Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/ZsQwmaC9P1dPOW9E7iR7sVlgLUQ.roa
File: ZsQwmaC9P1dPOW9E7iR7sVlgLUQ.roa (raw, json)
Hash identifier: GQRPsurZ1exai7zWVFdAXvu56RaJ7u2qJbOGGTVPy2k=
Subject key identifier: 66:C4:30:99:A0:BD:3F:57:4F:39:6F:44:EE:24:7B:B1:59:60:2D:44
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 018CC5DCC364AB30BC217861ECB8491A22B0
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/ZsQwmaC9P1dPOW9E7iR7sVlgLUQ.roa
Signing time: Mon 01 Jan 2024 16:30:28 +0000
ROA not before: Mon 01 Jan 2024 16:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206803
IP address blocks: 212.22.79.0/24 maxlen: 24
212.22.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 05:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:c3:64:ab:30:bc:21:78:61:ec:b8:49:1a:22:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jan 1 16:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66c43099a0bd3f574f396f44ee247bb159602d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d1:de:bb:53:86:bc:96:ca:5c:b4:96:5d:cd:
c4:fc:3c:1e:e8:b9:30:f1:31:d9:4a:7b:c8:45:aa:
2b:f4:fc:d4:57:f5:35:9d:59:a3:d7:30:e7:2b:f1:
40:d4:77:b8:e0:9f:4d:48:ec:60:f5:60:8a:a2:6f:
02:69:a7:c6:f2:27:9b:ef:46:ba:86:8f:de:12:84:
7f:6d:4d:e5:c3:ba:d3:ec:d5:2f:be:77:93:f2:0b:
ce:bc:7d:1c:6c:82:6b:11:b9:79:ef:b5:8e:c8:bd:
15:37:da:89:2b:56:a8:5c:c2:1d:e4:76:dc:18:22:
ce:ec:2c:98:7b:cf:b5:80:ea:b2:ba:30:46:d9:0f:
09:8a:c9:fd:3e:6f:e0:af:8e:7e:fd:d0:20:fc:c5:
7e:63:33:68:2c:f3:57:25:d7:af:b4:8a:4c:9e:93:
26:85:87:01:ca:71:00:c3:2b:09:a8:ca:0a:bb:59:
e4:42:a1:6c:b5:82:b8:81:cd:11:47:60:63:db:4b:
f5:41:92:84:44:31:a5:71:15:7c:e1:33:c3:4f:49:
50:38:f5:10:cb:29:a5:11:7a:0f:19:27:07:83:9a:
99:10:c8:27:b0:5a:27:25:6b:27:67:d2:73:35:44:
9a:9b:e5:91:4c:2a:1c:ab:ce:13:34:8a:ee:de:a7:
e5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C4:30:99:A0:BD:3F:57:4F:39:6F:44:EE:24:7B:B1:59:60:2D:44
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/ZsQwmaC9P1dPOW9E7iR7sVlgLUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.22.79.0/24
212.22.91.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:5a:3c:e7:17:71:13:af:4d:42:05:d3:b3:84:0f:0d:56:d5:
cf:04:85:64:ed:59:22:88:1e:76:4c:fe:ba:91:ae:ee:60:c7:
96:75:ca:52:75:10:15:42:3a:61:5b:70:0b:54:dd:ac:97:a9:
a5:37:b9:f2:d9:90:d9:6c:67:39:81:9b:38:26:36:a7:b9:79:
3f:45:bf:8c:4c:57:6d:b2:d2:4a:51:dc:3d:37:71:a4:ff:a8:
98:1f:68:1b:58:09:65:40:00:e8:a5:46:4f:13:c4:86:72:d1:
2e:54:f5:8b:dd:86:91:8c:30:a2:f6:38:b9:06:01:a0:f9:26:
cf:58:3f:51:3f:53:22:c9:54:1c:98:b4:64:9f:4d:59:f8:91:
d0:85:07:e3:fb:94:b3:19:fc:11:3c:d6:8c:9d:4e:29:e9:73:
23:b1:55:80:df:42:36:c0:04:5d:79:48:cc:5e:97:5d:b3:9b:
bf:ad:47:04:c8:89:9a:62:3c:55:cb:76:cc:c6:3c:35:8b:10:
96:f4:47:49:00:25:2c:7e:0b:4a:f1:ae:a6:1c:ad:11:a5:f0:
bb:de:46:7e:ab:8f:e7:96:cf:86:42:38:fc:af:10:fa:a9:20:
2a:dc:f9:b3:55:1f:3c:2f:97:2a:56:c7:cb:4e:b2:ed:6a:3e:
67:45:70:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3MNkqzC8IXhh7LhJGiKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjQwMTAxMTYzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmM0MzA5OWEwYmQzZjU3NGYzOTZmNDRlZTI0N2JiMTU5NjAyZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9Heu1OGvJbKXLSWXc3E/Dwe6Lkw
8THZSnvIRaor9PzUV/U1nVmj1zDnK/FA1He44J9NSOxg9WCKom8CaafG8ieb70a6
ho/eEoR/bU3lw7rT7NUvvneT8gvOvH0cbIJrEbl577WOyL0VN9qJK1aoXMId5Hbc
GCLO7CyYe8+1gOqyujBG2Q8Jisn9Pm/gr45+/dAg/MV+YzNoLPNXJdevtIpMnpMm
hYcBynEAwysJqMoKu1nkQqFstYK4gc0RR2Bj20v1QZKERDGlcRV84TPDT0lQOPUQ
yymlEXoPGScHg5qZEMgnsFonJWsnZ9JzNUSam+WRTCocq84TNIru3qflaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGbEMJmgvT9XTzlvRO4ke7FZYC1EMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvWnNRd21hQzlQMWRQT1c5RTdpUjdzVmxnTFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1BZPAwQA
1BZbMA0GCSqGSIb3DQEBCwUAA4IBAQB7WjznF3ETr01CBdOzhA8NVtXPBIVk7Vki
iB52TP66ka7uYMeWdcpSdRAVQjphW3ALVN2sl6mlN7ny2ZDZbGc5gZs4JjanuXk/
Rb+MTFdtstJKUdw9N3Gk/6iYH2gbWAllQADopUZPE8SGctEuVPWL3YaRjDCi9ji5
BgGg+SbPWD9RP1MiyVQcmLRkn01Z+JHQhQfj+5SzGfwRPNaMnU4p6XMjsVWA30I2
wARdeUjMXpdds5u/rUcEyImaYjxVy3bMxjw1ixCW9EdJACUsfgtK8a6mHK0RpfC7
3kZ+q4/nls+GQjj8rxD6qSAq3PmzVR88L5cqVsfLTrLtaj5nRXDo
-----END CERTIFICATE-----
Generated at Thu May 23 11:58:47 2024 by rpki-client on console-fra.rpki-client.org