Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/ZKyLwF3cs71jj6OCFJhcOhndPrg.roa
File: ZKyLwF3cs71jj6OCFJhcOhndPrg.roa (raw, json)
Hash identifier: hNQeeQEd+PkNsRh/uAQ0z9NeCSFpL+5mPqssruOS1TU=
Subject key identifier: 64:AC:8B:C0:5D:DC:B3:BD:63:8F:A3:82:14:98:5C:3A:19:DD:3E:B8
Certificate issuer: /CN=bc127864cd43048550ed1699c584b5c14d80e098
Certificate serial: 01922DF8200395C3D4C5E9BDFE4029736900
Authority key identifier: BC:12:78:64:CD:43:04:85:50:ED:16:99:C5:84:B5:C1:4D:80:E0:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/ZKyLwF3cs71jj6OCFJhcOhndPrg.roa
Signing time: Thu 26 Sep 2024 10:54:48 +0000
ROA not before: Thu 26 Sep 2024 10:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15743
IP address blocks: 37.131.240.0/21 maxlen: 21
62.48.64.0/19 maxlen: 19
193.35.198.0/23 maxlen: 23
193.35.218.0/23 maxlen: 23
193.35.218.0/24 maxlen: 24
193.35.219.0/24 maxlen: 24
193.98.1.0/24 maxlen: 24
217.26.224.0/21 maxlen: 21
2a00:e68::/29 maxlen: 29
2a0b:2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2d:f8:20:03:95:c3:d4:c5:e9:bd:fe:40:29:73:69:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc127864cd43048550ed1699c584b5c14d80e098
Validity
Not Before: Sep 26 10:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64ac8bc05ddcb3bd638fa38214985c3a19dd3eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cb:ad:b5:81:5d:e1:50:fa:fa:9f:ff:12:af:
68:be:ad:93:2b:53:f7:d1:5c:ef:ad:8c:c1:24:4c:
82:9b:ee:57:82:01:be:0c:02:2f:a5:ea:47:6c:e6:
2c:09:c3:dd:6a:98:4c:26:7c:50:7b:d4:3f:74:1c:
a1:75:2d:c5:88:41:1d:32:61:d3:22:9d:4a:00:b6:
fd:5a:64:aa:4d:2a:71:b2:56:38:3c:82:25:2a:3f:
44:82:d8:f5:fd:3d:8d:d0:83:16:b3:28:43:60:57:
d6:13:98:60:d0:23:1e:1e:b6:e9:6b:85:17:06:62:
e4:f5:72:3e:d0:09:f8:52:4b:ea:2e:bc:9b:bc:21:
96:f1:b7:a3:60:91:e4:33:c7:3f:b2:fb:4b:95:74:
e5:84:00:f6:57:39:5a:89:8e:40:3f:c1:60:39:a7:
84:2d:49:9b:7d:fc:8d:57:3b:bc:67:57:b2:f4:f4:
57:14:36:b7:ee:cb:be:9a:27:8d:28:30:0c:e4:c4:
8a:27:02:b9:e4:d7:d9:e2:66:8f:33:98:1b:45:b9:
62:f5:c9:a1:98:fc:66:8c:39:68:91:0c:99:61:51:
7f:40:46:31:b0:d5:49:5c:b4:61:13:fc:85:3e:bb:
c1:51:b8:6a:0a:18:26:77:71:1b:c4:ac:5c:19:49:
e1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:AC:8B:C0:5D:DC:B3:BD:63:8F:A3:82:14:98:5C:3A:19:DD:3E:B8
X509v3 Authority Key Identifier:
keyid:BC:12:78:64:CD:43:04:85:50:ED:16:99:C5:84:B5:C1:4D:80:E0:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/ZKyLwF3cs71jj6OCFJhcOhndPrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/8a3bb5-9d95-4953-9388-031f407b3263/1/vBJ4ZM1DBIVQ7RaZxYS1wU2A4Jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.240.0/21
62.48.64.0/19
193.35.198.0/23
193.35.218.0/23
193.98.1.0/24
217.26.224.0/21
IPv6:
2a00:e68::/29
2a0b:2c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:f3:23:a3:fb:21:57:a3:e8:65:65:25:c2:8b:90:90:d1:ad:
14:9e:40:33:3e:66:2f:6f:81:91:1f:78:7d:26:54:ed:c3:32:
a2:8f:1a:9d:09:e9:16:48:90:67:7d:8e:a9:e2:71:f2:47:c0:
30:54:b0:59:fd:b7:3e:43:4d:e9:c8:6d:ca:f8:c7:62:5e:82:
e0:ee:aa:48:d8:17:49:03:13:47:d5:68:c7:6f:2e:a1:9d:0f:
b8:d8:ee:7b:e1:d6:3b:63:00:bd:56:44:a5:5e:33:05:93:e6:
ce:d2:17:b1:2f:77:00:18:cc:bc:2b:ad:86:d1:e3:46:5a:de:
c6:53:76:0f:8c:d7:2b:8f:25:65:69:92:f2:72:78:5f:1a:34:
11:7a:f7:3a:64:9a:b6:6b:f7:a7:bf:5b:6d:10:5d:62:69:30:
de:e9:81:84:02:88:8b:24:84:7e:3c:6a:05:51:4c:4d:56:c7:
52:e6:4f:4c:5c:e4:d4:f4:4b:0f:78:e4:5d:57:69:2a:c8:bd:
6a:5a:5a:8b:14:7f:1c:e3:8d:45:2a:b2:6b:2c:d6:1e:70:fe:
49:3e:b8:c8:35:7a:d5:c7:49:3f:91:2b:dc:5e:fe:ec:f7:ac:
45:d2:aa:08:7b:50:b4:12:5b:d3:95:66:25:cd:7d:75:ec:c1:
d8:5a:d2:d4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZIt+CADlcPUxem9/kApc2kAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMTI3ODY0Y2Q0MzA0ODU1MGVkMTY5OWM1ODRiNWMxNGQ4
MGUwOTgwHhcNMjQwOTI2MTA1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGFjOGJjMDVkZGNiM2JkNjM4ZmEzODIxNDk4NWMzYTE5ZGQzZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysuttYFd4VD6+p//Eq9ovq2TK1P3
0VzvrYzBJEyCm+5XggG+DAIvpepHbOYsCcPdaphMJnxQe9Q/dByhdS3FiEEdMmHT
Ip1KALb9WmSqTSpxslY4PIIlKj9Egtj1/T2N0IMWsyhDYFfWE5hg0CMeHrbpa4UX
BmLk9XI+0An4UkvqLrybvCGW8bejYJHkM8c/svtLlXTlhAD2VzlaiY5AP8FgOaeE
LUmbffyNVzu8Z1ey9PRXFDa37su+mieNKDAM5MSKJwK55NfZ4maPM5gbRbli9cmh
mPxmjDlokQyZYVF/QEYxsNVJXLRhE/yFPrvBUbhqChgmd3EbxKxcGUnhFQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFGSsi8Bd3LO9Y4+jghSYXDoZ3T64MB8GA1UdIwQY
MBaAFLwSeGTNQwSFUO0WmcWEtcFNgOCYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkJKNFpNMURCSVZRN1JhWnhZUzF3VTJBNEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC84YTNiYjUtOWQ5NS00OTUzLTkzODgt
MDMxZjQwN2IzMjYzLzEvWkt5THdGM2NzNzFqajZPQ0ZKaGNPaG5kUHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC84YTNiYjUtOWQ5NS00OTUzLTkzODgtMDMxZjQwN2IzMjYz
LzEvdkJKNFpNMURCSVZRN1JhWnhZUzF3VTJBNEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDJYPwAwQF
PjBAAwQBwSPGAwQBwSPaAwQAwWIBAwQD2RrgMBQEAgACMA4DBQMqAA5oAwUDKgsC
wDANBgkqhkiG9w0BAQsFAAOCAQEAMvMjo/shV6PoZWUlwouQkNGtFJ5AMz5mL2+B
kR94fSZU7cMyoo8anQnpFkiQZ32OqeJx8kfAMFSwWf23PkNN6chtyvjHYl6C4O6q
SNgXSQMTR9Vox28uoZ0PuNjue+HWO2MAvVZEpV4zBZPmztIXsS93ABjMvCuthtHj
RlrexlN2D4zXK48lZWmS8nJ4Xxo0EXr3OmSatmv3p79bbRBdYmkw3umBhAKIiySE
fjxqBVFMTVbHUuZPTFzk1PRLD3jkXVdpKsi9alpaixR/HOONRSqyayzWHnD+ST64
yDV61cdJP5Er3F7+7PesRdKqCHtQtBJb05VmJc19dezB2FrS1A==
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:39:46 2024 by rpki-client on console-ams.rpki-client.org