Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/ZwwpOXf2krHS7nryfyHzNOP7yAg.roa
File: ZwwpOXf2krHS7nryfyHzNOP7yAg.roa (raw, json)
Hash identifier: oHjeEKbrBd0elARnYgtYR/iMiVHkAit0IOVP8vfMVbU=
Subject key identifier: 67:0C:29:39:77:F6:92:B1:D2:EE:7A:F2:7F:21:F3:34:E3:FB:C8:08
Certificate issuer: /CN=f73cdc6751d7c59073e4b706402d3691af09086f
Certificate serial: 018CC3B6EDD39503A543C86104C63AD995CA
Authority key identifier: F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/ZwwpOXf2krHS7nryfyHzNOP7yAg.roa
Signing time: Mon 01 Jan 2024 06:29:54 +0000
ROA not before: Mon 01 Jan 2024 06:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39699
IP address blocks: 62.121.32.0/19 maxlen: 19
86.60.128.0/17 maxlen: 17
83.148.192.0/18 maxlen: 18
185.132.104.0/22 maxlen: 22
2a03:50a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.mft
rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 00:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ed:d3:95:03:a5:43:c8:61:04:c6:3a:d9:95:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73cdc6751d7c59073e4b706402d3691af09086f
Validity
Not Before: Jan 1 06:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=670c293977f692b1d2ee7af27f21f334e3fbc808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2b:51:5f:26:88:b6:97:57:4c:a4:39:14:9f:
15:79:c5:5a:1c:9a:9a:61:42:cf:a8:75:20:f6:c0:
22:23:a6:a1:69:c3:a3:13:ca:b8:77:bc:1f:91:96:
21:07:b1:85:30:7d:1c:c1:8e:da:00:47:06:50:26:
ea:19:56:c8:e0:76:f3:ec:a2:5a:cf:e4:04:71:94:
83:64:68:c8:bc:49:09:c5:f4:31:90:9f:41:ae:5f:
21:0c:c1:31:ac:2d:bc:e7:d9:09:56:db:62:6b:98:
ec:d5:59:77:cd:51:8f:f1:dc:4c:8e:7e:91:ec:51:
34:95:e1:58:43:17:cd:eb:25:7e:81:2f:1a:41:dd:
2a:0b:dc:5f:2f:75:3a:b8:35:84:0d:ad:3d:37:d5:
bc:03:d5:2c:33:6c:00:97:6c:b0:29:d7:d9:e6:55:
f1:9f:09:4b:d7:d6:a3:53:07:9b:af:8b:62:75:f0:
10:24:34:46:a6:cc:3e:24:ec:b6:9c:30:72:8f:7c:
54:fc:31:6d:9a:58:06:63:ea:e2:59:2b:0a:b9:dc:
f7:aa:cf:ad:8a:1e:ba:38:2c:69:e7:cf:2b:b6:6f:
3b:7b:d3:1b:ab:16:10:28:a6:26:85:43:d9:05:07:
5f:d1:f0:9a:fe:88:67:08:21:bb:95:0c:3a:93:a2:
3f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:0C:29:39:77:F6:92:B1:D2:EE:7A:F2:7F:21:F3:34:E3:FB:C8:08
X509v3 Authority Key Identifier:
keyid:F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/ZwwpOXf2krHS7nryfyHzNOP7yAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.121.32.0/19
83.148.192.0/18
86.60.128.0/17
185.132.104.0/22
IPv6:
2a03:50a0::/32
Signature Algorithm: sha256WithRSAEncryption
b2:a3:f6:aa:36:65:f6:e2:a5:bd:9b:85:24:c4:63:bc:40:92:
34:3e:60:c3:10:6f:cc:7a:09:d7:d1:50:4a:bf:d4:2d:dc:62:
8f:92:3e:0e:be:76:65:08:11:d1:b3:e9:42:b8:22:d6:bc:7c:
43:a4:63:59:61:ac:a8:fc:47:57:8c:17:92:a6:ba:99:81:de:
c3:c7:36:ae:a2:f5:b2:e9:62:d8:b4:89:94:ca:ae:0a:be:ea:
7a:e5:37:a9:f4:26:7e:a9:e0:ed:ac:75:1b:00:07:84:30:e1:
73:56:83:88:b3:fe:0b:cd:53:9a:0c:31:1f:9c:ec:7f:11:84:
01:70:2f:73:3b:d3:66:bf:d2:f6:ff:8e:9d:5f:23:6f:2e:bd:
85:0f:8e:3c:36:27:57:c9:54:e4:6d:6f:c9:68:99:a0:13:22:
6e:ad:fd:e4:cf:09:39:93:bd:d9:4c:1c:5c:0f:47:f8:c9:b0:
56:ad:e5:b6:ef:80:a4:8f:3d:80:5f:ca:ef:90:be:fd:05:ec:
af:9b:81:1e:a3:9b:90:05:c9:93:58:bc:24:58:af:06:c2:93:
55:21:d9:81:4d:b3:43:f6:9c:ef:09:de:53:c4:b8:33:90:1b:
55:0e:fc:1b:cc:a6:70:84:91:ac:59:e5:a3:cc:b6:f1:91:8a:
a5:89:b0:98
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDtu3TlQOlQ8hhBMY62ZXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3M2NkYzY3NTFkN2M1OTA3M2U0YjcwNjQwMmQzNjkxYWYw
OTA4NmYwHhcNMjQwMTAxMDYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzBjMjkzOTc3ZjY5MmIxZDJlZTdhZjI3ZjIxZjMzNGUzZmJjODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnStRXyaItpdXTKQ5FJ8VecVaHJqa
YULPqHUg9sAiI6ahacOjE8q4d7wfkZYhB7GFMH0cwY7aAEcGUCbqGVbI4Hbz7KJa
z+QEcZSDZGjIvEkJxfQxkJ9Brl8hDMExrC2859kJVttia5js1Vl3zVGP8dxMjn6R
7FE0leFYQxfN6yV+gS8aQd0qC9xfL3U6uDWEDa09N9W8A9UsM2wAl2ywKdfZ5lXx
nwlL19ajUwebr4tidfAQJDRGpsw+JOy2nDByj3xU/DFtmlgGY+riWSsKudz3qs+t
ih66OCxp588rtm87e9MbqxYQKKYmhUPZBQdf0fCa/ohnCCG7lQw6k6I/zwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGcMKTl39pKx0u568n8h8zTj+8gIMB8GA1UdIwQY
MBaAFPc83GdR18WQc+S3BkAtNpGvCQhvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEt
NzE4ZmQxOTVjNWViLzEvWnd3cE9YZjJrckhTN25yeWZ5SHpOT1A3eUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEtNzE4ZmQxOTVjNWVi
LzEvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFPnkgAwQG
U5TAAwQHVjyAAwQCuYRoMA0EAgACMAcDBQAqA1CgMA0GCSqGSIb3DQEBCwUAA4IB
AQCyo/aqNmX24qW9m4UkxGO8QJI0PmDDEG/MegnX0VBKv9Qt3GKPkj4OvnZlCBHR
s+lCuCLWvHxDpGNZYayo/EdXjBeSprqZgd7DxzauovWy6WLYtImUyq4Kvup65Tep
9CZ+qeDtrHUbAAeEMOFzVoOIs/4LzVOaDDEfnOx/EYQBcC9zO9Nmv9L2/46dXyNv
Lr2FD448NidXyVTkbW/JaJmgEyJurf3kzwk5k73ZTBxcD0f4ybBWreW274Ckjz2A
X8rvkL79Beyvm4Eeo5uQBcmTWLwkWK8GwpNVIdmBTbND9pzvCd5TxLgzkBtVDvwb
zKZwhJGsWeWjzLbxkYqlibCY
-----END CERTIFICATE-----
Generated at Tue May 28 09:31:48 2024 by rpki-client on console-fra.rpki-client.org