Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/zcYt5FZZj10Ph_7cWKGmkIwthys.roa
File: zcYt5FZZj10Ph_7cWKGmkIwthys.roa (raw, json)
Hash identifier: egCzJhU3e/365rVKmwy7r/LFcascK5+gDrh7i6m8tzQ=
Subject key identifier: CD:C6:2D:E4:56:59:8F:5D:0F:87:FE:DC:58:A1:A6:90:8C:2D:87:2B
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 01934B6DD81A8CFF5C6BFBAA5656BD6EE067
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/zcYt5FZZj10Ph_7cWKGmkIwthys.roa
Signing time: Wed 20 Nov 2024 21:15:10 +0000
ROA not before: Wed 20 Nov 2024 21:15:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 931
IP address blocks: 5.226.138.0/24 maxlen: 24
185.16.204.0/24 maxlen: 24
217.146.81.0/24 maxlen: 24
217.146.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4b:6d:d8:1a:8c:ff:5c:6b:fb:aa:56:56:bd:6e:e0:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Nov 20 21:15:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdc62de456598f5d0f87fedc58a1a6908c2d872b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:91:4d:b8:5b:c4:d9:3a:7e:0f:ee:f7:1b:64:
f5:c9:e5:b0:45:71:94:23:a4:91:b2:c2:76:44:c5:
0d:3d:00:a2:34:e2:3e:37:e0:fc:bd:7b:68:70:d5:
61:dd:c3:bf:03:a9:4c:90:d9:98:bd:29:14:49:fd:
f3:85:0d:0b:40:ca:26:72:4c:3d:8a:f0:83:e6:54:
0e:b1:b0:f2:9d:40:d0:1e:3e:33:d8:db:2f:48:19:
2c:7f:f1:6e:46:47:75:74:55:ac:18:83:21:0c:15:
27:2b:16:27:7f:1a:be:5a:9a:c5:4e:2a:2c:2d:b4:
95:f2:0c:3f:90:3f:24:4f:cf:ac:d8:89:ae:92:16:
c6:da:51:d5:5f:52:7a:3b:af:a1:6f:6e:91:31:65:
70:dc:9c:5a:63:fd:bb:2a:ff:79:f5:a1:f8:20:12:
02:bc:3b:5d:ae:29:f9:a7:23:53:34:2d:82:34:2a:
7e:cc:02:f7:58:15:ab:8d:b6:42:73:54:13:70:d5:
f9:a5:cb:04:11:84:3c:d1:f7:ec:9a:19:93:49:6d:
fd:62:ec:06:b5:67:53:8a:bf:83:be:0a:c4:b7:a4:
d5:8f:fd:ff:40:67:2d:f0:44:10:70:6b:77:79:34:
a1:1a:dc:6f:3b:16:8d:cd:e7:a8:9d:bf:da:f8:fc:
e7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:C6:2D:E4:56:59:8F:5D:0F:87:FE:DC:58:A1:A6:90:8C:2D:87:2B
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/zcYt5FZZj10Ph_7cWKGmkIwthys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.138.0/24
185.16.204.0/24
217.146.81.0/24
217.146.88.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:9e:7a:f7:c1:d3:1a:56:d5:9e:d3:a2:65:1e:70:ff:a6:5e:
1a:40:99:d2:a3:ab:83:42:7a:4a:fa:d5:54:9a:a2:52:0e:80:
25:84:07:7e:33:8e:06:9b:16:94:76:4e:8d:45:7b:ab:ee:6b:
1b:eb:d5:4a:da:22:3d:9c:9b:ac:f2:57:e3:78:10:bb:d1:6a:
f0:8c:31:7f:4d:8b:56:92:6a:40:b1:c2:1b:94:e5:96:95:47:
be:fb:88:b0:cc:4e:e7:61:a5:1a:9a:f3:29:5f:77:69:53:49:
33:47:75:45:e8:3d:cf:2d:d7:5a:10:56:1e:b4:41:a3:9f:13:
d3:85:14:5c:a6:ba:ab:9a:7c:75:db:aa:0a:a3:62:c6:45:15:
05:68:8e:6a:29:19:d7:5e:0b:0e:94:4d:22:3d:5c:16:e3:41:
84:34:67:55:35:f5:f8:7b:91:5d:05:2e:36:08:3c:77:42:42:
b7:75:ac:2f:89:25:bb:c5:78:54:ad:d4:6f:f9:6f:00:b7:1a:
0a:92:d7:6c:c0:cc:d4:44:94:97:01:8e:58:68:72:85:05:35:
1b:6b:4b:fa:9d:b1:43:0a:1c:72:9f:d3:c9:88:63:1b:23:93:
f7:2e:a3:14:a4:35:4d:f4:ff:f5:e1:af:21:61:08:3a:5e:b8:
98:8a:f2:0e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZNLbdgajP9ca/uqVla9buBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjQxMTIwMjExNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGM2MmRlNDU2NTk4ZjVkMGY4N2ZlZGM1OGExYTY5MDhjMmQ4NzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpFNuFvE2Tp+D+73G2T1yeWwRXGU
I6SRssJ2RMUNPQCiNOI+N+D8vXtocNVh3cO/A6lMkNmYvSkUSf3zhQ0LQMomckw9
ivCD5lQOsbDynUDQHj4z2NsvSBksf/FuRkd1dFWsGIMhDBUnKxYnfxq+WprFTios
LbSV8gw/kD8kT8+s2ImukhbG2lHVX1J6O6+hb26RMWVw3JxaY/27Kv959aH4IBIC
vDtdrin5pyNTNC2CNCp+zAL3WBWrjbZCc1QTcNX5pcsEEYQ80ffsmhmTSW39YuwG
tWdTir+DvgrEt6TVj/3/QGct8EQQcGt3eTShGtxvOxaNzeeonb/a+PznawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM3GLeRWWY9dD4f+3FihppCMLYcrMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvemNZdDVGWlpqMTBQaF83Y1dLR21rSXd0aHlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABeKKAwQA
uRDMAwQA2ZJRAwQA2ZJYMA0GCSqGSIb3DQEBCwUAA4IBAQBqnnr3wdMaVtWe06Jl
HnD/pl4aQJnSo6uDQnpK+tVUmqJSDoAlhAd+M44GmxaUdk6NRXur7msb69VK2iI9
nJus8lfjeBC70WrwjDF/TYtWkmpAscIblOWWlUe++4iwzE7nYaUamvMpX3dpU0kz
R3VF6D3PLddaEFYetEGjnxPThRRcprqrmnx126oKo2LGRRUFaI5qKRnXXgsOlE0i
PVwW40GENGdVNfX4e5FdBS42CDx3QkK3dawviSW7xXhUrdRv+W8AtxoKktdswMzU
RJSXAY5YaHKFBTUba0v6nbFDChxyn9PJiGMbI5P3LqMUpDVN9P/14a8hYQg6XriY
ivIO
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:54:24 2024 by rpki-client on console-ams.rpki-client.org