Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/Ze1TzAqOHzC9xIMI6tCu5IkarEc.roa
File: Ze1TzAqOHzC9xIMI6tCu5IkarEc.roa (raw, json)
Hash identifier: 0gb1IWas0dJYZEHVnQ8Cxf/hG3A1UdUGthCbKLCLQwA=
Subject key identifier: 65:ED:53:CC:0A:8E:1F:30:BD:C4:83:08:EA:D0:AE:E4:89:1A:AC:47
Certificate issuer: /CN=83fb34b21a0ef8c40191c0e07c3b4524e323b2cf
Certificate serial: 018CC6B90C6EA971E46811D47AF77AE698EF
Authority key identifier: 83:FB:34:B2:1A:0E:F8:C4:01:91:C0:E0:7C:3B:45:24:E3:23:B2:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_s0shoO-MQBkcDgfDtFJOMjss8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/Ze1TzAqOHzC9xIMI6tCu5IkarEc.roa
Signing time: Mon 01 Jan 2024 20:31:05 +0000
ROA not before: Mon 01 Jan 2024 20:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6712
IP address blocks: 91.204.196.0/22 maxlen: 22
91.204.196.0/23 maxlen: 23
91.204.196.0/24 maxlen: 24
91.204.198.0/24 maxlen: 24
91.204.198.0/23 maxlen: 23
91.204.197.0/24 maxlen: 24
91.204.199.0/24 maxlen: 24
91.246.134.0/24 maxlen: 24
91.246.133.0/24 maxlen: 24
91.246.135.0/24 maxlen: 24
91.246.134.0/23 maxlen: 23
91.246.136.0/21 maxlen: 21
91.246.139.0/24 maxlen: 24
91.246.136.0/24 maxlen: 24
91.246.136.0/23 maxlen: 23
91.246.138.0/24 maxlen: 24
91.246.138.0/23 maxlen: 23
91.246.137.0/24 maxlen: 24
91.246.140.0/24 maxlen: 24
91.246.140.0/23 maxlen: 23
91.246.142.0/24 maxlen: 24
91.246.142.0/23 maxlen: 23
91.246.141.0/24 maxlen: 24
91.246.143.0/24 maxlen: 24
91.246.145.0/24 maxlen: 24
91.246.144.0/21 maxlen: 21
91.246.144.0/23 maxlen: 23
91.246.144.0/24 maxlen: 24
91.246.146.0/24 maxlen: 24
91.246.147.0/24 maxlen: 24
91.246.151.0/24 maxlen: 24
91.246.146.0/23 maxlen: 23
91.246.149.0/24 maxlen: 24
91.246.148.0/24 maxlen: 24
91.246.148.0/23 maxlen: 23
91.246.150.0/23 maxlen: 23
91.246.150.0/24 maxlen: 24
91.246.152.0/21 maxlen: 21
91.246.152.0/24 maxlen: 24
91.246.152.0/23 maxlen: 23
91.246.158.0/24 maxlen: 24
91.246.159.0/24 maxlen: 24
91.246.158.0/23 maxlen: 23
91.246.154.0/23 maxlen: 23
91.246.154.0/24 maxlen: 24
91.246.153.0/24 maxlen: 24
91.246.156.0/24 maxlen: 24
91.246.156.0/23 maxlen: 23
91.246.157.0/24 maxlen: 24
91.246.155.0/24 maxlen: 24
91.246.132.0/24 maxlen: 24
91.246.131.0/24 maxlen: 24
91.246.130.0/23 maxlen: 23
91.246.130.0/24 maxlen: 24
91.246.132.0/23 maxlen: 23
91.246.129.0/24 maxlen: 24
91.246.128.0/24 maxlen: 24
91.246.128.0/23 maxlen: 23
91.246.128.0/21 maxlen: 21
91.246.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/g_s0shoO-MQBkcDgfDtFJOMjss8.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/g_s0shoO-MQBkcDgfDtFJOMjss8.mft
rsync://rpki.ripe.net/repository/DEFAULT/g_s0shoO-MQBkcDgfDtFJOMjss8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 07:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:0c:6e:a9:71:e4:68:11:d4:7a:f7:7a:e6:98:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83fb34b21a0ef8c40191c0e07c3b4524e323b2cf
Validity
Not Before: Jan 1 20:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65ed53cc0a8e1f30bdc48308ead0aee4891aac47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f8:93:ca:77:a2:26:c5:23:c8:71:42:68:7f:
b4:a8:e6:a3:34:05:19:8e:ad:5b:b0:da:e2:8e:3c:
fe:19:10:85:e2:b6:4b:b8:50:be:af:11:b9:27:36:
fa:b9:61:14:88:4b:88:a9:84:02:73:7f:b3:8b:0b:
1c:40:5c:06:6c:70:15:3d:18:c9:a9:8d:bb:7c:75:
25:5b:61:7d:75:66:b3:1d:0e:18:38:05:ec:e4:88:
1f:6a:d7:80:fa:9b:f9:64:0d:ea:68:eb:54:42:c4:
74:a1:ef:24:85:c4:35:9c:34:c8:7f:8e:f5:8d:83:
a4:15:e2:ca:b5:73:df:1c:a3:a2:02:99:c9:e4:27:
ac:46:09:40:4f:bc:11:6c:51:e3:9d:1a:53:fd:e3:
a2:27:3e:ec:9d:f2:d8:16:89:bd:69:53:34:e6:7f:
a1:c6:4f:89:79:e1:37:c4:ef:ab:ed:d2:d9:36:d7:
bd:55:7d:5b:a2:59:a0:f0:9c:84:9f:17:14:a0:38:
09:40:32:ca:1e:61:f1:94:f5:e2:61:40:34:87:74:
05:b4:c8:17:f2:0d:79:d0:98:ba:15:3e:29:3a:41:
7c:ed:ce:d5:82:a6:d5:90:bf:fa:ad:3a:68:ac:75:
97:c7:3f:79:af:43:fd:21:23:28:c0:cd:a4:c1:07:
9e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:ED:53:CC:0A:8E:1F:30:BD:C4:83:08:EA:D0:AE:E4:89:1A:AC:47
X509v3 Authority Key Identifier:
keyid:83:FB:34:B2:1A:0E:F8:C4:01:91:C0:E0:7C:3B:45:24:E3:23:B2:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_s0shoO-MQBkcDgfDtFJOMjss8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/Ze1TzAqOHzC9xIMI6tCu5IkarEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/004284-d4a7-4962-9697-f23b077edb96/1/g_s0shoO-MQBkcDgfDtFJOMjss8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.196.0/22
91.246.128.0/19
Signature Algorithm: sha256WithRSAEncryption
04:3a:e0:57:d2:ee:30:96:0a:d0:65:ea:74:76:86:25:18:8d:
ef:26:c9:0a:13:75:4d:9c:b6:cd:ba:04:16:b1:95:32:5b:e7:
ec:83:2e:33:b9:7c:9d:db:d5:b5:ba:d4:09:88:f0:85:ab:e7:
14:9d:98:6c:3a:43:53:8b:ed:a2:67:73:86:d4:79:ec:18:51:
30:65:12:2d:db:d2:17:5b:e7:29:58:bb:9b:5f:fe:36:e1:7a:
bb:40:90:76:76:0f:eb:11:88:87:fd:e0:8f:68:4e:3d:da:c9:
98:b8:57:4b:5a:57:6f:8a:3c:8d:91:29:63:93:28:0e:62:a3:
41:e2:56:e3:9e:fd:04:9d:3d:1d:fb:f8:e3:87:86:23:37:a7:
47:a5:2e:ff:7c:ef:b1:d8:a1:ec:f0:d9:4b:8b:e9:4b:21:e5:
d0:24:ab:1d:61:f7:1a:c0:e8:8f:d5:4f:95:03:35:19:b5:fe:
9f:d8:af:4c:0d:66:47:28:37:50:c4:00:84:27:70:92:54:a0:
df:95:40:15:7d:b3:f5:4b:b3:57:41:cb:78:0c:19:ea:35:11:
33:98:d6:26:3c:24:c3:9c:27:cd:76:74:56:23:52:44:01:1a:
a4:f8:be:8b:ae:03:62:41:3c:b3:00:26:07:59:46:bd:6a:4a:
e2:de:79:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuQxuqXHkaBHUevd65pjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZmIzNGIyMWEwZWY4YzQwMTkxYzBlMDdjM2I0NTI0ZTMy
M2IyY2YwHhcNMjQwMTAxMjAzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWVkNTNjYzBhOGUxZjMwYmRjNDgzMDhlYWQwYWVlNDg5MWFhYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfiTyneiJsUjyHFCaH+0qOajNAUZ
jq1bsNrijjz+GRCF4rZLuFC+rxG5Jzb6uWEUiEuIqYQCc3+ziwscQFwGbHAVPRjJ
qY27fHUlW2F9dWazHQ4YOAXs5IgfateA+pv5ZA3qaOtUQsR0oe8khcQ1nDTIf471
jYOkFeLKtXPfHKOiApnJ5CesRglAT7wRbFHjnRpT/eOiJz7snfLYFom9aVM05n+h
xk+JeeE3xO+r7dLZNte9VX1bolmg8JyEnxcUoDgJQDLKHmHxlPXiYUA0h3QFtMgX
8g150Ji6FT4pOkF87c7VgqbVkL/6rTporHWXxz95r0P9ISMowM2kwQeetwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGXtU8wKjh8wvcSDCOrQruSJGqxHMB8GA1UdIwQY
MBaAFIP7NLIaDvjEAZHA4Hw7RSTjI7LPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19zMHNob08tTVFCa2NEZ2ZEdEZKT01qc3M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8wMDQyODQtZDRhNy00OTYyLTk2OTct
ZjIzYjA3N2VkYjk2LzEvWmUxVHpBcU9IekM5eElNSTZ0Q3U1SWthckVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8wMDQyODQtZDRhNy00OTYyLTk2OTctZjIzYjA3N2VkYjk2
LzEvZ19zMHNob08tTVFCa2NEZ2ZEdEZKT01qc3M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8zEAwQF
W/aAMA0GCSqGSIb3DQEBCwUAA4IBAQAEOuBX0u4wlgrQZep0doYlGI3vJskKE3VN
nLbNugQWsZUyW+fsgy4zuXyd29W1utQJiPCFq+cUnZhsOkNTi+2iZ3OG1HnsGFEw
ZRIt29IXW+cpWLubX/424Xq7QJB2dg/rEYiH/eCPaE492smYuFdLWldvijyNkSlj
kygOYqNB4lbjnv0EnT0d+/jjh4YjN6dHpS7/fO+x2KHs8NlLi+lLIeXQJKsdYfca
wOiP1U+VAzUZtf6f2K9MDWZHKDdQxACEJ3CSVKDflUAVfbP1S7NXQct4DBnqNREz
mNYmPCTDnCfNdnRWI1JEARqk+L6LrgNiQTyzACYHWUa9akri3nlY
-----END CERTIFICATE-----
Generated at Fri Jun 28 14:23:50 2024 by rpki-client on console-ams.rpki-client.org