Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/ZV3jzCXvWaz6OQcxyASBnXcJBrQ.roa
File: ZV3jzCXvWaz6OQcxyASBnXcJBrQ.roa (raw, json)
Hash identifier: ozydR3DT4nxNXuoL18/OycKNAT9zVxzeP8asT6cebdQ=
Subject key identifier: 65:5D:E3:CC:25:EF:59:AC:FA:39:07:31:C8:04:81:9D:77:09:06:B4
Certificate issuer: /CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
Certificate serial: 019076F27105198E2D0E4CF9C1D823A77F08
Authority key identifier: B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/ZV3jzCXvWaz6OQcxyASBnXcJBrQ.roa
Signing time: Wed 03 Jul 2024 04:55:18 +0000
ROA not before: Wed 03 Jul 2024 04:55:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200590
IP address blocks: 5.188.64.0/22 maxlen: 24
5.188.152.0/22 maxlen: 24
77.240.33.0/24 maxlen: 24
77.240.35.0/24 maxlen: 24
77.240.44.0/22 maxlen: 24
79.143.20.0/22 maxlen: 24
82.115.60.0/24 maxlen: 24
82.115.61.0/24 maxlen: 24
82.115.62.0/24 maxlen: 24
84.252.156.0/22 maxlen: 24
87.255.194.0/23 maxlen: 24
87.255.196.0/22 maxlen: 24
87.255.200.0/23 maxlen: 24
89.223.0.0/24 maxlen: 24
89.223.2.0/24 maxlen: 24
91.147.88.0/24 maxlen: 24
91.147.89.0/24 maxlen: 24
91.147.90.0/24 maxlen: 24
91.147.91.0/24 maxlen: 24
91.147.100.0/22 maxlen: 24
93.190.240.0/22 maxlen: 24
94.126.201.0/24 maxlen: 24
178.238.78.0/23 maxlen: 24
185.97.112.0/22 maxlen: 24
185.182.216.0/24 maxlen: 24
185.182.217.0/24 maxlen: 24
188.94.152.0/23 maxlen: 24
194.76.124.0/22 maxlen: 24
2a06:580::/29 maxlen: 40
2a06:580:4::/48 maxlen: 48
2a06:580:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/sJ__jo_9j459mntm0cxz3DkoHvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/sJ__jo_9j459mntm0cxz3DkoHvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:76:f2:71:05:19:8e:2d:0e:4c:f9:c1:d8:23:a7:7f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
Validity
Not Before: Jul 3 04:55:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=655de3cc25ef59acfa390731c804819d770906b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ab:3a:90:6a:6b:e1:48:9e:f0:a5:1f:21:89:
9d:2d:41:89:07:a9:ff:0f:c7:34:ca:d1:09:90:60:
84:5b:5d:35:06:a3:d2:f6:a4:5c:d8:65:9d:73:fe:
3a:95:30:a4:70:86:69:05:98:1c:85:b8:cf:2f:13:
60:f9:3f:a8:93:9c:00:b1:ae:d0:d4:a8:88:bc:60:
43:0e:70:9f:1a:33:b0:f3:2f:0b:5b:f4:fb:88:d0:
98:1a:79:31:1a:b5:02:0d:e3:ba:8f:f4:3a:ce:c0:
99:6a:a2:d0:2c:18:1c:55:36:02:de:80:ec:4a:bf:
1c:e9:2e:fb:bd:a2:f7:13:4b:78:46:46:9c:3f:71:
d8:88:22:96:5f:20:22:e3:55:ed:be:2d:84:8d:f8:
d8:f2:f7:2a:73:98:77:92:db:1c:98:26:c2:bf:7a:
fa:84:87:b4:8f:ac:18:b0:e4:2f:86:75:65:c2:65:
9c:a5:ce:15:d5:8f:65:33:cc:27:9f:83:0e:81:f8:
cb:3c:44:7f:e3:c5:44:89:33:8d:78:8d:fb:90:12:
06:6c:b5:04:7e:25:7c:d6:8e:dc:26:f9:0d:43:f1:
32:aa:75:0e:93:87:0e:0c:44:34:61:fc:a6:70:55:
d6:19:17:bc:c1:45:f0:0b:f5:35:2b:08:56:1d:a0:
97:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:5D:E3:CC:25:EF:59:AC:FA:39:07:31:C8:04:81:9D:77:09:06:B4
X509v3 Authority Key Identifier:
keyid:B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/ZV3jzCXvWaz6OQcxyASBnXcJBrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/sJ__jo_9j459mntm0cxz3DkoHvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.64.0/22
5.188.152.0/22
77.240.33.0/24
77.240.35.0/24
77.240.44.0/22
79.143.20.0/22
82.115.60.0-82.115.62.255
84.252.156.0/22
87.255.194.0-87.255.201.255
89.223.0.0/24
89.223.2.0/24
91.147.88.0/22
91.147.100.0/22
93.190.240.0/22
94.126.201.0/24
178.238.78.0/23
185.97.112.0/22
185.182.216.0/23
188.94.152.0/23
194.76.124.0/22
IPv6:
2a06:580::/29
Signature Algorithm: sha256WithRSAEncryption
d1:44:7b:a2:34:90:a9:93:7d:78:98:12:5f:4f:43:83:75:5c:
8f:c1:d6:9b:15:7e:41:3d:ea:25:62:cf:68:4c:3f:7b:b9:98:
2b:c5:bc:10:0b:2f:59:b2:6e:69:51:da:01:45:20:6f:6d:08:
d0:dd:15:6e:59:4d:02:84:30:5c:7c:cc:fd:f8:1b:d7:e6:3f:
6c:9c:d9:39:10:d8:32:e6:33:45:6d:aa:5b:32:63:9e:53:e9:
ea:82:26:4d:a3:00:88:af:8f:06:d1:04:a2:66:04:07:a3:d9:
91:25:29:38:d7:f2:4c:64:2d:f7:9b:18:d8:2a:c4:3b:34:ec:
f0:84:99:db:11:ac:50:1d:6e:c1:42:8b:31:44:b2:6e:41:aa:
3d:a5:74:fa:bb:4c:a8:eb:6b:be:a8:47:67:b8:51:20:7e:ca:
27:e3:76:a8:c8:f7:49:77:4f:88:bd:bc:52:99:3b:a9:53:c8:
77:bd:ad:c9:6e:f7:06:ef:b0:36:61:ba:c9:ab:99:f6:70:f1:
06:a5:c6:cf:60:83:9d:bd:d2:34:ff:87:b9:07:01:32:ea:99:
13:f1:6a:3c:20:58:b5:04:13:cf:84:a9:70:e6:6c:b5:d6:6d:
43:40:79:5f:0d:69:92:9c:b5:16:0e:4b:7f:dd:38:ac:18:0a:
84:d9:b3:24
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZB28nEFGY4tDkz5wdgjp38IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwOWZmZjhlOGZmZDhmOGU3ZDlhN2I2NmQxY2M3M2RjMzky
ODFlZjYwHhcNMjQwNzAzMDQ1NTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTVkZTNjYzI1ZWY1OWFjZmEzOTA3MzFjODA0ODE5ZDc3MDkwNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ks6kGpr4Uie8KUfIYmdLUGJB6n/
D8c0ytEJkGCEW101BqPS9qRc2GWdc/46lTCkcIZpBZgchbjPLxNg+T+ok5wAsa7Q
1KiIvGBDDnCfGjOw8y8LW/T7iNCYGnkxGrUCDeO6j/Q6zsCZaqLQLBgcVTYC3oDs
Sr8c6S77vaL3E0t4RkacP3HYiCKWXyAi41Xtvi2EjfjY8vcqc5h3ktscmCbCv3r6
hIe0j6wYsOQvhnVlwmWcpc4V1Y9lM8wnn4MOgfjLPER/48VEiTONeI37kBIGbLUE
fiV81o7cJvkNQ/EyqnUOk4cODEQ0YfymcFXWGRe8wUXwC/U1KwhWHaCXcQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFGVd48wl71ms+jkHMcgEgZ13CQa0MB8GA1UdIwQY
MBaAFLCf/46P/Y+OfZp7ZtHMc9w5KB72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0pfX2pvXzlqNDU5bW50bTBjeHozRGtvSHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy84ZmJjN2UtMWY0Ny00ODdjLTgyOTIt
ZTVhNzdmN2E3YWEyLzEvWlYzanpDWHZXYXo2T1FjeHlBU0JuWGNKQnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy84ZmJjN2UtMWY0Ny00ODdjLTgyOTItZTVhNzdmN2E3YWEy
LzEvc0pfX2pvXzlqNDU5bW50bTBjeHozRGtvSHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBjwQCAAEwgYgDBAIF
vEADBAIFvJgDBABN8CEDBABN8CMDBAJN8CwDBAJPjxQwDAMEAlJzPAMEAFJzPgME
AlT8nDAMAwQBV//CAwQBV//IAwQAWd8AAwQAWd8CAwQCW5NYAwQCW5NkAwQCXb7w
AwQAXn7JAwQBsu5OAwQCuWFwAwQBubbYAwQBvF6YAwQCwkx8MA0EAgACMAcDBQMq
BgWAMA0GCSqGSIb3DQEBCwUAA4IBAQDRRHuiNJCpk314mBJfT0ODdVyPwdabFX5B
PeolYs9oTD97uZgrxbwQCy9Zsm5pUdoBRSBvbQjQ3RVuWU0ChDBcfMz9+BvX5j9s
nNk5ENgy5jNFbapbMmOeU+nqgiZNowCIr48G0QSiZgQHo9mRJSk41/JMZC33mxjY
KsQ7NOzwhJnbEaxQHW7BQosxRLJuQao9pXT6u0yo62u+qEdnuFEgfson43aoyPdJ
d0+IvbxSmTupU8h3va3JbvcG77A2YbrJq5n2cPEGpcbPYIOdvdI0/4e5BwEy6pkT
8Wo8IFi1BBPPhKlw5my11m1DQHlfDWmSnLUWDkt/3TisGAqE2bMk
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:03 2024 by rpki-client on console-fra.rpki-client.org