Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Z_dIf9Lv7Xm0tsdDsDHS8VX3DDM.roa
File: Z_dIf9Lv7Xm0tsdDsDHS8VX3DDM.roa (raw, json)
Hash identifier: +dK91yXR2v4lP/8i1LhqEvZJaUsqexhaGg6TXQhat4U=
Subject key identifier: 67:F7:48:7F:D2:EF:ED:79:B4:B6:C7:43:B0:31:D2:F1:55:F7:0C:33
Certificate issuer: /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial: 018D6AA0C00CF35F7B0966DBABF28CBAE165
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Z_dIf9Lv7Xm0tsdDsDHS8VX3DDM.roa
Signing time: Fri 02 Feb 2024 16:22:16 +0000
ROA not before: Fri 02 Feb 2024 16:22:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39122
IP address blocks: 46.22.128.0/20 maxlen: 20
78.153.192.0/19 maxlen: 24
81.17.240.0/20 maxlen: 24
91.197.234.0/23 maxlen: 23
176.52.222.0/23 maxlen: 23
185.2.64.0/22 maxlen: 22
185.209.164.0/22 maxlen: 22
200.69.8.0/21 maxlen: 21
2a01:a8::/32 maxlen: 32
2a01:aa::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:a0:c0:0c:f3:5f:7b:09:66:db:ab:f2:8c:ba:e1:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Validity
Not Before: Feb 2 16:22:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67f7487fd2efed79b4b6c743b031d2f155f70c33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8a:e3:12:4d:00:10:67:89:38:70:0d:8e:a1:
87:08:cd:16:49:b7:f9:e8:fc:93:94:8f:21:40:e8:
9b:55:f5:b3:68:72:e4:e2:91:78:57:0d:47:99:4f:
99:16:16:f6:b0:9e:3f:04:dd:2b:46:e6:33:47:47:
a5:d7:9a:42:d8:76:29:36:00:17:dc:4b:93:0e:6b:
16:21:37:f2:55:7d:e6:d3:f3:8d:e8:4a:9f:0d:54:
b1:df:03:3a:fc:69:df:0e:d3:36:c7:93:26:cf:f9:
bc:f7:c9:60:88:15:19:71:b5:7c:c8:e1:1a:31:29:
1f:94:ae:2e:fc:dc:22:94:60:da:78:24:41:f2:b8:
f1:86:0b:e4:49:ad:66:94:13:47:0c:0b:a1:10:da:
e7:41:9d:72:e0:41:00:b9:3b:fd:97:43:03:17:21:
36:4f:ae:2a:90:71:33:24:78:d3:41:e9:4d:03:a4:
1f:68:87:4e:41:de:d2:fb:6c:82:2a:7d:f7:46:48:
a0:3a:f6:04:c9:25:31:4c:9d:93:a4:2b:fa:1e:07:
ab:03:f6:74:a3:26:60:d6:6a:8b:82:85:9e:77:03:
eb:ff:7d:99:5f:a6:f3:32:e4:1b:39:83:11:51:29:
31:d1:0d:fc:f3:10:88:4d:c1:f4:e1:7e:1f:6c:24:
f1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F7:48:7F:D2:EF:ED:79:B4:B6:C7:43:B0:31:D2:F1:55:F7:0C:33
X509v3 Authority Key Identifier:
keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Z_dIf9Lv7Xm0tsdDsDHS8VX3DDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.128.0/20
78.153.192.0/19
81.17.240.0/20
91.197.234.0/23
176.52.222.0/23
185.2.64.0/22
185.209.164.0/22
200.69.8.0/21
IPv6:
2a01:a8::/32
2a01:aa::/32
Signature Algorithm: sha256WithRSAEncryption
40:7b:7b:a2:34:64:1b:f6:b3:41:4d:37:ef:1f:f0:37:23:5f:
fd:93:30:59:51:ec:c4:b3:2b:96:ce:c3:e4:8a:0b:a1:08:14:
d7:2a:bd:e0:b2:4d:33:64:ea:95:90:04:61:a7:e2:bd:8f:07:
6f:5f:1a:4b:bf:06:de:58:49:03:1b:55:9b:76:3d:b9:c7:cc:
3a:be:76:29:14:6f:91:2f:87:55:e2:fb:da:7a:96:5d:16:60:
0f:9c:46:87:5a:c0:3a:0e:2b:f7:8e:66:b1:13:c2:29:02:31:
1d:9e:8f:2b:44:40:ba:b5:5b:de:c8:d8:33:3d:cb:10:48:ed:
30:6c:78:7d:1d:ec:e5:12:09:47:0a:79:f9:d9:2a:cc:0f:f5:
e3:4d:79:5d:83:de:5c:95:52:45:be:b8:43:24:af:94:da:67:
96:77:82:95:d2:a7:a0:18:67:18:e1:3a:ea:7c:b1:60:7d:f4:
67:ee:0a:c2:f5:e7:33:ef:e8:df:5a:41:83:e0:27:d2:c7:0d:
fc:ce:52:ca:36:e1:65:91:45:27:8f:80:50:c8:7b:e4:ff:5f:
a6:c1:d7:25:7c:88:b2:17:89:43:63:0c:ae:7d:40:1d:12:5c:
d0:c3:52:b2:3b:3e:f0:ad:d0:3f:15:3c:df:7c:64:b6:1e:31:
0b:b0:68:59
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY1qoMAM8197CWbbq/KMuuFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjQwMjAyMTYyMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Y3NDg3ZmQyZWZlZDc5YjRiNmM3NDNiMDMxZDJmMTU1ZjcwYzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvorjEk0AEGeJOHANjqGHCM0WSbf5
6PyTlI8hQOibVfWzaHLk4pF4Vw1HmU+ZFhb2sJ4/BN0rRuYzR0el15pC2HYpNgAX
3EuTDmsWITfyVX3m0/ON6EqfDVSx3wM6/GnfDtM2x5Mmz/m898lgiBUZcbV8yOEa
MSkflK4u/NwilGDaeCRB8rjxhgvkSa1mlBNHDAuhENrnQZ1y4EEAuTv9l0MDFyE2
T64qkHEzJHjTQelNA6QfaIdOQd7S+2yCKn33RkigOvYEySUxTJ2TpCv6HgerA/Z0
oyZg1mqLgoWedwPr/32ZX6bzMuQbOYMRUSkx0Q388xCITcH04X4fbCTx5wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFGf3SH/S7+15tLbHQ7Ax0vFV9wwzMB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEvWl9kSWY5THY3WG0wdHNkRHNESFM4VlgzRERNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2QtZjAxOThjNmMyNDc0
LzEvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQELhaAAwQF
TpnAAwQEURHwAwQBW8XqAwQBsDTeAwQCuQJAAwQCudGkAwQDyEUIMBQEAgACMA4D
BQAqAQCoAwUAKgEAqjANBgkqhkiG9w0BAQsFAAOCAQEAQHt7ojRkG/azQU037x/w
NyNf/ZMwWVHsxLMrls7D5IoLoQgU1yq94LJNM2TqlZAEYafivY8Hb18aS78G3lhJ
AxtVm3Y9ucfMOr52KRRvkS+HVeL72nqWXRZgD5xGh1rAOg4r945msRPCKQIxHZ6P
K0RAurVb3sjYMz3LEEjtMGx4fR3s5RIJRwp5+dkqzA/14015XYPeXJVSRb64QySv
lNpnlneCldKnoBhnGOE66nyxYH30Z+4KwvXnM+/o31pBg+An0scN/M5SyjbhZZFF
J4+AUMh75P9fpsHXJXyIsheJQ2MMrn1AHRJc0MNSsjs+8K3QPxU833xkth4xC7Bo
WQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:12:54 2024 by rpki-client on console-fra.rpki-client.org