Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/Zs3HZZvhNeGlUxi0eYyrp6htg6k.roa
File: Zs3HZZvhNeGlUxi0eYyrp6htg6k.roa (raw, json)
Hash identifier: RbjQzp0xbFwEjrDq90q8TMwd/UBrrUQ8xRO9liNoF40=
Subject key identifier: 66:CD:C7:65:9B:E1:35:E1:A5:53:18:B4:79:8C:AB:A7:A8:6D:83:A9
Certificate issuer: /CN=1f21c543844c417f61ad7939244d3b759c2a43ed
Certificate serial: 018CCA99CF5A6E228BE0C2229FA5ACFCDDF2
Authority key identifier: 1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/Zs3HZZvhNeGlUxi0eYyrp6htg6k.roa
Signing time: Tue 02 Jan 2024 14:35:26 +0000
ROA not before: Tue 02 Jan 2024 14:35:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60304
IP address blocks: 185.33.35.0/24 maxlen: 24
185.33.34.0/24 maxlen: 24
185.33.33.0/24 maxlen: 24
185.33.32.0/24 maxlen: 24
2a04:5900::/48 maxlen: 48
2a04:5901:7::/48 maxlen: 48
2a04:5901:22::/48 maxlen: 48
2a04:5901:18::/48 maxlen: 48
2a04:5901:29::/48 maxlen: 48
2a04:5901:e::/48 maxlen: 48
2a04:5901:1f::/48 maxlen: 48
2a04:5901:4::/48 maxlen: 48
2a04:5901:15::/48 maxlen: 48
2a04:5901:b::/48 maxlen: 48
2a04:5901:1::/48 maxlen: 48
2a04:5901:26::/48 maxlen: 48
2a04:5901:17::/48 maxlen: 48
2a04:5901:d::/48 maxlen: 48
2a04:5900:1::/48 maxlen: 48
2a04:5901:3::/48 maxlen: 48
2a04:5901:28::/48 maxlen: 48
2a04:5901:1e::/48 maxlen: 48
2a04:5901:14::/48 maxlen: 48
2a04:5901:25::/48 maxlen: 48
2a04:5901:a::/48 maxlen: 48
2a04:5901:1b::/48 maxlen: 48
2a04:5901:11::/48 maxlen: 48
2a04:5901:27::/48 maxlen: 48
2a04:5901:c::/48 maxlen: 48
2a04:5901:1d::/48 maxlen: 48
2a04:5901:2::/48 maxlen: 48
2a04:5901:13::/48 maxlen: 48
2a04:5901:9::/48 maxlen: 48
2a04:5900::/32 maxlen: 32
2a04:5901:24::/48 maxlen: 48
2a04:5901:1a::/48 maxlen: 48
2a04:5901:2b::/48 maxlen: 48
2a04:5901:10::/48 maxlen: 48
2a04:5901:21::/48 maxlen: 48
2a04:5901:6::/48 maxlen: 48
2a04:5901:1c::/48 maxlen: 48
2a04:5901:12::/48 maxlen: 48
2a04:5901:23::/48 maxlen: 48
2a04:5901:8::/48 maxlen: 48
2a04:5900::/29 maxlen: 29
2a04:5901:19::/48 maxlen: 48
2a04:5901:f::/48 maxlen: 48
2a04:5901:5::/48 maxlen: 48
2a04:5901:2a::/48 maxlen: 48
2a04:5901::/32 maxlen: 32
2a04:5901:20::/48 maxlen: 48
2a04:5901:16::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.mft
rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:cf:5a:6e:22:8b:e0:c2:22:9f:a5:ac:fc:dd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f21c543844c417f61ad7939244d3b759c2a43ed
Validity
Not Before: Jan 2 14:35:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66cdc7659be135e1a55318b4798caba7a86d83a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:36:5d:dd:34:a1:43:b0:dd:47:ed:2b:0d:21:
0a:54:2e:19:52:a3:d9:71:7e:3c:56:af:ba:0f:55:
88:c4:fd:d6:a3:28:9e:11:d5:7b:d9:42:41:d5:c6:
0c:97:d1:9e:33:7d:ea:78:e4:31:c9:34:3f:44:ea:
69:ef:9f:87:53:b4:f5:0e:fd:18:dc:d1:04:c9:aa:
a4:10:0d:b3:15:6e:fd:64:f3:47:51:ac:a5:35:92:
95:b7:37:24:df:70:aa:0e:14:78:48:a2:96:43:ee:
4d:fc:1c:e3:eb:df:83:a4:64:cc:97:61:cf:f6:b3:
ac:b1:30:07:10:6c:33:0d:d6:b7:f7:3b:5a:17:90:
68:69:5c:0b:c9:9c:e1:b1:97:80:64:4f:fd:bf:52:
25:68:93:e4:ea:74:64:9a:ad:c7:48:51:df:28:b8:
3e:a2:be:44:13:b5:a2:d3:38:48:78:81:72:98:5e:
b0:21:6a:1e:ac:4e:1f:a4:2b:a3:c2:0f:71:9a:a9:
8b:46:ff:cd:93:28:e5:d1:55:28:3f:07:6a:6c:3e:
38:c9:02:90:53:c2:68:de:ee:97:03:04:7b:77:93:
f7:03:a5:ff:1a:66:ed:26:ff:a8:fa:10:f4:4c:6a:
02:2b:08:cf:41:91:d4:11:ca:90:4a:ab:ad:4a:cf:
5a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:CD:C7:65:9B:E1:35:E1:A5:53:18:B4:79:8C:AB:A7:A8:6D:83:A9
X509v3 Authority Key Identifier:
keyid:1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/Zs3HZZvhNeGlUxi0eYyrp6htg6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.32.0/22
IPv6:
2a04:5900::/29
Signature Algorithm: sha256WithRSAEncryption
05:02:0d:9e:9b:74:e0:3b:e2:9b:76:38:13:30:9f:79:65:04:
a5:d4:38:9e:1d:95:9c:08:b7:4f:3e:53:ff:52:25:a2:ba:6a:
2d:d3:c6:fe:c8:8d:78:f2:9e:03:9f:d7:37:5b:96:19:bf:f7:
22:c2:ad:49:ef:62:6e:51:4f:48:98:00:09:3c:5c:aa:f4:5f:
1f:e6:12:24:0c:ad:fb:d1:87:f3:ba:09:2c:79:db:d0:02:1d:
64:5c:de:2c:c8:37:71:7c:9b:b9:7a:4d:65:3b:39:5d:4c:96:
ff:d3:d6:e2:dc:3d:2f:c8:38:03:a9:07:86:e1:cf:81:76:3d:
d3:11:8b:58:e0:52:69:2a:45:ab:e4:07:55:f8:cc:ef:40:a7:
b6:bc:3f:c3:da:02:97:18:9a:a7:22:e1:f1:72:aa:33:11:0c:
5b:a6:86:2c:ae:40:33:e6:49:05:25:ce:64:9c:e3:f3:1f:41:
98:ed:39:f0:74:a6:de:b1:bf:2d:5c:d9:9a:40:6f:14:23:ca:
f0:78:ca:a9:c1:a4:5c:f2:48:e9:b3:4a:46:5a:14:2f:6f:79:
02:2d:c2:70:16:01:14:4d:c0:d8:2a:97:81:66:db:ef:e6:d6:
35:81:80:c6:3c:27:e2:ec:ab:0a:42:6f:87:8f:72:30:69:10:
48:78:5c:13
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKmc9abiKL4MIin6Ws/N3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMjFjNTQzODQ0YzQxN2Y2MWFkNzkzOTI0NGQzYjc1OWMy
YTQzZWQwHhcNMjQwMTAyMTQzNTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmNkYzc2NTliZTEzNWUxYTU1MzE4YjQ3OThjYWJhN2E4NmQ4M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjZd3TShQ7DdR+0rDSEKVC4ZUqPZ
cX48Vq+6D1WIxP3WoyieEdV72UJB1cYMl9GeM33qeOQxyTQ/ROpp75+HU7T1Dv0Y
3NEEyaqkEA2zFW79ZPNHUaylNZKVtzck33CqDhR4SKKWQ+5N/Bzj69+DpGTMl2HP
9rOssTAHEGwzDda39ztaF5BoaVwLyZzhsZeAZE/9v1IlaJPk6nRkmq3HSFHfKLg+
or5EE7Wi0zhIeIFymF6wIWoerE4fpCujwg9xmqmLRv/Nkyjl0VUoPwdqbD44yQKQ
U8Jo3u6XAwR7d5P3A6X/GmbtJv+o+hD0TGoCKwjPQZHUEcqQSqutSs9a5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGbNx2Wb4TXhpVMYtHmMq6eobYOpMB8GA1UdIwQY
MBaAFB8hxUOETEF/Ya15OSRNO3WcKkPtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHlIRlE0Uk1RWDloclhrNUpFMDdkWndxUS0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xNTZlY2QtZmU2OC00YmMzLWFlN2Qt
YjhjNDg1M2U0MmJjLzEvWnMzSFpadmhOZUdsVXhpMGVZeXJwNmh0ZzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xNTZlY2QtZmU2OC00YmMzLWFlN2QtYjhjNDg1M2U0MmJj
LzEvSHlIRlE0Uk1RWDloclhrNUpFMDdkWndxUS0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSEgMA0E
AgACMAcDBQMqBFkAMA0GCSqGSIb3DQEBCwUAA4IBAQAFAg2em3TgO+KbdjgTMJ95
ZQSl1DieHZWcCLdPPlP/UiWiumot08b+yI148p4Dn9c3W5YZv/ciwq1J72JuUU9I
mAAJPFyq9F8f5hIkDK370YfzugksedvQAh1kXN4syDdxfJu5ek1lOzldTJb/09bi
3D0vyDgDqQeG4c+Bdj3TEYtY4FJpKkWr5AdV+MzvQKe2vD/D2gKXGJqnIuHxcqoz
EQxbpoYsrkAz5kkFJc5knOPzH0GY7TnwdKbesb8tXNmaQG8UI8rweMqpwaRc8kjp
s0pGWhQvb3kCLcJwFgEUTcDYKpeBZtvv5tY1gYDGPCfi7KsKQm+Hj3IwaRBIeFwT
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:14:24 2024 by rpki-client on console-fra.rpki-client.org