Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/zZCfmOKDha-iZt2zXYNHmNpM_tU.roa
File: zZCfmOKDha-iZt2zXYNHmNpM_tU.roa (raw, json)
Hash identifier: ZhRv0PhD8fS1UMCW32SQe/ivvXscePc9FIz/aQVmJUE=
Subject key identifier: CD:90:9F:98:E2:83:85:AF:A2:66:DD:B3:5D:83:47:98:DA:4C:FE:D5
Certificate issuer: /CN=26bbed788e29f8406b2bdc8dddeeb7d4ec4b833e
Certificate serial: 018CC4933C5CA73275E5F0666F79C127ABB8
Authority key identifier: 26:BB:ED:78:8E:29:F8:40:6B:2B:DC:8D:DD:EE:B7:D4:EC:4B:83:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JrvteI4p-EBrK9yN3e631OxLgz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/zZCfmOKDha-iZt2zXYNHmNpM_tU.roa
Signing time: Mon 01 Jan 2024 10:30:32 +0000
ROA not before: Mon 01 Jan 2024 10:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43205
IP address blocks: 212.43.32.0/19 maxlen: 19
46.40.64.0/18 maxlen: 18
46.40.75.0/24 maxlen: 24
213.214.64.0/19 maxlen: 19
188.254.128.0/17 maxlen: 17
37.143.192.0/18 maxlen: 18
178.169.128.0/17 maxlen: 17
212.75.0.0/19 maxlen: 19
185.4.80.0/22 maxlen: 22
46.237.64.0/18 maxlen: 18
158.58.192.0/18 maxlen: 18
193.200.14.0/23 maxlen: 23
193.24.240.0/22 maxlen: 22
91.139.128.0/17 maxlen: 17
78.128.56.0/22 maxlen: 22
78.128.52.0/22 maxlen: 22
78.128.74.0/23 maxlen: 23
78.128.84.0/22 maxlen: 22
78.128.82.0/23 maxlen: 23
78.128.88.0/22 maxlen: 22
78.128.90.0/23 maxlen: 24
78.128.96.0/23 maxlen: 23
91.148.150.0/23 maxlen: 23
91.148.149.0/24 maxlen: 24
91.148.152.0/21 maxlen: 21
78.128.100.0/22 maxlen: 22
78.128.104.0/22 maxlen: 22
78.128.2.0/23 maxlen: 23
78.128.10.0/23 maxlen: 23
78.128.12.0/22 maxlen: 22
78.128.16.0/20 maxlen: 20
46.47.64.0/18 maxlen: 18
78.128.36.0/22 maxlen: 22
78.128.40.0/23 maxlen: 23
78.142.30.0/23 maxlen: 23
194.145.160.0/22 maxlen: 22
91.148.166.0/24 maxlen: 24
91.148.162.0/23 maxlen: 23
91.148.164.0/23 maxlen: 23
78.128.115.0/24 maxlen: 24
91.148.169.0/24 maxlen: 24
78.128.116.0/23 maxlen: 23
91.148.170.0/23 maxlen: 23
91.148.172.0/22 maxlen: 22
91.148.176.0/21 maxlen: 21
78.128.120.0/22 maxlen: 22
109.121.192.0/18 maxlen: 18
91.148.186.0/23 maxlen: 23
78.142.10.0/23 maxlen: 23
78.142.9.0/24 maxlen: 24
78.142.12.0/22 maxlen: 22
2a02:6800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/JrvteI4p-EBrK9yN3e631OxLgz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/JrvteI4p-EBrK9yN3e631OxLgz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/JrvteI4p-EBrK9yN3e631OxLgz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:3c:5c:a7:32:75:e5:f0:66:6f:79:c1:27:ab:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bbed788e29f8406b2bdc8dddeeb7d4ec4b833e
Validity
Not Before: Jan 1 10:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd909f98e28385afa266ddb35d834798da4cfed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:67:fa:d2:7d:35:6c:79:d6:03:42:f8:7b:e6:
a8:92:85:57:37:95:c5:48:ae:bd:00:1d:14:bb:0e:
ba:3f:a8:d6:ac:0d:a8:48:e8:d9:e8:f4:67:f6:f9:
8c:c8:06:a4:62:6d:81:3e:2f:f7:bd:52:8f:b7:1b:
bd:c8:9d:86:52:d0:29:45:f1:e7:f2:ff:69:5d:8d:
5e:a1:87:27:a1:a1:c9:a0:7e:38:38:ee:56:6a:89:
5e:16:00:c7:5b:da:56:df:a8:72:e7:ba:23:97:39:
53:e8:99:1f:3d:8a:c8:10:d9:f6:c1:9e:62:0c:a3:
99:1a:0a:b4:fd:44:1e:a1:bc:74:bf:98:63:ce:36:
06:d9:d1:40:7c:5e:80:66:cd:74:01:72:93:04:db:
ab:ba:b0:03:e7:49:cf:44:74:da:fc:9f:0c:4e:23:
a6:f1:b4:b8:2a:9f:13:18:4c:30:5c:f9:4c:b5:12:
a0:e1:1c:85:21:15:36:d3:ef:63:95:ba:2e:16:57:
2e:3d:3b:a3:0e:1e:55:6b:f7:a5:d1:7f:0f:e1:34:
12:53:f6:c7:f2:f2:82:54:3e:48:84:2a:b3:3d:6a:
0b:2b:07:51:9d:97:31:1d:68:68:bf:16:3f:93:75:
97:04:1f:1d:9a:11:62:44:1d:be:08:ad:29:20:ed:
eb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:90:9F:98:E2:83:85:AF:A2:66:DD:B3:5D:83:47:98:DA:4C:FE:D5
X509v3 Authority Key Identifier:
keyid:26:BB:ED:78:8E:29:F8:40:6B:2B:DC:8D:DD:EE:B7:D4:EC:4B:83:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JrvteI4p-EBrK9yN3e631OxLgz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/zZCfmOKDha-iZt2zXYNHmNpM_tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/bd7a93-c9e4-42b6-a5c6-d35c54f14dbe/1/JrvteI4p-EBrK9yN3e631OxLgz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.192.0/18
46.40.64.0/18
46.47.64.0/18
46.237.64.0/18
78.128.2.0/23
78.128.10.0-78.128.31.255
78.128.36.0-78.128.41.255
78.128.52.0-78.128.59.255
78.128.74.0/23
78.128.82.0-78.128.91.255
78.128.96.0/23
78.128.100.0-78.128.107.255
78.128.115.0-78.128.117.255
78.128.120.0/22
78.142.9.0-78.142.15.255
78.142.30.0/23
91.139.128.0/17
91.148.149.0-91.148.159.255
91.148.162.0-91.148.166.255
91.148.169.0-91.148.183.255
91.148.186.0/23
109.121.192.0/18
158.58.192.0/18
178.169.128.0/17
185.4.80.0/22
188.254.128.0/17
193.24.240.0/22
193.200.14.0/23
194.145.160.0/22
212.43.32.0/19
212.75.0.0/19
213.214.64.0/19
IPv6:
2a02:6800::/32
Signature Algorithm: sha256WithRSAEncryption
82:e9:62:15:63:e3:73:d2:8c:f2:61:23:40:88:e3:68:9b:85:
4b:90:5f:4e:99:52:30:3e:d0:7a:e7:aa:81:39:44:e8:48:3e:
93:ef:2e:c6:8b:73:92:a3:6e:68:fa:e3:6d:15:1d:25:89:82:
2d:3e:f8:58:b2:19:19:3b:04:e7:75:33:73:60:f9:2a:8a:2f:
16:98:15:1a:9d:6c:3d:4d:4e:da:3c:22:b5:b3:21:3e:43:7b:
dc:2b:a0:c7:45:cd:15:ae:f5:bf:19:36:03:bc:a7:20:c3:59:
12:c7:d3:56:bf:f8:e1:83:6c:78:7a:9d:bd:2f:29:fd:da:00:
2d:c0:a7:06:8e:22:df:a2:1c:29:2e:a2:06:f7:61:59:55:d7:
10:97:bc:95:7f:24:20:49:1a:0a:96:f2:ce:87:21:a9:8f:48:
71:b3:f9:b7:9d:0f:2a:b1:9d:d9:da:c7:dd:e0:f2:45:54:43:
1d:83:06:3f:95:e5:a2:1c:e0:14:a5:11:c5:84:87:f9:80:fb:
6a:05:6c:6c:be:bf:eb:77:9d:4c:77:42:2b:3b:b9:f4:10:91:
a2:22:c3:1a:e4:35:12:d6:0f:9b:42:32:2d:27:00:91:4c:ed:
62:bb:16:cd:f1:cc:b7:81:2a:db:b1:56:e2:4a:c9:03:23:a4:
45:32:7c:08
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgISAYzEkzxcpzJ15fBmb3nBJ6u4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmJlZDc4OGUyOWY4NDA2YjJiZGM4ZGRkZWViN2Q0ZWM0
YjgzM2UwHhcNMjQwMTAxMTAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDkwOWY5OGUyODM4NWFmYTI2NmRkYjM1ZDgzNDc5OGRhNGNmZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mf60n01bHnWA0L4e+aokoVXN5XF
SK69AB0Uuw66P6jWrA2oSOjZ6PRn9vmMyAakYm2BPi/3vVKPtxu9yJ2GUtApRfHn
8v9pXY1eoYcnoaHJoH44OO5WaoleFgDHW9pW36hy57ojlzlT6JkfPYrIENn2wZ5i
DKOZGgq0/UQeobx0v5hjzjYG2dFAfF6AZs10AXKTBNururAD50nPRHTa/J8MTiOm
8bS4Kp8TGEwwXPlMtRKg4RyFIRU20+9jlbouFlcuPTujDh5Va/el0X8P4TQSU/bH
8vKCVD5IhCqzPWoLKwdRnZcxHWhovxY/k3WXBB8dmhFiRB2+CK0pIO3rOwIDAQAB
o4IDLDCCAygwHQYDVR0OBBYEFM2Qn5jig4Wvombds12DR5jaTP7VMB8GA1UdIwQY
MBaAFCa77XiOKfhAayvcjd3ut9TsS4M+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnJ2dGVJNHAtRUJySzl5TjNlNjMxT3hMZ3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9iZDdhOTMtYzllNC00MmI2LWE1YzYt
ZDM1YzU0ZjE0ZGJlLzEvelpDZm1PS0RoYS1pWnQyelhZTkhtTnBNX3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9iZDdhOTMtYzllNC00MmI2LWE1YzYtZDM1YzU0ZjE0ZGJl
LzEvSnJ2dGVJNHAtRUJySzl5TjNlNjMxT3hMZ3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQAYIKwYBBQUHAQcBAf8EggEvMIIBKzCCARgEAgABMIIB
EAMEBiWPwAMEBi4oQAMEBi4vQAMEBi7tQAMEAU6AAjAMAwQBToAKAwQFToAAMAwD
BAJOgCQDBAFOgCgwDAMEAk6ANAMEAk6AOAMEAU6ASjAMAwQBToBSAwQCToBYAwQB
ToBgMAwDBAJOgGQDBAJOgGgwDAMEAE6AcwMEAU6AdAMEAk6AeDAMAwQATo4JAwQE
To4AAwQBTo4eAwQHW4uAMAwDBABblJUDBAVblIAwDAMEAVuUogMEAFuUpjAMAwQA
W5SpAwQDW5SwAwQBW5S6AwQGbXnAAwQGnjrAAwQHsqmAAwQCuQRQAwQHvP6AAwQC
wRjwAwQBwcgOAwQCwpGgAwQF1CsgAwQF1EsAAwQF1dZAMA0EAgACMAcDBQAqAmgA
MA0GCSqGSIb3DQEBCwUAA4IBAQCC6WIVY+Nz0ozyYSNAiONom4VLkF9OmVIwPtB6
56qBOUToSD6T7y7Gi3OSo25o+uNtFR0liYItPvhYshkZOwTndTNzYPkqii8WmBUa
nWw9TU7aPCK1syE+Q3vcK6DHRc0VrvW/GTYDvKcgw1kSx9NWv/jhg2x4ep29Lyn9
2gAtwKcGjiLfohwpLqIG92FZVdcQl7yVfyQgSRoKlvLOhyGpj0hxs/m3nQ8qsZ3Z
2sfd4PJFVEMdgwY/leWiHOAUpRHFhIf5gPtqBWxsvr/rd51Md0IrO7n0EJGiIsMa
5DUS1g+bQjItJwCRTO1iuxbN8cy3gSrbsVbiSskDI6RFMnwI
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:03:48 2024 by rpki-client on console-fra.rpki-client.org