Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/ZlcgNBDs3X-nrWq5JRZwNZrxDJs.roa
File: ZlcgNBDs3X-nrWq5JRZwNZrxDJs.roa (raw, json)
Hash identifier: mZGLVSMgkg1WSDf/EazAgkOhlbpg5TRMGoF12tKxC2w=
Subject key identifier: 66:57:20:34:10:EC:DD:7F:A7:AD:6A:B9:25:16:70:35:9A:F1:0C:9B
Certificate issuer: /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial: 018CC64B58FA4915438A9B14065A2DAB67FD
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/ZlcgNBDs3X-nrWq5JRZwNZrxDJs.roa
Signing time: Mon 01 Jan 2024 18:31:15 +0000
ROA not before: Mon 01 Jan 2024 18:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199636
IP address blocks: 185.146.220.0/22 maxlen: 24
141.255.128.0/21 maxlen: 24
212.114.16.0/20 maxlen: 24
88.212.152.0/22 maxlen: 24
45.80.8.0/22 maxlen: 24
185.91.220.0/22 maxlen: 24
45.80.24.0/22 maxlen: 24
45.80.20.0/22 maxlen: 24
45.80.32.0/22 maxlen: 24
95.178.88.0/22 maxlen: 24
88.202.236.0/22 maxlen: 24
91.203.92.0/22 maxlen: 24
82.96.128.0/18 maxlen: 24
185.44.88.0/22 maxlen: 24
130.180.208.0/20 maxlen: 24
2a05:6e00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:58:fa:49:15:43:8a:9b:14:06:5a:2d:ab:67:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
Validity
Not Before: Jan 1 18:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6657203410ecdd7fa7ad6ab9251670359af10c9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5c:a3:b2:7b:71:1f:c5:9d:ba:c6:d6:d4:c3:
a0:0b:2a:b1:ce:ac:cf:f1:d8:bc:df:cf:38:fa:c4:
cb:75:d6:e5:1a:3b:92:45:54:91:72:b3:0e:3c:08:
73:b0:d7:39:d9:12:b9:2d:64:17:8a:62:cd:4b:ce:
fd:e1:e4:5e:cf:c5:d6:b4:37:a1:42:2f:dc:59:b9:
ac:c1:f6:59:62:8c:22:c2:27:ed:ba:7e:c8:89:3f:
72:4f:f0:c5:1a:91:4b:d1:f3:82:b7:89:12:17:f8:
c3:ed:ea:05:df:ba:96:16:28:6a:aa:bb:82:9e:40:
3f:c3:93:12:c1:c9:05:77:af:66:20:52:fb:70:16:
e7:b6:67:23:47:c4:05:61:73:2e:15:03:fc:40:e6:
9f:f1:b1:c1:ce:13:4c:16:c0:89:c7:6f:33:4c:67:
08:b1:f4:d2:fa:1a:2d:f0:18:d9:c8:4a:aa:a3:fb:
e0:39:16:fa:14:ca:f3:f6:ed:49:9d:d6:a5:af:d8:
05:55:5a:23:f4:d6:01:58:1a:1f:7a:6d:eb:02:8a:
4c:60:56:1f:cb:7f:50:4f:49:89:66:94:2e:12:9c:
d8:0b:dc:13:ea:5c:d9:a6:c6:bf:8f:76:89:cb:e8:
17:92:e7:b7:15:4d:12:3b:01:29:45:c9:38:83:01:
0e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:57:20:34:10:EC:DD:7F:A7:AD:6A:B9:25:16:70:35:9A:F1:0C:9B
X509v3 Authority Key Identifier:
keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/ZlcgNBDs3X-nrWq5JRZwNZrxDJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.8.0/22
45.80.20.0-45.80.27.255
45.80.32.0/22
82.96.128.0/18
88.202.236.0/22
88.212.152.0/22
91.203.92.0/22
95.178.88.0/22
130.180.208.0/20
141.255.128.0/21
185.44.88.0/22
185.91.220.0/22
185.146.220.0/22
212.114.16.0/20
IPv6:
2a05:6e00::/29
Signature Algorithm: sha256WithRSAEncryption
6c:0f:6d:7f:87:65:85:61:8f:b9:03:9f:42:97:7f:9f:91:9f:
42:63:29:6b:86:8c:54:0f:7c:94:81:0b:f5:74:33:eb:f5:03:
fb:e3:d9:2f:38:72:a7:75:64:6f:da:82:3e:17:39:b6:0a:5f:
cd:ea:9f:03:3c:15:c5:11:0e:19:8a:d6:47:b9:1f:c4:e7:e4:
13:ce:68:b2:f1:09:85:62:a2:07:b0:97:d0:88:65:87:51:18:
83:1e:a2:0a:9d:89:eb:fc:66:02:3e:79:c2:5b:99:15:5a:23:
6f:01:c0:26:5c:46:72:28:75:60:5a:72:62:29:81:4e:6d:83:
f8:92:45:c1:1a:43:fd:b9:35:a1:60:e8:9b:55:f7:ff:2e:ab:
fb:f0:4e:b1:58:cd:12:d6:52:79:a0:93:64:a0:57:97:55:e5:
a2:59:37:c4:1c:c3:5c:32:e7:37:11:c2:3c:85:42:ce:75:f2:
5d:86:4e:01:e0:a8:56:41:18:b9:ef:6e:88:d9:60:d9:86:bf:
57:20:3c:8f:ff:8f:89:44:e4:fb:ec:c5:22:8f:46:49:39:76:
b0:b4:35:49:2c:dd:04:b9:53:dc:2f:06:f5:53:5e:97:e1:c1:
9e:a8:51:50:1e:c4:0a:3f:80:aa:33:00:88:4b:92:66:de:19:
eb:2d:97:83
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYzGS1j6SRVDipsUBlotq2f9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjQwMTAxMTgzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjU3MjAzNDEwZWNkZDdmYTdhZDZhYjkyNTE2NzAzNTlhZjEwYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlyjsntxH8WdusbW1MOgCyqxzqzP
8di83884+sTLddblGjuSRVSRcrMOPAhzsNc52RK5LWQXimLNS8794eRez8XWtDeh
Qi/cWbmswfZZYowiwiftun7IiT9yT/DFGpFL0fOCt4kSF/jD7eoF37qWFihqqruC
nkA/w5MSwckFd69mIFL7cBbntmcjR8QFYXMuFQP8QOaf8bHBzhNMFsCJx28zTGcI
sfTS+hot8BjZyEqqo/vgORb6FMrz9u1Jndalr9gFVVoj9NYBWBofem3rAopMYFYf
y39QT0mJZpQuEpzYC9wT6lzZpsa/j3aJy+gXkue3FU0SOwEpRck4gwEO7QIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFGZXIDQQ7N1/p61quSUWcDWa8QybMB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvWmxjZ05CRHMzWC1ucldxNUpSWndOWnJ4REpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAi1QCDAM
AwQCLVAUAwQCLVAYAwQCLVAgAwQGUmCAAwQCWMrsAwQCWNSYAwQCW8tcAwQCX7JY
AwQEgrTQAwQDjf+AAwQCuSxYAwQCuVvcAwQCuZLcAwQE1HIQMA0EAgACMAcDBQMq
BW4AMA0GCSqGSIb3DQEBCwUAA4IBAQBsD21/h2WFYY+5A59Cl3+fkZ9CYylrhoxU
D3yUgQv1dDPr9QP749kvOHKndWRv2oI+Fzm2Cl/N6p8DPBXFEQ4ZitZHuR/E5+QT
zmiy8QmFYqIHsJfQiGWHURiDHqIKnYnr/GYCPnnCW5kVWiNvAcAmXEZyKHVgWnJi
KYFObYP4kkXBGkP9uTWhYOibVff/Lqv78E6xWM0S1lJ5oJNkoFeXVeWiWTfEHMNc
Muc3EcI8hULOdfJdhk4B4KhWQRi5726I2WDZhr9XIDyP/4+JROT77MUij0ZJOXaw
tDVJLN0EuVPcLwb1U16X4cGeqFFQHsQKP4CqMwCIS5Jm3hnrLZeD
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:29:28 2024 by rpki-client on console-ams.rpki-client.org