Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/ZZyXIBIZGuwnYQZXdTQa56lga_0.roa
File: ZZyXIBIZGuwnYQZXdTQa56lga_0.roa (raw, json)
Hash identifier: tnnKUFdSdCe4mgWINoPGC2C7VMnBAatMxCqZQGJ/vks=
Subject key identifier: 65:9C:97:20:12:19:1A:EC:27:61:06:57:75:34:1A:E7:A9:60:6B:FD
Certificate issuer: /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial: 018E4BF3149536082F9BB433A364D54FA5E6
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/ZZyXIBIZGuwnYQZXdTQa56lga_0.roa
Signing time: Sun 17 Mar 2024 10:26:45 +0000
ROA not before: Sun 17 Mar 2024 10:26:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204383
IP address blocks: 77.78.78.0/23 maxlen: 23
77.78.112.0/22 maxlen: 22
77.78.116.0/23 maxlen: 23
82.208.32.0/23 maxlen: 23
82.208.60.0/22 maxlen: 22
109.123.206.0/23 maxlen: 23
217.11.232.0/23 maxlen: 23
217.11.246.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.mft
rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4b:f3:14:95:36:08:2f:9b:b4:33:a3:64:d5:4f:a5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Validity
Not Before: Mar 17 10:26:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=659c972012191aec2761065775341ae7a9606bfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:73:fb:0c:78:36:28:01:23:ea:1a:62:be:a3:
24:c3:fc:e5:3f:e4:0b:54:2c:ef:be:7c:a9:25:4f:
42:0f:5a:3e:f0:92:61:f4:09:0b:28:fb:a3:b1:a0:
36:9f:8e:72:20:ca:e3:9b:c6:f4:67:96:9a:f0:47:
bc:be:26:d0:ef:fa:4a:9d:d1:ea:01:c4:98:ba:4a:
84:57:85:c4:92:66:00:13:c6:43:02:2b:9a:7d:08:
d6:1f:1b:93:51:05:53:16:56:c7:17:a6:5f:ac:27:
d7:14:24:17:c8:e7:eb:00:e1:63:30:8f:8c:f7:69:
7f:25:73:a0:55:40:c3:86:8a:ca:8e:e8:58:1d:89:
29:98:56:df:62:5a:e9:34:28:c8:8d:66:06:f0:09:
04:17:92:7e:b0:4c:ab:74:cc:86:a3:41:e6:c8:30:
8e:f8:d4:c3:d2:85:93:db:9e:9e:05:fc:86:7f:1f:
6b:0d:e2:cd:9a:7c:7a:f1:f1:2a:4a:96:a4:13:44:
2e:ef:a8:b1:c2:ed:61:ea:b9:36:11:ff:94:c7:32:
7d:b9:37:d1:fe:af:7f:59:fd:e8:48:30:3b:e4:1e:
0b:be:0c:f3:70:14:44:07:ac:6a:37:61:e5:29:0e:
00:ba:45:68:34:75:da:9f:49:ed:5d:bd:7d:2e:93:
d9:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:9C:97:20:12:19:1A:EC:27:61:06:57:75:34:1A:E7:A9:60:6B:FD
X509v3 Authority Key Identifier:
keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/ZZyXIBIZGuwnYQZXdTQa56lga_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.78.0/23
77.78.112.0-77.78.117.255
82.208.32.0/23
82.208.60.0/22
109.123.206.0/23
217.11.232.0/23
217.11.246.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:c5:0d:6b:56:83:d9:92:be:4f:64:3b:e5:88:8b:21:8f:df:
49:1f:9d:c3:36:44:e0:a0:13:b8:c4:62:ce:31:c8:45:6d:d7:
c6:09:04:5a:f7:44:34:b6:0f:b2:b6:d3:6c:63:6b:b9:2f:2d:
32:bb:62:9c:60:e5:3d:78:3f:55:09:0e:5e:fd:99:40:f5:e7:
4f:db:10:d8:2c:5f:6c:2e:3d:ac:d3:be:70:ea:1d:24:96:a8:
f6:43:51:13:6f:df:a5:c7:b4:86:67:1a:da:f2:21:84:25:db:
36:b8:3d:c6:dc:b0:ca:1e:3b:19:18:51:de:01:b6:02:4e:4c:
45:23:2f:1b:42:2e:92:9a:7a:c4:37:2b:6a:35:16:3c:27:db:
b6:09:c3:3b:2c:49:92:cc:e7:8b:de:1a:4d:f0:db:7a:2f:cd:
01:5a:55:f5:57:59:f5:25:ae:48:0d:09:17:2a:99:7a:ba:30:
b3:e6:2b:95:10:fe:66:d7:6c:ae:5a:2a:c4:55:66:66:35:1f:
25:0d:e3:4e:2a:72:a2:c0:7b:87:21:8d:a0:53:6f:fe:b0:2c:
b0:eb:49:6b:91:06:be:1b:61:58:0f:af:02:e9:10:1f:93:a2:
20:2d:d8:d9:f7:d8:80:d0:c1:55:51:21:e4:b6:95:db:54:17:
b3:33:d2:9c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY5L8xSVNggvm7Qzo2TVT6XmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDg0N2Y4NjY3ZDUyZmEyY2Y5Y2Y5YWZjYzQzYTA3OTE1
NTc1Y2EwHhcNMjQwMzE3MTAyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTljOTcyMDEyMTkxYWVjMjc2MTA2NTc3NTM0MWFlN2E5NjA2YmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnP7DHg2KAEj6hpivqMkw/zlP+QL
VCzvvnypJU9CD1o+8JJh9AkLKPujsaA2n45yIMrjm8b0Z5aa8Ee8vibQ7/pKndHq
AcSYukqEV4XEkmYAE8ZDAiuafQjWHxuTUQVTFlbHF6ZfrCfXFCQXyOfrAOFjMI+M
92l/JXOgVUDDhorKjuhYHYkpmFbfYlrpNCjIjWYG8AkEF5J+sEyrdMyGo0HmyDCO
+NTD0oWT256eBfyGfx9rDeLNmnx68fEqSpakE0Qu76ixwu1h6rk2Ef+UxzJ9uTfR
/q9/Wf3oSDA75B4LvgzzcBREB6xqN2HlKQ4AukVoNHXan0ntXb19LpPZvwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGWclyASGRrsJ2EGV3U0GuepYGv9MB8GA1UdIwQY
MBaAFBdIR/hmfVL6LPnPmvzEOgeRVXXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2Ut
MTQ1NGZmZTYxODJjLzEvWlp5WElCSVpHdXduWVFaWGRUUWE1NmxnYV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2UtMTQ1NGZmZTYxODJj
LzEvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBTU5OMAwD
BARNTnADBAFNTnQDBAFS0CADBAJS0DwDBAFte84DBAHZC+gDBAHZC/YwDQYJKoZI
hvcNAQELBQADggEBAAzFDWtWg9mSvk9kO+WIiyGP30kfncM2ROCgE7jEYs4xyEVt
18YJBFr3RDS2D7K202xja7kvLTK7Ypxg5T14P1UJDl79mUD150/bENgsX2wuPazT
vnDqHSSWqPZDURNv36XHtIZnGtryIYQl2za4PcbcsMoeOxkYUd4BtgJOTEUjLxtC
LpKaesQ3K2o1Fjwn27YJwzssSZLM54veGk3w23ovzQFaVfVXWfUlrkgNCRcqmXq6
MLPmK5UQ/mbXbK5aKsRVZmY1HyUN404qcqLAe4chjaBTb/6wLLDrSWuRBr4bYVgP
rwLpEB+ToiAt2Nn32IDQwVVRIeS2ldtUF7Mz0pw=
-----END CERTIFICATE-----
Generated at Fri May 24 09:08:44 2024 by rpki-client on console-ams.rpki-client.org