Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/zMkZC8ooyp9WqnoB7ctkJuXM7qM.roa
File: zMkZC8ooyp9WqnoB7ctkJuXM7qM.roa (raw, json)
Hash identifier: xrpEAWNkEMrvghyrdQSa+FaK+0yyidHPJzHQQy0Pc6s=
Subject key identifier: CC:C9:19:0B:CA:28:CA:9F:56:AA:7A:01:ED:CB:64:26:E5:CC:EE:A3
Certificate issuer: /CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Certificate serial: 018CC5001D9EBA6B155435821661D8BB5354
Authority key identifier: E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/zMkZC8ooyp9WqnoB7ctkJuXM7qM.roa
Signing time: Mon 01 Jan 2024 12:29:28 +0000
ROA not before: Mon 01 Jan 2024 12:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15594
IP address blocks: 217.116.112.0/20 maxlen: 25
217.10.64.0/20 maxlen: 25
82.116.96.0/19 maxlen: 25
95.174.128.0/19 maxlen: 25
212.9.32.0/19 maxlen: 25
2001:ab7:4000::/36 maxlen: 49
2001:ab7::/36 maxlen: 49
2001:ab7:1000::/36 maxlen: 49
2001:ab7:2000::/36 maxlen: 49
2001:ab7:3000::/36 maxlen: 49
2001:ab7:f000::/36 maxlen: 49
2001:ab0::/29 maxlen: 48
2001:ab0::/36 maxlen: 49
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1d:9e:ba:6b:15:54:35:82:16:61:d8:bb:53:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Validity
Not Before: Jan 1 12:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccc9190bca28ca9f56aa7a01edcb6426e5cceea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:15:5a:db:7e:6e:f4:f4:52:0e:a4:1c:e2:cc:
36:97:d2:85:80:00:a9:08:df:12:12:c3:0b:11:bf:
aa:a2:73:33:94:76:3a:23:e1:8c:f8:44:87:78:b0:
ab:9b:a6:0c:cb:87:a3:69:2f:ee:50:b8:6c:95:fd:
60:cd:80:08:e9:86:e6:1b:ed:68:71:5d:61:50:10:
c3:be:c4:a6:62:cc:72:ba:63:e7:c8:96:f5:d4:ff:
e9:13:ed:d6:81:27:86:4c:df:d8:ff:80:c2:dc:2e:
86:4a:8d:d3:5d:f7:32:34:f6:3b:ee:70:ea:77:12:
ac:83:c4:d5:08:28:12:b3:7d:c5:28:3f:40:4b:d6:
dd:ef:32:67:59:c8:14:47:56:9d:94:0a:63:4e:cf:
7b:b5:e1:7b:cd:07:90:d1:d6:17:9d:ec:43:ed:2b:
1d:8e:ac:c2:44:22:37:14:b9:9f:bc:89:b3:0d:0a:
f0:34:90:05:f2:e8:28:8f:6e:a6:bc:f7:21:02:28:
63:d2:60:b6:23:6f:1c:56:fd:d2:6d:6e:b7:9b:be:
0e:fd:f6:14:84:7d:92:46:74:85:af:6c:67:c2:24:
7c:e8:86:6d:27:05:26:11:30:7b:df:e6:45:3b:60:
d6:48:51:eb:0e:31:ad:81:7c:71:8c:b6:b6:f7:41:
4f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C9:19:0B:CA:28:CA:9F:56:AA:7A:01:ED:CB:64:26:E5:CC:EE:A3
X509v3 Authority Key Identifier:
keyid:E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/zMkZC8ooyp9WqnoB7ctkJuXM7qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.116.96.0/19
95.174.128.0/19
212.9.32.0/19
217.10.64.0/20
217.116.112.0/20
IPv6:
2001:ab0::/29
Signature Algorithm: sha256WithRSAEncryption
64:79:b3:5c:42:c6:15:85:92:3b:95:e3:1b:9e:73:71:a6:51:
4c:a8:d8:fe:f9:0a:de:41:53:ea:e1:ad:c2:28:6e:44:4c:d8:
33:c7:ae:d3:22:fb:fd:0b:95:fd:dc:47:ac:d0:cb:e6:e4:b9:
72:4f:c4:03:4d:63:2d:42:e2:e7:54:55:ea:dc:35:91:ec:a9:
cc:31:b2:cc:4f:eb:1d:6a:f5:2a:2b:ed:b8:c6:c8:b0:24:7f:
35:6b:6e:a5:42:b3:3e:31:4f:66:b2:69:37:5e:17:dd:ad:62:
4f:dc:4f:e1:f5:b1:90:73:c6:3f:72:69:dc:bc:20:90:a5:25:
02:fd:53:81:cf:fa:ad:c2:6e:da:23:78:82:a6:f2:16:7a:3c:
82:8b:29:e9:0d:94:07:26:da:3b:1d:fd:ad:40:38:ed:10:c3:
83:59:00:1d:04:6d:c6:36:63:8f:0f:a5:7c:c4:2e:bb:c6:6f:
78:65:87:a8:7a:06:5f:bf:36:13:cb:e5:bf:39:2d:42:d2:06:
f8:f2:4d:a1:f1:e1:2a:e5:97:16:cf:d5:b8:bb:9a:af:03:83:
c9:98:1b:05:f2:27:ca:56:c3:2b:86:a4:a9:a8:ec:87:23:e0:
b0:8b:51:38:bb:1d:83:4d:4d:ce:9b:28:73:78:27:84:29:29:
0f:5c:87:cf
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzFAB2eumsVVDWCFmHYu1NUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZjcwNzA2ZjZjMGNmYmQ5YzczYTdmM2Q4MzAyMzI0MGE0
MmY1MGQwHhcNMjQwMTAxMTIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2M5MTkwYmNhMjhjYTlmNTZhYTdhMDFlZGNiNjQyNmU1Y2NlZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohVa235u9PRSDqQc4sw2l9KFgACp
CN8SEsMLEb+qonMzlHY6I+GM+ESHeLCrm6YMy4ejaS/uULhslf1gzYAI6YbmG+1o
cV1hUBDDvsSmYsxyumPnyJb11P/pE+3WgSeGTN/Y/4DC3C6GSo3TXfcyNPY77nDq
dxKsg8TVCCgSs33FKD9AS9bd7zJnWcgUR1adlApjTs97teF7zQeQ0dYXnexD7Ssd
jqzCRCI3FLmfvImzDQrwNJAF8ugoj26mvPchAihj0mC2I28cVv3SbW63m74O/fYU
hH2SRnSFr2xnwiR86IZtJwUmETB73+ZFO2DWSFHrDjGtgXxxjLa290FPbQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMzJGQvKKMqfVqp6Ae3LZCblzO6jMB8GA1UdIwQY
MBaAFOP3Bwb2wM+9nHOn89gwIyQKQvUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTIt
MDlmZjc5MzA4YmJlLzEvek1rWkM4b295cDlXcW5vQjdjdGtKdVhNN3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTItMDlmZjc5MzA4YmJl
LzEvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFUnRgAwQF
X66AAwQF1AkgAwQE2QpAAwQE2XRwMA0EAgACMAcDBQMgAQqwMA0GCSqGSIb3DQEB
CwUAA4IBAQBkebNcQsYVhZI7leMbnnNxplFMqNj++QreQVPq4a3CKG5ETNgzx67T
Ivv9C5X93Ees0Mvm5LlyT8QDTWMtQuLnVFXq3DWR7KnMMbLMT+sdavUqK+24xsiw
JH81a26lQrM+MU9msmk3XhfdrWJP3E/h9bGQc8Y/cmncvCCQpSUC/VOBz/qtwm7a
I3iCpvIWejyCiynpDZQHJto7Hf2tQDjtEMODWQAdBG3GNmOPD6V8xC67xm94ZYeo
egZfvzYTy+W/OS1C0gb48k2h8eEq5ZcWz9W4u5qvA4PJmBsF8ifKVsMrhqSpqOyH
I+Cwi1E4ux2DTU3OmyhzeCeEKSkPXIfP
-----END CERTIFICATE-----
Generated at Sun May 19 08:34:41 2024 by rpki-client on console-ams.rpki-client.org