Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/zdzJ-AuOwp-RyJMt-4eax70vFSs.roa
File: zdzJ-AuOwp-RyJMt-4eax70vFSs.roa (raw, json)
Hash identifier: YmcbCWKHPT0vFEHsw7Qdbx+qPuE7gbFzfL2xkNhAOII=
Subject key identifier: CD:DC:C9:F8:0B:8E:C2:9F:91:C8:93:2D:FB:87:9A:C7:BD:2F:15:2B
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 018DEFF70F902A3C5575F65EEAC2DC41903C
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/zdzJ-AuOwp-RyJMt-4eax70vFSs.roa
Signing time: Wed 28 Feb 2024 13:46:02 +0000
ROA not before: Wed 28 Feb 2024 13:46:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8851
IP address blocks: 91.84.0.0/18 maxlen: 18
91.84.96.0/19 maxlen: 19
91.84.128.0/17 maxlen: 17
91.85.0.0/17 maxlen: 17
91.85.128.0/19 maxlen: 19
91.85.192.0/18 maxlen: 18
194.46.36.0/24 maxlen: 24
194.46.37.0/24 maxlen: 24
194.46.39.0/24 maxlen: 24
194.46.40.0/24 maxlen: 24
194.46.41.0/24 maxlen: 24
194.46.43.0/24 maxlen: 24
194.46.44.0/24 maxlen: 24
194.46.45.0/24 maxlen: 24
194.46.46.0/24 maxlen: 24
194.46.48.0/21 maxlen: 21
194.46.56.0/24 maxlen: 24
194.46.61.0/24 maxlen: 24
194.46.64.0/22 maxlen: 22
194.46.68.0/23 maxlen: 23
194.46.72.0/22 maxlen: 22
194.46.76.0/23 maxlen: 23
194.46.78.0/24 maxlen: 24
194.46.80.0/23 maxlen: 23
194.46.81.0/24 maxlen: 24
194.46.82.0/24 maxlen: 24
212.104.129.0/24 maxlen: 24
212.104.130.0/24 maxlen: 24
212.104.132.0/24 maxlen: 24
212.104.136.0/24 maxlen: 24
212.104.143.0/24 maxlen: 24
212.104.149.0/24 maxlen: 24
212.104.150.0/24 maxlen: 24
212.104.152.0/24 maxlen: 24
212.104.155.0/24 maxlen: 24
212.104.156.0/24 maxlen: 24
212.104.159.0/24 maxlen: 24
212.108.80.0/23 maxlen: 23
212.108.84.0/24 maxlen: 24
212.108.88.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:f7:0f:90:2a:3c:55:75:f6:5e:ea:c2:dc:41:90:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Feb 28 13:46:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cddcc9f80b8ec29f91c8932dfb879ac7bd2f152b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a2:99:df:7b:75:31:ef:d7:39:e0:78:2e:8c:
3b:4a:a2:4c:11:f6:f5:7f:20:70:bf:6c:8d:40:1d:
20:ba:84:b6:ea:54:34:35:e2:56:c9:06:ee:9d:b0:
bf:2f:84:9a:04:45:51:a2:34:d0:f2:ea:9a:bb:f8:
84:46:52:b9:70:e6:c5:39:2c:bd:47:1c:cc:64:ef:
fe:88:ae:bc:60:26:f4:03:a7:1c:e5:6f:e8:17:25:
67:7c:52:00:c1:95:f6:b3:93:3b:0f:df:b0:f9:ec:
87:5b:9f:57:20:64:51:9f:6b:bc:70:24:4a:e3:08:
d4:e1:47:c4:24:0a:f6:76:c3:43:e0:aa:22:65:aa:
2b:81:2e:db:af:8b:53:8b:6d:b3:19:56:bd:63:8f:
c6:0a:5b:1b:53:c8:1f:0c:29:b8:72:24:e9:d7:72:
01:69:80:da:b7:93:55:79:f8:58:76:b6:c2:6c:7a:
8b:a7:31:66:b5:b9:fe:48:f3:c4:bc:6c:20:ce:84:
18:d3:75:c8:af:d8:66:a4:c3:47:d8:be:ec:94:f4:
d7:10:04:d5:c6:a9:62:f4:b7:9c:e5:96:d3:b3:0d:
f7:9b:4c:dd:cf:27:b1:83:a2:17:e9:cb:59:f2:a2:
92:ba:0d:5e:34:c0:80:93:8b:2f:54:83:d3:e6:29:
19:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DC:C9:F8:0B:8E:C2:9F:91:C8:93:2D:FB:87:9A:C7:BD:2F:15:2B
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/zdzJ-AuOwp-RyJMt-4eax70vFSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.84.0.0/18
91.84.96.0-91.85.159.255
91.85.192.0/18
194.46.36.0/23
194.46.39.0-194.46.41.255
194.46.43.0-194.46.46.255
194.46.48.0-194.46.56.255
194.46.61.0/24
194.46.64.0-194.46.69.255
194.46.72.0-194.46.78.255
194.46.80.0-194.46.82.255
212.104.129.0-212.104.130.255
212.104.132.0/24
212.104.136.0/24
212.104.143.0/24
212.104.149.0-212.104.150.255
212.104.152.0/24
212.104.155.0-212.104.156.255
212.104.159.0/24
212.108.80.0/23
212.108.84.0/24
212.108.88.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:b9:4c:ba:8b:cb:82:47:fc:ca:12:09:19:76:cb:26:6d:4d:
1a:05:de:7d:57:4f:67:c7:12:b7:55:0a:67:42:11:a1:61:19:
e2:28:0b:70:b3:ac:24:0e:1d:a8:95:1b:ee:7c:58:5c:16:f2:
dd:57:b7:e9:23:e2:84:35:a0:12:38:1a:fe:37:ab:5f:16:c6:
8b:e2:1a:fd:be:83:74:69:16:4b:c7:66:ca:11:c7:76:a3:d1:
cf:95:40:ed:95:0f:72:01:79:68:43:5c:a1:1a:19:f6:7c:9b:
8d:2b:f7:5e:c2:b9:2b:b8:f7:40:a4:24:00:32:01:a6:0e:57:
78:81:fc:ec:64:b7:29:07:00:d6:52:dc:6c:5b:88:65:fe:ac:
7d:a1:db:a3:52:e9:5d:35:0d:62:99:4b:11:a6:21:2f:29:01:
a5:74:b2:42:09:aa:cb:0e:0c:38:12:8c:47:92:fd:24:97:ca:
bc:2e:5f:12:ca:70:f5:6d:55:77:75:df:7a:6f:b3:ba:30:e9:
9f:19:df:7d:58:32:55:83:9e:d1:47:a0:60:bf:43:4b:4c:01:
0f:aa:9a:2e:96:c4:fb:b1:0f:29:cf:61:96:1a:64:8b:d1:bb:
03:ab:85:4a:c1:bf:53:83:8c:25:90:49:c0:49:77:7c:27:ed:
29:b0:2e:b0
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAY3v9w+QKjxVdfZe6sLcQZA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjQwMjI4MTM0NjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGRjYzlmODBiOGVjMjlmOTFjODkzMmRmYjg3OWFjN2JkMmYxNTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqKZ33t1Me/XOeB4Low7SqJMEfb1
fyBwv2yNQB0guoS26lQ0NeJWyQbunbC/L4SaBEVRojTQ8uqau/iERlK5cObFOSy9
RxzMZO/+iK68YCb0A6cc5W/oFyVnfFIAwZX2s5M7D9+w+eyHW59XIGRRn2u8cCRK
4wjU4UfEJAr2dsND4KoiZaorgS7br4tTi22zGVa9Y4/GClsbU8gfDCm4ciTp13IB
aYDat5NVefhYdrbCbHqLpzFmtbn+SPPEvGwgzoQY03XIr9hmpMNH2L7slPTXEATV
xqli9Lec5ZbTsw33m0zdzyexg6IX6ctZ8qKSug1eNMCAk4svVIPT5ikZ3wIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFM3cyfgLjsKfkciTLfuHmse9LxUrMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvemR6Si1BdU93cC1SeUpNdC00ZWF4NzB2RlNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBAZb
VAAwDAMEBVtUYAMEBVtVgAMEBltVwAMEAcIuJDAMAwQAwi4nAwQBwi4oMAwDBADC
LisDBADCLi4wDAMEBMIuMAMEAMIuOAMEAMIuPTAMAwQGwi5AAwQBwi5EMAwDBAPC
LkgDBADCLk4wDAMEBMIuUAMEAMIuUjAMAwQA1GiBAwQA1GiCAwQA1GiEAwQA1GiI
AwQA1GiPMAwDBADUaJUDBADUaJYDBADUaJgwDAMEANRomwMEANRonAMEANRonwME
AdRsUAMEANRsVAMEAdRsWDANBgkqhkiG9w0BAQsFAAOCAQEADblMuovLgkf8yhIJ
GXbLJm1NGgXefVdPZ8cSt1UKZ0IRoWEZ4igLcLOsJA4dqJUb7nxYXBby3Ve36SPi
hDWgEjga/jerXxbGi+Ia/b6DdGkWS8dmyhHHdqPRz5VA7ZUPcgF5aENcoRoZ9nyb
jSv3XsK5K7j3QKQkADIBpg5XeIH87GS3KQcA1lLcbFuIZf6sfaHbo1LpXTUNYplL
EaYhLykBpXSyQgmqyw4MOBKMR5L9JJfKvC5fEspw9W1Vd3Xfem+zujDpnxnffVgy
VYOe0UegYL9DS0wBD6qaLpbE+7EPKc9hlhpki9G7A6uFSsG/U4OMJZBJwEl3fCft
KbAusA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:02:15 2024 by rpki-client on console-fra.rpki-client.org