Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/Z8IfPGXjkdSfxtl3jEithYwq2ZA.roa
File: Z8IfPGXjkdSfxtl3jEithYwq2ZA.roa (raw, json)
Hash identifier: c06sBkRzaUvvxRM+6uc94KatauWGrxt21uvGe9eQ4ls=
Subject key identifier: 67:C2:1F:3C:65:E3:91:D4:9F:C6:D9:77:8C:48:AD:85:8C:2A:D9:90
Certificate issuer: /CN=71602627679a4980b70d8ade578f14192fafeb95
Certificate serial: 018CC5DC60F140589212A7B51ED3B5DEFBC5
Authority key identifier: 71:60:26:27:67:9A:49:80:B7:0D:8A:DE:57:8F:14:19:2F:AF:EB:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cWAmJ2eaSYC3DYreV48UGS-v65U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/Z8IfPGXjkdSfxtl3jEithYwq2ZA.roa
Signing time: Mon 01 Jan 2024 16:30:03 +0000
ROA not before: Mon 01 Jan 2024 16:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29107
IP address blocks: 141.98.109.0/24 maxlen: 24
2a07:76c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/cWAmJ2eaSYC3DYreV48UGS-v65U.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/cWAmJ2eaSYC3DYreV48UGS-v65U.mft
rsync://rpki.ripe.net/repository/DEFAULT/cWAmJ2eaSYC3DYreV48UGS-v65U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:60:f1:40:58:92:12:a7:b5:1e:d3:b5:de:fb:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71602627679a4980b70d8ade578f14192fafeb95
Validity
Not Before: Jan 1 16:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c21f3c65e391d49fc6d9778c48ad858c2ad990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:38:56:83:15:bb:58:84:1b:5f:c1:8a:5c:79:
2b:69:a3:d1:2e:83:c1:f0:10:a4:6e:68:d8:ee:8f:
9a:fe:ee:fb:5e:01:b6:ef:6a:c8:9c:b9:33:f7:41:
c2:1f:3a:df:9a:06:28:85:40:1a:25:02:a5:70:62:
88:a1:66:69:e1:32:05:28:0e:a0:89:72:76:69:cb:
4c:ae:72:31:e9:09:32:10:70:cd:b5:64:7b:e4:ca:
79:ad:8a:b5:e0:5b:35:9e:ad:17:18:37:90:1b:b5:
72:2d:af:e3:f7:40:04:a0:3f:57:b9:89:e9:a9:4b:
52:55:2c:8a:9b:d6:eb:37:76:d2:99:5a:a1:83:56:
37:31:bd:66:28:7c:2c:da:4f:2a:73:80:b9:ee:ee:
b5:53:6c:85:6f:6e:3f:3a:38:dd:c0:6a:6d:65:5a:
7a:0f:ae:6b:30:e3:f4:b2:b9:1d:82:3b:60:dc:62:
68:f2:a9:60:49:dc:d0:3b:83:01:7d:bd:28:bd:cf:
ae:57:41:28:a8:ee:b8:73:9d:74:6e:b6:62:a7:8c:
58:f9:4f:17:fa:96:37:91:a8:28:c2:d9:55:e3:e0:
ae:52:2b:0b:1c:de:00:93:d9:96:de:e1:be:42:2b:
fe:e9:64:9d:ae:24:2e:e1:c9:de:6a:f4:83:7f:fa:
6b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C2:1F:3C:65:E3:91:D4:9F:C6:D9:77:8C:48:AD:85:8C:2A:D9:90
X509v3 Authority Key Identifier:
keyid:71:60:26:27:67:9A:49:80:B7:0D:8A:DE:57:8F:14:19:2F:AF:EB:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cWAmJ2eaSYC3DYreV48UGS-v65U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/Z8IfPGXjkdSfxtl3jEithYwq2ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/26b4e2-caa0-48a3-8117-7d593033d005/1/cWAmJ2eaSYC3DYreV48UGS-v65U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.109.0/24
IPv6:
2a07:76c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
41:01:5f:25:b3:02:34:4d:08:18:68:de:da:ad:e9:b8:61:1e:
32:24:e9:37:e6:d2:41:82:b6:37:ad:8c:44:c0:18:53:95:91:
08:a8:4b:23:1e:ce:fb:6f:d5:c5:66:88:c8:85:d3:8e:11:b6:
75:a3:e0:e3:06:01:8a:a8:4d:3c:0b:10:1b:45:87:a7:cc:b9:
53:e1:8c:04:32:63:12:03:19:7b:1a:28:a5:84:36:cc:b9:db:
2a:f0:1a:c0:74:27:b6:ab:9a:e5:63:38:51:6a:70:dc:e0:8c:
24:37:75:79:80:12:b5:29:5a:41:9b:93:65:60:f8:de:59:cb:
ec:f0:b1:50:fb:17:e0:9e:8d:3c:5e:8a:aa:76:d7:2b:5a:16:
bd:c3:e5:4d:27:1e:d7:70:36:16:e2:8b:7f:43:ee:f6:27:9c:
2f:ab:b3:d4:70:72:6c:57:f5:47:87:bd:49:d4:19:5c:d0:03:
6a:1d:77:a4:d2:12:b5:f3:8d:d5:e2:0c:67:ef:32:c9:b2:0f:
37:92:e9:fe:d3:88:23:ea:bd:f2:b9:de:87:6e:c0:32:81:3e:
bc:b9:fd:d7:7c:0c:f7:77:b6:f1:79:d3:ba:bf:da:57:9d:3e:
8d:d5:fd:85:5c:56:3d:4c:22:bd:c3:fa:c5:19:e4:9d:0d:50:
41:0b:7f:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3GDxQFiSEqe1HtO13vvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNjAyNjI3Njc5YTQ5ODBiNzBkOGFkZTU3OGYxNDE5MmZh
ZmViOTUwHhcNMjQwMTAxMTYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2MyMWYzYzY1ZTM5MWQ0OWZjNmQ5Nzc4YzQ4YWQ4NThjMmFkOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozhWgxW7WIQbX8GKXHkraaPRLoPB
8BCkbmjY7o+a/u77XgG272rInLkz90HCHzrfmgYohUAaJQKlcGKIoWZp4TIFKA6g
iXJ2actMrnIx6QkyEHDNtWR75Mp5rYq14Fs1nq0XGDeQG7VyLa/j90AEoD9XuYnp
qUtSVSyKm9brN3bSmVqhg1Y3Mb1mKHws2k8qc4C57u61U2yFb24/OjjdwGptZVp6
D65rMOP0srkdgjtg3GJo8qlgSdzQO4MBfb0ovc+uV0EoqO64c510brZip4xY+U8X
+pY3kagowtlV4+CuUisLHN4Ak9mW3uG+Qiv+6WSdriQu4cneavSDf/prgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGfCHzxl45HUn8bZd4xIrYWMKtmQMB8GA1UdIwQY
MBaAFHFgJidnmkmAtw2K3lePFBkvr+uVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1dBbUoyZWFTWUMzRFlyZVY0OFVHUy12NjVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8yNmI0ZTItY2FhMC00OGEzLTgxMTct
N2Q1OTMwMzNkMDA1LzEvWjhJZlBHWGprZFNmeHRsM2pFaXRoWXdxMlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8yNmI0ZTItY2FhMC00OGEzLTgxMTctN2Q1OTMwMzNkMDA1
LzEvY1dBbUoyZWFTWUMzRFlyZVY0OFVHUy12NjVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAjWJtMA8E
AgACMAkDBwAqB3bAAAIwDQYJKoZIhvcNAQELBQADggEBAEEBXyWzAjRNCBho3tqt
6bhhHjIk6Tfm0kGCtjetjETAGFOVkQioSyMezvtv1cVmiMiF044RtnWj4OMGAYqo
TTwLEBtFh6fMuVPhjAQyYxIDGXsaKKWENsy52yrwGsB0J7armuVjOFFqcNzgjCQ3
dXmAErUpWkGbk2Vg+N5Zy+zwsVD7F+CejTxeiqp21ytaFr3D5U0nHtdwNhbii39D
7vYnnC+rs9RwcmxX9UeHvUnUGVzQA2odd6TSErXzjdXiDGfvMsmyDzeS6f7TiCPq
vfK53oduwDKBPry5/dd8DPd3tvF507q/2ledPo3V/YVcVj1MIr3D+sUZ5J0NUEEL
f+c=
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:56:43 2024 by rpki-client on console-ams.rpki-client.org