Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ZpJ61Ns9HMluutfCslomJ9rVzMo.roa
File: ZpJ61Ns9HMluutfCslomJ9rVzMo.roa (raw, json)
Hash identifier: QHHo/R/+Z4NWE4Vu4+K3YBYzVQxKnUplyPV6aFogTqk=
Subject key identifier: 66:92:7A:D4:DB:3D:1C:C9:6E:BA:D7:C2:B2:5A:26:27:DA:D5:CC:CA
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018E842C1506A5B56C446A75A8A2D8A323DF
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ZpJ61Ns9HMluutfCslomJ9rVzMo.roa
Signing time: Thu 28 Mar 2024 08:27:45 +0000
ROA not before: Thu 28 Mar 2024 08:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205209
IP address blocks: 80.74.96.0/24 maxlen: 24
80.74.97.0/24 maxlen: 24
80.74.99.0/24 maxlen: 24
80.74.123.0/24 maxlen: 24
92.61.224.0/24 maxlen: 24
92.61.225.0/24 maxlen: 24
92.61.226.0/24 maxlen: 24
92.61.230.0/24 maxlen: 24
92.61.231.0/24 maxlen: 24
94.188.136.0/24 maxlen: 24
94.188.138.0/24 maxlen: 24
94.188.140.0/24 maxlen: 24
94.188.142.0/24 maxlen: 24
94.188.161.0/24 maxlen: 24
94.188.162.0/24 maxlen: 24
94.188.165.0/24 maxlen: 24
94.188.166.0/24 maxlen: 24
94.188.167.0/24 maxlen: 24
94.188.169.0/24 maxlen: 24
94.188.171.0/24 maxlen: 24
94.188.175.0/24 maxlen: 24
94.188.178.0/24 maxlen: 24
94.188.179.0/24 maxlen: 24
94.188.186.0/23 maxlen: 23
94.188.188.0/23 maxlen: 23
94.188.191.0/24 maxlen: 24
94.188.196.0/24 maxlen: 24
94.188.197.0/24 maxlen: 24
94.188.200.0/24 maxlen: 24
94.188.242.0/24 maxlen: 24
94.188.243.0/24 maxlen: 24
94.188.251.0/24 maxlen: 24
2a02:23b8:2::/52 maxlen: 52
2a02:23b8:1a00::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:2c:15:06:a5:b5:6c:44:6a:75:a8:a2:d8:a3:23:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Mar 28 08:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66927ad4db3d1cc96ebad7c2b25a2627dad5ccca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:83:8e:0f:6c:62:69:2a:93:47:ab:a5:da:7a:
dd:d3:56:03:9f:4e:44:c4:9f:61:cb:60:78:b8:77:
bc:cd:39:42:00:b4:3c:4f:28:11:4d:8f:4f:4d:99:
0e:8f:6a:c8:bd:7d:4a:1f:9c:3c:c7:4f:43:bc:71:
1c:5c:f0:1f:90:13:44:4b:ae:fa:50:3f:b1:16:c2:
8c:e4:67:4e:6f:c3:f0:cf:5d:4e:81:b5:e1:37:e9:
ea:ab:82:2e:39:63:83:12:87:5c:25:ca:bc:bb:5a:
f2:f9:72:84:bd:35:33:92:d6:5a:12:c1:32:19:7a:
4c:b4:08:f1:95:84:1b:fb:ac:7d:ef:a2:a2:fb:e2:
67:64:46:15:6b:df:8b:e5:50:64:8f:a8:da:0c:0f:
2f:63:1b:d6:b3:b6:c4:eb:98:7f:5d:7e:fc:d1:1e:
35:b6:9d:0b:4d:d2:15:f4:65:9d:dc:23:42:23:c2:
31:41:94:09:3c:42:cd:09:5d:43:2c:8d:93:de:37:
48:cb:cc:4d:8e:d3:35:1d:ec:0a:7b:84:33:9d:49:
f5:ed:6e:e4:8c:67:d0:27:f9:2f:fc:87:0c:8f:bf:
bb:85:0d:c6:4f:4c:5f:45:2c:e0:1e:25:24:d8:9b:
d8:3b:27:3d:94:06:55:ce:d1:e0:f0:cb:7e:87:a8:
15:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:92:7A:D4:DB:3D:1C:C9:6E:BA:D7:C2:B2:5A:26:27:DA:D5:CC:CA
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ZpJ61Ns9HMluutfCslomJ9rVzMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.96.0/23
80.74.99.0/24
80.74.123.0/24
92.61.224.0-92.61.226.255
92.61.230.0/23
94.188.136.0/24
94.188.138.0/24
94.188.140.0/24
94.188.142.0/24
94.188.161.0-94.188.162.255
94.188.165.0-94.188.167.255
94.188.169.0/24
94.188.171.0/24
94.188.175.0/24
94.188.178.0/23
94.188.186.0-94.188.189.255
94.188.191.0/24
94.188.196.0/23
94.188.200.0/24
94.188.242.0/23
94.188.251.0/24
IPv6:
2a02:23b8:2::/52
2a02:23b8:1a00::/56
Signature Algorithm: sha256WithRSAEncryption
94:51:a1:98:cf:34:fc:94:81:66:75:3a:39:8e:a8:53:57:79:
dd:aa:08:36:0f:ec:45:7f:1c:8e:f4:ac:94:d1:ba:54:b5:16:
dd:dc:25:18:1e:27:76:14:06:06:ae:77:0b:c0:1b:b4:e0:e9:
84:ef:49:18:04:78:67:f3:98:3e:72:28:5f:06:a3:6e:1e:83:
5c:8d:8d:b9:ad:f2:4c:2b:c4:06:cc:29:8d:94:16:6f:04:2b:
64:4a:cc:d4:75:40:6f:70:61:28:1a:5b:37:07:a8:e3:f4:cc:
b2:9b:09:ac:f1:65:a9:eb:9f:cd:c4:5a:be:02:78:ae:46:9c:
91:7f:5b:a6:49:b7:17:0f:68:fa:34:37:07:39:3b:83:0b:ab:
60:e9:35:d8:03:2f:a5:03:e8:0d:a9:3b:ba:2a:68:3c:ec:a3:
55:ef:85:ee:c8:43:05:1f:a2:33:be:c8:07:fa:4b:b6:1b:39:
cf:bf:59:7f:c3:91:80:95:f6:3e:35:22:aa:5f:73:a4:22:4a:
01:90:e0:4b:85:08:9f:7b:c3:fa:5e:2f:2d:9e:6e:d4:3d:46:
48:62:aa:12:24:13:8a:a9:eb:78:57:4e:87:4c:28:51:f5:95:
7d:a6:e6:32:11:bf:42:74:81:a7:6a:57:78:3e:16:2e:ca:1a:
36:2b:a2:e2
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAY6ELBUGpbVsRGp1qKLYoyPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMzI4MDgyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjkyN2FkNGRiM2QxY2M5NmViYWQ3YzJiMjVhMjYyN2RhZDVjY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYOOD2xiaSqTR6ul2nrd01YDn05E
xJ9hy2B4uHe8zTlCALQ8TygRTY9PTZkOj2rIvX1KH5w8x09DvHEcXPAfkBNES676
UD+xFsKM5GdOb8Pwz11OgbXhN+nqq4IuOWODEodcJcq8u1ry+XKEvTUzktZaEsEy
GXpMtAjxlYQb+6x976Ki++JnZEYVa9+L5VBkj6jaDA8vYxvWs7bE65h/XX780R41
tp0LTdIV9GWd3CNCI8IxQZQJPELNCV1DLI2T3jdIy8xNjtM1HewKe4QznUn17W7k
jGfQJ/kv/IcMj7+7hQ3GT0xfRSzgHiUk2JvYOyc9lAZVztHg8Mt+h6gV4QIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFGaSetTbPRzJbrrXwrJaJifa1czKMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvWnBKNjFOczlITWx1dXRmQ3Nsb21KOXJWek1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBpQQCAAEwgZ4DBAFQ
SmADBABQSmMDBABQSnswDAMEBVw94AMEAFw94gMEAVw95gMEAF68iAMEAF68igME
AF68jAMEAF68jjAMAwQAXryhAwQAXryiMAwDBABevKUDBANevKADBABevKkDBABe
vKsDBABevK8DBAFevLIwDAMEAV68ugMEAV68vAMEAF68vwMEAV68xAMEAF68yAME
AV688gMEAF68+zAaBAIAAjAUAwgEKgIjuAACAAMIACoCI7gaAAAwDQYJKoZIhvcN
AQELBQADggEBAJRRoZjPNPyUgWZ1OjmOqFNXed2qCDYP7EV/HI70rJTRulS1Ft3c
JRgeJ3YUBgaudwvAG7Tg6YTvSRgEeGfzmD5yKF8Go24eg1yNjbmt8kwrxAbMKY2U
Fm8EK2RKzNR1QG9wYSgaWzcHqOP0zLKbCazxZanrn83EWr4CeK5GnJF/W6ZJtxcP
aPo0Nwc5O4MLq2DpNdgDL6UD6A2pO7oqaDzso1Xvhe7IQwUfojO+yAf6S7YbOc+/
WX/DkYCV9j41Iqpfc6QiSgGQ4EuFCJ97w/peLy2ebtQ9RkhiqhIkE4qp63hXTodM
KFH1lX2m5jIRv0J0gadqV3g+Fi7KGjYrouI=
-----END CERTIFICATE-----
Generated at Fri May 17 23:56:54 2024 by rpki-client on console-ams.rpki-client.org