Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zzDTI6ZIWii2owj2y7P0_yQDTnU.roa
File: zzDTI6ZIWii2owj2y7P0_yQDTnU.roa (raw, json)
Hash identifier: NqcM1FH2qfSxWUEE2xKwrOn2arjyMTYX033vIa1OoZU=
Subject key identifier: CF:30:D3:23:A6:48:5A:28:B6:A3:08:F6:CB:B3:F4:FF:24:03:4E:75
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018DEB812F1D28E75AA9D5B3C26433233493
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zzDTI6ZIWii2owj2y7P0_yQDTnU.roa
Signing time: Tue 27 Feb 2024 16:58:48 +0000
ROA not before: Tue 27 Feb 2024 16:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
78.135.96.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:81:2f:1d:28:e7:5a:a9:d5:b3:c2:64:33:23:34:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 27 16:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf30d323a6485a28b6a308f6cbb3f4ff24034e75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c5:61:32:4c:e3:a0:86:a0:11:09:e3:21:44:
20:b1:78:15:16:f8:df:66:cd:bc:d0:c0:82:6b:5e:
ac:f8:3d:0a:60:55:fe:50:ac:d4:59:1e:de:19:81:
5d:55:85:37:3d:4a:62:2f:52:4d:d8:b9:cc:e8:f2:
89:81:e4:22:a7:8c:c4:67:b2:db:88:b0:f2:8e:27:
ce:14:53:47:1b:67:94:00:2d:9c:57:90:35:36:36:
2e:26:d7:1c:9f:c3:c2:11:cb:7f:ca:59:da:91:c3:
f7:e4:5e:ec:da:52:55:06:e4:2c:ce:fa:c2:af:8c:
70:c3:33:44:9d:b8:59:76:6c:7b:24:81:d9:99:70:
20:c7:4b:f0:ff:db:4d:ed:1f:38:f9:b8:6e:58:18:
ed:77:46:dd:aa:ed:83:8f:0b:3a:19:07:0d:83:57:
20:04:60:0e:70:6b:3a:e7:3f:7e:62:ee:14:2a:36:
c4:8d:62:59:49:65:96:9a:70:fc:d1:fa:74:25:24:
e3:ca:e2:dc:67:15:49:23:ca:64:af:1f:39:97:b0:
d6:3b:c4:c1:06:7e:17:5d:fc:17:b9:0b:90:4f:b0:
bf:ee:fc:92:d7:2d:d9:ae:8c:38:ef:8b:98:bd:71:
02:68:39:70:9a:b3:2e:a1:da:0d:a9:6c:f1:d9:71:
36:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:30:D3:23:A6:48:5A:28:B6:A3:08:F6:CB:B3:F4:FF:24:03:4E:75
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zzDTI6ZIWii2owj2y7P0_yQDTnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
78.135.96.0/24
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
20:15:d0:13:10:77:c7:2f:6c:7f:4a:e2:ae:4e:01:f5:4b:6d:
42:16:98:25:fa:1c:2d:c0:eb:1b:08:73:b7:ba:37:35:7a:dd:
49:e2:e7:76:8b:2a:8b:d4:64:f8:13:92:b6:b6:ee:50:88:1f:
d1:49:76:7a:d2:30:bf:1d:6c:fa:91:50:42:60:73:40:fc:20:
6b:6d:39:a9:ee:a9:db:1f:21:3a:a8:6d:89:cb:c7:d2:b5:50:
0d:86:c5:19:e5:78:26:13:5b:99:30:61:0e:bb:e7:f4:38:43:
b4:c7:01:66:73:4e:39:bf:6a:a4:4f:30:40:9d:35:de:cf:af:
f3:0a:91:a8:2e:cd:8e:93:45:b6:85:ee:61:71:cc:82:1e:e5:
c6:16:43:3a:08:e0:f0:b8:3a:d7:bd:df:8a:9b:7e:1e:c2:b0:
b8:51:c1:7d:52:f5:8f:2b:ad:93:ef:3b:49:61:58:ef:5e:96:
60:e8:cc:e8:10:f8:c1:7b:0f:02:52:07:6f:3b:b3:f2:ee:f0:
98:d5:03:63:cb:50:79:46:e5:74:82:62:45:7c:8d:d9:86:88:
b2:7c:b8:28:55:2a:4d:54:44:0c:cd:f6:04:c6:2d:6f:d9:f3:
3d:72:09:f8:dd:7e:53:b7:0d:ec:dc:70:ff:ba:55:3a:ba:5a:
00:e0:a0:d6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY3rgS8dKOdaqdWzwmQzIzSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMjI3MTY1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjMwZDMyM2E2NDg1YTI4YjZhMzA4ZjZjYmIzZjRmZjI0MDM0ZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsVhMkzjoIagEQnjIUQgsXgVFvjf
Zs280MCCa16s+D0KYFX+UKzUWR7eGYFdVYU3PUpiL1JN2LnM6PKJgeQip4zEZ7Lb
iLDyjifOFFNHG2eUAC2cV5A1NjYuJtccn8PCEct/ylnakcP35F7s2lJVBuQszvrC
r4xwwzNEnbhZdmx7JIHZmXAgx0vw/9tN7R84+bhuWBjtd0bdqu2Djws6GQcNg1cg
BGAOcGs65z9+Yu4UKjbEjWJZSWWWmnD80fp0JSTjyuLcZxVJI8pkrx85l7DWO8TB
Bn4XXfwXuQuQT7C/7vyS1y3Zrow474uYvXECaDlwmrMuodoNqWzx2XE2cwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFM8w0yOmSFootqMI9suz9P8kA051MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvenpEVEk2WklXaWkyb3dqMnk3UDBfeVFEVG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBTVyOAwQA
TVyYAwQATodOAwQATodWAwQATodgMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcN
AQELBQADggEBACAV0BMQd8cvbH9K4q5OAfVLbUIWmCX6HC3A6xsIc7e6NzV63Uni
53aLKovUZPgTkra27lCIH9FJdnrSML8dbPqRUEJgc0D8IGttOanuqdsfITqobYnL
x9K1UA2GxRnleCYTW5kwYQ675/Q4Q7THAWZzTjm/aqRPMECdNd7Pr/MKkaguzY6T
RbaF7mFxzIIe5cYWQzoI4PC4Ote934qbfh7CsLhRwX1S9Y8rrZPvO0lhWO9elmDo
zOgQ+MF7DwJSB287s/Lu8JjVA2PLUHlG5XSCYkV8jdmGiLJ8uChVKk1URAzN9gTG
LW/Z8z1yCfjdflO3DezccP+6VTq6WgDgoNY=
-----END CERTIFICATE-----
Generated at Mon May 20 20:06:45 2024 by rpki-client on console-fra.rpki-client.org