Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/ZfLc07n9Et3-2kzgFVtJb8HUb_U.roa
File: ZfLc07n9Et3-2kzgFVtJb8HUb_U.roa (raw, json)
Hash identifier: 6UQo6hmy24bWzbyyEvOAyH2ctMIKZVgTuUa2+yFxxqE=
Subject key identifier: 65:F2:DC:D3:B9:FD:12:DD:FE:DA:4C:E0:15:5B:49:6F:C1:D4:6F:F5
Certificate issuer: /CN=646579561eca5879a747025e5798487b19cd2a97
Certificate serial: 018CC425127DBE3EB6861B311B7A5B346B2A
Authority key identifier: 64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/ZfLc07n9Et3-2kzgFVtJb8HUb_U.roa
Signing time: Mon 01 Jan 2024 08:30:13 +0000
ROA not before: Mon 01 Jan 2024 08:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51409
IP address blocks: 178.255.56.0/24 maxlen: 24
178.255.57.0/24 maxlen: 24
178.255.58.0/24 maxlen: 24
178.255.56.0/21 maxlen: 21
178.255.59.0/24 maxlen: 24
178.255.60.0/24 maxlen: 24
178.255.61.0/24 maxlen: 24
178.255.62.0/24 maxlen: 24
178.255.63.0/24 maxlen: 24
185.41.227.0/24 maxlen: 24
185.41.224.0/24 maxlen: 24
185.41.225.0/24 maxlen: 24
185.41.226.0/24 maxlen: 24
185.41.224.0/22 maxlen: 22
45.146.157.0/24 maxlen: 24
45.146.158.0/24 maxlen: 24
45.146.159.0/24 maxlen: 24
45.146.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 22:03:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:12:7d:be:3e:b6:86:1b:31:1b:7a:5b:34:6b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=646579561eca5879a747025e5798487b19cd2a97
Validity
Not Before: Jan 1 08:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65f2dcd3b9fd12ddfeda4ce0155b496fc1d46ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:57:e1:79:28:6b:27:69:bb:7d:00:48:50:b8:
0e:c7:fc:a6:b6:6d:cc:9b:76:90:0c:70:9b:2a:ca:
65:27:94:fb:9e:c1:5d:3e:b6:c4:cc:bd:bc:ea:02:
ac:09:bf:5a:08:a3:ba:2b:36:b2:5c:80:e1:4b:49:
b4:68:4c:4b:24:ef:a8:25:fc:2a:ae:ac:38:ce:b1:
af:6f:2a:c8:97:e5:62:57:88:ca:df:cd:fc:82:8b:
ab:7c:4f:d0:bd:2e:7e:28:ef:d6:9d:5d:67:31:f7:
6d:0d:8f:05:3d:8c:44:be:3d:bf:7c:0d:99:0a:60:
37:28:a7:39:67:23:25:72:b8:8b:d5:ae:8f:bd:d6:
2b:29:59:8a:f1:e6:f4:35:e2:35:32:14:fe:5c:df:
26:e5:09:3c:86:7e:c2:f0:03:e5:93:31:c0:28:fb:
bc:9a:c3:49:e8:97:0b:ce:8c:a1:b2:68:e4:ad:40:
d2:4f:38:0d:ac:a5:a1:83:fc:b4:a1:61:c7:8f:ef:
8a:ba:80:e9:16:d0:ea:5f:2a:0c:f2:c0:79:99:d2:
1c:00:3c:08:41:ba:aa:78:ab:e1:dc:a8:1e:72:8b:
bf:7a:c4:64:2b:e3:cf:cd:fe:e9:fb:b3:82:60:08:
e2:2c:49:91:e5:b0:1d:a1:82:51:b6:94:eb:8e:d7:
7b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F2:DC:D3:B9:FD:12:DD:FE:DA:4C:E0:15:5B:49:6F:C1:D4:6F:F5
X509v3 Authority Key Identifier:
keyid:64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/ZfLc07n9Et3-2kzgFVtJb8HUb_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.156.0/22
178.255.56.0/21
185.41.224.0/22
Signature Algorithm: sha256WithRSAEncryption
45:f1:15:38:3e:8f:02:60:af:25:31:93:b2:ed:9b:f7:d0:d3:
e0:8c:99:2d:cd:3b:c8:90:83:c4:12:d3:6c:2a:d2:1a:b7:38:
19:8f:7f:fb:39:b4:22:4b:bb:8b:f1:2a:bc:16:36:5c:bb:e3:
0e:da:c4:67:3d:a8:a2:21:36:e6:bd:b0:b4:76:fb:17:bb:d8:
d0:0e:6d:1f:64:17:27:6b:0d:1d:13:8e:d1:b5:10:46:80:f9:
d6:f1:82:fc:a0:77:a9:df:1d:04:14:21:9e:3b:63:b7:9f:dd:
60:32:0d:bf:97:6f:e2:f6:03:d6:78:d1:79:8c:ff:6e:3b:10:
03:a6:8a:c0:9f:aa:18:76:b5:56:09:5a:19:7b:5c:d0:07:8c:
88:1d:49:b6:14:55:3c:da:fb:df:2f:a9:c2:9c:d2:e0:ec:16:
fb:69:18:12:d9:cf:68:98:fe:9d:81:42:0e:21:0b:be:ef:da:
66:cb:c8:a6:9e:06:3a:6d:dd:11:15:58:7a:9b:af:2f:f7:97:
b9:8f:2c:a8:0e:ac:92:09:7e:cd:00:0f:7b:25:c7:5a:26:88:
cb:42:77:6a:aa:14:e9:98:bc:e0:a1:fb:74:14:51:4a:19:85:
32:c3:d1:ca:34:d6:f9:7b:2e:80:66:73:63:52:79:70:89:ff:
87:67:8a:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJRJ9vj62hhsxG3pbNGsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NjU3OTU2MWVjYTU4NzlhNzQ3MDI1ZTU3OTg0ODdiMTlj
ZDJhOTcwHhcNMjQwMTAxMDgzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWYyZGNkM2I5ZmQxMmRkZmVkYTRjZTAxNTViNDk2ZmMxZDQ2ZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlfheShrJ2m7fQBIULgOx/ymtm3M
m3aQDHCbKsplJ5T7nsFdPrbEzL286gKsCb9aCKO6KzayXIDhS0m0aExLJO+oJfwq
rqw4zrGvbyrIl+ViV4jK3838gourfE/QvS5+KO/WnV1nMfdtDY8FPYxEvj2/fA2Z
CmA3KKc5ZyMlcriL1a6PvdYrKVmK8eb0NeI1MhT+XN8m5Qk8hn7C8APlkzHAKPu8
msNJ6JcLzoyhsmjkrUDSTzgNrKWhg/y0oWHHj++KuoDpFtDqXyoM8sB5mdIcADwI
QbqqeKvh3Kgecou/esRkK+PPzf7p+7OCYAjiLEmR5bAdoYJRtpTrjtd7sQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGXy3NO5/RLd/tpM4BVbSW/B1G/1MB8GA1UdIwQY
MBaAFGRleVYeylh5p0cCXleYSHsZzSqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTct
NTVjM2QxMjllYzI4LzEvWmZMYzA3bjlFdDMtMmt6Z0ZWdEpiOEhVYl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTctNTVjM2QxMjllYzI4
LzEvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZKcAwQD
sv84AwQCuSngMA0GCSqGSIb3DQEBCwUAA4IBAQBF8RU4Po8CYK8lMZOy7Zv30NPg
jJktzTvIkIPEEtNsKtIatzgZj3/7ObQiS7uL8Sq8FjZcu+MO2sRnPaiiITbmvbC0
dvsXu9jQDm0fZBcnaw0dE47RtRBGgPnW8YL8oHep3x0EFCGeO2O3n91gMg2/l2/i
9gPWeNF5jP9uOxADporAn6oYdrVWCVoZe1zQB4yIHUm2FFU82vvfL6nCnNLg7Bb7
aRgS2c9omP6dgUIOIQu+79pmy8imngY6bd0RFVh6m68v95e5jyyoDqySCX7NAA97
JcdaJojLQndqqhTpmLzgoft0FFFKGYUyw9HKNNb5ey6AZnNjUnlwif+HZ4qQ
-----END CERTIFICATE-----
Generated at Wed May 29 07:37:06 2024 by rpki-client on console-ams.rpki-client.org