Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/ZzShTi-xpWYByaIaqJ4mkpp7ezI.roa
File: ZzShTi-xpWYByaIaqJ4mkpp7ezI.roa (raw, json)
Hash identifier: cB6fAzufB2cvw6bGX1zSRb8NOaHTLRzxMOoIEeromD0=
Subject key identifier: 67:34:A1:4E:2F:B1:A5:66:01:C9:A2:1A:A8:9E:26:92:9A:7B:7B:32
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 019135ED3928DCEE24747136E1B47305EA99
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/ZzShTi-xpWYByaIaqJ4mkpp7ezI.roa
Signing time: Fri 09 Aug 2024 06:57:04 +0000
ROA not before: Fri 09 Aug 2024 06:57:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8562
IP address blocks: 84.20.184.0/22 maxlen: 22
90.152.128.0/17 maxlen: 17
176.66.64.0/18 maxlen: 18
185.157.248.0/23 maxlen: 23
193.154.144.0/20 maxlen: 20
217.76.160.0/20 maxlen: 20
2001:890:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:35:ed:39:28:dc:ee:24:74:71:36:e1:b4:73:05:ea:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Aug 9 06:57:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6734a14e2fb1a56601c9a21aa89e26929a7b7b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7e:ec:94:54:61:0c:31:6a:43:03:60:2e:2b:
d2:da:23:46:02:7e:d6:e5:a1:25:a1:14:8e:6f:77:
e2:c2:f9:cb:59:0c:28:fd:22:29:7c:be:29:21:6e:
17:93:07:26:2a:2e:09:a2:c4:fb:09:59:af:97:05:
ab:56:72:7a:c2:57:d2:4b:6b:8c:01:2d:e1:fa:77:
ef:cd:10:30:d1:d5:d6:77:4d:d7:4c:2a:f6:1f:36:
76:7d:30:00:d2:a6:c4:0b:46:d8:af:4a:6a:24:57:
9e:33:93:fb:46:d6:27:52:21:64:39:cf:66:c0:e0:
7d:b4:d8:08:1e:b2:a1:a6:1d:35:99:6d:f4:c9:c3:
06:1f:1e:df:9f:e0:96:3e:d8:ea:ec:bf:cb:d6:04:
35:b7:c0:5f:67:ae:a8:1e:05:04:01:06:ba:03:2a:
11:a8:27:2b:1e:cb:a1:a1:ad:a2:0c:5a:db:2d:87:
fb:d4:ec:93:80:f2:99:1f:92:3b:be:62:bc:10:ea:
7c:c7:e0:6d:97:72:5e:ee:25:22:93:eb:c1:eb:37:
25:40:04:8b:51:4e:a1:3b:65:ac:0b:0f:01:e7:fb:
e2:3d:d5:f2:26:28:05:2c:c2:6c:93:7d:52:27:df:
84:45:7b:1e:ee:73:75:65:89:5a:dd:7b:3e:ba:dc:
5f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:34:A1:4E:2F:B1:A5:66:01:C9:A2:1A:A8:9E:26:92:9A:7B:7B:32
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/ZzShTi-xpWYByaIaqJ4mkpp7ezI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.20.184.0/22
90.152.128.0/17
176.66.64.0/18
185.157.248.0/23
193.154.144.0/20
217.76.160.0/20
IPv6:
2001:890:c000::/34
Signature Algorithm: sha256WithRSAEncryption
37:a3:65:ed:38:47:83:80:9d:e0:75:0f:65:f1:6b:47:d0:86:
c0:f2:13:d8:84:be:7b:71:a7:8d:2f:a1:5f:8e:be:de:3b:85:
36:b6:d5:ab:a8:81:4d:8f:08:cc:d9:02:0e:5d:f5:28:cd:0c:
c3:6c:92:f6:79:16:85:90:b2:96:95:76:eb:58:cc:74:3e:18:
41:40:fa:3f:21:2b:1e:b3:2a:21:15:40:04:29:d9:af:a7:92:
84:4a:e5:46:7a:0c:01:fb:cb:a5:d3:fc:58:5c:c4:00:ef:42:
75:f4:7f:45:83:a6:96:f9:db:b7:d1:d9:75:89:71:a5:0f:01:
1f:61:6f:5a:27:bb:da:41:f1:8d:f2:70:3d:76:cb:1b:95:89:
85:df:ab:27:a2:7c:f5:9e:2c:b7:ca:23:a5:3b:dc:9a:db:9c:
3c:37:4a:ce:e7:fa:ee:cd:38:1a:03:c5:7c:2e:2c:2d:3b:83:
0d:e8:fa:79:6c:69:50:4f:09:8a:47:df:ee:42:22:29:5c:fe:
9c:ce:aa:08:0d:d9:41:ac:23:38:4c:9f:1d:c9:6d:d6:6e:22:
4d:eb:bc:53:e5:bc:0c:f8:28:21:1e:e5:b8:6b:ca:fa:15:dc:
09:8d:e3:78:f4:12:39:71:99:65:6b:62:5f:54:c6:ff:f7:6a:
d7:c8:1c:c7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZE17Tko3O4kdHE24bRzBeqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjQwODA5MDY1NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzM0YTE0ZTJmYjFhNTY2MDFjOWEyMWFhODllMjY5MjlhN2I3YjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH7slFRhDDFqQwNgLivS2iNGAn7W
5aEloRSOb3fiwvnLWQwo/SIpfL4pIW4XkwcmKi4JosT7CVmvlwWrVnJ6wlfSS2uM
AS3h+nfvzRAw0dXWd03XTCr2HzZ2fTAA0qbEC0bYr0pqJFeeM5P7RtYnUiFkOc9m
wOB9tNgIHrKhph01mW30ycMGHx7fn+CWPtjq7L/L1gQ1t8BfZ66oHgUEAQa6AyoR
qCcrHsuhoa2iDFrbLYf71OyTgPKZH5I7vmK8EOp8x+Btl3Je7iUik+vB6zclQASL
UU6hO2WsCw8B5/viPdXyJigFLMJsk31SJ9+ERXse7nN1ZYla3Xs+utxfdQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGc0oU4vsaVmAcmiGqieJpKae3syMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvWnpTaFRpLXhwV1lCeWFJYXFKNG1rcHA3ZXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQCVBS4AwQH
WpiAAwQGsEJAAwQBuZ34AwQEwZqQAwQE2UygMA4EAgACMAgDBgYgAQiQwDANBgkq
hkiG9w0BAQsFAAOCAQEAN6Nl7ThHg4Cd4HUPZfFrR9CGwPIT2IS+e3GnjS+hX46+
3juFNrbVq6iBTY8IzNkCDl31KM0Mw2yS9nkWhZCylpV261jMdD4YQUD6PyErHrMq
IRVABCnZr6eShErlRnoMAfvLpdP8WFzEAO9CdfR/RYOmlvnbt9HZdYlxpQ8BH2Fv
Wie72kHxjfJwPXbLG5WJhd+rJ6J89Z4st8ojpTvcmtucPDdKzuf67s04GgPFfC4s
LTuDDej6eWxpUE8Jikff7kIiKVz+nM6qCA3ZQawjOEyfHclt1m4iTeu8U+W8DPgo
IR7luGvK+hXcCY3jePQSOXGZZWtiX1TG//dq18gcxw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:23:41 2024 by rpki-client on console-ams.rpki-client.org