Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/ZV6fQ7Ma8_14KNqh-doSvMYt4hQ.roa
File: ZV6fQ7Ma8_14KNqh-doSvMYt4hQ.roa (raw, json)
Hash identifier: JkiTA3/P+AN+Gc7PlEOaNf3yJs69Xa2Y5d3GGXXFVG8=
Subject key identifier: 65:5E:9F:43:B3:1A:F3:FD:78:28:DA:A1:F9:DA:12:BC:C6:2D:E2:14
Certificate issuer: /CN=4ecd75a5109e2c106e1193d57ee2b999fec27fe0
Certificate serial: 018F53B70DE8E807246FC137DAB212B108C8
Authority key identifier: 4E:CD:75:A5:10:9E:2C:10:6E:11:93:D5:7E:E2:B9:99:FE:C2:7F:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/ZV6fQ7Ma8_14KNqh-doSvMYt4hQ.roa
Signing time: Tue 07 May 2024 15:40:56 +0000
ROA not before: Tue 07 May 2024 15:40:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215675
IP address blocks: 45.129.164.0/24 maxlen: 24
185.190.249.0/24 maxlen: 24
2a07:ddc0::/48 maxlen: 48
2a07:ddc0:1::/48 maxlen: 48
2a07:ddc0:2::/48 maxlen: 48
2a07:ddc0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:b7:0d:e8:e8:07:24:6f:c1:37:da:b2:12:b1:08:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecd75a5109e2c106e1193d57ee2b999fec27fe0
Validity
Not Before: May 7 15:40:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=655e9f43b31af3fd7828daa1f9da12bcc62de214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8e:26:5b:71:e6:77:d3:63:ab:a4:6f:14:54:
28:00:c9:06:ec:85:73:23:3d:ee:5a:73:0b:11:fd:
21:ee:fd:e1:0b:84:14:67:39:7d:e7:8e:20:33:53:
ef:dc:9c:64:2b:ff:e9:51:c4:73:a3:28:b1:18:89:
a5:97:66:f3:2a:6d:10:9f:18:31:b4:8a:74:fe:05:
60:66:e5:7b:7a:ea:01:15:a5:22:86:f3:89:1d:a6:
4c:fc:48:7c:a9:56:13:75:43:15:8e:33:09:e3:97:
6c:b2:62:7a:50:28:c7:a3:37:03:95:b4:a2:fb:00:
fe:e8:cd:75:50:d5:9b:3a:df:b3:4a:ed:fa:3b:90:
e3:7e:92:2c:cb:e4:52:6e:77:35:b2:66:7e:05:c2:
ad:2d:0b:5d:84:97:e8:97:3b:93:58:55:3b:19:f3:
11:37:77:4e:20:ca:0a:0d:ef:27:70:b0:dd:45:7c:
31:6d:5c:b8:63:1e:4f:39:2c:6f:36:49:ca:9e:a2:
06:7c:aa:1b:eb:17:2a:15:85:63:ad:7d:48:ee:6c:
79:bd:15:6f:dd:b5:b2:55:95:07:b7:8f:96:0f:17:
12:93:46:a5:e6:a8:64:b8:d6:56:51:2e:9e:c5:4b:
1e:04:3d:41:a0:20:64:7b:ed:59:9f:9a:86:97:af:
87:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:5E:9F:43:B3:1A:F3:FD:78:28:DA:A1:F9:DA:12:BC:C6:2D:E2:14
X509v3 Authority Key Identifier:
keyid:4E:CD:75:A5:10:9E:2C:10:6E:11:93:D5:7E:E2:B9:99:FE:C2:7F:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/ZV6fQ7Ma8_14KNqh-doSvMYt4hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.164.0/24
185.190.249.0/24
IPv6:
2a07:ddc0::/46
Signature Algorithm: sha256WithRSAEncryption
44:19:29:85:10:53:d9:da:e3:a9:55:ac:90:73:68:15:21:03:
6d:63:cd:8c:64:90:5a:58:c3:ec:37:71:d9:ae:20:e9:d0:08:
ba:38:de:2a:ac:6f:2e:92:1b:8b:67:97:cd:99:b6:b5:d3:be:
c0:28:bc:82:01:94:74:4e:41:56:a0:47:d9:c4:fc:24:5b:cc:
b2:c2:0d:69:44:3f:40:c9:ec:be:1e:aa:ca:8d:83:43:41:a8:
a0:8e:a1:bc:76:c3:5f:79:79:8d:ef:cd:b6:8d:f4:48:90:14:
c1:a4:4a:b7:f8:96:91:59:c6:6e:78:4c:cb:d5:fa:1e:1c:71:
18:17:69:ef:d8:75:b6:29:75:47:a8:42:b5:08:e6:aa:63:ba:
74:b4:65:ef:79:26:91:fa:d8:ed:33:82:ba:0c:26:a5:74:9d:
5d:89:45:a1:13:bc:84:34:cf:b9:c4:80:16:72:0e:94:81:be:
8a:58:9b:10:a7:16:92:0b:76:dc:fd:6f:93:3b:92:ad:02:95:
0d:a8:5a:3c:b9:68:5f:17:cf:82:88:a8:8a:eb:25:60:ad:11:
c7:ab:03:1d:a6:5f:2e:57:ce:db:43:12:aa:23:5c:05:2d:8a:
8f:62:cd:78:f0:bb:5a:e5:8a:bb:b9:81:52:f1:31:ed:bb:a9:
30:ac:41:e8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY9Ttw3o6Ackb8E32rISsQjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Q3NWE1MTA5ZTJjMTA2ZTExOTNkNTdlZTJiOTk5ZmVj
MjdmZTAwHhcNMjQwNTA3MTU0MDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTVlOWY0M2IzMWFmM2ZkNzgyOGRhYTFmOWRhMTJiY2M2MmRlMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqo4mW3Hmd9Njq6RvFFQoAMkG7IVz
Iz3uWnMLEf0h7v3hC4QUZzl9544gM1Pv3JxkK//pUcRzoyixGImll2bzKm0Qnxgx
tIp0/gVgZuV7euoBFaUihvOJHaZM/Eh8qVYTdUMVjjMJ45dssmJ6UCjHozcDlbSi
+wD+6M11UNWbOt+zSu36O5DjfpIsy+RSbnc1smZ+BcKtLQtdhJfolzuTWFU7GfMR
N3dOIMoKDe8ncLDdRXwxbVy4Yx5POSxvNknKnqIGfKob6xcqFYVjrX1I7mx5vRVv
3bWyVZUHt4+WDxcSk0al5qhkuNZWUS6exUseBD1BoCBke+1Zn5qGl6+HPwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGVen0OzGvP9eCjaofnaErzGLeIUMB8GA1UdIwQY
MBaAFE7NdaUQniwQbhGT1X7iuZn+wn/gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHMxMXBSQ2VMQkJ1RVpQVmZ1SzVtZjdDZi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9kN2JlZWQtZGY5OC00ZWM4LTg3YjYt
NDA3MjU1N2M0N2ZhLzEvWlY2ZlE3TWE4XzE0S05xaC1kb1N2TVl0NGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9kN2JlZWQtZGY5OC00ZWM4LTg3YjYtNDA3MjU1N2M0N2Zh
LzEvVHMxMXBSQ2VMQkJ1RVpQVmZ1SzVtZjdDZi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALYGkAwQA
ub75MA8EAgACMAkDBwIqB93AAAAwDQYJKoZIhvcNAQELBQADggEBAEQZKYUQU9na
46lVrJBzaBUhA21jzYxkkFpYw+w3cdmuIOnQCLo43iqsby6SG4tnl82ZtrXTvsAo
vIIBlHROQVagR9nE/CRbzLLCDWlEP0DJ7L4eqsqNg0NBqKCOobx2w195eY3vzbaN
9EiQFMGkSrf4lpFZxm54TMvV+h4ccRgXae/YdbYpdUeoQrUI5qpjunS0Ze95JpH6
2O0zgroMJqV0nV2JRaETvIQ0z7nEgBZyDpSBvopYmxCnFpILdtz9b5M7kq0ClQ2o
Wjy5aF8Xz4KIqIrrJWCtEcerAx2mXy5XzttDEqojXAUtio9izXjwu1rliru5gVLx
Me27qTCsQeg=
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:10:59 2024 by rpki-client on console-fra.rpki-client.org