Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/ZRHlVUpxIHApVf8x84eFnA-eCGU.roa
File: ZRHlVUpxIHApVf8x84eFnA-eCGU.roa (raw, json)
Hash identifier: AZpnDYfn//tMSVgCK5haFMvQAT9kPcrL/OrntI7TkNo=
Subject key identifier: 65:11:E5:55:4A:71:20:70:29:55:FF:31:F3:87:85:9C:0F:9E:08:65
Certificate issuer: /CN=ea827b9556d540da536b8046c65ff95b06ee4963
Certificate serial: 018CC6B77C0FC2E761B5D43A13DAEB41CDF7
Authority key identifier: EA:82:7B:95:56:D5:40:DA:53:6B:80:46:C6:5F:F9:5B:06:EE:49:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/ZRHlVUpxIHApVf8x84eFnA-eCGU.roa
Signing time: Mon 01 Jan 2024 20:29:22 +0000
ROA not before: Mon 01 Jan 2024 20:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8523
IP address blocks: 164.40.176.0/21 maxlen: 21
80.76.144.0/20 maxlen: 20
2a00:1d28::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 01:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:7c:0f:c2:e7:61:b5:d4:3a:13:da:eb:41:cd:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea827b9556d540da536b8046c65ff95b06ee4963
Validity
Not Before: Jan 1 20:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6511e5554a7120702955ff31f387859c0f9e0865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2b:f4:39:23:12:30:c2:0b:be:e7:b7:49:e2:
2f:45:e9:62:77:b9:15:c5:e0:90:0b:c1:7b:02:29:
4b:43:cb:e1:90:b5:49:6f:4d:ab:ab:a2:bd:55:75:
c5:5b:6c:6c:db:83:29:50:23:b4:2a:eb:ae:18:26:
68:74:7d:67:61:2f:f4:bd:c0:3e:4b:60:10:4e:b8:
d4:2e:d6:5e:c5:e7:61:3a:05:59:02:63:fc:f2:a3:
20:05:1c:f3:aa:43:ac:22:be:4d:33:3e:eb:1b:43:
5c:c6:6f:01:d1:33:04:bb:7c:ff:e4:84:0f:92:c5:
bc:bf:d4:fe:83:93:28:d0:1d:d9:41:0f:4c:c4:29:
d8:a6:bc:6b:ae:5f:cc:15:55:00:d6:27:fb:ac:0a:
d6:20:eb:36:61:e2:6e:02:76:33:1e:71:13:39:03:
6a:f7:0d:c4:be:7a:29:59:ea:00:8b:ff:d0:f4:d5:
19:5b:d8:38:0c:c0:65:50:76:7a:d6:03:00:06:10:
2e:45:81:55:89:29:34:5c:bc:5d:7e:4c:9f:09:27:
0c:5c:74:05:30:bf:10:84:41:db:58:a7:1e:fe:25:
3e:55:02:5f:a2:7d:73:81:cc:b2:94:14:79:c4:2c:
08:1e:3c:49:dc:f9:98:53:a7:a6:f1:94:f6:0a:e5:
5a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:11:E5:55:4A:71:20:70:29:55:FF:31:F3:87:85:9C:0F:9E:08:65
X509v3 Authority Key Identifier:
keyid:EA:82:7B:95:56:D5:40:DA:53:6B:80:46:C6:5F:F9:5B:06:EE:49:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/ZRHlVUpxIHApVf8x84eFnA-eCGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4012a4-3d58-4dd0-80b4-be317b531c2e/1/6oJ7lVbVQNpTa4BGxl_5WwbuSWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.144.0/20
164.40.176.0/21
IPv6:
2a00:1d28::/32
Signature Algorithm: sha256WithRSAEncryption
93:dc:69:b0:1c:19:1b:aa:a3:f9:ed:cc:a4:18:c7:1a:b5:72:
b2:5d:97:9e:14:a2:39:ca:2f:c1:42:0a:db:39:64:fe:73:6f:
01:73:d5:2b:7f:c5:7e:a8:a5:a7:56:42:4e:b0:0c:fe:a5:ba:
59:ba:ee:2c:ed:e0:7b:4e:15:97:61:9d:6e:6c:2e:55:6e:0f:
c6:3d:9a:4e:de:b7:00:35:3c:d7:7d:c2:19:5a:3c:22:b3:5e:
5a:8e:a1:72:c8:9c:8d:df:67:b0:b8:4a:f3:28:ee:4c:c9:18:
f6:89:4e:97:55:3b:65:ee:8d:ee:8e:8f:15:2a:76:5d:01:be:
31:fe:ca:09:63:2f:2c:f5:83:5b:a0:db:c3:97:bb:e9:c8:38:
a4:66:e7:fa:75:a3:b5:fd:91:9a:87:7b:01:54:2f:c5:26:a5:
7f:19:db:b4:e4:ff:00:ab:de:d5:e5:88:79:27:31:91:06:d5:
7b:6e:4b:91:1a:ef:7c:d6:6c:9f:7b:6f:31:a8:25:df:aa:92:
53:06:66:cf:ec:23:d6:67:75:02:c2:c8:5a:9b:5c:6b:11:ed:
29:d4:64:17:17:f8:1f:d1:16:c4:4a:4f:c4:5a:92:47:f6:47:
a2:57:2e:11:18:5f:1f:fb:f5:e4:61:b3:ea:54:b8:a2:96:dd:
6a:23:d8:b2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGt3wPwudhtdQ6E9rrQc33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhODI3Yjk1NTZkNTQwZGE1MzZiODA0NmM2NWZmOTViMDZl
ZTQ5NjMwHhcNMjQwMTAxMjAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTExZTU1NTRhNzEyMDcwMjk1NWZmMzFmMzg3ODU5YzBmOWUwODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziv0OSMSMMILvue3SeIvRelid7kV
xeCQC8F7AilLQ8vhkLVJb02rq6K9VXXFW2xs24MpUCO0KuuuGCZodH1nYS/0vcA+
S2AQTrjULtZexedhOgVZAmP88qMgBRzzqkOsIr5NMz7rG0Ncxm8B0TMEu3z/5IQP
ksW8v9T+g5Mo0B3ZQQ9MxCnYprxrrl/MFVUA1if7rArWIOs2YeJuAnYzHnETOQNq
9w3EvnopWeoAi//Q9NUZW9g4DMBlUHZ61gMABhAuRYFViSk0XLxdfkyfCScMXHQF
ML8QhEHbWKce/iU+VQJfon1zgcyylBR5xCwIHjxJ3PmYU6em8ZT2CuVa9wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGUR5VVKcSBwKVX/MfOHhZwPnghlMB8GA1UdIwQY
MBaAFOqCe5VW1UDaU2uARsZf+VsG7kljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNm9KN2xWYlZRTnBUYTRCR3hsXzVXd2J1U1dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80MDEyYTQtM2Q1OC00ZGQwLTgwYjQt
YmUzMTdiNTMxYzJlLzEvWlJIbFZVcHhJSEFwVmY4eDg0ZUZuQS1lQ0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80MDEyYTQtM2Q1OC00ZGQwLTgwYjQtYmUzMTdiNTMxYzJl
LzEvNm9KN2xWYlZRTnBUYTRCR3hsXzVXd2J1U1dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUEyQAwQD
pCiwMA0EAgACMAcDBQAqAB0oMA0GCSqGSIb3DQEBCwUAA4IBAQCT3GmwHBkbqqP5
7cykGMcatXKyXZeeFKI5yi/BQgrbOWT+c28Bc9Urf8V+qKWnVkJOsAz+pbpZuu4s
7eB7ThWXYZ1ubC5Vbg/GPZpO3rcANTzXfcIZWjwis15ajqFyyJyN32ewuErzKO5M
yRj2iU6XVTtl7o3ujo8VKnZdAb4x/soJYy8s9YNboNvDl7vpyDikZuf6daO1/ZGa
h3sBVC/FJqV/Gdu05P8Aq97V5Yh5JzGRBtV7bkuRGu981myfe28xqCXfqpJTBmbP
7CPWZ3UCwsham1xrEe0p1GQXF/gf0RbESk/EWpJH9keiVy4RGF8f+/XkYbPqVLii
lt1qI9iy
-----END CERTIFICATE-----
Generated at Mon Jun 17 09:34:59 2024 by rpki-client on console-ams.rpki-client.org