bc:ed:54:84:74:fe:86:44:8a:75:3c:fb:76:87:
9f:89:31:ab:d5:41:db:9f:f4:b6:8e:55:4b:dc:a4:
f2:ea:ad:da:fb:35:a7:1c:7a:e5:08:47:20:48:0e:
3c:a4:48:ae:d0:6d:e9:7c:b7:d7:b0:71:ae:66:f8:
8e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:20:A4:94:8D:C5:F3:92:7A:79:D8:56:3D:6B:50:3C:B1:B7:51:21
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ZSCklI3F85J6edhWPWtQPLG3USE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.33.0/24
155.133.60.0/23
185.225.100.0/22
185.228.108.0/22
IPv6:
2a06:1e00::/29
2a0d:a00::/29
2a0d:b400::/29
2a0e:4d00::/29
Signature Algorithm: sha256WithRSAEncryption
bd:d4:a3:d9:b9:38:f7:e5:e9:bf:32:4e:ad:c3:d2:93:e9:11:
12:27:43:ef:2d:19:43:36:c9:4f:09:18:18:fb:f7:cd:c7:dc:
b5:f9:0a:48:5a:58:d7:b1:87:80:cd:f4:ba:23:d7:c0:c0:c0:
39:3c:78:01:b9:76:c6:1c:9d:76:63:78:94:51:6a:99:85:eb:
7a:d5:bf:a8:8b:a4:fd:35:b6:54:ed:87:68:88:fa:82:13:33:
5e:3f:96:f6:a4:ce:70:fe:1b:52:2a:2f:80:38:40:5e:f0:bc:
88:ba:a3:b0:a2:04:34:31:52:54:ce:2b:6e:e4:c7:b1:02:09:
c2:c4:4d:cb:dd:58:99:b8:81:35:2a:f8:7a:f5:50:b5:e9:d4:
9d:ee:83:2c:f5:94:24:02:c1:8f:6d:a3:72:4d:86:4e:ba:27:
01:52:6f:76:4a:36:8b:35:19:6d:a0:00:6c:0f:f2:39:2c:e1:
aa:2f:ed:ab:e3:c2:90:f9:08:dc:66:51:b2:c4:1e:ff:ce:9e:
11:04:a9:33:d9:ba:79:27:89:6a:34:89:f0:94:89:c2:82:f3:
ab:40:33:bb:9c:3b:6c:2c:d6:37:a9:8a:1f:98:4d:cd:aa:c0:
6f:e3:e0:ea:e9:0d:51:de:04:d3:3a:26:8d:fc:5b:43:9e:e0:
5f:6f:40:4a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY/ub/4sS7Ja7BwxHimJvjnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjQwNjA2MTY0NDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTIwYTQ5NDhkYzVmMzkyN2E3OWQ4NTYzZDZiNTAzY2IxYjc1MTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA+fTFVh65cYHhvxrVRnm36ykY9b
m2MU8iReyZC4Hq9igAQ64obGQKOaDAD85az6jYKgOJ2iBhW35lZKM7vfNlJbv7FK
+DZQ5tMR9tQe0/rGY88nCNQ/g8SQp/acmV3fvHCaBjdnX44B2ZjTThUPiXbRLbHR
KWETb5FUSN4xV6H1Ks61f74zfgdNpF1X8jApJ5R6XyRjM2s3kE7c9oFsk0+jYVWk
nFJnRLiXDM5A8XqOVAcCiqA94XlfxldC7Svj1YYfvO1UhHT+hkSKdTz7doefiTGr
1UHbn/S2jlVL3KTy6q3a+zWnHHrlCEcgSA48pEiu0G3pfLfXsHGuZviO0QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGUgpJSNxfOSennYVj1rUDyxt1EhMB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvWlNDa2xJM0Y4NUo2ZWRoV1BXdFFQTEczVVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAeBAIAATAYAwQAm4UhAwQB
m4U8AwQCueFkAwQCueRsMCIEAgACMBwDBQMqBh4AAwUDKg0KAAMFAyoNtAADBQMq
Dk0AMA0GCSqGSIb3DQEBCwUAA4IBAQC91KPZuTj35em/Mk6tw9KT6RESJ0PvLRlD
NslPCRgY+/fNx9y1+QpIWljXsYeAzfS6I9fAwMA5PHgBuXbGHJ12Y3iUUWqZhet6
1b+oi6T9NbZU7YdoiPqCEzNeP5b2pM5w/htSKi+AOEBe8LyIuqOwogQ0MVJUzitu
5MexAgnCxE3L3ViZuIE1Kvh69VC16dSd7oMs9ZQkAsGPbaNyTYZOuicBUm92SjaL
NRltoABsD/I5LOGqL+2r48KQ+QjcZlGyxB7/zp4RBKkz2bp5J4lqNInwlInCgvOr
QDO7nDtsLNY3qYofmE3NqsBv4+Dq6Q1R3gTTOiaN/FtDnuBfb0BK
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:27:54 2024 by rpki-client on console-fra.rpki-client.org