Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/z0yieLihF4AKdy5kuaWBCWLeKSU.roa
File: z0yieLihF4AKdy5kuaWBCWLeKSU.roa (raw, json)
Hash identifier: fsdb61i2kEAJHiWq2j79bvdzNqbb/OdX16oiKEqgurA=
Subject key identifier: CF:4C:A2:78:B8:A1:17:80:0A:77:2E:64:B9:A5:81:09:62:DE:29:25
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FBF1999AA8ABFAB758E9D85E4DA38
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/z0yieLihF4AKdy5kuaWBCWLeKSU.roa
Signing time: Tue 02 Jan 2024 04:30:15 +0000
ROA not before: Tue 02 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34744
IP address blocks: 109.197.232.0/22 maxlen: 22
77.36.64.0/24 maxlen: 24
109.197.236.0/22 maxlen: 22
77.36.64.0/19 maxlen: 19
31.133.28.0/22 maxlen: 22
77.36.0.0/18 maxlen: 18
77.36.16.0/21 maxlen: 21
91.246.172.0/22 maxlen: 22
77.232.216.0/22 maxlen: 22
176.111.164.0/22 maxlen: 22
176.115.232.0/22 maxlen: 22
93.120.47.0/24 maxlen: 24
2a01:7d8::/48 maxlen: 48
2a01:7d8:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:bf:19:99:aa:8a:bf:ab:75:8e:9d:85:e4:da:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf4ca278b8a117800a772e64b9a5810962de2925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:0c:25:74:5f:03:08:10:d4:a4:29:3a:6e:
72:a9:55:d1:93:62:7c:22:dc:3d:52:a4:e0:8f:2c:
8f:7c:5a:74:23:5e:98:82:45:c4:73:af:5f:c3:62:
89:b3:dc:b7:9d:45:2c:cb:e0:32:b1:a0:5b:91:b5:
48:52:6b:4d:20:1d:86:06:4c:cd:e9:6c:50:dc:58:
50:90:23:6b:1d:5b:03:74:fe:af:58:c0:14:5a:00:
07:24:1b:f7:e7:90:20:ac:b2:ff:a2:6a:b3:88:0e:
ca:63:1a:c3:cb:45:3d:b2:e7:38:5d:e0:32:e7:ca:
29:ed:b1:d1:a6:51:9a:e6:6f:f4:cf:95:f6:4b:9f:
e7:96:a0:86:7a:76:19:8c:7d:f4:57:8d:72:7b:13:
20:34:ed:2e:f7:57:fe:aa:d4:9e:6b:2b:c4:c3:e7:
8b:bf:ce:59:60:9f:01:cb:f4:6d:d8:08:f5:f9:22:
e1:7f:f3:77:41:cc:e6:ae:bb:7e:90:f8:66:92:cd:
ab:37:18:ed:9a:9d:a7:f7:e6:50:18:47:dc:ce:0d:
3e:ca:cf:27:9b:24:ec:5b:c3:c2:28:6f:83:1f:b5:
48:ec:82:fa:82:58:8f:b9:61:fd:3e:fa:b0:43:99:
4f:84:2e:de:31:00:86:88:91:00:c5:13:f9:07:ef:
1f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4C:A2:78:B8:A1:17:80:0A:77:2E:64:B9:A5:81:09:62:DE:29:25
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/z0yieLihF4AKdy5kuaWBCWLeKSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.28.0/22
77.36.0.0-77.36.95.255
77.232.216.0/22
91.246.172.0/22
93.120.47.0/24
109.197.232.0/21
176.111.164.0/22
176.115.232.0/22
IPv6:
2a01:7d8::/47
Signature Algorithm: sha256WithRSAEncryption
39:7e:76:72:fe:50:cc:47:8f:cc:39:b1:1e:f2:a3:06:f9:39:
8c:27:27:e2:c1:11:f0:21:ff:4f:44:1a:88:5a:7e:b3:26:dc:
4b:8f:7a:8b:b8:5a:3c:19:ce:82:53:72:1e:00:fb:ce:46:32:
0b:8a:17:10:81:6b:93:e6:8a:1e:22:a2:6b:36:ad:71:ad:af:
3d:08:01:6b:0c:25:97:cd:11:25:87:07:58:ff:92:e0:bd:28:
13:f7:ea:b2:a2:97:02:38:8b:e5:24:97:74:79:be:d7:ed:80:
0c:55:b0:8a:93:92:e5:cd:e7:c0:b0:50:10:ec:c5:fc:b7:18:
57:6a:5d:9a:35:40:be:36:a1:d5:6b:df:12:82:08:cc:ea:5a:
cc:65:1c:63:5e:77:e4:27:4f:dd:7d:39:bf:21:ff:8e:b6:41:
93:d1:56:e7:0c:e1:a4:b4:be:9e:b7:d5:73:6d:3a:fe:07:1e:
bc:48:9f:e7:0d:fe:ac:43:f6:f1:8c:e2:d7:da:c9:8f:7c:df:
7c:16:66:a7:84:d2:bb:81:36:21:b1:72:39:34:8b:98:e1:c7:
d7:c4:2e:b1:58:2b:e2:d3:c6:98:43:12:65:a9:76:b2:a1:37:
5d:23:33:64:6c:b1:7e:ed:44:e6:c2:0b:65:66:ef:92:23:36:
13:df:92:ac
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzIb78ZmaqKv6t1jp2F5No4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjRjYTI3OGI4YTExNzgwMGE3NzJlNjRiOWE1ODEwOTYyZGUyOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl14MJXRfAwgQ1KQpOm5yqVXRk2J8
Itw9UqTgjyyPfFp0I16YgkXEc69fw2KJs9y3nUUsy+AysaBbkbVIUmtNIB2GBkzN
6WxQ3FhQkCNrHVsDdP6vWMAUWgAHJBv355AgrLL/omqziA7KYxrDy0U9suc4XeAy
58op7bHRplGa5m/0z5X2S5/nlqCGenYZjH30V41yexMgNO0u91f+qtSeayvEw+eL
v85ZYJ8By/Rt2Aj1+SLhf/N3Qczmrrt+kPhmks2rNxjtmp2n9+ZQGEfczg0+ys8n
myTsW8PCKG+DH7VI7IL6gliPuWH9PvqwQ5lPhC7eMQCGiJEAxRP5B+8fqQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFM9Moni4oReACncuZLmlgQli3iklMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvejB5aWVMaWhGNEFLZHk1a3VhV0JDV0xlS1NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA9BAIAATA3AwQCH4UcMAsD
AwJNJAMEBU0kQAMEAk3o2AMEAlv2rAMEAF14LwMEA23F6AMEArBvpAMEArBz6DAP
BAIAAjAJAwcBKgEH2AAAMA0GCSqGSIb3DQEBCwUAA4IBAQA5fnZy/lDMR4/MObEe
8qMG+TmMJyfiwRHwIf9PRBqIWn6zJtxLj3qLuFo8Gc6CU3IeAPvORjILihcQgWuT
5ooeIqJrNq1xra89CAFrDCWXzRElhwdY/5LgvSgT9+qyopcCOIvlJJd0eb7X7YAM
VbCKk5LlzefAsFAQ7MX8txhXal2aNUC+NqHVa98SggjM6lrMZRxjXnfkJ0/dfTm/
If+OtkGT0VbnDOGktL6et9VzbTr+Bx68SJ/nDf6sQ/bxjOLX2smPfN98FmanhNK7
gTYhsXI5NIuY4cfXxC6xWCvi08aYQxJlqXayoTddIzNkbLF+7UTmwgtlZu+SIzYT
35Ks
-----END CERTIFICATE-----
Generated at Fri May 24 04:54:58 2024 by rpki-client on console-fra.rpki-client.org