Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/0Z5BZS7wBGH_NoArN1AeRY2dsec.roa
File: 0Z5BZS7wBGH_NoArN1AeRY2dsec.roa (raw, json)
Hash identifier: cAFQ0swD1p9SyJjporuOSIlN/eIi2A8/+20kxEW9ZfY=
Subject key identifier: D1:9E:41:65:2E:F0:04:61:FF:36:80:2B:37:50:1E:45:8D:9D:B1:E7
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 018E65C26FBF27F9308A25729DD60CD6BCAA
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/0Z5BZS7wBGH_NoArN1AeRY2dsec.roa
Signing time: Fri 22 Mar 2024 10:43:45 +0000
ROA not before: Fri 22 Mar 2024 10:43:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29075
IP address blocks: 45.10.224.0/22 maxlen: 22
45.94.124.0/22 maxlen: 22
45.94.128.0/22 maxlen: 22
85.118.32.0/19 maxlen: 19
91.109.176.0/20 maxlen: 20
128.204.224.0/20 maxlen: 20
141.255.144.0/20 maxlen: 20
178.20.48.0/21 maxlen: 21
185.118.0.0/22 maxlen: 22
185.123.24.0/22 maxlen: 22
185.177.180.0/22 maxlen: 22
188.121.224.0/19 maxlen: 19
212.85.144.0/20 maxlen: 20
2a00:1b88::/32 maxlen: 32
2a02:2178::/29 maxlen: 29
2a02:2178::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:c2:6f:bf:27:f9:30:8a:25:72:9d:d6:0c:d6:bc:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Mar 22 10:43:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d19e41652ef00461ff36802b37501e458d9db1e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:84:ca:43:4f:a5:65:e0:2b:d1:c3:14:55:56:
2c:87:59:3b:af:bc:c2:bb:c0:ec:48:cd:f9:69:42:
44:7c:a5:13:07:61:6e:4a:67:92:cb:46:9c:62:0a:
44:db:08:7a:d0:d3:10:c9:b1:8e:4d:2a:da:00:dd:
af:6c:4e:fc:b5:74:c0:c5:84:7f:79:83:88:09:1c:
f2:2b:bc:1e:a5:c7:37:0d:b1:45:05:12:53:13:71:
45:1d:77:0e:c9:2a:59:e6:22:c5:66:45:c7:01:e1:
be:48:e4:b6:82:72:36:c9:55:4c:a0:c5:a3:1d:c3:
41:1c:f0:0e:07:c5:ee:66:c3:6d:56:43:58:64:7e:
73:7f:e0:f5:30:94:a6:94:53:61:68:af:8c:6f:6d:
ea:6c:34:19:86:ae:bb:27:c6:cf:50:a3:5f:8b:2f:
7a:ef:f3:95:7f:cb:50:da:74:3d:26:66:a8:39:89:
68:43:46:2b:40:9c:58:22:00:cb:ff:a8:7d:e5:4a:
98:83:86:49:45:2d:07:5f:f2:2e:bb:31:5b:9d:a8:
4c:29:c0:a2:4a:7a:44:06:3f:61:44:d5:96:c2:34:
a3:2c:e1:24:3a:99:23:5a:37:f3:ff:d9:c3:56:66:
45:45:8d:69:f1:04:1b:fa:e1:f8:a7:b7:49:35:b4:
aa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9E:41:65:2E:F0:04:61:FF:36:80:2B:37:50:1E:45:8D:9D:B1:E7
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/0Z5BZS7wBGH_NoArN1AeRY2dsec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.224.0/22
45.94.124.0-45.94.131.255
85.118.32.0/19
91.109.176.0/20
128.204.224.0/20
141.255.144.0/20
178.20.48.0/21
185.118.0.0/22
185.123.24.0/22
185.177.180.0/22
188.121.224.0/19
212.85.144.0/20
IPv6:
2a00:1b88::/32
2a02:2178::/29
Signature Algorithm: sha256WithRSAEncryption
35:eb:cd:34:5f:8f:b3:03:7f:dc:74:14:e2:d1:30:3b:80:73:
ef:40:fd:bd:75:58:26:70:2f:81:b9:c8:32:27:de:1a:6c:37:
56:31:dc:89:4a:5a:e4:d6:1c:12:0d:18:6d:31:0e:cb:77:48:
b3:79:be:d4:43:ad:58:5d:1d:20:2a:d9:a7:5e:de:30:33:a4:
e5:f1:db:3f:52:25:d8:7e:ee:68:c8:89:6f:19:85:0f:e7:51:
ea:f3:9f:81:44:bd:0a:15:cc:6a:d2:e1:2e:e3:bb:65:cf:33:
8d:82:7d:27:f1:64:75:ec:5c:3a:df:f0:93:01:40:e2:1a:93:
79:36:13:08:69:12:16:34:ca:b7:22:bf:96:c1:ef:7c:ae:e4:
ce:83:5e:31:77:a1:09:b9:c8:3e:c1:0b:74:c0:ff:43:3b:53:
1d:3a:68:18:d5:1b:8c:6c:29:69:c0:00:98:c4:03:8f:b0:15:
8a:99:0a:26:c0:8e:6a:dd:93:7f:a7:9c:30:cc:83:3f:6f:54:
0d:31:44:1c:82:28:25:f8:62:7c:89:2b:c1:83:84:a3:95:a3:
dc:f1:e6:b8:03:80:c2:72:df:5b:5c:08:07:81:1f:8f:e3:d5:
8e:b8:71:a3:67:a3:3c:d9:33:1f:f8:ce:af:f0:8a:3a:48:3e:
31:88:02:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY5lwm+/J/kwiiVyndYM1ryqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjQwMzIyMTA0MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTllNDE2NTJlZjAwNDYxZmYzNjgwMmIzNzUwMWU0NThkOWRiMWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4TKQ0+lZeAr0cMUVVYsh1k7r7zC
u8DsSM35aUJEfKUTB2FuSmeSy0acYgpE2wh60NMQybGOTSraAN2vbE78tXTAxYR/
eYOICRzyK7wepcc3DbFFBRJTE3FFHXcOySpZ5iLFZkXHAeG+SOS2gnI2yVVMoMWj
HcNBHPAOB8XuZsNtVkNYZH5zf+D1MJSmlFNhaK+Mb23qbDQZhq67J8bPUKNfiy96
7/OVf8tQ2nQ9JmaoOYloQ0YrQJxYIgDL/6h95UqYg4ZJRS0HX/IuuzFbnahMKcCi
SnpEBj9hRNWWwjSjLOEkOpkjWjfz/9nDVmZFRY1p8QQb+uH4p7dJNbSqfwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFNGeQWUu8ARh/zaAKzdQHkWNnbHnMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvMFo1QlpTN3dCR0hfTm9Bck4xQWVSWTJkc2VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQCLQrgMAwD
BAItXnwDBAItXoADBAVVdiADBARbbbADBASAzOADBASN/5ADBAOyFDADBAK5dgAD
BAK5exgDBAK5sbQDBAW8eeADBATUVZAwFAQCAAIwDgMFACoAG4gDBQMqAiF4MA0G
CSqGSIb3DQEBCwUAA4IBAQA16800X4+zA3/cdBTi0TA7gHPvQP29dVgmcC+Bucgy
J94abDdWMdyJSlrk1hwSDRhtMQ7Ld0izeb7UQ61YXR0gKtmnXt4wM6Tl8ds/UiXY
fu5oyIlvGYUP51Hq85+BRL0KFcxq0uEu47tlzzONgn0n8WR17Fw63/CTAUDiGpN5
NhMIaRIWNMq3Ir+Wwe98ruTOg14xd6EJucg+wQt0wP9DO1MdOmgY1RuMbClpwACY
xAOPsBWKmQomwI5q3ZN/p5wwzIM/b1QNMUQcgigl+GJ8iSvBg4SjlaPc8ea4A4DC
ct9bXAgHgR+P49WOuHGjZ6M82TMf+M6v8Io6SD4xiAJL
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:56:05 2024 by rpki-client on console-ams.rpki-client.org