Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/zTzpcP9SFebe-jTgSV2xeENc_to.roa
File: zTzpcP9SFebe-jTgSV2xeENc_to.roa (raw, json)
Hash identifier: j+gP7tl+18lB+h4D34OJr1I7ANuQRw+Bu+rnGJHGBrY=
Subject key identifier: CD:3C:E9:70:FF:52:15:E6:DE:FA:34:E0:49:5D:B1:78:43:5C:FE:DA
Certificate issuer: /CN=4568d0a7204560b6356d837bbf1510d9636df63a
Certificate serial: 019125E22B0AF41F42D82B5C6BB9D102BAAE
Authority key identifier: 45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/zTzpcP9SFebe-jTgSV2xeENc_to.roa
Signing time: Tue 06 Aug 2024 04:11:04 +0000
ROA not before: Tue 06 Aug 2024 04:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 37.114.72.0/21 maxlen: 32
78.110.16.0/20 maxlen: 32
80.245.208.0/20 maxlen: 32
95.131.232.0/21 maxlen: 32
185.56.252.0/22 maxlen: 32
195.38.30.0/24 maxlen: 32
217.168.160.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.mft
rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:25:e2:2b:0a:f4:1f:42:d8:2b:5c:6b:b9:d1:02:ba:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4568d0a7204560b6356d837bbf1510d9636df63a
Validity
Not Before: Aug 6 04:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd3ce970ff5215e6defa34e0495db178435cfeda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:29:72:10:d8:bb:66:20:04:77:52:26:50:67:
27:d5:de:a2:0a:41:dd:07:57:7c:e1:5b:36:e9:f3:
c2:3c:15:89:87:f0:bd:39:ce:6e:6b:64:0f:53:b7:
74:98:95:9b:95:93:26:04:0d:9c:fc:c8:c8:18:4a:
31:24:03:c0:f2:2d:c5:79:66:7e:c4:98:e8:2d:16:
9f:2c:14:34:b1:c4:b3:88:4f:a4:2d:22:9a:cb:d0:
eb:72:a2:26:ec:c4:e5:23:22:e9:78:db:36:3a:60:
d3:bc:fd:d1:06:86:f6:44:0e:cb:47:ee:47:af:23:
95:42:64:e8:52:f2:c9:29:f2:77:09:ba:3e:be:28:
54:ba:cd:e7:39:37:6b:a7:6c:e5:4b:e1:e0:cd:f2:
33:a2:fe:75:58:a2:d2:6b:d3:9d:ff:49:50:3d:e5:
22:dd:25:11:60:87:52:7d:81:29:50:5b:c2:f2:93:
21:b6:0f:26:43:8b:b8:af:25:c8:e9:5e:b5:93:4f:
75:47:e9:1f:b2:db:8e:da:d2:e8:7f:17:b3:d6:65:
b6:dc:ae:9e:c4:7e:d6:0a:1c:2a:2f:62:04:b1:34:
a2:df:fe:f3:30:ad:29:25:55:b0:ff:ec:fc:45:34:
23:7d:90:d6:2f:01:0b:45:54:da:68:cf:b3:85:6c:
82:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3C:E9:70:FF:52:15:E6:DE:FA:34:E0:49:5D:B1:78:43:5C:FE:DA
X509v3 Authority Key Identifier:
keyid:45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/zTzpcP9SFebe-jTgSV2xeENc_to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.72.0/21
78.110.16.0/20
80.245.208.0/20
95.131.232.0/21
185.56.252.0/22
195.38.30.0/24
217.168.160.0/20
Signature Algorithm: sha256WithRSAEncryption
2b:21:0e:d5:06:d9:dd:78:98:d2:92:68:ee:e2:32:b6:d1:30:
ee:1c:1f:77:c1:00:2d:26:b9:1d:02:8a:f1:b1:fc:22:bf:f3:
c0:47:f0:a6:2c:75:92:35:d9:85:c1:07:bc:bb:b5:7d:87:7a:
e4:ce:bf:b9:0d:5e:ad:28:fd:77:ae:c5:51:82:a5:21:16:b2:
76:06:dc:a2:6e:78:d7:e8:ea:d1:45:f6:70:95:f5:08:d0:ee:
f4:c9:cb:2b:9a:0b:f1:30:66:5f:77:8a:ad:42:48:c9:37:4f:
cb:f6:69:2c:73:a5:e7:24:3b:a8:64:3b:5b:01:0c:bc:83:60:
28:8a:66:62:fe:7b:c2:fb:80:95:7a:f4:17:23:e1:c2:4e:66:
64:70:4e:53:7f:13:28:40:d3:f6:cd:87:b9:37:c1:f9:fc:44:
f3:2b:ff:a4:84:c4:e8:d7:6d:39:e0:2b:b9:3d:86:4a:9c:80:
e7:cc:70:8b:3a:8b:f6:63:cf:90:9f:6f:02:54:55:6c:57:0c:
a6:42:66:16:90:dd:15:b1:b2:c5:dd:68:07:6e:5f:5d:fe:1c:
28:1f:a5:4e:13:79:48:d9:af:78:fe:95:d4:4e:60:65:b9:62:
3c:db:97:c8:7d:f4:11:58:06:e6:2b:04:0b:fe:90:15:30:8b:
42:7f:39:07
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZEl4isK9B9C2Ctca7nRArquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NjhkMGE3MjA0NTYwYjYzNTZkODM3YmJmMTUxMGQ5NjM2
ZGY2M2EwHhcNMjQwODA2MDQxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDNjZTk3MGZmNTIxNWU2ZGVmYTM0ZTA0OTVkYjE3ODQzNWNmZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ylyENi7ZiAEd1ImUGcn1d6iCkHd
B1d84Vs26fPCPBWJh/C9Oc5ua2QPU7d0mJWblZMmBA2c/MjIGEoxJAPA8i3FeWZ+
xJjoLRafLBQ0scSziE+kLSKay9DrcqIm7MTlIyLpeNs2OmDTvP3RBob2RA7LR+5H
ryOVQmToUvLJKfJ3Cbo+vihUus3nOTdrp2zlS+HgzfIzov51WKLSa9Od/0lQPeUi
3SURYIdSfYEpUFvC8pMhtg8mQ4u4ryXI6V61k091R+kfstuO2tLofxez1mW23K6e
xH7WChwqL2IEsTSi3/7zMK0pJVWw/+z8RTQjfZDWLwELRVTaaM+zhWyCkQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFM086XD/UhXm3vo04EldsXhDXP7aMB8GA1UdIwQY
MBaAFEVo0KcgRWC2NW2De78VENljbfY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgt
NmZlMzVhZTU0YTViLzEvelR6cGNQOVNGZWJlLWpUZ1NWMnhlRU5jX3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgtNmZlMzVhZTU0YTVi
LzEvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJXJIAwQE
Tm4QAwQEUPXQAwQDX4PoAwQCuTj8AwQAwyYeAwQE2aigMA0GCSqGSIb3DQEBCwUA
A4IBAQArIQ7VBtndeJjSkmju4jK20TDuHB93wQAtJrkdAorxsfwiv/PAR/CmLHWS
NdmFwQe8u7V9h3rkzr+5DV6tKP13rsVRgqUhFrJ2BtyibnjX6OrRRfZwlfUI0O70
ycsrmgvxMGZfd4qtQkjJN0/L9mksc6XnJDuoZDtbAQy8g2AoimZi/nvC+4CVevQX
I+HCTmZkcE5TfxMoQNP2zYe5N8H5/ETzK/+khMTo12054Cu5PYZKnIDnzHCLOov2
Y8+Qn28CVFVsVwymQmYWkN0VsbLF3WgHbl9d/hwoH6VOE3lI2a94/pXUTmBluWI8
25fIffQRWAbmKwQL/pAVMItCfzkH
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:34:24 2024 by rpki-client on console-ams.rpki-client.org