Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/Zs1qHcEabQ_yYxWZysQ3aAJKUiA.roa
File: Zs1qHcEabQ_yYxWZysQ3aAJKUiA.roa (raw, json)
Hash identifier: EzByx4u7KwqD7Sk/A0sP8bqE4F5Vlz4fWXiOehfgfDc=
Subject key identifier: 66:CD:6A:1D:C1:1A:6D:0F:F2:63:15:99:CA:C4:37:68:02:4A:52:20
Certificate issuer: /CN=19bcc407bf3881e2966a548c432b3f04014699dd
Certificate serial: 018CC493717E72830394703A6890767B0497
Authority key identifier: 19:BC:C4:07:BF:38:81:E2:96:6A:54:8C:43:2B:3F:04:01:46:99:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbzEB784geKWalSMQys_BAFGmd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/Zs1qHcEabQ_yYxWZysQ3aAJKUiA.roa
Signing time: Mon 01 Jan 2024 10:30:46 +0000
ROA not before: Mon 01 Jan 2024 10:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12926
IP address blocks: 213.63.0.0/17 maxlen: 17
185.113.156.0/22 maxlen: 22
213.63.128.0/17 maxlen: 17
213.141.0.0/19 maxlen: 19
2a00:fa00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/GbzEB784geKWalSMQys_BAFGmd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/GbzEB784geKWalSMQys_BAFGmd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/GbzEB784geKWalSMQys_BAFGmd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 04:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:71:7e:72:83:03:94:70:3a:68:90:76:7b:04:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19bcc407bf3881e2966a548c432b3f04014699dd
Validity
Not Before: Jan 1 10:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66cd6a1dc11a6d0ff2631599cac43768024a5220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:22:a7:fd:59:d3:42:42:e1:77:59:36:c2:68:
c3:09:9b:d9:75:a9:19:5f:a2:8c:82:70:2b:ec:d8:
1b:6d:fd:f1:ad:87:7c:f5:b3:08:c3:0d:09:29:c0:
ec:c6:5c:32:4d:0e:ba:39:af:ef:bf:91:06:28:4f:
fa:98:06:31:ee:04:d4:34:e2:ac:be:d0:18:6b:52:
7c:52:73:0b:9a:ff:53:0f:47:95:65:89:5e:b8:50:
05:a2:fb:52:45:91:16:c8:55:b9:cb:22:d7:a7:66:
77:f6:9f:da:8d:49:2d:eb:1d:2a:90:41:d8:01:28:
58:3a:55:ce:36:1f:d2:38:bb:b3:75:c7:ef:e6:13:
09:7d:87:76:43:06:83:53:0f:5f:da:f2:4c:3b:02:
c1:6a:27:62:ed:fd:fb:e1:1f:7f:d8:94:73:6f:a9:
15:5a:f5:a1:ba:30:aa:bd:49:ba:33:d4:a8:41:b0:
fc:ac:be:63:87:c3:12:aa:b6:76:c7:6a:6a:2f:59:
0c:0c:9e:2b:1e:0c:af:c2:ce:03:02:1b:59:3c:48:
ce:0c:c8:df:1a:21:68:da:53:84:e3:4d:33:ad:54:
bf:4a:d2:e9:38:21:e3:bb:3b:aa:df:6c:b5:8e:f1:
e9:c7:19:ca:41:77:e3:6b:72:00:ad:14:48:f9:1b:
27:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:CD:6A:1D:C1:1A:6D:0F:F2:63:15:99:CA:C4:37:68:02:4A:52:20
X509v3 Authority Key Identifier:
keyid:19:BC:C4:07:BF:38:81:E2:96:6A:54:8C:43:2B:3F:04:01:46:99:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbzEB784geKWalSMQys_BAFGmd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/Zs1qHcEabQ_yYxWZysQ3aAJKUiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4eca5e-4343-46fe-bbb6-44977d7ab9ca/1/GbzEB784geKWalSMQys_BAFGmd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.156.0/22
213.63.0.0/16
213.141.0.0/19
IPv6:
2a00:fa00::/32
Signature Algorithm: sha256WithRSAEncryption
00:42:ca:2f:3c:2d:09:21:64:30:2c:88:43:46:86:6c:3d:07:
62:b1:d3:af:ac:d7:4a:b4:b3:93:92:51:1e:c5:0e:fd:02:be:
73:c5:75:d4:91:9a:c8:26:17:82:02:e4:66:e9:9b:10:aa:05:
31:ba:04:ed:31:d4:10:e9:ab:8f:73:4c:11:f9:02:4c:5b:61:
4b:ea:6d:a9:2e:8f:4a:41:f8:aa:8e:13:b5:6d:fa:b4:d3:35:
ab:3d:54:62:31:3d:00:df:15:17:19:dc:b0:d0:94:dc:8c:c1:
f9:c2:7b:fb:88:f7:7d:40:d0:c9:87:8c:07:5a:34:9a:38:71:
1c:3b:35:b1:0e:9f:a4:b3:c3:f4:fd:75:cb:a4:e4:a8:9f:eb:
6c:c0:51:ff:cb:a7:fe:2f:6e:ed:97:91:60:78:54:4a:3a:85:
b2:1f:37:f6:d3:86:71:35:aa:e4:32:0c:6b:24:fd:06:33:ae:
cb:7a:58:cf:2e:de:ad:74:9c:d8:a1:60:13:38:54:57:7b:57:
ab:6f:0b:a2:a4:35:22:d1:e5:76:a8:03:c7:e4:51:bc:bb:9e:
b1:1c:4d:fe:0b:aa:02:a7:63:7f:63:c9:fc:a8:4b:bf:d5:56:
17:4b:25:64:e2:83:b7:95:b2:6b:1b:17:9e:8d:2b:50:a1:47:
fd:4f:28:7b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEk3F+coMDlHA6aJB2ewSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YmNjNDA3YmYzODgxZTI5NjZhNTQ4YzQzMmIzZjA0MDE0
Njk5ZGQwHhcNMjQwMTAxMTAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmNkNmExZGMxMWE2ZDBmZjI2MzE1OTljYWM0Mzc2ODAyNGE1MjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yKn/VnTQkLhd1k2wmjDCZvZdakZ
X6KMgnAr7Ngbbf3xrYd89bMIww0JKcDsxlwyTQ66Oa/vv5EGKE/6mAYx7gTUNOKs
vtAYa1J8UnMLmv9TD0eVZYleuFAFovtSRZEWyFW5yyLXp2Z39p/ajUkt6x0qkEHY
AShYOlXONh/SOLuzdcfv5hMJfYd2QwaDUw9f2vJMOwLBaidi7f374R9/2JRzb6kV
WvWhujCqvUm6M9SoQbD8rL5jh8MSqrZ2x2pqL1kMDJ4rHgyvws4DAhtZPEjODMjf
GiFo2lOE400zrVS/StLpOCHjuzuq32y1jvHpxxnKQXfja3IArRRI+Rsn8wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGbNah3BGm0P8mMVmcrEN2gCSlIgMB8GA1UdIwQY
MBaAFBm8xAe/OIHilmpUjEMrPwQBRpndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2J6RUI3ODRnZUtXYWxTTVF5c19CQUZHbWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy80ZWNhNWUtNDM0My00NmZlLWJiYjYt
NDQ5NzdkN2FiOWNhLzEvWnMxcUhjRWFiUV95WXhXWnlzUTNhQUpLVWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy80ZWNhNWUtNDM0My00NmZlLWJiYjYtNDQ5NzdkN2FiOWNh
LzEvR2J6RUI3ODRnZUtXYWxTTVF5c19CQUZHbWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCuXGcAwMA
1T8DBAXVjQAwDQQCAAIwBwMFACoA+gAwDQYJKoZIhvcNAQELBQADggEBAABCyi88
LQkhZDAsiENGhmw9B2Kx06+s10q0s5OSUR7FDv0CvnPFddSRmsgmF4IC5GbpmxCq
BTG6BO0x1BDpq49zTBH5AkxbYUvqbakuj0pB+KqOE7Vt+rTTNas9VGIxPQDfFRcZ
3LDQlNyMwfnCe/uI931A0MmHjAdaNJo4cRw7NbEOn6Szw/T9dcuk5Kif62zAUf/L
p/4vbu2XkWB4VEo6hbIfN/bThnE1quQyDGsk/QYzrst6WM8u3q10nNihYBM4VFd7
V6tvC6KkNSLR5XaoA8fkUby7nrEcTf4LqgKnY39jyfyoS7/VVhdLJWTig7eVsmsb
F56NK1ChR/1PKHs=
-----END CERTIFICATE-----
Generated at Sat May 25 07:12:14 2024 by rpki-client on console-fra.rpki-client.org