Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/zZBVDpMDCFBUV6Ql1I7k7JGVz-4.roa
File: zZBVDpMDCFBUV6Ql1I7k7JGVz-4.roa (raw, json)
Hash identifier: DjSJHPIy9xGNneAlCKZX+Ov4JL8iyR/RDq1XnY6qvCg=
Subject key identifier: CD:90:55:0E:93:03:08:50:54:57:A4:25:D4:8E:E4:EC:91:95:CF:EE
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 018CC795281A9385C005C0EA07BBD3A60F2E
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/zZBVDpMDCFBUV6Ql1I7k7JGVz-4.roa
Signing time: Tue 02 Jan 2024 00:31:30 +0000
ROA not before: Tue 02 Jan 2024 00:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 194.156.1.0/24 maxlen: 24
2.57.148.0/24 maxlen: 24
5.133.110.0/24 maxlen: 24
45.143.140.0/24 maxlen: 24
192.144.16.0/24 maxlen: 24
194.59.12.0/24 maxlen: 24
45.91.161.0/24 maxlen: 24
45.88.83.0/24 maxlen: 24
45.88.82.0/24 maxlen: 24
87.247.143.0/24 maxlen: 24
45.138.145.0/24 maxlen: 24
109.94.217.0/24 maxlen: 24
109.94.216.0/24 maxlen: 24
109.94.219.0/24 maxlen: 24
109.94.218.0/24 maxlen: 24
45.136.248.0/24 maxlen: 24
80.242.62.0/24 maxlen: 24
80.242.63.0/24 maxlen: 24
45.147.244.0/24 maxlen: 24
45.147.245.0/24 maxlen: 24
45.132.207.0/24 maxlen: 24
45.147.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 00:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:28:1a:93:85:c0:05:c0:ea:07:bb:d3:a6:0f:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 2 00:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd90550e930308505457a425d48ee4ec9195cfee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:08:9a:cc:17:e8:a9:02:3a:09:e0:66:77:5c:
62:76:a5:93:a0:bb:d0:41:78:ab:bd:56:14:d2:fd:
20:fc:72:48:72:07:42:1f:8c:29:21:14:ba:0a:22:
16:34:0e:a5:b8:0e:76:c3:47:fc:aa:06:06:0c:8a:
de:78:3d:63:66:3e:3c:65:cc:b5:c8:eb:45:b3:9e:
bf:4d:04:20:99:43:99:25:8a:f0:b6:b8:c9:79:7e:
4f:71:5b:f4:13:dd:e4:fa:2b:1e:b1:13:64:df:43:
6b:5d:93:d6:3d:eb:5f:9e:28:0a:ee:0d:1f:f5:f6:
47:f6:de:2d:30:54:f5:ee:9f:c6:e4:a8:85:6b:cf:
64:23:d1:dd:dd:0c:ba:d1:50:07:b9:29:c0:68:3d:
40:c0:b2:a9:97:bc:7f:6c:42:da:61:ae:a5:c5:55:
46:dd:5c:61:df:6f:f3:98:bf:38:61:fd:55:6d:0f:
13:8a:2e:a3:2d:84:6f:07:d4:d8:8e:26:70:f3:53:
1f:ef:3e:da:96:0f:7b:c9:39:48:90:51:2e:e5:5e:
ad:ca:fb:52:88:dc:e1:58:2a:59:b6:b0:62:aa:4b:
48:26:fb:cb:ab:83:96:80:ee:6f:16:12:5a:f1:58:
2e:b8:4e:f5:2e:95:df:25:a1:90:af:dd:cf:c1:2a:
42:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:90:55:0E:93:03:08:50:54:57:A4:25:D4:8E:E4:EC:91:95:CF:EE
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/zZBVDpMDCFBUV6Ql1I7k7JGVz-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.148.0/24
5.133.110.0/24
45.88.82.0/23
45.91.161.0/24
45.132.207.0/24
45.136.248.0/24
45.138.145.0/24
45.143.140.0/24
45.147.244.0/23
45.147.247.0/24
80.242.62.0/23
87.247.143.0/24
109.94.216.0/22
192.144.16.0/24
194.59.12.0/24
194.156.1.0/24
Signature Algorithm: sha256WithRSAEncryption
63:79:45:4f:17:6e:d9:2e:31:76:7d:7e:2f:e2:6c:72:b9:d9:
9c:81:31:b9:6b:d9:45:49:93:24:ec:97:8c:74:b9:ec:80:91:
b5:4e:0f:8d:4d:cc:85:35:90:14:f3:ac:c5:bb:49:29:78:61:
dd:3e:30:44:9e:63:31:0f:e6:b0:72:16:87:ee:5c:59:85:aa:
ba:1c:ca:40:af:d6:f2:e3:3a:24:fe:a0:02:a1:05:ed:12:f3:
26:7d:e5:0e:0f:8f:75:10:6c:25:3e:3c:e4:75:2e:7f:66:99:
36:39:22:ec:b3:9a:1b:7f:64:03:52:2c:12:20:02:a4:78:78:
ab:26:d0:4b:61:f3:1a:1c:54:bf:5a:4a:84:7a:9c:eb:a6:cb:
63:6e:fb:fc:be:f4:c3:17:14:f7:00:ea:cf:c2:91:c7:b8:63:
f0:14:8c:d3:3c:fb:d0:c8:27:fc:4e:d3:1d:b5:d2:b2:09:2c:
d5:07:91:7e:db:37:f6:7c:d7:59:dc:62:96:6a:60:a9:92:bf:
54:cb:05:62:12:82:12:0d:e3:bd:00:6a:14:9c:51:d2:5f:2f:
b6:c6:4b:03:d8:6e:0c:67:6d:f9:f6:ee:6f:d7:26:05:89:14:
0f:cf:62:44:ea:d3:24:b1:e1:44:ec:4f:c8:e3:6e:59:89:11:
b5:49:0a:f7
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYzHlSgak4XABcDqB7vTpg8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjQwMTAyMDAzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDkwNTUwZTkzMDMwODUwNTQ1N2E0MjVkNDhlZTRlYzkxOTVjZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgiazBfoqQI6CeBmd1xidqWToLvQ
QXirvVYU0v0g/HJIcgdCH4wpIRS6CiIWNA6luA52w0f8qgYGDIreeD1jZj48Zcy1
yOtFs56/TQQgmUOZJYrwtrjJeX5PcVv0E93k+isesRNk30NrXZPWPetfnigK7g0f
9fZH9t4tMFT17p/G5KiFa89kI9Hd3Qy60VAHuSnAaD1AwLKpl7x/bELaYa6lxVVG
3Vxh32/zmL84Yf1VbQ8Tii6jLYRvB9TYjiZw81Mf7z7alg97yTlIkFEu5V6tyvtS
iNzhWCpZtrBiqktIJvvLq4OWgO5vFhJa8VguuE71LpXfJaGQr93PwSpCRwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFM2QVQ6TAwhQVFekJdSO5OyRlc/uMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvelpCVkRwTURDRkJVVjZRbDFJN2s3SkdWei00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAAjmUAwQA
BYVuAwQBLVhSAwQALVuhAwQALYTPAwQALYj4AwQALYqRAwQALY+MAwQBLZP0AwQA
LZP3AwQBUPI+AwQAV/ePAwQCbV7YAwQAwJAQAwQAwjsMAwQAwpwBMA0GCSqGSIb3
DQEBCwUAA4IBAQBjeUVPF27ZLjF2fX4v4mxyudmcgTG5a9lFSZMk7JeMdLnsgJG1
Tg+NTcyFNZAU86zFu0kpeGHdPjBEnmMxD+awchaH7lxZhaq6HMpAr9by4zok/qAC
oQXtEvMmfeUOD491EGwlPjzkdS5/Zpk2OSLss5obf2QDUiwSIAKkeHirJtBLYfMa
HFS/WkqEepzrpstjbvv8vvTDFxT3AOrPwpHHuGPwFIzTPPvQyCf8TtMdtdKyCSzV
B5F+2zf2fNdZ3GKWamCpkr9UywViEoISDeO9AGoUnFHSXy+2xksD2G4MZ2359u5v
1yYFiRQPz2JE6tMkseFE7E/I425ZiRG1SQr3
-----END CERTIFICATE-----
Generated at Mon May 6 05:19:24 2024 by rpki-client on console-fra.rpki-client.org