Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ZbA3-jtTbK9ToBwMrBXo9lOmuSY.roa
File: ZbA3-jtTbK9ToBwMrBXo9lOmuSY.roa (raw, json)
Hash identifier: v7H87sqrjYGVUjBsuxE2ajl3U/EL6dgNh5tAUqcLffk=
Subject key identifier: 65:B0:37:FA:3B:53:6C:AF:53:A0:1C:0C:AC:15:E8:F6:53:A6:B9:26
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018CC8DF8E45A853FB85CBB250068D280896
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ZbA3-jtTbK9ToBwMrBXo9lOmuSY.roa
Signing time: Tue 02 Jan 2024 06:32:23 +0000
ROA not before: Tue 02 Jan 2024 06:32:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211859
IP address blocks: 78.135.106.0/24 maxlen: 24
78.135.107.0/24 maxlen: 24
188.132.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:8e:45:a8:53:fb:85:cb:b2:50:06:8d:28:08:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 06:32:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65b037fa3b536caf53a01c0cac15e8f653a6b926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a0:3c:d3:5c:cd:9a:11:7b:9b:a2:3f:3f:60:
d1:7b:f6:a5:60:db:3e:a8:87:77:eb:a3:71:a0:f9:
4c:05:2d:3a:92:86:8d:98:0f:cd:ea:0b:a8:02:96:
78:d3:53:78:0a:47:38:b7:be:53:c7:dc:5d:e9:3d:
f2:36:b8:d4:f1:97:83:53:8b:87:e6:8b:a7:f8:9d:
de:2b:fd:1d:a8:63:ff:1a:93:69:ea:03:da:78:34:
27:99:c8:9d:3f:64:46:4d:f6:14:ca:72:da:4f:ca:
28:73:8d:04:3e:9e:04:f9:d7:ee:0e:21:a7:98:5c:
89:0e:a0:ac:2d:1d:c1:5f:48:53:c8:20:8a:90:53:
fc:38:e5:cb:97:9c:e2:1f:e2:c2:15:ec:b5:05:be:
c6:82:ac:d5:4b:3a:ec:6d:ff:a1:c3:3d:bc:53:06:
96:70:74:ec:d7:54:b3:91:69:73:11:81:0f:52:a1:
f6:30:3d:e4:fc:c9:6d:b7:17:10:58:8d:f5:b9:70:
c3:c9:64:74:9b:1d:54:09:0d:f3:f7:10:a9:b8:9b:
82:1a:70:4f:61:72:74:79:1a:5a:3c:b9:ec:1b:c2:
cc:9b:f0:c6:ee:4d:c0:15:1a:51:7b:43:eb:22:86:
d7:ed:5b:d4:ab:ed:c5:85:80:8a:e1:63:7b:03:47:
65:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B0:37:FA:3B:53:6C:AF:53:A0:1C:0C:AC:15:E8:F6:53:A6:B9:26
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ZbA3-jtTbK9ToBwMrBXo9lOmuSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.106.0/23
188.132.200.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:b7:6a:fc:c5:f9:f7:ce:fc:61:11:10:9f:81:57:ae:ef:6d:
0d:49:62:bb:60:5f:b9:6f:ad:83:48:7b:61:db:cd:8a:1d:b9:
f2:95:b1:bb:1b:4f:ff:61:50:db:82:1f:c5:b6:05:38:09:2d:
a0:dd:74:b3:4c:5f:79:e7:6f:52:f2:1c:04:f6:57:c0:85:ce:
3a:4b:00:86:71:73:b6:c5:6f:14:f9:20:1a:91:49:5c:5a:ec:
5e:b5:58:73:fe:da:43:f6:6e:8a:02:42:8f:8c:d9:33:19:29:
ab:31:60:01:0a:72:61:e8:0b:ad:48:33:3b:c1:9f:f6:b5:9d:
d4:76:12:91:0e:e4:4b:ee:71:3b:e8:9d:63:2b:72:91:bd:7e:
0e:05:7e:dd:0f:0e:27:70:cc:a6:c1:89:66:54:c2:f6:45:5f:
f1:7a:d5:08:0d:4f:3c:75:e7:f5:d9:fa:b4:45:5b:33:ae:47:
84:08:98:6d:93:a2:97:e5:32:89:8f:2a:63:05:bc:6e:22:57:
9b:2a:10:fd:c0:8f:97:af:7e:45:e4:6e:08:5b:a0:c4:0e:f5:
c6:b9:62:be:c0:71:5f:f8:5a:20:67:79:40:e5:54:54:fa:71:
9f:1b:2f:a6:1c:57:41:a8:e9:6b:ee:61:ef:d2:cc:27:22:25:
fa:88:25:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI345FqFP7hcuyUAaNKAiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMTAyMDYzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWIwMzdmYTNiNTM2Y2FmNTNhMDFjMGNhYzE1ZThmNjUzYTZiOTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKA801zNmhF7m6I/P2DRe/alYNs+
qId366NxoPlMBS06koaNmA/N6guoApZ401N4Ckc4t75Tx9xd6T3yNrjU8ZeDU4uH
5oun+J3eK/0dqGP/GpNp6gPaeDQnmcidP2RGTfYUynLaT8ooc40EPp4E+dfuDiGn
mFyJDqCsLR3BX0hTyCCKkFP8OOXLl5ziH+LCFey1Bb7GgqzVSzrsbf+hwz28UwaW
cHTs11SzkWlzEYEPUqH2MD3k/MlttxcQWI31uXDDyWR0mx1UCQ3z9xCpuJuCGnBP
YXJ0eRpaPLnsG8LMm/DG7k3AFRpRe0PrIobX7VvUq+3FhYCK4WN7A0dlhQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGWwN/o7U2yvU6AcDKwV6PZTprkmMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvWmJBMy1qdFRiSzlUb0J3TXJCWG85bE9tdVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTodqAwQA
vITIMA0GCSqGSIb3DQEBCwUAA4IBAQA+t2r8xfn3zvxhERCfgVeu720NSWK7YF+5
b62DSHth282KHbnylbG7G0//YVDbgh/FtgU4CS2g3XSzTF95529S8hwE9lfAhc46
SwCGcXO2xW8U+SAakUlcWuxetVhz/tpD9m6KAkKPjNkzGSmrMWABCnJh6AutSDM7
wZ/2tZ3UdhKRDuRL7nE76J1jK3KRvX4OBX7dDw4ncMymwYlmVML2RV/xetUIDU88
def12fq0RVszrkeECJhtk6KX5TKJjypjBbxuIlebKhD9wI+Xr35F5G4IW6DEDvXG
uWK+wHFf+FogZ3lA5VRU+nGfGy+mHFdBqOlr7mHv0swnIiX6iCVT
-----END CERTIFICATE-----
Generated at Mon May 20 20:06:45 2024 by rpki-client on console-fra.rpki-client.org