Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/ZetrONPzSJnctWOaGKvFGXqgcsU.roa
File: ZetrONPzSJnctWOaGKvFGXqgcsU.roa (raw, json)
Hash identifier: 4OvsWKNvUz8aOORMTJsRO2lvwIXY7OxeW9zcUcgM7fA=
Subject key identifier: 65:EB:6B:38:D3:F3:48:99:DC:B5:63:9A:18:AB:C5:19:7A:A0:72:C5
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 018D5F31400313149FB7F36715D9825F11E2
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/ZetrONPzSJnctWOaGKvFGXqgcsU.roa
Signing time: Wed 31 Jan 2024 11:04:39 +0000
ROA not before: Wed 31 Jan 2024 11:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43939
IP address blocks: 5.57.128.0/18 maxlen: 20
62.69.192.0/18 maxlen: 18
77.87.136.0/21 maxlen: 24
77.88.128.0/18 maxlen: 24
78.9.32.0/21 maxlen: 21
78.11.243.0/24 maxlen: 24
80.238.64.0/19 maxlen: 25
83.142.56.0/21 maxlen: 21
83.143.96.0/21 maxlen: 24
84.38.96.0/20 maxlen: 24
84.234.0.0/20 maxlen: 24
84.234.32.0/20 maxlen: 24
85.202.208.0/20 maxlen: 24
87.99.0.0/18 maxlen: 24
87.239.72.0/21 maxlen: 21
89.187.224.0/19 maxlen: 24
89.200.152.0/21 maxlen: 24
90.156.0.0/17 maxlen: 24
91.142.192.0/20 maxlen: 24
91.145.128.0/18 maxlen: 25
91.146.192.0/18 maxlen: 24
91.150.128.0/19 maxlen: 24
91.195.232.0/23 maxlen: 24
91.202.172.0/22 maxlen: 24
91.215.228.0/22 maxlen: 24
91.220.225.0/24 maxlen: 24
93.181.128.0/18 maxlen: 24
95.155.64.0/18 maxlen: 24
178.214.128.0/19 maxlen: 19
178.252.0.0/18 maxlen: 25
185.2.36.0/22 maxlen: 24
188.114.95.0/24 maxlen: 24
193.19.122.0/23 maxlen: 24
193.58.232.0/24 maxlen: 24
193.105.180.0/24 maxlen: 24
193.107.196.0/22 maxlen: 22
193.138.140.0/22 maxlen: 22
193.151.64.0/22 maxlen: 24
193.151.64.0/23 maxlen: 23
193.227.100.0/24 maxlen: 24
193.238.40.0/22 maxlen: 24
193.239.224.0/23 maxlen: 24
194.6.204.0/22 maxlen: 24
194.33.185.0/24 maxlen: 24
194.146.128.0/22 maxlen: 24
194.150.238.0/23 maxlen: 24
194.187.180.0/22 maxlen: 24
194.242.0.0/23 maxlen: 24
195.74.56.0/22 maxlen: 24
195.128.180.0/23 maxlen: 24
195.222.100.0/22 maxlen: 24
195.225.248.0/22 maxlen: 24
217.197.64.0/20 maxlen: 24
2a00:1d18::/32 maxlen: 32
2a02:2270::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.mft
rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:31:40:03:13:14:9f:b7:f3:67:15:d9:82:5f:11:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 31 11:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65eb6b38d3f34899dcb5639a18abc5197aa072c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5c:74:b6:71:46:ba:3e:0b:00:63:fa:24:97:
ec:72:c8:37:64:1c:9a:24:97:56:ba:57:ce:59:c8:
c3:57:4f:f0:18:ed:eb:7d:a2:83:55:6f:7f:1f:6f:
d6:2a:90:1f:90:b7:f2:b3:30:94:05:57:e7:24:47:
56:d3:22:4e:24:74:df:a2:9f:44:81:f5:30:0a:62:
5b:ea:31:0e:43:2d:f1:7a:07:42:15:c5:fa:dc:7d:
42:f3:be:ae:5c:43:fc:2c:ae:d0:ae:af:3a:f3:db:
3f:7e:b3:f9:f7:5e:07:ca:84:05:2e:46:ca:0c:7f:
67:b3:e9:ce:eb:f2:c4:e8:98:bc:0c:df:ef:1b:e0:
59:10:90:81:1f:13:73:47:fd:37:7f:d2:ff:8b:84:
f4:83:16:c9:20:4d:c7:55:27:2a:c6:80:c7:58:fa:
d6:a4:ef:36:e6:f8:a7:95:c9:22:46:de:da:56:5f:
39:4f:39:31:c3:69:5e:6c:af:c9:b1:8c:5b:d7:c3:
23:ba:14:cf:05:75:85:29:b1:ac:df:3b:ab:72:7b:
3c:ff:5f:58:d2:a5:74:29:1c:09:73:12:fb:e1:c7:
c2:83:8f:e2:02:75:97:d7:b2:85:6c:e3:57:c8:7e:
c0:66:07:14:8f:43:0d:81:c2:ad:6c:f3:b0:f2:16:
91:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:EB:6B:38:D3:F3:48:99:DC:B5:63:9A:18:AB:C5:19:7A:A0:72:C5
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/ZetrONPzSJnctWOaGKvFGXqgcsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.128.0/18
62.69.192.0/18
77.87.136.0/21
77.88.128.0/18
78.9.32.0/21
78.11.243.0/24
80.238.64.0/19
83.142.56.0/21
83.143.96.0/21
84.38.96.0/20
84.234.0.0/20
84.234.32.0/20
85.202.208.0/20
87.99.0.0/18
87.239.72.0/21
89.187.224.0/19
89.200.152.0/21
90.156.0.0/17
91.142.192.0/20
91.145.128.0/18
91.146.192.0/18
91.150.128.0/19
91.195.232.0/23
91.202.172.0/22
91.215.228.0/22
91.220.225.0/24
93.181.128.0/18
95.155.64.0/18
178.214.128.0/19
178.252.0.0/18
185.2.36.0/22
188.114.95.0/24
193.19.122.0/23
193.58.232.0/24
193.105.180.0/24
193.107.196.0/22
193.138.140.0/22
193.151.64.0/22
193.227.100.0/24
193.238.40.0/22
193.239.224.0/23
194.6.204.0/22
194.33.185.0/24
194.146.128.0/22
194.150.238.0/23
194.187.180.0/22
194.242.0.0/23
195.74.56.0/22
195.128.180.0/23
195.222.100.0/22
195.225.248.0/22
217.197.64.0/20
IPv6:
2a00:1d18::/32
2a02:2270::/32
Signature Algorithm: sha256WithRSAEncryption
49:47:5b:25:c2:ec:9a:43:29:75:04:50:a9:60:73:e3:ba:2d:
ea:54:cf:d3:6a:3d:40:91:7d:9e:e0:6d:5c:cb:77:07:fb:72:
c8:43:8a:7a:ba:ef:79:92:44:48:fc:76:dd:5a:4a:a8:a9:ec:
85:15:c5:e5:81:d1:9d:91:3d:1a:8d:1e:f1:b4:7d:ca:2b:a1:
98:22:d3:2b:2a:1e:62:81:90:e8:1c:14:b5:db:06:45:0d:b7:
4b:d8:60:67:48:2a:cd:b6:76:b4:f6:5f:88:02:db:1a:ad:07:
a6:c8:fb:73:03:a9:98:66:00:0f:25:80:09:4c:16:5a:d7:3b:
27:b6:c9:e0:62:12:98:db:30:76:20:fa:7b:35:5c:af:06:90:
5c:97:03:30:10:a3:e8:28:a0:90:3b:19:19:08:7f:4e:28:52:
04:d4:39:f0:ed:10:5d:62:3f:91:38:35:b0:03:19:4b:73:b3:
42:f1:49:b8:31:fd:56:2d:7f:a5:ea:cd:72:4e:a3:71:36:cb:
19:eb:ca:f9:1b:36:80:09:0c:b6:cd:17:2b:8c:d0:cb:35:6b:
ca:15:d0:e9:1e:0d:2e:db:e5:e5:c3:9e:44:93:cc:70:f1:2b:
3e:74:7c:ab:6d:70:97:e9:47:8a:cc:0d:50:29:5c:9f:e4:14:
63:67:e7:15
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAY1fMUADExSft/NnFdmCXxHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjQwMTMxMTEwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWViNmIzOGQzZjM0ODk5ZGNiNTYzOWExOGFiYzUxOTdhYTA3MmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFx0tnFGuj4LAGP6JJfscsg3ZBya
JJdWulfOWcjDV0/wGO3rfaKDVW9/H2/WKpAfkLfyszCUBVfnJEdW0yJOJHTfop9E
gfUwCmJb6jEOQy3xegdCFcX63H1C876uXEP8LK7Qrq8689s/frP5914HyoQFLkbK
DH9ns+nO6/LE6Ji8DN/vG+BZEJCBHxNzR/03f9L/i4T0gxbJIE3HVScqxoDHWPrW
pO825vinlckiRt7aVl85Tzkxw2lebK/JsYxb18MjuhTPBXWFKbGs3zurcns8/19Y
0qV0KRwJcxL74cfCg4/iAnWX17KFbONXyH7AZgcUj0MNgcKtbPOw8haRKQIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFGXrazjT80iZ3LVjmhirxRl6oHLFMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvWmV0ck9OUHpTSm5jdFdPYUdLdkZHWHFnY3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCAUAEAgABMIIB
OAMEBgU5gAMEBj5FwAMEA01XiAMEBk1YgAMEA04JIAMEAE4L8wMEBVDuQAMEA1OO
OAMEA1OPYAMEBFQmYAMEBFTqAAMEBFTqIAMEBFXK0AMEBldjAAMEA1fvSAMEBVm7
4AMEA1nImAMEB1qcAAMEBFuOwAMEBluRgAMEBluSwAMEBVuWgAMEAVvD6AMEAlvK
rAMEAlvX5AMEAFvc4QMEBl21gAMEBl+bQAMEBbLWgAMEBrL8AAMEArkCJAMEALxy
XwMEAcETegMEAME66AMEAMFptAMEAsFrxAMEAsGKjAMEAsGXQAMEAMHjZAMEAsHu
KAMEAcHv4AMEAsIGzAMEAMIhuQMEAsKSgAMEAcKW7gMEAsK7tAMEAcLyAAMEAsNK
OAMEAcOAtAMEAsPeZAMEAsPh+AMEBNnFQDAUBAIAAjAOAwUAKgAdGAMFACoCInAw
DQYJKoZIhvcNAQELBQADggEBAElHWyXC7JpDKXUEUKlgc+O6LepUz9NqPUCRfZ7g
bVzLdwf7cshDinq673mSREj8dt1aSqip7IUVxeWB0Z2RPRqNHvG0fcoroZgi0ysq
HmKBkOgcFLXbBkUNt0vYYGdIKs22drT2X4gC2xqtB6bI+3MDqZhmAA8lgAlMFlrX
Oye2yeBiEpjbMHYg+ns1XK8GkFyXAzAQo+gooJA7GRkIf04oUgTUOfDtEF1iP5E4
NbADGUtzs0LxSbgx/VYtf6XqzXJOo3E2yxnryvkbNoAJDLbNFyuM0Ms1a8oV0Oke
DS7b5eXDnkSTzHDxKz50fKttcJfpR4rMDVApXJ/kFGNn5xU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:07 2024 by rpki-client on console-ams.rpki-client.org