Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e5c483-44bf-41ad-9e8f-93d0b00e7e04/1/ZLS4-Ap_FhPwEn-zlfVltGV4X6A.roa
File: ZLS4-Ap_FhPwEn-zlfVltGV4X6A.roa (raw, json)
Hash identifier: PUeLMrcaJ8vaAHRBpC+KvJ4Nrk6N4j39YD50p0NcyBM=
Subject key identifier: 64:B4:B8:F8:0A:7F:16:13:F0:12:7F:B3:95:F5:65:B4:65:78:5F:A0
Certificate issuer: /CN=8ec95aff78bd21dd8e9bd5f451dfc8f802ef6916
Certificate serial: 018CC8DE4CCD18066193D6EC7356874A00CB
Authority key identifier: 8E:C9:5A:FF:78:BD:21:DD:8E:9B:D5:F4:51:DF:C8:F8:02:EF:69:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsla_3i9Id2Om9X0Ud_I-ALvaRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/e5c483-44bf-41ad-9e8f-93d0b00e7e04/1/ZLS4-Ap_FhPwEn-zlfVltGV4X6A.roa
Signing time: Tue 02 Jan 2024 06:31:01 +0000
ROA not before: Tue 02 Jan 2024 06:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44513
IP address blocks: 195.181.176.0/22 maxlen: 22
195.181.176.0/20 maxlen: 20
213.32.208.0/20 maxlen: 20
80.69.240.0/20 maxlen: 20
185.129.88.0/22 maxlen: 22
31.15.72.0/21 maxlen: 21
92.43.240.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/e5c483-44bf-41ad-9e8f-93d0b00e7e04/1/jsla_3i9Id2Om9X0Ud_I-ALvaRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/e5c483-44bf-41ad-9e8f-93d0b00e7e04/1/jsla_3i9Id2Om9X0Ud_I-ALvaRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jsla_3i9Id2Om9X0Ud_I-ALvaRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:4c:cd:18:06:61:93:d6:ec:73:56:87:4a:00:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec95aff78bd21dd8e9bd5f451dfc8f802ef6916
Validity
Not Before: Jan 2 06:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64b4b8f80a7f1613f0127fb395f565b465785fa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b4:43:da:04:3e:47:fc:fd:32:20:c3:3e:13:
e3:3a:19:92:24:81:7b:3c:e3:87:63:b3:ff:f3:7c:
3a:81:d6:6f:80:66:b7:82:b6:19:fa:18:aa:1f:aa:
e6:d1:cd:cf:3a:e3:3b:53:0d:cb:f9:8f:45:d0:7f:
c3:4f:46:f8:65:f0:49:1b:41:63:ee:6e:b1:01:cd:
0e:39:68:4c:49:c6:33:f8:01:12:00:43:57:e4:58:
93:98:53:6f:ef:e0:ba:4f:f8:20:70:62:d3:45:a6:
30:0f:f8:93:59:97:26:47:9d:28:5e:ff:2f:5c:26:
95:66:19:cb:c9:b1:6c:3c:e6:f2:86:39:df:e2:ad:
55:dc:b2:3b:6a:5c:d2:94:0d:b1:76:b1:ac:c8:1d:
b1:4d:9f:b1:19:a6:b8:ed:44:0b:5a:80:79:33:67:
45:a2:f1:93:bf:f4:07:eb:26:31:01:7a:28:8d:d9:
69:c0:a6:39:89:46:58:6c:a0:3e:9f:e2:85:7d:83:
85:e7:fe:f2:8d:54:2f:cd:50:5d:63:75:ce:4f:76:
1e:3a:e7:82:fa:d5:12:84:4d:1d:bb:cb:e8:7f:12:
0c:e5:c6:c3:dd:04:e9:8c:45:58:fc:67:c7:96:50:
71:3d:3a:a4:1b:28:c6:43:60:f2:87:f0:2d:50:54:
c3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B4:B8:F8:0A:7F:16:13:F0:12:7F:B3:95:F5:65:B4:65:78:5F:A0
X509v3 Authority Key Identifier:
keyid:8E:C9:5A:FF:78:BD:21:DD:8E:9B:D5:F4:51:DF:C8:F8:02:EF:69:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsla_3i9Id2Om9X0Ud_I-ALvaRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e5c483-44bf-41ad-9e8f-93d0b00e7e04/1/ZLS4-Ap_FhPwEn-zlfVltGV4X6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e5c483-44bf-41ad-9e8f-93d0b00e7e04/1/jsla_3i9Id2Om9X0Ud_I-ALvaRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.72.0/21
80.69.240.0/20
92.43.240.0/21
185.129.88.0/22
195.181.176.0/20
213.32.208.0/20
Signature Algorithm: sha256WithRSAEncryption
49:4d:ca:8c:8b:90:f9:7a:53:75:00:0a:b2:21:e4:f1:c5:81:
ad:90:28:e1:e6:4f:3d:e2:3c:c2:8e:2b:b4:9b:81:28:c6:06:
ef:ec:6b:7c:e5:cd:9c:5b:cc:7c:16:36:01:5d:8c:7d:b5:ed:
88:75:c5:0b:0d:5d:5b:cc:16:de:77:b4:48:75:04:be:3d:f0:
c5:cc:64:c2:bf:4c:d5:4f:8b:14:fb:50:c1:1f:fd:b6:08:48:
df:52:ef:68:c7:1a:52:d9:a3:2e:49:51:95:d8:54:00:ec:b1:
e3:0b:e9:97:ba:5f:0a:1f:b7:5f:e6:66:05:3d:bb:e1:51:d9:
00:d3:b2:49:c4:ef:51:17:9e:c2:e9:30:8a:68:4f:d1:e0:02:
28:86:98:81:2f:f1:dc:91:24:97:52:83:32:02:9c:71:a5:1c:
83:5a:e2:f3:7f:2e:2f:c4:10:a1:f2:06:a8:2a:b0:91:06:72:
dd:d2:8b:bb:c0:9b:93:d0:ef:56:a2:d9:57:a9:04:08:32:13:
8e:e6:12:2a:dc:92:91:db:8c:10:d2:29:f1:7a:c0:9e:c4:95:
e3:bb:be:76:98:f4:19:38:f4:2c:92:8d:e0:ae:10:c7:da:9f:
e5:17:94:cb:9f:08:85:74:8e:bb:15:84:0e:1c:d2:85:ea:86:
80:d0:2f:0f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzI3kzNGAZhk9bsc1aHSgDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzk1YWZmNzhiZDIxZGQ4ZTliZDVmNDUxZGZjOGY4MDJl
ZjY5MTYwHhcNMjQwMTAyMDYzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGI0YjhmODBhN2YxNjEzZjAxMjdmYjM5NWY1NjViNDY1Nzg1ZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLRD2gQ+R/z9MiDDPhPjOhmSJIF7
POOHY7P/83w6gdZvgGa3grYZ+hiqH6rm0c3POuM7Uw3L+Y9F0H/DT0b4ZfBJG0Fj
7m6xAc0OOWhMScYz+AESAENX5FiTmFNv7+C6T/ggcGLTRaYwD/iTWZcmR50oXv8v
XCaVZhnLybFsPObyhjnf4q1V3LI7alzSlA2xdrGsyB2xTZ+xGaa47UQLWoB5M2dF
ovGTv/QH6yYxAXoojdlpwKY5iUZYbKA+n+KFfYOF5/7yjVQvzVBdY3XOT3YeOueC
+tUShE0du8vofxIM5cbD3QTpjEVY/GfHllBxPTqkGyjGQ2Dyh/AtUFTDAQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGS0uPgKfxYT8BJ/s5X1ZbRleF+gMB8GA1UdIwQY
MBaAFI7JWv94vSHdjpvV9FHfyPgC72kWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNsYV8zaTlJZDJPbTlYMFVkX0ktQUx2YVJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lNWM0ODMtNDRiZi00MWFkLTllOGYt
OTNkMGIwMGU3ZTA0LzEvWkxTNC1BcF9GaFB3RW4temxmVmx0R1Y0WDZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lNWM0ODMtNDRiZi00MWFkLTllOGYtOTNkMGIwMGU3ZTA0
LzEvanNsYV8zaTlJZDJPbTlYMFVkX0ktQUx2YVJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDHw9IAwQE
UEXwAwQDXCvwAwQCuYFYAwQEw7WwAwQE1SDQMA0GCSqGSIb3DQEBCwUAA4IBAQBJ
TcqMi5D5elN1AAqyIeTxxYGtkCjh5k894jzCjiu0m4Eoxgbv7Gt85c2cW8x8FjYB
XYx9te2IdcULDV1bzBbed7RIdQS+PfDFzGTCv0zVT4sU+1DBH/22CEjfUu9oxxpS
2aMuSVGV2FQA7LHjC+mXul8KH7df5mYFPbvhUdkA07JJxO9RF57C6TCKaE/R4AIo
hpiBL/HckSSXUoMyApxxpRyDWuLzfy4vxBCh8gaoKrCRBnLd0ou7wJuT0O9WotlX
qQQIMhOO5hIq3JKR24wQ0inxesCexJXju752mPQZOPQsko3grhDH2p/lF5TLnwiF
dI67FYQOHNKF6oaA0C8P
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:17:27 2024 by rpki-client on console-ams.rpki-client.org