Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/Zeqy-ZnqNQfF6mwSxh6gvgQUEfA.roa
File: Zeqy-ZnqNQfF6mwSxh6gvgQUEfA.roa (raw, json)
Hash identifier: OghwfY8SjkyrPLs+igMP5zfic62lzNlgly1OTxPRQeU=
Subject key identifier: 65:EA:B2:F9:99:EA:35:07:C5:EA:6C:12:C6:1E:A0:BE:04:14:11:F0
Certificate issuer: /CN=0ef250f66dd30c3b754430a85d53236f17331b7f
Certificate serial: 01933F04F5D38FC20CB08F2BA9A5C75B10D6
Authority key identifier: 0E:F2:50:F6:6D:D3:0C:3B:75:44:30:A8:5D:53:23:6F:17:33:1B:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvJQ9m3TDDt1RDCoXVMjbxczG38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/Zeqy-ZnqNQfF6mwSxh6gvgQUEfA.roa
Signing time: Mon 18 Nov 2024 11:25:09 +0000
ROA not before: Mon 18 Nov 2024 11:25:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43885
IP address blocks: 31.210.144.0/22 maxlen: 22
37.143.120.0/21 maxlen: 21
91.200.116.0/22 maxlen: 22
185.60.40.0/22 maxlen: 22
185.211.196.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/DvJQ9m3TDDt1RDCoXVMjbxczG38.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/DvJQ9m3TDDt1RDCoXVMjbxczG38.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvJQ9m3TDDt1RDCoXVMjbxczG38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3f:04:f5:d3:8f:c2:0c:b0:8f:2b:a9:a5:c7:5b:10:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef250f66dd30c3b754430a85d53236f17331b7f
Validity
Not Before: Nov 18 11:25:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65eab2f999ea3507c5ea6c12c61ea0be041411f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:af:f8:e8:7f:d0:95:b5:fb:30:fe:b3:fb:c7:
7d:9d:16:7f:02:d2:06:b9:c0:b0:c9:57:ce:2e:bb:
42:0a:2a:67:e6:14:39:e5:c6:98:63:03:10:06:71:
36:58:96:ad:05:69:de:73:b5:95:c3:e2:59:d8:9d:
63:c6:c9:40:12:35:2f:67:31:c6:7c:33:95:19:aa:
26:2a:57:35:b5:74:59:67:5d:70:1e:25:4c:67:68:
b4:d1:0b:5b:46:a4:fc:32:29:12:ad:01:b3:ee:a7:
21:d2:9c:ac:83:5c:3f:c9:0d:94:43:a6:14:41:2f:
32:2c:4f:19:57:9e:26:b5:0b:17:15:28:36:43:26:
5f:cb:b9:d5:5a:ef:ae:b0:82:a5:44:0b:1f:90:81:
32:c4:1c:f4:b7:5f:ff:f2:8a:32:e7:ff:05:45:03:
c8:64:ec:5a:92:79:f0:de:c6:2e:01:38:3d:dc:a2:
d0:76:5d:c5:3c:3b:41:a2:24:73:04:60:65:a0:d1:
f7:e4:ee:a1:9f:31:75:64:80:33:a5:30:99:87:f8:
4b:03:4f:bf:44:3a:a8:68:5e:b6:be:d5:34:9c:c6:
11:16:5b:13:8a:bb:31:e9:10:c6:77:eb:77:1e:10:
e8:56:0f:02:9d:ed:7e:94:16:9a:75:8a:14:0c:14:
fd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:EA:B2:F9:99:EA:35:07:C5:EA:6C:12:C6:1E:A0:BE:04:14:11:F0
X509v3 Authority Key Identifier:
keyid:0E:F2:50:F6:6D:D3:0C:3B:75:44:30:A8:5D:53:23:6F:17:33:1B:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvJQ9m3TDDt1RDCoXVMjbxczG38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/Zeqy-ZnqNQfF6mwSxh6gvgQUEfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/999dd3-88f7-42c2-aff5-81d5aac03496/1/DvJQ9m3TDDt1RDCoXVMjbxczG38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.144.0/22
37.143.120.0/21
91.200.116.0/22
185.60.40.0/22
185.211.196.0/22
Signature Algorithm: sha256WithRSAEncryption
42:b4:70:a9:79:d6:16:ae:c2:44:6e:38:9f:f6:0f:3d:88:7f:
95:bc:72:73:46:19:d6:06:ee:37:4c:15:6b:a7:17:e5:db:96:
d8:0c:87:42:7c:0b:b0:f7:ec:86:64:f8:0b:ed:df:0c:c9:ec:
58:6d:c4:0b:f8:88:c5:24:a6:ea:f2:ab:6c:28:e9:f0:af:6d:
15:7e:4e:c9:80:33:93:05:c6:42:cb:4d:b9:85:14:0a:dd:c9:
3e:5c:d2:11:be:54:b5:1b:c2:cb:29:b7:65:d6:d2:ba:0b:e8:
fb:b9:fc:f9:83:93:df:1e:36:1f:bc:ca:65:7a:c5:eb:31:13:
13:87:bb:a5:8b:1d:1f:58:d9:54:36:89:e5:3f:a6:17:41:2f:
f2:13:e8:bf:27:b3:ac:52:7c:db:14:b9:23:38:34:bf:92:67:
38:39:dd:1d:af:5e:d3:17:c0:c0:d3:83:7e:d7:bf:e6:09:d4:
2a:2f:04:63:24:f1:32:1f:31:08:06:14:61:80:f9:04:18:04:
ec:f2:94:b5:57:8a:f7:ca:15:68:e6:10:ff:7c:42:39:eb:ca:
bf:35:26:ac:b5:bc:e6:76:b5:aa:47:39:46:40:42:f9:c6:2c:
99:99:e7:b1:57:60:ac:98:cf:33:c1:d8:99:fe:9b:e5:f1:4b:
ee:1b:7c:7a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZM/BPXTj8IMsI8rqaXHWxDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjI1MGY2NmRkMzBjM2I3NTQ0MzBhODVkNTMyMzZmMTcz
MzFiN2YwHhcNMjQxMTE4MTEyNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWVhYjJmOTk5ZWEzNTA3YzVlYTZjMTJjNjFlYTBiZTA0MTQxMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9K/46H/QlbX7MP6z+8d9nRZ/AtIG
ucCwyVfOLrtCCipn5hQ55caYYwMQBnE2WJatBWnec7WVw+JZ2J1jxslAEjUvZzHG
fDOVGaomKlc1tXRZZ11wHiVMZ2i00QtbRqT8MikSrQGz7qch0pysg1w/yQ2UQ6YU
QS8yLE8ZV54mtQsXFSg2QyZfy7nVWu+usIKlRAsfkIEyxBz0t1//8ooy5/8FRQPI
ZOxaknnw3sYuATg93KLQdl3FPDtBoiRzBGBloNH35O6hnzF1ZIAzpTCZh/hLA0+/
RDqoaF62vtU0nMYRFlsTirsx6RDGd+t3HhDoVg8Cne1+lBaadYoUDBT9rwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGXqsvmZ6jUHxepsEsYeoL4EFBHwMB8GA1UdIwQY
MBaAFA7yUPZt0ww7dUQwqF1TI28XMxt/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZKUTltM1RERHQxUkRDb1hWTWpieGN6RzM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy85OTlkZDMtODhmNy00MmMyLWFmZjUt
ODFkNWFhYzAzNDk2LzEvWmVxeS1abnFOUWZGNm13U3hoNmd2Z1FVRWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy85OTlkZDMtODhmNy00MmMyLWFmZjUtODFkNWFhYzAzNDk2
LzEvRHZKUTltM1RERHQxUkRDb1hWTWpieGN6RzM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH9KQAwQD
JY94AwQCW8h0AwQCuTwoAwQCudPEMA0GCSqGSIb3DQEBCwUAA4IBAQBCtHCpedYW
rsJEbjif9g89iH+VvHJzRhnWBu43TBVrpxfl25bYDIdCfAuw9+yGZPgL7d8MyexY
bcQL+IjFJKbq8qtsKOnwr20Vfk7JgDOTBcZCy025hRQK3ck+XNIRvlS1G8LLKbdl
1tK6C+j7ufz5g5PfHjYfvMplesXrMRMTh7ulix0fWNlUNonlP6YXQS/yE+i/J7Os
UnzbFLkjODS/kmc4Od0dr17TF8DA04N+17/mCdQqLwRjJPEyHzEIBhRhgPkEGATs
8pS1V4r3yhVo5hD/fEI568q/NSastbzmdrWqRzlGQEL5xiyZmeexV2CsmM8zwdiZ
/pvl8UvuG3x6
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:24:02 2024 by rpki-client on console-ams.rpki-client.org