Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/_AZaOUpMnqIFdAhlz3wVcas8QYk.roa
File: _AZaOUpMnqIFdAhlz3wVcas8QYk.roa (raw, json)
Hash identifier: e96qKabKzoLsOMa2CrulCB5Usi34MSKaf3xrHIXBEOk=
Subject key identifier: FC:06:5A:39:4A:4C:9E:A2:05:74:08:65:CF:7C:15:71:AB:3C:41:89
Certificate issuer: /CN=6525d8b7f19e2fb75cb7f95789d9118f6b1b9705
Certificate serial: 018CC8DF90DFBCA574F96AE455029B62FC7D
Authority key identifier: 65:25:D8:B7:F1:9E:2F:B7:5C:B7:F9:57:89:D9:11:8F:6B:1B:97:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/_AZaOUpMnqIFdAhlz3wVcas8QYk.roa
Signing time: Tue 02 Jan 2024 06:32:23 +0000
ROA not before: Tue 02 Jan 2024 06:32:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8393
IP address blocks: 149.154.190.0/23 maxlen: 23
193.193.228.0/24 maxlen: 24
193.193.229.0/24 maxlen: 24
193.193.227.0/24 maxlen: 24
193.193.233.0/24 maxlen: 24
193.193.232.0/24 maxlen: 24
193.193.230.0/24 maxlen: 24
193.193.231.0/24 maxlen: 24
193.193.235.0/24 maxlen: 24
193.193.236.0/24 maxlen: 24
193.193.234.0/24 maxlen: 24
193.193.240.0/24 maxlen: 24
193.193.239.0/24 maxlen: 24
193.193.237.0/24 maxlen: 24
193.193.238.0/24 maxlen: 24
193.193.245.0/24 maxlen: 24
193.193.246.0/24 maxlen: 24
193.193.244.0/24 maxlen: 24
193.193.242.0/24 maxlen: 24
193.193.243.0/24 maxlen: 24
193.193.241.0/24 maxlen: 24
193.193.249.0/24 maxlen: 24
193.193.250.0/24 maxlen: 24
193.193.247.0/24 maxlen: 24
193.193.248.0/24 maxlen: 24
193.193.251.0/24 maxlen: 24
193.193.252.0/23 maxlen: 23
193.193.254.0/24 maxlen: 24
193.193.255.0/24 maxlen: 24
193.193.226.0/24 maxlen: 24
193.193.225.0/24 maxlen: 24
193.193.224.0/24 maxlen: 24
213.157.35.0/24 maxlen: 24
213.157.36.0/24 maxlen: 24
213.157.33.0/24 maxlen: 24
213.157.34.0/24 maxlen: 24
213.157.32.0/24 maxlen: 24
213.157.37.0/24 maxlen: 24
213.157.38.0/24 maxlen: 24
213.157.42.0/24 maxlen: 24
213.157.43.0/24 maxlen: 24
213.157.40.0/24 maxlen: 24
213.157.41.0/24 maxlen: 24
213.157.39.0/24 maxlen: 24
213.157.44.0/24 maxlen: 24
213.157.49.0/24 maxlen: 24
213.157.50.0/24 maxlen: 24
213.157.47.0/24 maxlen: 24
213.157.48.0/24 maxlen: 24
213.157.46.0/24 maxlen: 24
213.157.45.0/24 maxlen: 24
213.157.51.0/24 maxlen: 24
213.157.58.0/23 maxlen: 23
213.157.56.0/24 maxlen: 24
213.157.54.0/23 maxlen: 23
213.157.57.0/24 maxlen: 24
213.157.53.0/24 maxlen: 24
213.157.52.0/24 maxlen: 24
213.157.63.0/24 maxlen: 24
213.157.61.0/24 maxlen: 24
213.157.62.0/24 maxlen: 24
213.157.60.0/24 maxlen: 24
91.203.22.0/24 maxlen: 24
91.203.20.0/24 maxlen: 24
91.203.21.0/24 maxlen: 24
185.217.16.0/24 maxlen: 24
185.217.17.0/24 maxlen: 24
185.217.19.0/24 maxlen: 24
185.217.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:90:df:bc:a5:74:f9:6a:e4:55:02:9b:62:fc:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6525d8b7f19e2fb75cb7f95789d9118f6b1b9705
Validity
Not Before: Jan 2 06:32:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc065a394a4c9ea205740865cf7c1571ab3c4189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:59:25:c7:35:46:aa:5e:10:df:67:d3:7a:8b:
0b:c7:26:16:e3:e1:92:a9:c8:f7:ca:1f:30:fe:26:
87:cd:4a:09:f8:77:ce:8d:1d:3f:52:88:ac:85:6f:
bc:2b:8d:46:bc:68:02:d5:ee:3b:7f:03:15:5a:41:
43:e9:81:00:ab:5f:1e:51:92:87:e5:04:a1:a2:73:
28:18:ab:d2:a0:9f:f6:de:3a:06:22:8b:ab:1f:5f:
47:10:36:45:b7:bf:70:9a:1b:ec:c8:d2:d7:71:9b:
73:5d:f2:22:72:12:2a:2a:fd:b6:19:30:95:bf:e7:
23:81:c6:9e:d9:bd:24:fe:1f:34:ad:2d:14:c4:7a:
ec:cc:12:13:a5:34:c3:bc:83:16:44:a8:a0:2b:21:
56:f1:84:e5:aa:5c:8f:f1:37:d5:1e:e8:8d:ea:cb:
b2:5c:41:1c:38:fa:a5:07:75:7b:ef:f6:e2:d6:9b:
4b:e3:13:fd:34:e7:c1:9b:71:bf:13:1b:b5:b0:47:
d1:5a:d4:9e:23:3f:16:06:61:70:f3:fb:99:64:8e:
c9:21:e9:5d:ac:7b:45:d8:c9:9d:d9:a3:20:e8:ef:
5d:86:9c:86:e1:23:89:29:e2:87:92:b7:95:63:d1:
4b:e9:dd:72:d3:fa:b0:a0:c7:9e:90:7a:99:85:31:
c5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:06:5A:39:4A:4C:9E:A2:05:74:08:65:CF:7C:15:71:AB:3C:41:89
X509v3 Authority Key Identifier:
keyid:65:25:D8:B7:F1:9E:2F:B7:5C:B7:F9:57:89:D9:11:8F:6B:1B:97:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/_AZaOUpMnqIFdAhlz3wVcas8QYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.20.0-91.203.22.255
149.154.190.0/23
185.217.16.0/22
193.193.224.0/19
213.157.32.0/19
Signature Algorithm: sha256WithRSAEncryption
05:b2:d1:49:1e:3e:31:02:b2:39:af:5a:db:ac:98:40:62:2d:
aa:d6:9c:80:05:4c:5f:90:92:dd:13:d5:cf:0a:cb:8d:2e:ea:
f5:eb:5d:b0:ec:db:6c:62:2e:bf:b9:59:6a:5d:e9:1d:3b:ad:
27:a4:15:4e:b8:c1:7f:1c:b9:f9:74:18:dd:96:79:34:32:a2:
ed:fa:76:88:75:f0:cc:e2:74:f7:28:86:a5:6d:ed:4e:a7:60:
18:03:6f:d4:cf:8a:b6:dc:85:4d:a7:9c:d5:3d:f4:4f:0b:4a:
58:9c:d1:b0:48:eb:3a:44:9e:86:2e:0d:c3:1a:56:4a:1f:50:
6f:8b:60:86:11:1f:ea:76:34:8e:4c:3f:de:9b:dd:05:9e:34:
f6:21:1d:d6:ad:bc:9e:0b:1a:41:d6:e1:3f:8f:c0:6a:fd:1d:
76:5d:23:91:39:3e:ca:56:80:3e:31:11:87:b2:95:02:9e:62:
72:e3:dc:71:e3:bf:12:bc:c5:0a:08:b6:28:88:99:bc:31:8d:
23:24:bd:fe:7e:7a:af:8d:0a:88:79:fb:61:4f:4c:bd:5c:07:
12:e8:21:84:5b:b3:c3:6d:39:9e:43:e2:bc:81:00:c4:fe:dc:
87:0f:71:7d:5c:f7:bc:e1:9c:cf:55:83:21:29:8f:17:70:09:
fc:13:52:33
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzI35DfvKV0+WrkVQKbYvx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjVkOGI3ZjE5ZTJmYjc1Y2I3Zjk1Nzg5ZDkxMThmNmIx
Yjk3MDUwHhcNMjQwMTAyMDYzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzA2NWEzOTRhNGM5ZWEyMDU3NDA4NjVjZjdjMTU3MWFiM2M0MTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1klxzVGql4Q32fTeosLxyYW4+GS
qcj3yh8w/iaHzUoJ+HfOjR0/UoishW+8K41GvGgC1e47fwMVWkFD6YEAq18eUZKH
5QShonMoGKvSoJ/23joGIourH19HEDZFt79wmhvsyNLXcZtzXfIichIqKv22GTCV
v+cjgcae2b0k/h80rS0UxHrszBITpTTDvIMWRKigKyFW8YTlqlyP8TfVHuiN6suy
XEEcOPqlB3V77/bi1ptL4xP9NOfBm3G/Exu1sEfRWtSeIz8WBmFw8/uZZI7JIeld
rHtF2Mmd2aMg6O9dhpyG4SOJKeKHkreVY9FL6d1y0/qwoMeekHqZhTHFRQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPwGWjlKTJ6iBXQIZc98FXGrPEGJMB8GA1UdIwQY
MBaAFGUl2Lfxni+3XLf5V4nZEY9rG5cFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNYWXRfR2VMN2RjdF9sWGlka1JqMnNibHdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9jYWEzODUtYjJhNS00MzIzLWFkYzUt
NDY2MDNkZTgwNWVjLzEvX0FaYU9VcE1ucUlGZEFobHozd1ZjYXM4UVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9jYWEzODUtYjJhNS00MzIzLWFkYzUtNDY2MDNkZTgwNWVj
LzEvWlNYWXRfR2VMN2RjdF9sWGlka1JqMnNibHdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAJbyxQD
BABbyxYDBAGVmr4DBAK52RADBAXBweADBAXVnSAwDQYJKoZIhvcNAQELBQADggEB
AAWy0UkePjECsjmvWtusmEBiLarWnIAFTF+Qkt0T1c8Ky40u6vXrXbDs22xiLr+5
WWpd6R07rSekFU64wX8cufl0GN2WeTQyou36doh18MzidPcohqVt7U6nYBgDb9TP
irbchU2nnNU99E8LSlic0bBI6zpEnoYuDcMaVkofUG+LYIYRH+p2NI5MP96b3QWe
NPYhHdatvJ4LGkHW4T+PwGr9HXZdI5E5PspWgD4xEYeylQKeYnLj3HHjvxK8xQoI
tiiImbwxjSMkvf5+eq+NCoh5+2FPTL1cBxLoIYRbs8NtOZ5D4ryBAMT+3IcPcX1c
97zhnM9VgyEpjxdwCfwTUjM=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:03:24 2024 by rpki-client on console-ams.rpki-client.org