Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/zaMnaoN89piZ5WEwQAevuaNXDuU.roa
File: zaMnaoN89piZ5WEwQAevuaNXDuU.roa (raw, json)
Hash identifier: Snzhspqimn5tcn+UQT4vk9uQ40BJxFexJD3+drCBvGA=
Subject key identifier: CD:A3:27:6A:83:7C:F6:98:99:E5:61:30:40:07:AF:B9:A3:57:0E:E5
Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial: 01920F3696DF4936711B4171CEAFAB9F8A89
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/zaMnaoN89piZ5WEwQAevuaNXDuU.roa
Signing time: Fri 20 Sep 2024 11:34:48 +0000
ROA not before: Fri 20 Sep 2024 11:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 46.80.0.0/12 maxlen: 12
62.153.0.0/16 maxlen: 16
62.154.0.0/15 maxlen: 15
62.156.0.0/14 maxlen: 14
62.224.0.0/14 maxlen: 14
79.192.0.0/10 maxlen: 10
80.128.0.0/11 maxlen: 11
80.128.0.0/12 maxlen: 12
80.144.0.0/13 maxlen: 13
80.152.0.0/14 maxlen: 14
80.156.0.0/16 maxlen: 16
80.157.0.0/16 maxlen: 16
80.157.8.0/21 maxlen: 21
80.157.16.0/20 maxlen: 20
84.128.0.0/10 maxlen: 10
87.128.0.0/10 maxlen: 10
91.0.0.0/10 maxlen: 10
93.192.0.0/10 maxlen: 10
192.166.49.0/24 maxlen: 24
193.158.0.0/15 maxlen: 15
194.25.0.0/16 maxlen: 16
194.150.228.0/23 maxlen: 23
195.145.0.0/16 maxlen: 16
195.243.0.0/16 maxlen: 16
212.184.0.0/15 maxlen: 15
217.0.0.0/13 maxlen: 13
217.80.0.0/12 maxlen: 12
217.224.0.0/11 maxlen: 11
2003::/19 maxlen: 19
2003::/23 maxlen: 23
2003:8:f400::/48 maxlen: 48
2003:8:f401::/48 maxlen: 48
2003:8:f402::/48 maxlen: 48
2003:8:f403::/48 maxlen: 48
2003:8:f404::/48 maxlen: 48
2003:8:f405::/48 maxlen: 48
2003:8:f406::/48 maxlen: 48
2003:8:f407::/48 maxlen: 48
2003:8:f408::/48 maxlen: 48
2003:8:f409::/48 maxlen: 48
2003:8:f40a::/48 maxlen: 48
2003:8:f40b::/48 maxlen: 48
2003:8:f40c::/48 maxlen: 48
2003:8:f40d::/48 maxlen: 48
2003:8:f40e::/48 maxlen: 48
2003:3c0::/28 maxlen: 28
2003:3e0::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:36:96:df:49:36:71:1b:41:71:ce:af:ab:9f:8a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Validity
Not Before: Sep 20 11:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cda3276a837cf69899e561304007afb9a3570ee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6e:5f:ae:07:4a:4a:f3:82:dc:13:48:57:c6:
bb:b1:13:0f:a4:b6:15:d8:9a:1b:95:5e:6e:74:39:
62:b0:6e:8f:28:99:c1:01:41:b3:99:b6:2d:fd:e3:
a7:5b:35:6f:4e:a0:ba:79:34:94:12:8d:7e:61:14:
37:70:bf:b2:ad:12:b9:ff:1b:ee:84:52:4a:28:59:
b1:81:3a:e5:99:38:16:d3:8a:2c:d1:ea:dc:3b:72:
0d:b8:c2:2c:4d:ec:7c:af:8f:0b:81:74:d8:47:93:
2c:e5:26:53:e9:21:3f:ed:90:31:27:91:5d:86:c0:
bc:02:18:d8:56:d0:d8:83:22:39:1d:8b:ba:7d:d5:
43:97:a7:1b:3a:f5:57:51:43:06:5f:c7:9c:d6:f5:
1f:65:9c:e1:4b:d1:c4:3a:93:4f:80:3c:16:22:17:
65:ac:cf:60:ff:fb:1c:d4:a2:59:7d:e0:24:10:78:
c1:a0:fb:21:3e:e0:5f:ea:90:15:a3:de:3b:7a:62:
6d:d0:12:d6:e9:0f:3b:4f:28:85:72:db:fe:5c:02:
83:fd:cd:a4:04:19:26:3e:3f:d9:ac:f6:77:9f:5d:
22:4c:31:e5:5c:76:4c:58:aa:1c:2e:72:ee:98:cb:
fe:00:6f:b1:ee:d4:0d:b4:88:05:18:f5:47:e9:e5:
04:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A3:27:6A:83:7C:F6:98:99:E5:61:30:40:07:AF:B9:A3:57:0E:E5
X509v3 Authority Key Identifier:
keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/zaMnaoN89piZ5WEwQAevuaNXDuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.80.0.0/12
62.153.0.0-62.159.255.255
62.224.0.0/14
79.192.0.0/10
80.128.0.0/11
84.128.0.0/10
87.128.0.0/10
91.0.0.0/10
93.192.0.0/10
192.166.49.0/24
193.158.0.0/15
194.25.0.0/16
194.150.228.0/23
195.145.0.0/16
195.243.0.0/16
212.184.0.0/15
217.0.0.0/13
217.80.0.0/12
217.224.0.0/11
IPv6:
2003::/19
Signature Algorithm: sha256WithRSAEncryption
03:13:87:de:32:65:da:b7:3a:e0:bd:f0:cf:73:66:18:39:d9:
4e:3b:59:17:ab:bd:18:62:fd:1a:2e:48:ea:1c:6b:cf:99:a4:
28:b9:71:5d:29:59:68:01:f7:a9:53:9d:b8:11:32:85:c0:f3:
bb:ec:97:ab:cb:0f:2a:05:30:f1:55:f1:53:f3:00:c8:c8:bd:
7a:10:d2:27:a9:22:98:f4:54:4a:ac:02:6e:b6:8e:6b:f0:67:
e6:32:3c:24:b9:c5:7c:69:3c:97:d2:96:a1:e4:a9:69:ac:d8:
c2:37:78:fc:e6:e4:48:5f:b0:db:db:f5:68:7f:84:6a:9b:31:
58:d3:20:34:13:f2:82:db:e1:28:3b:54:9e:c0:cd:85:ab:1e:
d6:6c:61:1f:da:13:74:98:5c:e2:a6:83:a7:0c:c8:d4:d8:4e:
a5:d9:fe:bd:ab:14:ca:de:ea:08:ca:0d:54:e4:bb:cc:27:4c:
35:30:ea:4f:25:21:e0:ba:48:40:d4:51:f0:78:ee:4f:8f:da:
63:7b:26:26:4c:a3:76:b2:a2:a5:43:cb:0b:dd:de:c8:e0:eb:
c4:ad:37:ad:04:ee:13:12:7b:04:60:76:6e:d2:0f:d1:9c:ef:
0d:04:3e:72:ce:23:d2:9e:29:38:06:64:66:2a:28:5e:d6:f2:
ab:16:c3:57
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgISAZIPNpbfSTZxG0Fxzq+rn4qJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2
MDk4MmIwHhcNMjQwOTIwMTEzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGEzMjc2YTgzN2NmNjk4OTllNTYxMzA0MDA3YWZiOWEzNTcwZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo25frgdKSvOC3BNIV8a7sRMPpLYV
2JoblV5udDlisG6PKJnBAUGzmbYt/eOnWzVvTqC6eTSUEo1+YRQ3cL+yrRK5/xvu
hFJKKFmxgTrlmTgW04os0ercO3INuMIsTex8r48LgXTYR5Ms5SZT6SE/7ZAxJ5Fd
hsC8AhjYVtDYgyI5HYu6fdVDl6cbOvVXUUMGX8ec1vUfZZzhS9HEOpNPgDwWIhdl
rM9g//sc1KJZfeAkEHjBoPshPuBf6pAVo947emJt0BLW6Q87TyiFctv+XAKD/c2k
BBkmPj/ZrPZ3n10iTDHlXHZMWKocLnLumMv+AG+x7tQNtIgFGPVH6eUEIwIDAQAB
o4ICfTCCAnkwHQYDVR0OBBYEFM2jJ2qDfPaYmeVhMEAHr7mjVw7lMB8GA1UdIwQY
MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy
LTc2YjBkZGEyYmYzZS8xL3phTW5hb044OXBpWjVXRXdRQWV2dWFOWER1VS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz
ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZAGCCsGAQUFBwEHAQH/BIGAMH4wbgQCAAEwaAMDBC5Q
MAoDAwA+mQMDBT6AAwMCPuADAwZPwAMDBVCAAwMGVIADAwZXgAMDBlsAAwMGXcAD
BADApjEDAwHBngMDAMIZAwQBwpbkAwMAw5EDAwDD8wMDAdS4AwMD2QADAwTZUAMD
BdngMAwEAgACMAYDBAUgAwAwDQYJKoZIhvcNAQELBQADggEBAAMTh94yZdq3OuC9
8M9zZhg52U47WRervRhi/RouSOoca8+ZpCi5cV0pWWgB96lTnbgRMoXA87vsl6vL
DyoFMPFV8VPzAMjIvXoQ0iepIpj0VEqsAm62jmvwZ+YyPCS5xXxpPJfSlqHkqWms
2MI3ePzm5EhfsNvb9Wh/hGqbMVjTIDQT8oLb4Sg7VJ7AzYWrHtZsYR/aE3SYXOKm
g6cMyNTYTqXZ/r2rFMre6gjKDVTku8wnTDUw6k8lIeC6SEDUUfB47k+P2mN7JiZM
o3ayoqVDywvd3sjg68StN60E7hMSewRgdm7SD9Gc7w0EPnLOI9KeKTgGZGYqKF7W
8qsWw1c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:23:01 2024 by rpki-client on console-ams.rpki-client.org