Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ZliApcf0HDWsi7EPR0i-j7XbAdo.roa
File: ZliApcf0HDWsi7EPR0i-j7XbAdo.roa (raw, json)
Hash identifier: A1R+5fiCMwWx63g/v/CnkkrnwWV5xsqHwqwHSvXzLGo=
Subject key identifier: 66:58:80:A5:C7:F4:1C:35:AC:8B:B1:0F:47:48:BE:8F:B5:DB:01:DA
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B73AD2B2CEE380136CEB3EDE7251B5
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ZliApcf0HDWsi7EPR0i-j7XbAdo.roa
Signing time: Mon 01 Jan 2024 06:30:14 +0000
ROA not before: Mon 01 Jan 2024 06:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47377
IP address blocks: 90.84.96.0/19 maxlen: 24
2a01:c780::/32 maxlen: 64
2a01:cd20::/32 maxlen: 48
2a01:caa0::/32 maxlen: 48
2a01:cc00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3a:d2:b2:ce:e3:80:13:6c:eb:3e:de:72:51:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=665880a5c7f41c35ac8bb10f4748be8fb5db01da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3e:c5:ba:f5:a8:98:28:d4:cc:ca:5e:fc:01:
f2:ae:12:e9:8e:15:85:c7:51:47:25:6f:5a:84:dd:
96:65:69:4a:bf:10:ef:ab:80:61:12:f6:b1:44:ee:
20:4d:1b:3a:ee:5c:f1:31:c3:c2:65:16:5b:5a:27:
94:cf:ea:d1:20:e8:d2:58:fb:37:70:e9:98:99:57:
b4:a6:33:3e:77:90:f6:a6:ec:94:04:9c:47:ed:16:
6e:35:e0:ac:77:9c:1b:4d:78:96:97:2c:79:9f:c9:
34:df:4e:63:66:e6:72:f1:f2:97:72:3f:3f:7a:ef:
5d:f4:c9:43:0f:0b:f8:94:8f:66:b8:46:7d:9a:41:
e4:99:f2:a7:58:4d:54:e3:55:ea:85:12:80:a0:5b:
9f:68:94:74:6f:7a:be:0f:a0:df:2f:73:4c:c9:a0:
98:d1:e8:25:19:d4:af:57:17:43:d0:97:ed:5b:df:
d6:26:0f:7f:ce:ed:1c:33:c9:4d:fe:ac:dd:4e:44:
f2:19:7e:04:e0:83:71:66:35:d1:a1:ad:c1:1d:a7:
b5:f3:41:1b:14:52:6a:06:b8:92:ef:85:91:e5:06:
f1:d8:af:80:7e:b1:e2:35:e9:9c:29:de:51:45:4e:
65:78:92:7b:7c:8a:c2:2e:fe:36:13:f4:22:f0:1f:
f9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:58:80:A5:C7:F4:1C:35:AC:8B:B1:0F:47:48:BE:8F:B5:DB:01:DA
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/ZliApcf0HDWsi7EPR0i-j7XbAdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.84.96.0/19
IPv6:
2a01:c780::/32
2a01:caa0::/32
2a01:cc00::/32
2a01:cd20::/32
Signature Algorithm: sha256WithRSAEncryption
78:4a:d8:6b:e4:14:81:07:fb:88:a4:03:75:4e:91:6c:ef:49:
c1:a5:01:aa:bd:c2:b0:14:f8:f1:01:83:50:cf:2c:38:60:5b:
86:56:26:89:50:da:0a:b0:f9:70:d7:01:0e:3b:f2:e8:29:73:
84:c8:91:3d:82:37:98:46:1f:e3:6e:12:ae:df:98:08:03:f6:
39:54:e2:17:b6:25:84:7b:c0:fa:29:4f:a7:c2:55:9c:a0:a0:
05:27:2a:1b:ef:6a:af:a9:2b:0e:1e:70:9b:79:f3:8b:7e:25:
5e:98:68:58:9b:c7:3a:4e:9d:6e:4f:c6:dd:86:5f:4c:fc:8f:
c4:26:b3:c8:80:64:02:0f:0b:89:a7:cf:81:d3:b5:a3:d1:37:
81:e0:48:93:d0:d2:75:31:02:a2:ab:18:6d:ed:4c:07:7c:a9:
c6:ad:96:ee:db:6f:98:57:51:a9:c7:6c:d2:1b:cf:fe:a7:5e:
f1:0a:58:05:f9:45:da:58:fe:c1:e9:b7:19:23:2c:3c:70:58:
22:70:e2:6a:68:fd:e4:89:75:3e:68:6f:1a:e0:d7:e2:52:ea:
0a:d8:fd:77:c0:4a:d1:f0:0f:c9:9a:6d:02:2c:90:a5:0e:d5:
2f:18:34:5d:27:28:63:72:e9:57:0e:95:7f:a2:7e:84:5b:0d:
ae:9a:f0:d9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzDtzrSss7jgBNs6z7eclG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjU4ODBhNWM3ZjQxYzM1YWM4YmIxMGY0NzQ4YmU4ZmI1ZGIwMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnz7FuvWomCjUzMpe/AHyrhLpjhWF
x1FHJW9ahN2WZWlKvxDvq4BhEvaxRO4gTRs67lzxMcPCZRZbWieUz+rRIOjSWPs3
cOmYmVe0pjM+d5D2puyUBJxH7RZuNeCsd5wbTXiWlyx5n8k0305jZuZy8fKXcj8/
eu9d9MlDDwv4lI9muEZ9mkHkmfKnWE1U41XqhRKAoFufaJR0b3q+D6DfL3NMyaCY
0eglGdSvVxdD0JftW9/WJg9/zu0cM8lN/qzdTkTyGX4E4INxZjXRoa3BHae180Eb
FFJqBriS74WR5Qbx2K+AfrHiNemcKd5RRU5leJJ7fIrCLv42E/Qi8B/5wwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGZYgKXH9Bw1rIuxD0dIvo+12wHaMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvWmxpQXBjZjBIRFdzaTdFUFIwaS1qN1hiQWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQFWlRgMCIE
AgACMBwDBQAqAceAAwUAKgHKoAMFACoBzAADBQAqAc0gMA0GCSqGSIb3DQEBCwUA
A4IBAQB4Sthr5BSBB/uIpAN1TpFs70nBpQGqvcKwFPjxAYNQzyw4YFuGViaJUNoK
sPlw1wEOO/LoKXOEyJE9gjeYRh/jbhKu35gIA/Y5VOIXtiWEe8D6KU+nwlWcoKAF
Jyob72qvqSsOHnCbefOLfiVemGhYm8c6Tp1uT8bdhl9M/I/EJrPIgGQCDwuJp8+B
07Wj0TeB4EiT0NJ1MQKiqxht7UwHfKnGrZbu22+YV1Gpx2zSG8/+p17xClgF+UXa
WP7B6bcZIyw8cFgicOJqaP3kiXU+aG8a4NfiUuoK2P13wErR8A/Jmm0CLJClDtUv
GDRdJyhjculXDpV/on6EWw2umvDZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:48:00 2024 by rpki-client on console-fra.rpki-client.org