Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/zMCUzkKrYxaLgP3YlTYlw2-C5Jw.roa
File: zMCUzkKrYxaLgP3YlTYlw2-C5Jw.roa (raw, json)
Hash identifier: J66lFSYQplloShhepa0ZaOt7p04RqrFIDV7EnfGoSFk=
Subject key identifier: CC:C0:94:CE:42:AB:63:16:8B:80:FD:D8:95:36:25:C3:6F:82:E4:9C
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 018FE7D243747932AE97630CC4F1630D29FC
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/zMCUzkKrYxaLgP3YlTYlw2-C5Jw.roa
Signing time: Wed 05 Jun 2024 09:54:27 +0000
ROA not before: Wed 05 Jun 2024 09:54:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
81.88.64.0/21 maxlen: 21
81.95.80.0/20 maxlen: 20
82.148.168.0/21 maxlen: 21
82.148.176.0/20 maxlen: 20
89.207.136.0/21 maxlen: 21
109.169.112.0/21 maxlen: 21
178.174.112.0/20 maxlen: 20
185.176.244.0/23 maxlen: 23
185.176.244.0/24 maxlen: 24
185.176.245.0/24 maxlen: 24
185.178.4.0/22 maxlen: 22
185.190.36.0/24 maxlen: 24
2a0a:2780::/31 maxlen: 31
2a0a:2780::/32 maxlen: 32
2a0a:2781::/32 maxlen: 32
2a10:d640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:d2:43:74:79:32:ae:97:63:0c:c4:f1:63:0d:29:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Jun 5 09:54:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccc094ce42ab63168b80fdd8953625c36f82e49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:79:09:b1:8d:3c:1e:df:3e:c0:9f:86:ba:5b:
1a:d9:66:9d:20:3c:9d:b7:9b:52:f6:43:27:b5:a1:
e8:d8:b0:1d:62:44:5e:3d:3c:31:16:69:23:f4:03:
0a:80:83:b5:ef:1c:49:87:46:8d:9a:03:1f:82:de:
80:6e:7f:d4:aa:fb:73:26:27:a9:c9:92:07:76:7f:
1a:51:44:76:9f:3b:0a:bf:23:16:34:77:9d:a6:b3:
f7:7c:8f:7a:77:7c:e4:56:42:58:ea:b7:40:16:d3:
22:48:21:a8:31:d4:c8:f9:54:4c:8d:0f:21:1e:25:
59:dc:64:b7:26:96:a5:7e:cc:41:5e:14:c6:8b:eb:
6b:71:e3:e7:bf:1a:d1:7f:05:72:bc:a6:6a:c4:92:
11:21:18:4f:b0:33:ef:79:ea:46:3c:cd:9a:ef:e9:
f2:b3:5c:7f:7e:73:5b:b5:08:40:24:72:6d:83:66:
1b:1f:39:90:5b:66:b8:63:19:84:1d:9d:3a:44:79:
ee:71:ca:90:60:d8:32:05:7e:9b:9f:74:d0:21:da:
34:48:bd:5c:f1:a7:5e:78:29:50:b6:db:65:01:38:
e7:07:22:2d:06:a3:ad:c8:9b:e4:58:ab:a9:dc:d3:
62:28:07:c6:4d:a5:64:ee:0e:49:31:41:57:b0:a4:
f9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C0:94:CE:42:AB:63:16:8B:80:FD:D8:95:36:25:C3:6F:82:E4:9C
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/zMCUzkKrYxaLgP3YlTYlw2-C5Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
81.88.64.0/21
81.95.80.0/20
82.148.168.0-82.148.191.255
89.207.136.0/21
109.169.112.0/21
178.174.112.0/20
185.176.244.0/23
185.178.4.0/22
185.190.36.0/24
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
71:ee:c2:b5:81:77:14:18:77:24:92:69:3a:a7:31:38:29:a8:
6a:44:85:1b:cb:17:e8:23:7c:55:12:53:b7:d0:d1:43:8a:d0:
48:31:98:64:e8:d5:0b:8b:47:d4:e3:8f:5c:c3:48:6e:e9:dc:
df:aa:5e:35:d1:f3:32:ad:ed:47:57:0c:97:fa:ec:87:07:ec:
65:b2:f9:b7:77:dc:3c:14:1e:3a:ee:86:3a:ef:15:82:5d:4d:
09:67:fd:dc:bf:ce:9a:c6:4d:20:bc:44:8d:69:06:3c:01:99:
4e:be:8e:0d:dc:df:05:79:0c:d1:e8:49:c0:bc:ed:de:61:3e:
e2:f3:80:27:71:0f:be:cf:ae:31:73:e8:2c:63:bf:34:31:d3:
63:ac:1a:40:1b:68:6f:16:9f:83:9b:ee:c9:dd:5d:e4:92:c6:
09:2c:e5:c6:61:8b:42:b1:b4:d5:12:5e:5e:34:e6:66:2b:29:
32:58:9e:1f:d2:92:55:db:8f:9d:82:b8:c2:52:3f:a5:a5:e9:
fe:e8:ef:10:a8:04:c2:ed:6b:05:26:85:87:74:9b:b8:ff:fd:
c8:72:23:aa:d3:b8:bb:00:17:4c:9a:6f:bd:82:18:39:2b:5f:
40:4c:60:01:ff:75:43:fa:7c:e6:c9:49:1f:c7:64:4b:ee:78:
10:cd:fa:6b
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY/n0kN0eTKul2MMxPFjDSn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjQwNjA1MDk1NDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2MwOTRjZTQyYWI2MzE2OGI4MGZkZDg5NTM2MjVjMzZmODJlNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXkJsY08Ht8+wJ+Gulsa2WadIDyd
t5tS9kMntaHo2LAdYkRePTwxFmkj9AMKgIO17xxJh0aNmgMfgt6Abn/UqvtzJiep
yZIHdn8aUUR2nzsKvyMWNHedprP3fI96d3zkVkJY6rdAFtMiSCGoMdTI+VRMjQ8h
HiVZ3GS3JpalfsxBXhTGi+trcePnvxrRfwVyvKZqxJIRIRhPsDPveepGPM2a7+ny
s1x/fnNbtQhAJHJtg2YbHzmQW2a4YxmEHZ06RHnuccqQYNgyBX6bn3TQIdo0SL1c
8adeeClQtttlATjnByItBqOtyJvkWKup3NNiKAfGTaVk7g5JMUFXsKT5PwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFMzAlM5Cq2MWi4D92JU2JcNvguScMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvek1DVXprS3JZeGFMZ1AzWWxUWWx3Mi1DNUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEAwQDLuOYAwQD
UVhAAwQEUV9QMAwDBANSlKgDBAZSlIADBANZz4gDBANtqXADBASyrnADBAG5sPQD
BAK5sgQDBAC5viQwFAQCAAIwDgMFASoKJ4ADBQMqENZAMA0GCSqGSIb3DQEBCwUA
A4IBAQBx7sK1gXcUGHckkmk6pzE4KahqRIUbyxfoI3xVElO30NFDitBIMZhk6NUL
i0fU449cw0hu6dzfql410fMyre1HVwyX+uyHB+xlsvm3d9w8FB467oY67xWCXU0J
Z/3cv86axk0gvESNaQY8AZlOvo4N3N8FeQzR6EnAvO3eYT7i84AncQ++z64xc+gs
Y780MdNjrBpAG2hvFp+Dm+7J3V3kksYJLOXGYYtCsbTVEl5eNOZmKykyWJ4f0pJV
24+dgrjCUj+lpen+6O8QqATC7WsFJoWHdJu4//3IciOq07i7ABdMmm+9ghg5K19A
TGAB/3VD+nzmyUkfx2RL7ngQzfpr
-----END CERTIFICATE-----
Generated at Wed Jun 26 00:08:32 2024 by rpki-client on console-ams.rpki-client.org