Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/Zwe7v3V3hv3_HCNNhH0OB5_474s.roa
File: Zwe7v3V3hv3_HCNNhH0OB5_474s.roa (raw, json)
Hash identifier: xmoHsLV/6qfPxeWr/JNXGWPLp8GV+PRfgERwrFFfwJI=
Subject key identifier: 67:07:BB:BF:75:77:86:FD:FF:1C:23:4D:84:7D:0E:07:9F:F8:EF:8B
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 018CC9BC71EC3C304F6F6238C311F40FA26C
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/Zwe7v3V3hv3_HCNNhH0OB5_474s.roa
Signing time: Tue 02 Jan 2024 10:33:39 +0000
ROA not before: Tue 02 Jan 2024 10:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42675
IP address blocks: 217.64.148.0/23 maxlen: 23
185.157.162.0/24 maxlen: 24
217.64.150.0/24 maxlen: 24
185.157.160.0/23 maxlen: 23
2a07:a880:4603::/48 maxlen: 48
2a07:a880:3101::/48 maxlen: 48
2a07:a880:4601::/48 maxlen: 48
2a07:a880:4701::/48 maxlen: 48
2a07:a880:4604::/48 maxlen: 48
2a07:a880:4602::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:71:ec:3c:30:4f:6f:62:38:c3:11:f4:0f:a2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Jan 2 10:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6707bbbf757786fdff1c234d847d0e079ff8ef8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2b:32:64:ed:d8:95:b1:f6:75:0a:9d:68:ea:
8d:56:ee:72:62:b2:db:ef:00:6e:01:68:54:19:a2:
d0:3f:69:4f:16:57:8f:d9:ce:6c:99:6c:2a:9b:7f:
04:cc:ab:38:09:04:10:e5:2d:70:ab:1e:e1:f8:97:
7a:af:09:50:d1:ac:18:d4:26:97:ab:f1:d0:e5:33:
9a:e4:63:ba:94:21:b8:95:53:a8:d3:92:db:40:30:
e0:9b:c2:d0:38:17:4b:81:e3:68:34:f2:45:02:4d:
1d:f7:de:12:cd:c4:c0:71:74:d0:d7:20:67:61:f8:
b4:38:52:71:d3:06:48:cc:07:72:e7:a9:26:bd:da:
02:0e:28:35:a0:17:90:19:43:03:ff:d0:c7:db:29:
e2:ce:de:fd:2e:10:b5:e9:a6:eb:f1:99:ce:7e:82:
bb:f4:a6:17:85:a8:33:c7:7f:3b:4a:ef:65:b4:74:
a7:f0:90:be:aa:c6:e6:5b:4f:90:42:23:d8:55:00:
98:78:48:50:44:a1:3a:dd:c9:50:04:7e:3d:34:96:
00:d5:5b:7d:bc:80:a1:12:b3:5b:52:f7:3a:46:92:
16:93:65:28:f3:bf:87:05:c0:0e:c1:02:3c:92:3a:
77:dd:1f:8a:b8:6e:9a:c1:ed:11:1b:2b:92:e9:32:
4c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:07:BB:BF:75:77:86:FD:FF:1C:23:4D:84:7D:0E:07:9F:F8:EF:8B
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/Zwe7v3V3hv3_HCNNhH0OB5_474s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.160.0-185.157.162.255
217.64.148.0-217.64.150.255
IPv6:
2a07:a880:3101::/48
2a07:a880:4601::-2a07:a880:4604:ffff:ffff:ffff:ffff:ffff
2a07:a880:4701::/48
Signature Algorithm: sha256WithRSAEncryption
c2:2d:b5:f5:15:61:57:e1:76:b8:8f:cf:d6:6e:cb:ee:9d:dc:
c2:d3:28:a6:df:a4:c6:3d:12:31:50:36:c5:50:83:93:b8:f3:
3e:fe:96:20:3c:07:a4:77:ff:13:0d:2f:e4:7d:86:a2:c8:94:
51:40:34:ef:c9:6e:1e:56:a1:72:7d:95:66:d4:4b:52:1f:49:
31:e4:67:2d:9b:c6:0b:96:c8:ce:d2:e7:75:59:51:15:d8:08:
c8:f2:84:54:3a:33:d4:4e:04:74:d9:d7:55:b0:d7:fe:ab:0a:
0d:26:e8:f2:60:c4:60:99:a9:8e:ce:ed:83:2a:2e:55:19:d1:
b4:37:c6:2c:0a:19:44:18:d4:de:1a:c7:24:e0:5f:cb:bc:c8:
f0:8c:11:a0:17:a8:50:48:00:33:4b:96:1c:78:3f:3c:7a:02:
b2:80:fb:0a:1a:ae:8e:ae:06:84:65:0d:a0:1b:65:49:28:78:
97:68:ee:27:22:5c:83:61:31:3a:59:2e:1c:65:55:79:b8:8f:
91:6e:1c:4f:73:a7:7e:b1:b4:d4:93:d5:b0:1b:57:e0:e2:5c:
40:ee:c6:5c:22:82:0f:be:aa:c1:b3:51:2e:29:1c:66:b3:42:
df:58:0d:83:24:0e:bd:ea:ba:c0:cb:35:9d:67:81:d2:4a:d2:
5e:4b:ce:fb
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYzJvHHsPDBPb2I4wxH0D6JsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjQwMTAyMTAzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA3YmJiZjc1Nzc4NmZkZmYxYzIzNGQ4NDdkMGUwNzlmZjhlZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSsyZO3YlbH2dQqdaOqNVu5yYrLb
7wBuAWhUGaLQP2lPFleP2c5smWwqm38EzKs4CQQQ5S1wqx7h+Jd6rwlQ0awY1CaX
q/HQ5TOa5GO6lCG4lVOo05LbQDDgm8LQOBdLgeNoNPJFAk0d994SzcTAcXTQ1yBn
Yfi0OFJx0wZIzAdy56kmvdoCDig1oBeQGUMD/9DH2ynizt79LhC16abr8ZnOfoK7
9KYXhagzx387Su9ltHSn8JC+qsbmW0+QQiPYVQCYeEhQRKE63clQBH49NJYA1Vt9
vIChErNbUvc6RpIWk2Uo87+HBcAOwQI8kjp33R+KuG6awe0RGyuS6TJMzwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFGcHu791d4b9/xwjTYR9Dgef+O+LMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvWndlN3YzVjNodjNfSENOTmhIME9CNV80NzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAiBAIAATAcMAwDBAW5naAD
BAC5naIwDAMEAtlAlAMEANlAljAsBAIAAjAmAwcAKgeogDEBMBIDBwAqB6iARgED
BwAqB6iARgQDBwAqB6iARwEwDQYJKoZIhvcNAQELBQADggEBAMIttfUVYVfhdriP
z9Zuy+6d3MLTKKbfpMY9EjFQNsVQg5O48z7+liA8B6R3/xMNL+R9hqLIlFFANO/J
bh5WoXJ9lWbUS1IfSTHkZy2bxguWyM7S53VZURXYCMjyhFQ6M9ROBHTZ11Ww1/6r
Cg0m6PJgxGCZqY7O7YMqLlUZ0bQ3xiwKGUQY1N4axyTgX8u8yPCMEaAXqFBIADNL
lhx4Pzx6ArKA+woaro6uBoRlDaAbZUkoeJdo7iciXINhMTpZLhxlVXm4j5FuHE9z
p36xtNST1bAbV+DiXEDuxlwigg++qsGzUS4pHGazQt9YDYMkDr3qusDLNZ1ngdJK
0l5Lzvs=
-----END CERTIFICATE-----
Generated at Mon May 20 15:13:31 2024 by rpki-client on console-ams.rpki-client.org