Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/ZGED7YB0sLa0dgFbLd5lwdbYwfY.roa
File: ZGED7YB0sLa0dgFbLd5lwdbYwfY.roa (raw, json)
Hash identifier: x8T8N1Hp4zfzhJzbSJZr6B8FXRurFMKoZOmT8yUqM6E=
Subject key identifier: 64:61:03:ED:80:74:B0:B6:B4:76:01:5B:2D:DE:65:C1:D6:D8:C1:F6
Certificate issuer: /CN=7479df50a315029e80aa1947afe12db1e948628b
Certificate serial: 018CC80141063BDA47857ED26F9619EDC772
Authority key identifier: 74:79:DF:50:A3:15:02:9E:80:AA:19:47:AF:E1:2D:B1:E9:48:62:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/ZGED7YB0sLa0dgFbLd5lwdbYwfY.roa
Signing time: Tue 02 Jan 2024 02:29:34 +0000
ROA not before: Tue 02 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30833
IP address blocks: 217.78.176.0/21 maxlen: 21
217.78.176.0/20 maxlen: 20
217.78.184.0/21 maxlen: 21
79.98.136.0/22 maxlen: 22
79.98.136.0/21 maxlen: 21
79.98.140.0/22 maxlen: 22
80.249.202.0/23 maxlen: 23
80.249.200.0/22 maxlen: 22
80.249.200.0/23 maxlen: 23
2a00:d98::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft
rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:41:06:3b:da:47:85:7e:d2:6f:96:19:ed:c7:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7479df50a315029e80aa1947afe12db1e948628b
Validity
Not Before: Jan 2 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=646103ed8074b0b6b476015b2dde65c1d6d8c1f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:de:0b:f5:0d:0a:dc:23:e4:3b:10:3e:d2:dc:
8b:df:48:9f:96:1f:0d:86:3c:43:7d:99:d2:19:a0:
52:ac:51:3f:62:71:02:63:8b:a3:5a:86:7b:5f:b4:
67:91:50:63:a1:0e:62:c2:28:1e:95:62:11:70:73:
6c:63:af:18:92:2d:74:0d:54:3f:2c:35:76:a6:90:
14:17:0a:cd:44:83:19:a3:6a:78:b2:2d:05:17:f5:
0e:b6:f3:3a:2f:8e:71:85:a2:c3:8c:cb:c2:d0:26:
40:2b:7f:4d:65:35:e0:b2:fc:b0:ea:b9:41:66:37:
3d:66:b1:c6:69:4f:c8:23:11:b5:12:f7:da:f8:e5:
ff:1c:58:d7:8d:d3:1f:72:d7:c6:78:8c:fe:47:22:
50:5a:8a:41:da:d7:20:bd:4e:83:76:fc:22:10:cc:
69:e2:e1:79:f0:16:c6:a4:84:05:0b:2a:c6:aa:df:
9a:ca:c7:32:94:03:a1:1e:90:34:07:18:b3:57:5d:
db:c1:d1:65:0f:fb:b0:7c:93:f8:d5:c3:fb:1b:f9:
02:81:9d:d8:38:62:b8:b7:7b:e0:4f:8f:47:9b:2a:
f3:83:47:fa:4f:07:e4:8a:c9:a2:b3:0e:ad:ee:97:
22:7c:8d:08:be:20:c9:97:17:3b:ed:dd:bf:63:c5:
b0:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:61:03:ED:80:74:B0:B6:B4:76:01:5B:2D:DE:65:C1:D6:D8:C1:F6
X509v3 Authority Key Identifier:
keyid:74:79:DF:50:A3:15:02:9E:80:AA:19:47:AF:E1:2D:B1:E9:48:62:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/ZGED7YB0sLa0dgFbLd5lwdbYwfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.136.0/21
80.249.200.0/22
217.78.176.0/20
IPv6:
2a00:d98::/32
Signature Algorithm: sha256WithRSAEncryption
64:37:68:7b:d4:cb:d2:fa:15:ba:c3:43:76:b1:68:f7:ef:eb:
02:60:01:e3:28:46:1e:54:3c:55:66:ec:f3:69:1a:11:a4:f5:
c3:04:92:ff:71:c3:9a:09:96:43:93:c4:3d:3c:9d:2e:a7:6e:
c9:a8:65:21:67:27:b3:f7:50:32:59:98:87:b1:89:0b:1b:42:
74:ee:83:8c:00:b6:8f:08:fc:0b:04:a4:cb:ea:8f:1a:61:a5:
ae:15:9c:42:e9:ee:7d:c7:0b:30:bb:e0:ff:1e:0a:e0:e0:98:
6e:53:90:95:a8:09:ba:b5:e8:8f:5d:fe:1a:95:51:fd:26:9d:
47:3d:0a:15:f7:0a:2b:3b:cc:a0:0b:c3:71:fc:25:3b:1d:7e:
21:b3:63:73:ed:37:31:19:87:ff:8c:1d:2f:02:d7:4e:9a:4b:
ef:04:40:f4:42:1c:b5:30:95:5d:80:4b:cc:14:47:0d:c9:ef:
26:bf:f0:d5:b5:4b:f6:dc:86:2c:2d:2a:f0:99:e6:95:76:82:
43:4a:3c:f1:c0:e4:05:1c:e7:a7:9a:df:79:88:2d:99:c0:17:
7e:15:44:a2:f8:92:70:b5:c6:1e:98:1a:a9:33:a4:d2:37:f6:
53:b0:88:79:d4:ba:ae:71:57:38:31:c1:fa:10:c9:f8:01:1d:
55:7a:4d:35
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAUEGO9pHhX7Sb5YZ7cdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzlkZjUwYTMxNTAyOWU4MGFhMTk0N2FmZTEyZGIxZTk0
ODYyOGIwHhcNMjQwMTAyMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDYxMDNlZDgwNzRiMGI2YjQ3NjAxNWIyZGRlNjVjMWQ2ZDhjMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd4L9Q0K3CPkOxA+0tyL30iflh8N
hjxDfZnSGaBSrFE/YnECY4ujWoZ7X7RnkVBjoQ5iwigelWIRcHNsY68Yki10DVQ/
LDV2ppAUFwrNRIMZo2p4si0FF/UOtvM6L45xhaLDjMvC0CZAK39NZTXgsvyw6rlB
Zjc9ZrHGaU/IIxG1Evfa+OX/HFjXjdMfctfGeIz+RyJQWopB2tcgvU6DdvwiEMxp
4uF58BbGpIQFCyrGqt+ayscylAOhHpA0BxizV13bwdFlD/uwfJP41cP7G/kCgZ3Y
OGK4t3vgT49Hmyrzg0f6Twfkismisw6t7pcifI0IviDJlxc77d2/Y8Ww6wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGRhA+2AdLC2tHYBWy3eZcHW2MH2MB8GA1UdIwQY
MBaAFHR531CjFQKegKoZR6/hLbHpSGKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhuZlVLTVZBcDZBcWhsSHItRXRzZWxJWW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNjczNWQtNjY1OC00YjZmLWEyNjEt
OTdiYTM3MzQ1YWE4LzEvWkdFRDdZQjBzTGEwZGdGYkxkNWx3ZGJZd2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNjczNWQtNjY1OC00YjZmLWEyNjEtOTdiYTM3MzQ1YWE4
LzEvZEhuZlVLTVZBcDZBcWhsSHItRXRzZWxJWW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDT2KIAwQC
UPnIAwQE2U6wMA0EAgACMAcDBQAqAA2YMA0GCSqGSIb3DQEBCwUAA4IBAQBkN2h7
1MvS+hW6w0N2sWj37+sCYAHjKEYeVDxVZuzzaRoRpPXDBJL/ccOaCZZDk8Q9PJ0u
p27JqGUhZyez91AyWZiHsYkLG0J07oOMALaPCPwLBKTL6o8aYaWuFZxC6e59xwsw
u+D/Hgrg4JhuU5CVqAm6teiPXf4alVH9Jp1HPQoV9worO8ygC8Nx/CU7HX4hs2Nz
7TcxGYf/jB0vAtdOmkvvBED0Qhy1MJVdgEvMFEcNye8mv/DVtUv23IYsLSrwmeaV
doJDSjzxwOQFHOenmt95iC2ZwBd+FUSi+JJwtcYemBqpM6TSN/ZTsIh51LqucVc4
McH6EMn4AR1Vek01
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:24 2024 by rpki-client on console-ams.rpki-client.org