Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/8e2067-283b-4e4e-b67e-69f33fe1b530/1/ZCqpxFnbIdTbOjosjWvQT1Mr1_c.roa
File: ZCqpxFnbIdTbOjosjWvQT1Mr1_c.roa (raw, json)
Hash identifier: 7H3jrFhZwAGd4Trxxta/si8GMuhmHOVLMiAJguUZ6Go=
Subject key identifier: 64:2A:A9:C4:59:DB:21:D4:DB:3A:3A:2C:8D:6B:D0:4F:53:2B:D7:F7
Certificate issuer: /CN=162e48329c8be8ef209e9958da66ab0240145e19
Certificate serial: 01912825B22CACCE4C8ECFADD112E15DBDDC
Authority key identifier: 16:2E:48:32:9C:8B:E8:EF:20:9E:99:58:DA:66:AB:02:40:14:5E:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fi5IMpyL6O8gnplY2marAkAUXhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/8e2067-283b-4e4e-b67e-69f33fe1b530/1/ZCqpxFnbIdTbOjosjWvQT1Mr1_c.roa
Signing time: Tue 06 Aug 2024 14:44:04 +0000
ROA not before: Tue 06 Aug 2024 14:44:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57795
IP address blocks: 23.249.232.0/21 maxlen: 24
37.114.88.0/21 maxlen: 24
64.26.32.0/20 maxlen: 24
83.174.128.0/20 maxlen: 24
93.92.24.0/21 maxlen: 24
149.143.0.0/19 maxlen: 24
185.6.204.0/22 maxlen: 24
185.34.176.0/22 maxlen: 24
185.37.64.0/22 maxlen: 24
185.37.64.0/23 maxlen: 24
185.43.212.0/22 maxlen: 24
185.144.20.0/22 maxlen: 24
185.221.156.0/22 maxlen: 24
185.254.41.0/24 maxlen: 24
185.254.42.0/23 maxlen: 24
2a00:9340::/29 maxlen: 29
2a00:f5e0::/32 maxlen: 32
2a07:36c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/8e2067-283b-4e4e-b67e-69f33fe1b530/1/Fi5IMpyL6O8gnplY2marAkAUXhk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/8e2067-283b-4e4e-b67e-69f33fe1b530/1/Fi5IMpyL6O8gnplY2marAkAUXhk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fi5IMpyL6O8gnplY2marAkAUXhk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:28:25:b2:2c:ac:ce:4c:8e:cf:ad:d1:12:e1:5d:bd:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=162e48329c8be8ef209e9958da66ab0240145e19
Validity
Not Before: Aug 6 14:44:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=642aa9c459db21d4db3a3a2c8d6bd04f532bd7f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8e:92:49:a0:11:b9:1a:1a:1a:fc:f6:f3:30:
3d:84:1b:a3:c0:18:39:bf:e9:2c:59:35:85:e6:db:
b1:3b:4a:dd:3e:2a:d6:ed:b9:4e:c8:ef:2c:3e:7a:
8f:e6:de:1f:08:7c:3c:d6:a3:21:54:ac:f1:b7:f3:
f4:d8:68:ca:c6:28:68:68:d4:d8:d9:5a:bd:e7:1c:
2a:88:bb:ee:55:1d:de:16:22:fe:f2:60:2a:03:ab:
6b:a9:65:27:ca:ea:6d:e8:e4:41:62:d0:59:f2:a5:
1f:2b:6b:2b:85:d3:7c:0d:69:a8:91:b4:95:69:ca:
60:3b:99:1e:0c:68:14:96:21:62:d6:f5:a7:8e:c9:
05:76:23:8d:df:fd:9f:cb:fe:32:8a:84:bd:c5:b3:
93:90:27:d0:d0:e0:a5:f1:e6:10:86:b1:b7:75:c8:
b5:a8:2d:70:6c:bb:1f:e4:b6:62:bd:38:99:e8:9e:
47:bf:84:86:fd:62:f8:1a:15:b7:cd:ad:0c:44:86:
2e:11:4e:32:b8:12:75:1e:21:33:08:eb:a4:6e:85:
1e:63:0c:58:21:06:44:2f:da:c1:2e:58:65:ca:21:
a0:5e:86:af:83:8f:7f:da:e5:36:a5:60:fc:28:03:
19:56:98:1f:ff:2a:f0:d3:a2:6a:32:70:67:96:65:
2b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2A:A9:C4:59:DB:21:D4:DB:3A:3A:2C:8D:6B:D0:4F:53:2B:D7:F7
X509v3 Authority Key Identifier:
keyid:16:2E:48:32:9C:8B:E8:EF:20:9E:99:58:DA:66:AB:02:40:14:5E:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fi5IMpyL6O8gnplY2marAkAUXhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/8e2067-283b-4e4e-b67e-69f33fe1b530/1/ZCqpxFnbIdTbOjosjWvQT1Mr1_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/8e2067-283b-4e4e-b67e-69f33fe1b530/1/Fi5IMpyL6O8gnplY2marAkAUXhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.249.232.0/21
37.114.88.0/21
64.26.32.0/20
83.174.128.0/20
93.92.24.0/21
149.143.0.0/19
185.6.204.0/22
185.34.176.0/22
185.37.64.0/22
185.43.212.0/22
185.144.20.0/22
185.221.156.0/22
185.254.41.0-185.254.43.255
IPv6:
2a00:9340::/29
2a00:f5e0::/32
2a07:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
77:84:52:d9:9f:00:c2:54:45:a7:6c:2d:04:a7:d7:2d:3d:28:
e2:39:f9:3a:85:6e:62:04:d8:37:e3:66:c6:57:b5:d9:6b:e5:
ea:e1:08:9b:31:68:e5:28:db:37:41:d6:e9:2e:3d:e2:21:f6:
06:37:08:b8:33:36:6d:e9:56:ff:17:07:fa:ee:6e:26:f2:6d:
b3:18:44:c5:9c:9a:e0:75:1c:11:63:0f:22:a4:34:81:51:80:
54:94:af:a1:74:cc:56:71:07:12:f5:af:3a:b7:35:e0:26:6e:
ee:bb:05:86:65:07:a2:dc:1b:3a:17:c3:8a:d8:e7:3c:66:eb:
e1:8b:ec:74:8e:f8:bb:f0:b4:4f:10:49:1f:02:66:85:4e:68:
09:18:b1:66:06:01:35:38:94:e9:88:51:fd:4c:a4:a1:ba:8e:
73:c6:3e:6a:ed:d7:13:21:6d:74:84:3b:90:71:6e:cc:9d:9e:
b8:7a:e3:a7:12:b7:8e:13:88:2d:ca:00:3c:48:a9:87:8d:37:
99:28:b0:74:0b:9b:d4:64:28:3e:30:f9:53:23:05:e7:a4:95:
85:87:99:e0:4b:85:f1:59:e6:91:44:97:96:02:a7:1d:e2:2b:
fb:99:c9:15:f1:a9:70:09:07:e1:c7:e0:9b:6d:be:5c:bc:46:
95:5f:38:6a
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAZEoJbIsrM5Mjs+t0RLhXb3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MmU0ODMyOWM4YmU4ZWYyMDllOTk1OGRhNjZhYjAyNDAx
NDVlMTkwHhcNMjQwODA2MTQ0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDJhYTljNDU5ZGIyMWQ0ZGIzYTNhMmM4ZDZiZDA0ZjUzMmJkN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyY6SSaARuRoaGvz28zA9hBujwBg5
v+ksWTWF5tuxO0rdPirW7blOyO8sPnqP5t4fCHw81qMhVKzxt/P02GjKxihoaNTY
2Vq95xwqiLvuVR3eFiL+8mAqA6trqWUnyupt6ORBYtBZ8qUfK2srhdN8DWmokbSV
acpgO5keDGgUliFi1vWnjskFdiON3/2fy/4yioS9xbOTkCfQ0OCl8eYQhrG3dci1
qC1wbLsf5LZivTiZ6J5Hv4SG/WL4GhW3za0MRIYuEU4yuBJ1HiEzCOukboUeYwxY
IQZEL9rBLlhlyiGgXoavg49/2uU2pWD8KAMZVpgf/yrw06JqMnBnlmUrQwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFGQqqcRZ2yHU2zo6LI1r0E9TK9f3MB8GA1UdIwQY
MBaAFBYuSDKci+jvIJ6ZWNpmqwJAFF4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmk1SU1weUw2TzhnbnBsWTJtYXJBa0FVWGhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi84ZTIwNjctMjgzYi00ZTRlLWI2N2Ut
NjlmMzNmZTFiNTMwLzEvWkNxcHhGbmJJZFRiT2pvc2pXdlFUMU1yMV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi84ZTIwNjctMjgzYi00ZTRlLWI2N2UtNjlmMzNmZTFiNTMw
LzEvRmk1SU1weUw2TzhnbnBsWTJtYXJBa0FVWGhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswXAQCAAEwVgMEAxf56AME
AyVyWAMEBEAaIAMEBFOugAMEA11cGAMEBZWPAAMEArkGzAMEArkisAMEArklQAME
Arkr1AMEArmQFAMEArndnDAMAwQAuf4pAwQCuf4oMBsEAgACMBUDBQMqAJNAAwUA
KgD14AMFAyoHNsAwDQYJKoZIhvcNAQELBQADggEBAHeEUtmfAMJURadsLQSn1y09
KOI5+TqFbmIE2DfjZsZXtdlr5erhCJsxaOUo2zdB1ukuPeIh9gY3CLgzNm3pVv8X
B/rubibybbMYRMWcmuB1HBFjDyKkNIFRgFSUr6F0zFZxBxL1rzq3NeAmbu67BYZl
B6LcGzoXw4rY5zxm6+GL7HSO+LvwtE8QSR8CZoVOaAkYsWYGATU4lOmIUf1MpKG6
jnPGPmrt1xMhbXSEO5Bxbsydnrh646cSt44TiC3KADxIqYeNN5kosHQLm9RkKD4w
+VMjBeeklYWHmeBLhfFZ5pFEl5YCpx3iK/uZyRXxqXAJB+HH4Jttvly8RpVfOGo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:38 2024 by rpki-client on console-ams.rpki-client.org