Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/zbVDcemDzwXiLT_ONJi9tBoUwZM.roa
File: zbVDcemDzwXiLT_ONJi9tBoUwZM.roa (raw, json)
Hash identifier: pLQ0MA/2Sz3axa1hJjvFbTxC2tZgBPwZG2HLhytJ6Oc=
Subject key identifier: CD:B5:43:71:E9:83:CF:05:E2:2D:3F:CE:34:98:BD:B4:1A:14:C1:93
Certificate issuer: /CN=1dc7522321c23d169ed332ff49879ccc245172db
Certificate serial: 018CC26D51EACAF88239C8B519D8987E9D78
Authority key identifier: 1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/zbVDcemDzwXiLT_ONJi9tBoUwZM.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41008
IP address blocks: 109.233.24.0/21 maxlen: 24
193.58.8.0/21 maxlen: 24
193.201.162.0/24 maxlen: 24
212.113.64.0/19 maxlen: 24
62.233.0.0/19 maxlen: 24
2a02:239c:0:24::/64 maxlen: 64
2a02:2398::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/HcdSIyHCPRae0zL_SYeczCRRcts.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/HcdSIyHCPRae0zL_SYeczCRRcts.mft
rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:51:ea:ca:f8:82:39:c8:b5:19:d8:98:7e:9d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dc7522321c23d169ed332ff49879ccc245172db
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdb54371e983cf05e22d3fce3498bdb41a14c193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:55:45:ba:cd:58:4b:41:d1:83:67:f0:46:17:
f6:1a:5f:82:1f:21:0e:e8:d9:24:89:79:dd:e3:6e:
de:a3:47:92:7d:14:a7:4b:bd:76:c0:7c:57:ae:1c:
ae:22:1b:ed:bb:9d:e4:a5:27:00:c0:98:a6:19:0d:
4d:2b:ce:84:21:a1:82:9f:9e:aa:39:70:01:70:c8:
1b:8c:02:52:da:00:f8:00:8f:14:29:49:ef:2b:bb:
57:65:f2:30:94:42:62:11:b7:8a:77:a4:e0:ca:81:
f4:c5:08:5f:5d:5a:34:e4:60:14:99:d0:d1:31:cd:
20:44:0c:79:24:ab:c3:4c:2c:e9:24:69:fe:79:05:
58:17:46:b4:44:de:55:01:67:23:02:c5:50:e8:aa:
d0:11:78:46:e4:bf:75:5f:ad:85:4d:24:41:52:0e:
ea:a6:9b:bb:57:62:64:24:19:04:87:0c:50:50:f2:
72:11:59:5b:32:9e:82:0c:ae:47:c5:6f:b9:bf:a0:
49:0f:86:7d:79:ab:40:7c:a2:78:ec:f1:14:2a:6c:
34:8b:5c:a6:12:a3:c1:76:09:17:ba:1f:ca:24:70:
a5:2b:b8:1d:0f:99:f1:fc:66:6a:85:16:1c:18:8c:
3e:19:de:63:f3:5c:77:21:b1:3d:a3:1a:55:68:ce:
8a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B5:43:71:E9:83:CF:05:E2:2D:3F:CE:34:98:BD:B4:1A:14:C1:93
X509v3 Authority Key Identifier:
keyid:1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/zbVDcemDzwXiLT_ONJi9tBoUwZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/HcdSIyHCPRae0zL_SYeczCRRcts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.0.0/19
109.233.24.0/21
193.58.8.0/21
193.201.162.0/24
212.113.64.0/19
IPv6:
2a02:2398::/29
Signature Algorithm: sha256WithRSAEncryption
7a:53:f7:3d:d0:71:5b:1f:f6:74:e1:dd:b6:20:7c:6e:e4:73:
1b:d9:06:a0:df:af:6e:2a:bf:02:b2:cb:4d:cf:73:3f:3e:82:
c6:8d:b4:84:33:17:88:29:cd:4d:8c:d2:92:18:58:d7:98:34:
db:c5:8c:ed:98:dd:6f:ed:33:e0:3c:90:29:0d:54:0e:62:ea:
a2:04:97:6e:2c:ff:6a:dc:49:58:36:5d:bf:b6:17:19:b2:6a:
cd:f4:19:4c:07:8f:b0:0d:ba:58:28:60:39:41:01:7d:a0:86:
7b:c5:30:dc:61:a2:f0:ce:cf:75:30:0b:d7:cc:40:5e:21:da:
7f:62:98:22:eb:37:6c:4a:38:61:b2:de:2c:2c:c0:1a:5d:8e:
05:f0:b7:67:da:a8:3b:bd:78:44:25:bb:8f:f1:01:39:51:05:
26:4f:81:b4:a1:4b:eb:a5:d1:0e:87:47:f9:7f:b1:d7:cb:ad:
de:d1:ef:8c:aa:71:98:fb:02:de:86:12:8a:83:6d:0c:9b:45:
0e:ce:33:64:95:f0:e5:3f:a0:61:66:2f:8f:96:13:26:32:19:
6a:b8:f9:28:e7:42:33:df:a0:68:61:43:97:b6:ea:cc:75:9f:
63:1b:9e:65:95:11:26:6b:be:45:66:30:90:f4:08:78:e6:c3:
96:3a:01:1e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzCbVHqyviCOci1GdiYfp14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzc1MjIzMjFjMjNkMTY5ZWQzMzJmZjQ5ODc5Y2NjMjQ1
MTcyZGIwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGI1NDM3MWU5ODNjZjA1ZTIyZDNmY2UzNDk4YmRiNDFhMTRjMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1VFus1YS0HRg2fwRhf2Gl+CHyEO
6NkkiXnd427eo0eSfRSnS712wHxXrhyuIhvtu53kpScAwJimGQ1NK86EIaGCn56q
OXABcMgbjAJS2gD4AI8UKUnvK7tXZfIwlEJiEbeKd6TgyoH0xQhfXVo05GAUmdDR
Mc0gRAx5JKvDTCzpJGn+eQVYF0a0RN5VAWcjAsVQ6KrQEXhG5L91X62FTSRBUg7q
ppu7V2JkJBkEhwxQUPJyEVlbMp6CDK5HxW+5v6BJD4Z9eatAfKJ47PEUKmw0i1ym
EqPBdgkXuh/KJHClK7gdD5nx/GZqhRYcGIw+Gd5j81x3IbE9oxpVaM6KlQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFM21Q3Hpg88F4i0/zjSYvbQaFMGTMB8GA1UdIwQY
MBaAFB3HUiMhwj0WntMy/0mHnMwkUXLbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYt
NzA1NTM5M2Y3NWZlLzEvemJWRGNlbUR6d1hpTFRfT05KaTl0Qm9Vd1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYtNzA1NTM5M2Y3NWZl
LzEvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPukAAwQD
bekYAwQDwToIAwQAwcmiAwQF1HFAMA0EAgACMAcDBQMqAiOYMA0GCSqGSIb3DQEB
CwUAA4IBAQB6U/c90HFbH/Z04d22IHxu5HMb2Qag369uKr8CsstNz3M/PoLGjbSE
MxeIKc1NjNKSGFjXmDTbxYztmN1v7TPgPJApDVQOYuqiBJduLP9q3ElYNl2/thcZ
smrN9BlMB4+wDbpYKGA5QQF9oIZ7xTDcYaLwzs91MAvXzEBeIdp/Ypgi6zdsSjhh
st4sLMAaXY4F8Ldn2qg7vXhEJbuP8QE5UQUmT4G0oUvrpdEOh0f5f7HXy63e0e+M
qnGY+wLehhKKg20Mm0UOzjNklfDlP6BhZi+PlhMmMhlquPko50Iz36BoYUOXturM
dZ9jG55llREma75FZjCQ9Ah45sOWOgEe
-----END CERTIFICATE-----
Generated at Sat May 18 20:04:44 2024 by rpki-client on console-fra.rpki-client.org