Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zFC-CKiLru65iT93bMLdBY80Tmg.roa
File: zFC-CKiLru65iT93bMLdBY80Tmg.roa (raw, json)
Hash identifier: ct9GVORXPaT8W44gEid5j1iUObM4uLIk9czifFPl3Es=
Subject key identifier: CC:50:BE:08:A8:8B:AE:EE:B9:89:3F:77:6C:C2:DD:05:8F:34:4E:68
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019021EC060C6038922852CA114944953470
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zFC-CKiLru65iT93bMLdBY80Tmg.roa
Signing time: Sun 16 Jun 2024 16:40:34 +0000
ROA not before: Sun 16 Jun 2024 16:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8342
IP address blocks: 147.45.38.0/24 maxlen: 24
147.45.39.0/24 maxlen: 24
147.45.61.0/24 maxlen: 24
147.45.62.0/24 maxlen: 24
147.45.63.0/24 maxlen: 24
147.45.88.0/21 maxlen: 21
147.45.117.0/24 maxlen: 24
147.45.118.0/24 maxlen: 24
147.45.119.0/24 maxlen: 24
147.45.120.0/22 maxlen: 22
147.45.127.0/24 maxlen: 24
147.45.205.0/24 maxlen: 24
193.233.60.0/24 maxlen: 24
193.233.62.0/24 maxlen: 24
193.233.124.0/22 maxlen: 22
193.233.170.0/24 maxlen: 24
193.233.236.0/24 maxlen: 24
193.233.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:21:ec:06:0c:60:38:92:28:52:ca:11:49:44:95:34:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jun 16 16:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc50be08a88baeeeb9893f776cc2dd058f344e68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ba:65:65:f3:de:79:f1:00:fb:1f:60:28:2f:
f7:fa:7d:f6:3e:4d:68:e2:7c:a7:c6:38:5b:dd:6f:
aa:05:21:21:ae:33:90:7d:68:61:fd:06:ad:69:f5:
22:8c:c1:ad:4c:d1:de:3b:c7:fb:48:74:19:6a:8d:
0b:c0:9b:18:65:91:c1:09:7c:39:29:b2:5b:12:3d:
90:2f:00:e3:bf:3b:3a:0d:93:2b:a4:6b:bb:01:d7:
d4:da:42:9e:02:84:f7:81:a8:52:1b:22:24:d8:5f:
44:57:e5:98:f2:26:02:9e:c3:f3:28:8e:89:13:2e:
c5:01:0b:55:cb:46:32:b7:c3:89:d5:70:c4:7b:f8:
2c:18:c1:e8:97:06:b7:66:25:62:42:a0:4b:c9:d0:
fb:46:b5:9a:08:b7:61:5e:5e:3b:3c:1e:9c:5a:c5:
f3:d7:b9:b0:21:51:89:7d:59:f6:79:a2:8e:a6:11:
07:33:46:f1:d0:5e:65:35:8d:af:eb:03:2c:17:92:
7e:12:f2:bc:1b:f3:ac:aa:3b:b4:83:bf:33:b3:b6:
6b:57:56:8c:03:d0:84:90:e5:ff:61:71:98:97:f6:
61:04:7a:94:e4:9b:aa:2e:43:81:2f:d1:1d:26:43:
78:79:36:f3:31:5a:fd:3e:ac:6b:a2:e6:92:00:5a:
10:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:50:BE:08:A8:8B:AE:EE:B9:89:3F:77:6C:C2:DD:05:8F:34:4E:68
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zFC-CKiLru65iT93bMLdBY80Tmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.38.0/23
147.45.61.0-147.45.63.255
147.45.88.0/21
147.45.117.0-147.45.123.255
147.45.127.0/24
147.45.205.0/24
193.233.60.0/24
193.233.62.0/24
193.233.124.0/22
193.233.170.0/24
193.233.236.0/24
193.233.239.0/24
Signature Algorithm: sha256WithRSAEncryption
84:98:83:54:b9:c2:4b:6d:ec:1f:73:39:a6:9c:1b:96:ef:57:
70:d9:18:ba:be:6d:8d:8a:62:2b:e1:98:af:18:e1:9e:e0:3f:
9a:05:96:40:49:2d:13:77:5f:94:6a:34:37:59:f8:f7:e5:5a:
7a:8b:f1:bc:29:a0:22:c3:4f:7e:d0:25:2d:f3:3d:c2:09:e3:
21:fb:c4:9b:c0:12:2c:44:86:c3:ad:8d:2c:f8:ad:ee:d7:88:
80:28:f7:86:c3:38:df:af:3a:7a:c5:56:08:5a:da:01:4e:b6:
66:20:64:9c:7a:bf:47:69:79:4b:13:d0:cd:14:5c:ab:48:77:
4e:0b:00:41:62:bc:46:86:a1:70:5b:15:35:67:4b:72:50:98:
1d:d2:43:59:22:b0:de:c8:2e:c8:de:7c:9d:9b:d4:7a:f9:09:
ca:4a:19:27:30:3f:b4:23:a9:86:9f:1c:92:1c:0d:3e:9c:af:
54:69:00:29:b5:a2:90:20:70:79:5f:e4:44:e4:c1:b6:e7:15:
c7:32:c3:b9:8b:87:0b:f7:5d:f6:75:65:ab:2a:12:fe:b8:63:
db:1f:0b:ae:2f:8f:58:73:5f:3f:ac:47:c9:df:ae:c7:9e:b3:
68:16:5c:65:33:ec:e1:8f:8b:ba:e5:b6:31:5b:10:0a:46:00:
cf:91:3a:02
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZAh7AYMYDiSKFLKEUlElTRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNjE2MTY0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzUwYmUwOGE4OGJhZWVlYjk4OTNmNzc2Y2MyZGQwNThmMzQ0ZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbplZfPeefEA+x9gKC/3+n32Pk1o
4nynxjhb3W+qBSEhrjOQfWhh/QatafUijMGtTNHeO8f7SHQZao0LwJsYZZHBCXw5
KbJbEj2QLwDjvzs6DZMrpGu7AdfU2kKeAoT3gahSGyIk2F9EV+WY8iYCnsPzKI6J
Ey7FAQtVy0Yyt8OJ1XDEe/gsGMHolwa3ZiViQqBLydD7RrWaCLdhXl47PB6cWsXz
17mwIVGJfVn2eaKOphEHM0bx0F5lNY2v6wMsF5J+EvK8G/Osqju0g78zs7ZrV1aM
A9CEkOX/YXGYl/ZhBHqU5JuqLkOBL9EdJkN4eTbzMVr9PqxrouaSAFoQeQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFMxQvgioi67uuYk/d2zC3QWPNE5oMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvekZDLUNLaUxydTY1aVQ5M2JNTGRCWTgwVG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBky0mMAwD
BACTLT0DBAaTLQADBAOTLVgwDAMEAJMtdQMEApMteAMEAJMtfwMEAJMtzQMEAMHp
PAMEAMHpPgMEAsHpfAMEAMHpqgMEAMHp7AMEAMHp7zANBgkqhkiG9w0BAQsFAAOC
AQEAhJiDVLnCS23sH3M5ppwblu9XcNkYur5tjYpiK+GYrxjhnuA/mgWWQEktE3df
lGo0N1n49+VaeovxvCmgIsNPftAlLfM9wgnjIfvEm8ASLESGw62NLPit7teIgCj3
hsM43686esVWCFraAU62ZiBknHq/R2l5SxPQzRRcq0h3TgsAQWK8RoahcFsVNWdL
clCYHdJDWSKw3sguyN58nZvUevkJykoZJzA/tCOphp8ckhwNPpyvVGkAKbWikCBw
eV/kROTBtucVxzLDuYuHC/dd9nVlqyoS/rhj2x8Lri+PWHNfP6xHyd+ux56zaBZc
ZTPs4Y+LuuW2MVsQCkYAz5E6Ag==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:24 2024 by rpki-client on console-fra.rpki-client.org