Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/ZxBPcLMmva1bYPo3iRkNrUkvCHk.roa
File: ZxBPcLMmva1bYPo3iRkNrUkvCHk.roa (raw, json)
Hash identifier: QUL0Pf41OG1cwKo2XjLVpokA+kgYmoy9oA+Nw8r/d9Q=
Subject key identifier: 67:10:4F:70:B3:26:BD:AD:5B:60:FA:37:89:19:0D:AD:49:2F:08:79
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 018F867B15F9DE3B22EA12B8FE5F9081DB20
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/ZxBPcLMmva1bYPo3iRkNrUkvCHk.roa
Signing time: Fri 17 May 2024 12:16:04 +0000
ROA not before: Fri 17 May 2024 12:16:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5377
IP address blocks: 77.70.128.0/17 maxlen: 17
77.70.128.0/19 maxlen: 19
77.70.144.0/20 maxlen: 20
77.70.160.0/20 maxlen: 20
77.70.176.0/22 maxlen: 24
77.70.181.0/24 maxlen: 24
77.70.184.0/21 maxlen: 24
77.70.192.0/19 maxlen: 19
77.70.207.0/24 maxlen: 24
77.70.240.0/20 maxlen: 20
77.70.254.0/24 maxlen: 24
77.70.255.0/24 maxlen: 24
193.219.192.0/18 maxlen: 18
193.219.196.0/24 maxlen: 24
193.220.0.0/16 maxlen: 16
193.220.88.0/21 maxlen: 21
193.220.94.0/24 maxlen: 24
193.220.165.0/24 maxlen: 24
193.220.220.0/22 maxlen: 22
193.220.224.0/20 maxlen: 20
193.220.240.0/20 maxlen: 24
2a02:6600::/29 maxlen: 32
2a02:6600:f000::/48 maxlen: 48
2a02:6600:f001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:7b:15:f9:de:3b:22:ea:12:b8:fe:5f:90:81:db:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: May 17 12:16:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67104f70b326bdad5b60fa3789190dad492f0879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:37:73:60:44:10:76:eb:5f:9c:ec:aa:06:06:
c2:10:61:73:fa:9d:01:a3:cb:31:ae:1c:f8:d2:40:
43:5a:67:a0:32:37:7f:f4:81:05:1c:35:84:71:a6:
94:fd:c6:4a:0b:4b:a0:89:d6:4a:37:b9:4a:95:f6:
f2:2f:10:57:4d:2b:64:01:1b:60:ad:78:eb:ff:9d:
0d:cf:fb:62:9c:45:c8:13:14:0d:6c:9a:6a:5f:82:
ca:81:6d:49:a2:57:8d:7a:59:b9:38:8a:ae:d8:33:
70:46:a6:7d:db:c6:95:21:c5:fa:cd:61:21:d7:12:
2f:81:b5:d6:24:48:b1:7a:a5:ed:d6:47:eb:69:61:
80:b6:08:b4:b1:85:c7:dc:3a:c1:85:e8:c9:1d:7a:
7c:cc:2b:75:22:e9:cf:b1:60:05:81:d8:75:4e:a5:
ff:a4:45:a2:c1:c1:87:1c:11:0d:14:4a:b1:fd:29:
38:0d:65:1f:d3:38:f4:b8:4b:67:2d:6b:c4:b2:34:
28:33:a6:aa:ef:07:d1:7a:c4:20:c5:fa:bc:a2:f8:
34:a9:c4:17:d0:c0:16:84:47:90:ab:39:2c:83:1e:
72:8c:f3:dc:88:dd:87:43:85:d8:1e:01:17:8c:fa:
5b:4a:87:c8:7d:cd:7a:ad:34:dc:d5:f9:f9:d0:99:
11:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:10:4F:70:B3:26:BD:AD:5B:60:FA:37:89:19:0D:AD:49:2F:08:79
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/ZxBPcLMmva1bYPo3iRkNrUkvCHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.70.128.0/17
193.219.192.0-193.220.255.255
IPv6:
2a02:6600::/29
Signature Algorithm: sha256WithRSAEncryption
23:04:fe:c2:1d:4c:ba:59:7e:1a:48:49:11:61:82:e5:62:ce:
b2:35:1c:09:2c:6f:c1:a1:be:3b:cf:6e:ad:2f:58:93:ee:fe:
67:e9:7f:17:9c:b8:bc:44:45:06:3a:6f:60:38:8e:4c:04:7f:
55:ae:60:d2:af:c1:ba:5b:6a:8f:de:c8:c6:b1:a4:8e:32:e4:
4b:8b:7b:0f:e5:a7:25:af:71:34:59:06:ec:b5:09:20:6f:97:
fb:e0:73:98:6e:81:a8:ce:45:f8:71:8f:26:49:d4:29:ee:57:
b3:20:dc:c0:12:07:d9:04:0a:f6:48:07:4f:3e:0d:a6:fe:d4:
62:c6:97:ba:4f:ef:d0:fa:df:66:16:8b:96:da:fb:df:79:1b:
53:6a:d5:21:e8:55:f3:8f:36:31:5c:f9:81:0b:00:dc:fe:39:
6e:1a:44:4c:82:d1:a1:e3:ec:93:c6:c5:26:25:e2:dc:8a:9f:
f6:0f:68:88:6b:62:cf:fb:b9:79:b4:12:c2:29:9f:14:01:19:
a5:49:a6:21:2a:29:64:f3:72:74:09:3d:3b:85:9a:74:fa:fa:
8c:2a:8e:d7:05:5c:58:86:65:cf:e4:e2:ac:dd:a8:ea:84:4d:
9f:6c:4c:22:7c:45:b0:d5:89:1c:e8:41:cc:45:20:00:aa:cc:
d7:d4:88:97
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY+GexX53jsi6hK4/l+QgdsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjQwNTE3MTIxNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzEwNGY3MGIzMjZiZGFkNWI2MGZhMzc4OTE5MGRhZDQ5MmYwODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTdzYEQQdutfnOyqBgbCEGFz+p0B
o8sxrhz40kBDWmegMjd/9IEFHDWEcaaU/cZKC0ugidZKN7lKlfbyLxBXTStkARtg
rXjr/50Nz/tinEXIExQNbJpqX4LKgW1JoleNelm5OIqu2DNwRqZ928aVIcX6zWEh
1xIvgbXWJEixeqXt1kfraWGAtgi0sYXH3DrBhejJHXp8zCt1IunPsWAFgdh1TqX/
pEWiwcGHHBENFEqx/Sk4DWUf0zj0uEtnLWvEsjQoM6aq7wfResQgxfq8ovg0qcQX
0MAWhEeQqzksgx5yjPPciN2HQ4XYHgEXjPpbSofIfc16rTTc1fn50JkRqwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGcQT3CzJr2tW2D6N4kZDa1JLwh5MB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvWnhCUGNMTW12YTFiWVBvM2lSa05yVWt2Q0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATAwQHTUaAMAsD
BAbB28ADAwDB3DANBAIAAjAHAwUDKgJmADANBgkqhkiG9w0BAQsFAAOCAQEAIwT+
wh1Mull+GkhJEWGC5WLOsjUcCSxvwaG+O89urS9Yk+7+Z+l/F5y4vERFBjpvYDiO
TAR/Va5g0q/Bultqj97IxrGkjjLkS4t7D+WnJa9xNFkG7LUJIG+X++BzmG6BqM5F
+HGPJknUKe5XsyDcwBIH2QQK9kgHTz4Npv7UYsaXuk/v0PrfZhaLltr733kbU2rV
IehV8482MVz5gQsA3P45bhpETILRoePsk8bFJiXi3Iqf9g9oiGtiz/u5ebQSwimf
FAEZpUmmISopZPNydAk9O4WadPr6jCqO1wVcWIZlz+TirN2o6oRNn2xMInxFsNWJ
HOhBzEUgAKrM19SIlw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:14:06 2024 by rpki-client on console-ams.rpki-client.org