Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZOhKs1ECmJZJhcXek5XwYVsPcI4.roa
File: ZOhKs1ECmJZJhcXek5XwYVsPcI4.roa (raw, json)
Hash identifier: PMT86e+b5L7mFPBhIwS4kw07chpBPh8UBIhmQnMdvks=
Subject key identifier: 64:E8:4A:B3:51:02:98:96:49:85:C5:DE:93:95:F0:61:5B:0F:70:8E
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 0190E68B65BDA2053C11ECAD1ED51C6C756F
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZOhKs1ECmJZJhcXek5XwYVsPcI4.roa
Signing time: Wed 24 Jul 2024 21:00:13 +0000
ROA not before: Wed 24 Jul 2024 21:00:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57862
IP address blocks: 37.122.152.0/22 maxlen: 22
37.122.154.0/23 maxlen: 23
37.122.154.0/24 maxlen: 24
37.122.155.0/24 maxlen: 24
37.122.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 14:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e6:8b:65:bd:a2:05:3c:11:ec:ad:1e:d5:1c:6c:75:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Jul 24 21:00:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64e84ab3510298964985c5de9395f0615b0f708e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:37:4a:76:a2:be:45:06:e1:23:09:a3:e8:3d:
13:37:85:46:e9:e9:30:1b:3d:27:28:15:11:21:d8:
e1:fb:b7:35:66:8e:c7:65:18:5a:74:da:21:c4:63:
21:7b:42:a8:fe:83:4d:d3:72:9e:bb:1f:f1:f9:3e:
7d:7f:11:18:b5:45:6b:c5:21:54:ba:df:4b:aa:4c:
60:64:11:1a:98:49:b4:17:9f:4b:4a:67:a0:8a:99:
fc:fa:9c:63:95:6a:63:3e:a2:9f:66:7b:37:00:b7:
01:c1:42:c7:fe:e8:a6:15:ad:4f:2a:ed:43:b1:85:
c8:ec:2f:e6:72:68:a0:b6:95:44:12:54:54:27:c9:
bc:41:ae:f0:19:e3:1b:bd:87:55:05:c9:4c:4e:d3:
61:4a:0a:49:df:16:ed:18:1a:3a:73:a9:51:31:0a:
9f:d5:2b:56:a8:c0:bc:35:c2:60:ce:2d:7f:8c:eb:
ef:a2:3f:c0:44:fc:69:d8:0a:64:79:54:d8:81:d6:
0b:7b:80:e6:1c:68:5a:a3:27:86:57:35:f3:e3:31:
42:84:87:db:f0:db:3b:67:3a:35:2c:24:e9:10:ad:
96:65:1b:44:4e:aa:54:44:eb:39:bc:7e:8d:4c:b2:
01:c9:f1:9f:67:f4:6c:07:b8:7f:77:28:be:88:9f:
aa:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E8:4A:B3:51:02:98:96:49:85:C5:DE:93:95:F0:61:5B:0F:70:8E
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZOhKs1ECmJZJhcXek5XwYVsPcI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.152.0-37.122.156.255
Signature Algorithm: sha256WithRSAEncryption
66:32:06:4d:66:29:f9:2c:ee:f0:6c:69:aa:f2:2c:cb:c7:1c:
2f:a3:3d:70:fc:db:74:c8:49:ee:0e:5e:d0:b8:d9:af:09:df:
21:14:c7:64:69:ae:e9:e4:ea:01:79:28:d8:4e:48:99:ba:55:
62:39:98:7a:40:4d:a5:2a:c5:74:d4:59:fc:de:fe:48:7f:a4:
fa:12:a6:bb:dc:c1:12:f1:86:53:ce:0e:0b:d5:5a:58:a9:79:
de:c8:36:42:c5:3b:76:af:ce:f4:8c:91:1d:c4:d1:3a:e9:89:
b3:0e:51:db:2f:71:c5:5d:ec:55:1d:36:b5:d1:4f:d1:0d:3c:
28:27:43:6e:20:f3:92:f2:4e:fd:dd:8f:5d:97:17:ca:4a:6b:
8a:5f:ca:b5:66:f2:ff:19:ae:d6:82:98:24:2e:76:c6:c2:4e:
4a:d5:7d:32:d0:8b:d1:c6:0b:7e:91:88:e2:ae:4f:b2:75:d4:
c3:d6:d9:1d:fb:20:79:80:b1:52:a0:9a:3a:df:ea:53:b4:84:
af:a9:8c:ab:64:5a:30:85:71:16:61:2c:ae:dc:c6:d8:b2:47:
54:e7:ff:e2:a6:7c:aa:8e:81:67:e0:05:b2:3e:c8:ec:b6:7f:
35:99:9e:31:f5:c7:95:49:4b:8e:66:19:bc:a4:e8:1a:74:f8:
21:91:56:97
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZDmi2W9ogU8EeytHtUcbHVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjQwNzI0MjEwMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGU4NGFiMzUxMDI5ODk2NDk4NWM1ZGU5Mzk1ZjA2MTViMGY3MDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zdKdqK+RQbhIwmj6D0TN4VG6ekw
Gz0nKBURIdjh+7c1Zo7HZRhadNohxGMhe0Ko/oNN03Keux/x+T59fxEYtUVrxSFU
ut9LqkxgZBEamEm0F59LSmegipn8+pxjlWpjPqKfZns3ALcBwULH/uimFa1PKu1D
sYXI7C/mcmigtpVEElRUJ8m8Qa7wGeMbvYdVBclMTtNhSgpJ3xbtGBo6c6lRMQqf
1StWqMC8NcJgzi1/jOvvoj/ARPxp2ApkeVTYgdYLe4DmHGhaoyeGVzXz4zFChIfb
8Ns7Zzo1LCTpEK2WZRtETqpUROs5vH6NTLIByfGfZ/RsB7h/dyi+iJ+qOwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGToSrNRApiWSYXF3pOV8GFbD3COMB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvWk9oS3MxRUNtSlpKaGNYZWs1WHdZVnNQY0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMlepgD
BAAlepwwDQYJKoZIhvcNAQELBQADggEBAGYyBk1mKfks7vBsaaryLMvHHC+jPXD8
23TISe4OXtC42a8J3yEUx2Rprunk6gF5KNhOSJm6VWI5mHpATaUqxXTUWfze/kh/
pPoSprvcwRLxhlPODgvVWliped7INkLFO3avzvSMkR3E0TrpibMOUdsvccVd7FUd
NrXRT9ENPCgnQ24g85LyTv3dj12XF8pKa4pfyrVm8v8ZrtaCmCQudsbCTkrVfTLQ
i9HGC36RiOKuT7J11MPW2R37IHmAsVKgmjrf6lO0hK+pjKtkWjCFcRZhLK7cxtiy
R1Tn/+KmfKqOgWfgBbI+yOy2fzWZnjH1x5VJS45mGbyk6Bp0+CGRVpc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:23:03 2024 by rpki-client on console-fra.rpki-client.org