Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Z66p65EbCHAROsfdfSu5X9Q5TGI.roa
File: Z66p65EbCHAROsfdfSu5X9Q5TGI.roa (raw, json)
Hash identifier: m8wdaeEt3Kq2G7pKIrcQ67omYo5qJUCFN7HRM+UzCZY=
Subject key identifier: 67:AE:A9:EB:91:1B:08:70:11:3A:C7:DD:7D:2B:B9:5F:D4:39:4C:62
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 018CC6B93470A024483949A85B02451EB45E
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Z66p65EbCHAROsfdfSu5X9Q5TGI.roa
Signing time: Mon 01 Jan 2024 20:31:15 +0000
ROA not before: Mon 01 Jan 2024 20:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39013
IP address blocks: 77.78.157.0/24 maxlen: 24
77.78.158.0/24 maxlen: 24
85.187.184.0/24 maxlen: 24
85.187.186.0/24 maxlen: 24
85.187.185.0/24 maxlen: 24
85.187.184.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:34:70:a0:24:48:39:49:a8:5b:02:45:1e:b4:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 1 20:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67aea9eb911b0870113ac7dd7d2bb95fd4394c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cd:f2:e8:68:97:05:23:78:f2:0c:33:ca:6a:
de:b6:42:fe:2b:e4:5b:7b:90:00:5e:d9:4e:3f:fb:
8c:e2:b1:ce:58:9a:bd:cb:14:ec:ea:cb:e5:13:cf:
f4:29:20:f6:08:b0:cd:20:57:14:e8:ce:b7:07:69:
64:db:c2:78:44:1c:2f:6d:c4:1b:71:37:30:a2:76:
c9:93:7e:6c:bb:e8:e8:00:85:3c:12:cb:6b:d4:fb:
f1:a2:2b:50:39:90:dd:dd:a9:07:61:ac:e4:91:03:
31:0b:9c:79:39:b1:e7:d6:ce:9a:ac:5c:3d:94:75:
65:8c:27:b0:15:4f:71:c6:fe:38:f8:a8:81:31:0d:
e9:6f:45:87:82:ed:66:1c:27:74:7b:92:80:4d:36:
31:31:77:7d:db:57:41:e4:fd:52:0a:95:1b:37:99:
bb:d7:be:4e:0e:0d:65:db:f4:04:a9:59:0f:22:f2:
c2:7c:36:8b:22:8f:e4:2b:24:7a:84:7b:8e:4f:a0:
d4:60:4b:3e:b4:c9:bf:15:3d:25:1e:39:aa:11:21:
f9:da:ef:04:bb:01:c6:65:cb:77:36:a2:e3:d9:9c:
97:e2:df:f1:fb:60:4b:b0:e2:9e:c0:91:44:dd:4d:
18:01:14:78:8f:a9:04:c6:d6:4a:cb:98:8e:5f:a4:
1a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:AE:A9:EB:91:1B:08:70:11:3A:C7:DD:7D:2B:B9:5F:D4:39:4C:62
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/Z66p65EbCHAROsfdfSu5X9Q5TGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.157.0-77.78.158.255
85.187.184.0-85.187.186.255
Signature Algorithm: sha256WithRSAEncryption
7d:f9:f3:60:3f:08:5b:ac:1f:6c:e3:51:c0:93:58:ba:f4:9b:
a1:a9:ab:50:1a:83:21:d2:68:4c:12:7a:24:6e:93:ca:bf:d5:
c3:47:84:7b:ab:fe:79:95:33:af:2c:90:75:53:8d:61:7e:a3:
b8:80:cc:19:fe:86:05:76:55:7e:b8:4f:5f:eb:83:5c:d6:78:
d8:c5:c1:02:19:ba:9e:ba:ca:eb:6d:8a:4c:e0:e9:13:7a:38:
7f:3d:b3:b3:00:0d:13:b3:e7:18:5e:e3:9d:09:27:73:c2:41:
bc:09:e9:9c:bc:2d:eb:b1:19:1d:ac:53:31:fc:16:25:8e:61:
75:e9:b0:67:24:19:86:d1:64:e2:bc:6d:cb:e7:4a:d8:ac:f2:
f5:0a:b4:f2:d1:c5:30:06:9d:e4:8f:d3:53:81:40:45:41:d1:
21:75:aa:87:e0:ea:a2:96:4c:0b:6a:25:c6:42:2b:9b:87:79:
ab:25:3c:19:fe:20:cf:b0:ab:be:73:2d:be:67:6f:e4:ba:94:
23:f9:cf:d1:49:55:ee:db:4f:85:66:67:fb:00:5d:ca:de:74:
6b:64:bb:04:d7:09:6b:f8:ca:a6:3e:9d:e2:01:25:20:82:0e:
f7:84:96:8c:c1:82:38:55:45:75:40:91:af:80:36:36:15:65:
29:5e:f0:11
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGuTRwoCRIOUmoWwJFHrReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTAxMjAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2FlYTllYjkxMWIwODcwMTEzYWM3ZGQ3ZDJiYjk1ZmQ0Mzk0YzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr83y6GiXBSN48gwzymretkL+K+Rb
e5AAXtlOP/uM4rHOWJq9yxTs6svlE8/0KSD2CLDNIFcU6M63B2lk28J4RBwvbcQb
cTcwonbJk35su+joAIU8Estr1PvxoitQOZDd3akHYazkkQMxC5x5ObHn1s6arFw9
lHVljCewFU9xxv44+KiBMQ3pb0WHgu1mHCd0e5KATTYxMXd921dB5P1SCpUbN5m7
175ODg1l2/QEqVkPIvLCfDaLIo/kKyR6hHuOT6DUYEs+tMm/FT0lHjmqESH52u8E
uwHGZct3NqLj2ZyX4t/x+2BLsOKewJFE3U0YARR4j6kExtZKy5iOX6QaHwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGeuqeuRGwhwETrH3X0ruV/UOUxiMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvWjY2cDY1RWJDSEFST3NmZGZTdTVYOVE1VEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABNTp0D
BABNTp4wDAMEA1W7uAMEAFW7ujANBgkqhkiG9w0BAQsFAAOCAQEAffnzYD8IW6wf
bONRwJNYuvSboamrUBqDIdJoTBJ6JG6Tyr/Vw0eEe6v+eZUzryyQdVONYX6juIDM
Gf6GBXZVfrhPX+uDXNZ42MXBAhm6nrrK622KTODpE3o4fz2zswANE7PnGF7jnQkn
c8JBvAnpnLwt67EZHaxTMfwWJY5hdemwZyQZhtFk4rxty+dK2Kzy9Qq08tHFMAad
5I/TU4FARUHRIXWqh+DqopZMC2olxkIrm4d5qyU8Gf4gz7CrvnMtvmdv5LqUI/nP
0UlV7ttPhWZn+wBdyt50a2S7BNcJa/jKpj6d4gElIIIO94SWjMGCOFVFdUCRr4A2
NhVlKV7wEQ==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:54:39 2024 by rpki-client on console-fra.rpki-client.org