Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/ZRYY1X7qJkb1Gmgl-aS2e8U2IE8.roa
File: ZRYY1X7qJkb1Gmgl-aS2e8U2IE8.roa (raw, json)
Hash identifier: Dv8vw3iZ4yiZQsKWiqtrWYntcw+4dmdvt3I5tfmFsyk=
Subject key identifier: 65:16:18:D5:7E:EA:26:46:F5:1A:68:25:F9:A4:B6:7B:C5:36:20:4F
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 01932FFB2B0C880AA6575AF009A9A5121708
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/ZRYY1X7qJkb1Gmgl-aS2e8U2IE8.roa
Signing time: Fri 15 Nov 2024 13:20:09 +0000
ROA not before: Fri 15 Nov 2024 13:20:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 82.140.129.0/24 maxlen: 24
84.46.204.0/24 maxlen: 24
84.46.207.0/24 maxlen: 24
86.38.26.0/24 maxlen: 24
86.38.36.0/24 maxlen: 24
86.38.154.0/24 maxlen: 24
86.38.222.0/24 maxlen: 24
86.38.234.0/24 maxlen: 24
86.38.236.0/24 maxlen: 24
89.116.14.0/24 maxlen: 24
89.116.71.0/24 maxlen: 24
89.116.77.0/24 maxlen: 24
89.116.78.0/24 maxlen: 24
89.116.90.0/24 maxlen: 24
89.116.93.0/24 maxlen: 24
89.116.97.0/24 maxlen: 24
89.117.208.0/24 maxlen: 24
89.117.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2f:fb:2b:0c:88:0a:a6:57:5a:f0:09:a9:a5:12:17:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Nov 15 13:20:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=651618d57eea2646f51a6825f9a4b67bc536204f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f5:65:a8:b4:a1:aa:39:ae:bc:e7:56:e4:ee:
9d:6d:36:00:69:fc:b6:b9:75:67:0c:3d:cb:cd:ed:
08:cf:3b:90:4f:d5:3f:1c:33:db:b2:ef:b5:12:dc:
8a:76:d9:93:97:63:06:5c:42:02:4f:56:80:b0:f3:
6f:fe:ce:02:b4:e3:c7:c3:c7:cf:62:53:b1:40:4b:
8e:ac:67:32:c8:60:63:54:57:13:a2:42:28:fb:a2:
e2:a7:da:0e:72:92:5b:93:c5:84:f8:89:7e:2b:ed:
21:c2:c9:83:71:a5:c6:3b:7d:71:af:0f:71:e3:7e:
96:d7:a0:c6:ed:45:f1:9b:03:7d:fd:f1:26:30:3c:
ee:68:77:06:c4:08:2f:ae:63:c2:55:9a:53:98:47:
d8:ff:39:14:0c:88:02:f4:bb:a6:8a:f5:67:52:3b:
9a:c1:04:fc:f0:a4:36:8c:a8:b7:4a:08:8b:c9:e6:
80:43:a9:06:56:01:15:c6:0d:7b:26:64:af:e4:68:
33:20:95:1d:e4:84:fc:63:3a:9a:93:c8:d7:f2:c4:
71:7d:86:8b:46:ec:3b:4d:ae:f0:1e:c8:7c:cf:ba:
38:27:09:6e:5d:57:46:8e:b9:9c:08:4c:7e:f2:7f:
64:fc:9a:d9:06:c1:b7:b2:28:c3:33:4a:19:54:4e:
3f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:16:18:D5:7E:EA:26:46:F5:1A:68:25:F9:A4:B6:7B:C5:36:20:4F
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/ZRYY1X7qJkb1Gmgl-aS2e8U2IE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.129.0/24
84.46.204.0/24
84.46.207.0/24
86.38.26.0/24
86.38.36.0/24
86.38.154.0/24
86.38.222.0/24
86.38.234.0/24
86.38.236.0/24
89.116.14.0/24
89.116.71.0/24
89.116.77.0-89.116.78.255
89.116.90.0/24
89.116.93.0/24
89.116.97.0/24
89.117.208.0/24
89.117.243.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:da:bd:7f:20:07:d4:5d:4a:a9:f7:4e:d5:7e:bb:89:0c:5c:
a6:4c:96:5a:a1:ba:3d:b1:df:96:d7:36:1d:ec:ad:9d:8d:55:
79:30:7a:be:46:c7:1e:82:f8:7e:39:1b:7b:97:2c:73:e8:79:
13:04:f4:a5:32:12:51:0f:0e:0d:95:73:0b:ad:e8:8b:c3:63:
f0:64:34:1c:cc:d2:f1:3e:93:e9:03:0a:7d:1f:39:85:9f:a5:
e4:2e:43:94:4b:a0:48:71:ee:ad:18:c9:0e:bd:3d:94:1a:78:
84:a7:4c:e1:6b:72:1a:2e:6f:9f:3d:52:0d:3f:d1:bc:79:b0:
91:87:06:e5:86:52:63:68:3f:cc:a3:b9:0c:8c:58:81:86:dc:
63:28:33:47:1a:57:6b:23:34:22:07:bc:d5:e1:4f:01:23:e1:
7b:af:76:02:92:2b:3d:8c:18:9f:87:0c:56:97:24:ed:25:9a:
4e:75:bf:89:7e:9f:4e:45:67:c7:40:f2:5f:7b:f1:91:8d:fc:
eb:a6:f0:b9:19:9f:30:03:65:09:f5:ca:e8:dc:25:2d:c2:71:
da:5e:66:73:91:6c:28:1f:fa:79:a0:ae:9b:c1:28:2e:b0:3c:
41:5c:a4:fc:52:9d:af:3c:44:39:bd:55:a8:8c:43:06:4d:d7:
68:b5:d1:17
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZMv+ysMiAqmV1rwCamlEhcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQxMTE1MTMyMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTE2MThkNTdlZWEyNjQ2ZjUxYTY4MjVmOWE0YjY3YmM1MzYyMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfVlqLShqjmuvOdW5O6dbTYAafy2
uXVnDD3Lze0IzzuQT9U/HDPbsu+1EtyKdtmTl2MGXEICT1aAsPNv/s4CtOPHw8fP
YlOxQEuOrGcyyGBjVFcTokIo+6Lip9oOcpJbk8WE+Il+K+0hwsmDcaXGO31xrw9x
436W16DG7UXxmwN9/fEmMDzuaHcGxAgvrmPCVZpTmEfY/zkUDIgC9LumivVnUjua
wQT88KQ2jKi3SgiLyeaAQ6kGVgEVxg17JmSv5GgzIJUd5IT8Yzqak8jX8sRxfYaL
Ruw7Ta7wHsh8z7o4JwluXVdGjrmcCEx+8n9k/JrZBsG3sijDM0oZVE4/AwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFGUWGNV+6iZG9RpoJfmktnvFNiBPMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvWlJZWTFYN3FKa2IxR21nbC1hUzJlOFUySUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAFKMgQME
AFQuzAMEAFQuzwMEAFYmGgMEAFYmJAMEAFYmmgMEAFYm3gMEAFYm6gMEAFYm7AME
AFl0DgMEAFl0RzAMAwQAWXRNAwQAWXROAwQAWXRaAwQAWXRdAwQAWXRhAwQAWXXQ
AwQAWXXzMA0GCSqGSIb3DQEBCwUAA4IBAQCl2r1/IAfUXUqp907VfruJDFymTJZa
obo9sd+W1zYd7K2djVV5MHq+Rscegvh+ORt7lyxz6HkTBPSlMhJRDw4NlXMLreiL
w2PwZDQczNLxPpPpAwp9HzmFn6XkLkOUS6BIce6tGMkOvT2UGniEp0zha3IaLm+f
PVINP9G8ebCRhwblhlJjaD/Mo7kMjFiBhtxjKDNHGldrIzQiB7zV4U8BI+F7r3YC
kis9jBifhwxWlyTtJZpOdb+Jfp9ORWfHQPJfe/GRjfzrpvC5GZ8wA2UJ9cro3CUt
wnHaXmZzkWwoH/p5oK6bwSgusDxBXKT8Up2vPEQ5vVWojEMGTddotdEX
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:51:32 2024 by rpki-client on console-ams.rpki-client.org