Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/ZieuH5T8djq5UhJa-jjzTEsylmg.roa
File: ZieuH5T8djq5UhJa-jjzTEsylmg.roa (raw, json)
Hash identifier: V430OD1Fucdh3mZcKwPUH6Mp6NY6sRfgzwJVnDAjzek=
Subject key identifier: 66:27:AE:1F:94:FC:76:3A:B9:52:12:5A:FA:38:F3:4C:4B:32:96:68
Certificate issuer: /CN=b720f3ceb0e6b597a38145c5a743369c7f4966e0
Certificate serial: 018FC8F54308819B05CCB77492293B6DFCF5
Authority key identifier: B7:20:F3:CE:B0:E6:B5:97:A3:81:45:C5:A7:43:36:9C:7F:49:66:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyDzzrDmtZejgUXFp0M2nH9JZuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/ZieuH5T8djq5UhJa-jjzTEsylmg.roa
Signing time: Thu 30 May 2024 10:04:27 +0000
ROA not before: Thu 30 May 2024 10:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25222
IP address blocks: 78.40.66.0/23 maxlen: 23
78.40.68.0/22 maxlen: 22
89.207.115.0/24 maxlen: 24
89.207.118.0/24 maxlen: 24
92.43.8.0/22 maxlen: 22
109.232.12.0/23 maxlen: 23
185.151.232.0/23 maxlen: 23
212.165.64.0/21 maxlen: 21
212.165.70.0/24 maxlen: 24
212.165.72.0/22 maxlen: 22
212.165.76.0/22 maxlen: 22
212.165.92.0/22 maxlen: 22
212.165.96.0/20 maxlen: 20
212.165.112.0/22 maxlen: 22
212.165.118.0/23 maxlen: 23
212.165.120.0/23 maxlen: 23
212.165.122.0/23 maxlen: 23
212.165.124.0/24 maxlen: 24
212.165.126.0/24 maxlen: 24
2a03:1c80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/tyDzzrDmtZejgUXFp0M2nH9JZuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/tyDzzrDmtZejgUXFp0M2nH9JZuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tyDzzrDmtZejgUXFp0M2nH9JZuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c8:f5:43:08:81:9b:05:cc:b7:74:92:29:3b:6d:fc:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b720f3ceb0e6b597a38145c5a743369c7f4966e0
Validity
Not Before: May 30 10:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6627ae1f94fc763ab952125afa38f34c4b329668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d8:b3:22:85:e6:29:e1:ec:68:b1:49:36:1b:
f0:a7:de:13:ab:4f:60:f1:30:50:cd:b5:92:0e:c7:
56:f9:03:b9:6e:16:7c:73:df:0a:b1:8c:a2:5b:c0:
60:af:7a:a2:d6:57:44:36:f4:27:d5:8b:50:51:79:
84:f4:b3:b7:5b:6d:84:56:00:af:29:b3:c7:e3:69:
d2:1e:b8:54:e0:b2:ed:db:c9:99:2c:77:fc:8f:84:
c2:fa:9f:7f:b4:7f:76:33:67:94:45:c5:66:bc:4b:
0d:2b:ad:7a:29:53:17:bf:5a:43:a2:07:34:9a:ac:
ee:24:f1:7b:d5:9e:87:d3:ce:a9:65:ed:b7:d2:d2:
fc:e0:28:d8:2a:04:c2:50:ba:68:c5:d3:d8:83:12:
44:9c:45:9b:08:7a:cf:70:05:c5:3d:d4:21:ff:6a:
be:2f:08:9b:b4:2e:56:9a:d7:4f:a0:fe:11:e9:d4:
f7:37:f0:c8:54:24:6a:df:a1:b0:b2:aa:98:18:2a:
0a:cc:cd:31:1c:5b:76:85:c6:3d:39:97:6c:de:9a:
f9:bf:a4:45:10:12:ce:90:71:7f:2b:b3:09:f4:00:
7a:d9:5f:ff:52:61:38:b0:19:99:d7:3a:a3:9c:f4:
14:ad:61:4e:32:47:7b:f5:47:24:3e:47:db:a9:f6:
fc:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:27:AE:1F:94:FC:76:3A:B9:52:12:5A:FA:38:F3:4C:4B:32:96:68
X509v3 Authority Key Identifier:
keyid:B7:20:F3:CE:B0:E6:B5:97:A3:81:45:C5:A7:43:36:9C:7F:49:66:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyDzzrDmtZejgUXFp0M2nH9JZuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/ZieuH5T8djq5UhJa-jjzTEsylmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d7fb6d-ebbe-43a2-b119-393c45742259/1/tyDzzrDmtZejgUXFp0M2nH9JZuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.66.0-78.40.71.255
89.207.115.0/24
89.207.118.0/24
92.43.8.0/22
109.232.12.0/23
185.151.232.0/23
212.165.64.0/20
212.165.92.0-212.165.115.255
212.165.118.0-212.165.124.255
212.165.126.0/24
IPv6:
2a03:1c80::/32
Signature Algorithm: sha256WithRSAEncryption
29:c1:a9:1a:93:de:7e:5d:0c:68:57:72:34:01:50:b8:05:18:
11:c0:36:bb:73:4b:d4:a4:00:5f:6a:86:36:96:d2:94:ef:bc:
9e:00:ef:4a:c9:e7:3c:5e:52:1d:b9:22:d4:bc:5d:ec:ee:b0:
e6:84:a9:db:65:84:a8:81:38:88:1b:d0:56:cd:ae:13:4a:ff:
d1:e4:1b:4d:ae:4f:b6:27:ab:e7:54:4b:71:ed:dc:40:3c:a0:
e1:64:1e:45:ed:bf:ad:a6:3f:91:aa:17:db:ff:8a:b8:7c:80:
0b:af:99:0d:db:20:80:bd:aa:18:b0:bd:13:33:50:22:ea:c4:
77:17:e4:95:ea:38:29:52:99:4a:2c:7a:42:8b:19:49:30:fa:
87:6b:6d:f4:2f:c6:10:bd:e0:b5:c0:1b:80:f2:51:e7:5b:88:
56:44:8d:47:ee:69:63:24:d8:1f:50:6f:20:12:12:79:03:a3:
1f:7e:45:80:14:1f:3d:f9:33:c1:d3:18:01:4d:b5:6e:8b:4c:
c3:47:62:31:36:57:e8:6a:96:58:f0:11:46:2c:78:f9:e0:78:
27:e8:4c:ac:40:2f:ba:1c:66:70:5b:b2:c6:80:04:bd:85:5f:
26:06:5d:a9:02:bc:57:ec:e4:e3:7f:08:a0:25:7f:f5:b4:f7:
ec:b4:0b:bb
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAY/I9UMIgZsFzLd0kik7bfz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjBmM2NlYjBlNmI1OTdhMzgxNDVjNWE3NDMzNjljN2Y0
OTY2ZTAwHhcNMjQwNTMwMTAwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjI3YWUxZjk0ZmM3NjNhYjk1MjEyNWFmYTM4ZjM0YzRiMzI5NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9izIoXmKeHsaLFJNhvwp94Tq09g
8TBQzbWSDsdW+QO5bhZ8c98KsYyiW8Bgr3qi1ldENvQn1YtQUXmE9LO3W22EVgCv
KbPH42nSHrhU4LLt28mZLHf8j4TC+p9/tH92M2eURcVmvEsNK616KVMXv1pDogc0
mqzuJPF71Z6H086pZe230tL84CjYKgTCULpoxdPYgxJEnEWbCHrPcAXFPdQh/2q+
LwibtC5WmtdPoP4R6dT3N/DIVCRq36GwsqqYGCoKzM0xHFt2hcY9OZds3pr5v6RF
EBLOkHF/K7MJ9AB62V//UmE4sBmZ1zqjnPQUrWFOMkd79UckPkfbqfb8hQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFGYnrh+U/HY6uVISWvo480xLMpZoMB8GA1UdIwQY
MBaAFLcg886w5rWXo4FFxadDNpx/SWbgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlEenpyRG10WmVqZ1VYRnAwTTJuSDlKWnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kN2ZiNmQtZWJiZS00M2EyLWIxMTkt
MzkzYzQ1NzQyMjU5LzEvWmlldUg1VDhkanE1VWhKYS1qanpURXN5bG1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kN2ZiNmQtZWJiZS00M2EyLWIxMTktMzkzYzQ1NzQyMjU5
LzEvdHlEenpyRG10WmVqZ1VYRnAwTTJuSDlKWnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUMAwDBAFOKEID
BANOKEADBABZz3MDBABZz3YDBAJcKwgDBAFt6AwDBAG5l+gDBATUpUAwDAMEAtSl
XAMEAtSlcDAMAwQB1KV2AwQA1KV8AwQA1KV+MA0EAgACMAcDBQAqAxyAMA0GCSqG
SIb3DQEBCwUAA4IBAQApwakak95+XQxoV3I0AVC4BRgRwDa7c0vUpABfaoY2ltKU
77yeAO9Kyec8XlIduSLUvF3s7rDmhKnbZYSogTiIG9BWza4TSv/R5BtNrk+2J6vn
VEtx7dxAPKDhZB5F7b+tpj+Rqhfb/4q4fIALr5kN2yCAvaoYsL0TM1Ai6sR3F+SV
6jgpUplKLHpCixlJMPqHa230L8YQveC1wBuA8lHnW4hWRI1H7mljJNgfUG8gEhJ5
A6MffkWAFB89+TPB0xgBTbVui0zDR2IxNlfoapZY8BFGLHj54Hgn6EysQC+6HGZw
W7LGgAS9hV8mBl2pArxX7OTjfwigJX/1tPfstAu7
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:11:36 2024 by rpki-client on console-fra.rpki-client.org