Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/Zo73C-UEQ7OSgVUml5i7iyuhGPA.roa
File: Zo73C-UEQ7OSgVUml5i7iyuhGPA.roa (raw, json)
Hash identifier: 5iw6S9rnYwu/P9ztfRyAX1TUn0K+JArBkCtjozybrjU=
Subject key identifier: 66:8E:F7:0B:E5:04:43:B3:92:81:55:26:97:98:BB:8B:2B:A1:18:F0
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 019368EEF289F7B7B22A77F5EAEE89ADDFF5
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/Zo73C-UEQ7OSgVUml5i7iyuhGPA.roa
Signing time: Tue 26 Nov 2024 14:45:10 +0000
ROA not before: Tue 26 Nov 2024 14:45:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35251
IP address blocks: 45.138.68.0/24 maxlen: 24
45.138.69.0/24 maxlen: 24
45.138.70.0/24 maxlen: 24
45.138.71.0/24 maxlen: 24
45.158.20.0/24 maxlen: 24
45.158.21.0/24 maxlen: 24
45.158.22.0/24 maxlen: 24
45.158.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 09:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:ee:f2:89:f7:b7:b2:2a:77:f5:ea:ee:89:ad:df:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Nov 26 14:45:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=668ef70be50443b3928155269798bb8b2ba118f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:78:a5:f3:31:3b:ed:da:21:0f:13:23:84:d5:
93:e0:23:ca:c3:f2:7e:61:78:8a:b4:51:12:fa:be:
e9:f9:ce:6e:0a:6c:f4:87:e2:28:51:2c:80:9c:3f:
59:a3:73:30:8d:30:1f:31:92:f7:34:7a:74:ca:77:
f4:de:71:89:48:d7:e2:69:30:59:4b:d2:ac:d5:5e:
4c:17:62:bc:fd:59:fb:9b:af:1c:1d:4e:17:0b:54:
78:a8:90:8e:ef:2a:9a:de:73:f0:b9:16:df:74:7a:
dc:ea:fd:ca:9c:0f:dd:f8:c4:99:c5:71:7b:bf:78:
67:08:cb:eb:56:3f:ae:36:51:35:44:dd:32:86:dd:
a3:d0:07:28:1a:5b:0c:07:87:30:a0:1c:90:22:8e:
9f:3a:84:2a:59:29:ad:0a:09:45:3c:b0:f8:c4:ed:
7a:4c:6c:79:f8:9f:68:d7:55:4c:6d:f9:f5:d9:e0:
78:0f:05:30:4e:be:f8:1d:89:de:37:27:20:db:75:
97:92:81:ea:9a:d8:90:a6:69:3c:46:7f:44:9b:e0:
51:04:b1:df:2f:c1:51:b2:43:9c:46:fb:8b:18:a7:
87:61:ff:a6:8f:3b:1d:17:55:4f:88:4b:8a:75:1b:
d4:7c:f9:08:85:06:fa:5a:50:45:41:4e:92:7f:cb:
55:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8E:F7:0B:E5:04:43:B3:92:81:55:26:97:98:BB:8B:2B:A1:18:F0
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/Zo73C-UEQ7OSgVUml5i7iyuhGPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.68.0/22
45.158.20.0/22
Signature Algorithm: sha256WithRSAEncryption
51:97:e6:79:65:4a:a1:a7:4a:e7:79:e8:1a:4f:47:29:4d:4b:
3f:ad:03:e7:ea:0d:91:1d:74:78:89:d9:99:b3:7a:85:45:6d:
6b:f4:d5:3e:1b:6d:06:8d:14:b2:fc:a5:36:e3:df:f4:42:60:
56:b4:43:87:c2:7a:05:02:1e:3b:be:df:c0:37:e5:d8:df:7a:
45:30:81:7f:53:ae:95:3f:aa:e9:2a:9d:2a:f5:46:78:54:83:
af:8e:41:a4:cd:4d:74:fc:9d:83:77:5e:46:12:93:15:93:49:
f9:05:ce:0b:f7:f0:05:81:86:ed:fa:af:53:3b:d2:96:5a:fa:
a7:06:13:84:de:fc:dc:1e:6c:85:4f:06:6a:bf:de:c9:5c:33:
74:14:67:45:6c:08:1e:05:ac:26:e6:63:f3:52:e7:06:22:43:
01:8c:04:a1:e4:f1:36:37:08:d2:e3:a5:96:1e:a4:69:01:4f:
17:31:d2:d2:29:69:8e:04:78:11:20:7a:9c:b9:b7:a8:a9:62:
96:14:77:6c:a7:0c:83:22:5b:10:15:e9:01:51:17:c2:5a:95:
45:1b:07:a8:8d:e9:d4:bb:76:52:6d:c3:b0:b5:02:e5:b0:cc:
0f:3e:73:81:04:91:b5:64:d1:61:ca:d0:61:bc:61:3f:ea:0d:
5f:2b:05:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNo7vKJ97eyKnf16u6Jrd/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjQxMTI2MTQ0NTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjhlZjcwYmU1MDQ0M2IzOTI4MTU1MjY5Nzk4YmI4YjJiYTExOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHil8zE77dohDxMjhNWT4CPKw/J+
YXiKtFES+r7p+c5uCmz0h+IoUSyAnD9Zo3MwjTAfMZL3NHp0ynf03nGJSNfiaTBZ
S9Ks1V5MF2K8/Vn7m68cHU4XC1R4qJCO7yqa3nPwuRbfdHrc6v3KnA/d+MSZxXF7
v3hnCMvrVj+uNlE1RN0yht2j0AcoGlsMB4cwoByQIo6fOoQqWSmtCglFPLD4xO16
TGx5+J9o11VMbfn12eB4DwUwTr74HYneNycg23WXkoHqmtiQpmk8Rn9Em+BRBLHf
L8FRskOcRvuLGKeHYf+mjzsdF1VPiEuKdRvUfPkIhQb6WlBFQU6Sf8tV0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGaO9wvlBEOzkoFVJpeYu4sroRjwMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvWm83M0MtVUVRN09TZ1ZVbWw1aTdpeXVoR1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYpEAwQC
LZ4UMA0GCSqGSIb3DQEBCwUAA4IBAQBRl+Z5ZUqhp0rneegaT0cpTUs/rQPn6g2R
HXR4idmZs3qFRW1r9NU+G20GjRSy/KU249/0QmBWtEOHwnoFAh47vt/AN+XY33pF
MIF/U66VP6rpKp0q9UZ4VIOvjkGkzU10/J2Dd15GEpMVk0n5Bc4L9/AFgYbt+q9T
O9KWWvqnBhOE3vzcHmyFTwZqv97JXDN0FGdFbAgeBawm5mPzUucGIkMBjASh5PE2
NwjS46WWHqRpAU8XMdLSKWmOBHgRIHqcubeoqWKWFHdspwyDIlsQFekBURfCWpVF
GweojenUu3ZSbcOwtQLlsMwPPnOBBJG1ZNFhytBhvGE/6g1fKwVV
-----END CERTIFICATE-----
Generated at Fri Dec 27 17:53:49 2024 by rpki-client on console-ams.rpki-client.org