Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/Z7rjvUdDPyQxmD5rc_4zpycdX0s.roa
File: Z7rjvUdDPyQxmD5rc_4zpycdX0s.roa (raw, json)
Hash identifier: KPq3vD4QkM1okXJp010dlrBbqVt3ASU0h7sU2Kyz4iY=
Subject key identifier: 67:BA:E3:BD:47:43:3F:24:31:98:3E:6B:73:FE:33:A7:27:1D:5F:4B
Certificate issuer: /CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Certificate serial: 018CC42549C7C6BBF99A6F664E0379CCFA43
Authority key identifier: 70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/Z7rjvUdDPyQxmD5rc_4zpycdX0s.roa
Signing time: Mon 01 Jan 2024 08:30:27 +0000
ROA not before: Mon 01 Jan 2024 08:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33951
IP address blocks: 193.239.206.0/23 maxlen: 23
95.175.0.0/19 maxlen: 19
194.63.132.0/22 maxlen: 22
91.193.96.0/22 maxlen: 22
217.11.135.0/24 maxlen: 24
2a04:1200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.mft
rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:49:c7:c6:bb:f9:9a:6f:66:4e:03:79:cc:fa:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Validity
Not Before: Jan 1 08:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67bae3bd47433f2431983e6b73fe33a7271d5f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:48:13:6c:56:33:b0:88:db:9a:60:d9:b6:ff:
7e:4c:4c:51:9a:4c:fa:9e:fc:a5:29:30:c7:54:ce:
a2:6c:ec:1c:c1:bb:0d:b0:ca:aa:25:c4:c8:eb:1a:
5c:5b:24:5e:62:4d:88:6a:1b:96:8b:ad:f8:38:d4:
52:5c:9f:2b:44:4b:a4:d0:e5:8c:e7:b9:54:2e:20:
eb:83:db:af:45:ee:7c:0c:e9:de:7d:91:58:ef:a6:
95:3a:4b:64:67:5e:03:97:15:e5:57:5e:08:9f:16:
3a:20:1d:9e:aa:a8:e5:b1:98:f6:43:ce:91:00:cb:
6c:5d:4b:c3:dc:16:2c:ad:b9:54:e2:2f:66:1b:8c:
9a:69:56:97:71:0f:ad:50:ec:35:ff:76:cb:f4:38:
d3:49:4f:97:d0:75:28:c6:b6:20:16:f7:69:79:0d:
66:f7:54:2e:f6:5a:3b:47:3b:ab:db:48:c6:34:81:
8c:d0:6d:28:be:0f:24:a7:af:e4:d0:fd:2f:bf:92:
f5:e1:be:bd:2a:c4:e9:20:d6:27:c4:46:1c:c4:f1:
60:d2:d1:15:bf:fa:d7:d0:36:9d:4f:e6:d6:04:e8:
a6:d6:69:66:fa:14:77:f8:d1:56:41:4b:64:4a:c8:
0b:fe:a1:fe:aa:ea:56:f8:c3:aa:a4:58:88:0b:3e:
cc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:BA:E3:BD:47:43:3F:24:31:98:3E:6B:73:FE:33:A7:27:1D:5F:4B
X509v3 Authority Key Identifier:
keyid:70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/Z7rjvUdDPyQxmD5rc_4zpycdX0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.96.0/22
95.175.0.0/19
193.239.206.0/23
194.63.132.0/22
217.11.135.0/24
IPv6:
2a04:1200::/29
Signature Algorithm: sha256WithRSAEncryption
86:b4:ae:82:c2:56:8b:a0:b1:77:ae:48:bd:42:75:ba:33:8d:
5b:d2:a4:0a:cb:e0:2f:df:b9:47:86:2e:98:ac:ca:f5:a5:8e:
b0:ed:6d:1d:ec:2e:81:af:93:f2:58:8a:93:ea:5d:f6:f0:23:
db:8d:a8:be:6e:f9:c2:9d:62:d5:c8:a6:f2:43:e4:a1:68:0d:
84:ba:6f:e2:72:5c:90:90:c9:37:a5:7f:98:73:fd:eb:8e:1d:
70:73:57:d5:b5:fe:e1:54:63:29:6c:e1:b4:61:4f:ab:3f:45:
d1:de:a6:11:f1:ce:ba:5f:ec:ea:e6:f6:af:67:2d:2f:fa:d0:
3e:7f:70:ea:b5:21:b3:24:a9:f6:75:16:e8:37:69:9e:95:ca:
1f:1d:fd:f4:5a:c1:00:e0:a3:43:30:54:74:97:23:c3:0e:8d:
51:84:ae:8f:32:85:bd:a3:b1:d1:4d:2e:70:f8:a8:81:de:7d:
44:05:3e:c3:14:41:05:0b:0c:cc:e3:86:d5:e3:4e:5f:34:42:
b4:1e:09:34:eb:fe:37:3f:53:9e:4d:b2:24:52:bf:c5:29:5d:
35:4e:02:82:1a:b3:c5:c2:28:72:b4:25:0d:00:40:72:23:f3:
3e:f7:4f:33:8c:10:d8:4e:46:9c:bb:f9:77:c6:34:c2:b1:d4:
4b:5f:28:dd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzEJUnHxrv5mm9mTgN5zPpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGExMjMxZDFjMjdhNzU0ZTQ2ZWYxMGU5MmE3MzBhZTE1
ZDBmNTUwHhcNMjQwMTAxMDgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2JhZTNiZDQ3NDMzZjI0MzE5ODNlNmI3M2ZlMzNhNzI3MWQ1ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0gTbFYzsIjbmmDZtv9+TExRmkz6
nvylKTDHVM6ibOwcwbsNsMqqJcTI6xpcWyReYk2IahuWi634ONRSXJ8rREuk0OWM
57lULiDrg9uvRe58DOnefZFY76aVOktkZ14DlxXlV14InxY6IB2eqqjlsZj2Q86R
AMtsXUvD3BYsrblU4i9mG4yaaVaXcQ+tUOw1/3bL9DjTSU+X0HUoxrYgFvdpeQ1m
91Qu9lo7Rzur20jGNIGM0G0ovg8kp6/k0P0vv5L14b69KsTpINYnxEYcxPFg0tEV
v/rX0DadT+bWBOim1mlm+hR3+NFWQUtkSsgL/qH+qupW+MOqpFiICz7MjQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGe6471HQz8kMZg+a3P+M6cnHV9LMB8GA1UdIwQY
MBaAFHAKEjHRwnp1TkbvEOkqcwrhXQ9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgt
YWI3OWEzNzg5ZjhmLzEvWjdyanZVZERQeVF4bUQ1cmNfNHpweWNkWDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgtYWI3OWEzNzg5Zjhm
LzEvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCW8FgAwQF
X68AAwQBwe/OAwQCwj+EAwQA2QuHMA0EAgACMAcDBQMqBBIAMA0GCSqGSIb3DQEB
CwUAA4IBAQCGtK6CwlaLoLF3rki9QnW6M41b0qQKy+Av37lHhi6YrMr1pY6w7W0d
7C6Br5PyWIqT6l328CPbjai+bvnCnWLVyKbyQ+ShaA2Eum/iclyQkMk3pX+Yc/3r
jh1wc1fVtf7hVGMpbOG0YU+rP0XR3qYR8c66X+zq5vavZy0v+tA+f3DqtSGzJKn2
dRboN2melcofHf30WsEA4KNDMFR0lyPDDo1RhK6PMoW9o7HRTS5w+KiB3n1EBT7D
FEEFCwzM44bV405fNEK0Hgk06/43P1OeTbIkUr/FKV01TgKCGrPFwihytCUNAEBy
I/M+908zjBDYTkacu/l3xjTCsdRLXyjd
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:13:13 2024 by rpki-client on console-fra.rpki-client.org