Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/zu-VOx3spfm8o5gY6Eb85aVuI0g.roa
File: zu-VOx3spfm8o5gY6Eb85aVuI0g.roa (raw, json)
Hash identifier: +2S7wKIJ885ePc93ZoC1oZPAQ5Sht+BnBeNsVQmXaW8=
Subject key identifier: CE:EF:95:3B:1D:EC:A5:F9:BC:A3:98:18:E8:46:FC:E5:A5:6E:23:48
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 018FE2F8CEB2974B58F9F79630F1C0D56974
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/zu-VOx3spfm8o5gY6Eb85aVuI0g.roa
Signing time: Tue 04 Jun 2024 11:18:27 +0000
ROA not before: Tue 04 Jun 2024 11:18:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48806
IP address blocks: 157.97.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:f8:ce:b2:97:4b:58:f9:f7:96:30:f1:c0:d5:69:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jun 4 11:18:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceef953b1deca5f9bca39818e846fce5a56e2348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2b:59:9a:ee:b8:e8:31:a5:78:21:d4:11:26:
36:2c:4e:82:50:84:07:9b:5d:b6:47:30:1a:cc:c1:
e5:ae:d9:09:85:07:37:2e:4f:c4:2a:24:97:97:3d:
08:7f:ca:bd:3f:c2:ba:45:55:74:5f:31:c1:7f:10:
9a:40:cf:0d:22:a8:0d:89:c3:f9:05:09:60:de:dd:
e6:48:ba:59:3f:c9:26:8f:5d:57:83:5b:ef:94:7b:
89:95:b9:5d:75:51:b4:6d:68:af:0d:5a:4c:36:ac:
0f:e3:71:2f:a2:7d:89:06:e1:3b:9e:4f:eb:fa:e9:
a9:2f:73:ae:a4:1b:50:a6:b1:2f:1a:a6:d4:ef:fa:
b4:c5:90:a8:bf:aa:3d:b7:3b:9f:68:e5:f0:4a:6e:
9a:3e:0f:ff:bb:4f:87:5c:c3:cc:1f:75:ee:27:6b:
75:e1:21:96:a8:4a:fe:b4:b2:57:9b:24:f9:7e:8b:
92:7f:00:83:a3:b2:72:f2:e0:7b:c3:e1:9e:e2:39:
02:d6:1b:f7:12:c7:32:4d:a0:07:e6:a0:f2:08:2f:
14:b9:06:7b:21:a4:2d:80:00:3d:4a:aa:aa:bb:56:
c3:c4:54:43:94:66:a6:73:80:fd:93:65:37:7f:81:
f6:89:21:08:c8:e6:a0:41:90:1c:41:e4:36:8e:34:
45:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:EF:95:3B:1D:EC:A5:F9:BC:A3:98:18:E8:46:FC:E5:A5:6E:23:48
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/zu-VOx3spfm8o5gY6Eb85aVuI0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.123.0/24
Signature Algorithm: sha256WithRSAEncryption
90:2d:00:c2:48:48:3a:b8:dc:f7:94:e0:b3:10:7a:38:89:e3:
c9:cb:5e:0e:e5:1c:07:cd:43:6a:14:87:96:eb:14:3b:38:98:
df:68:99:21:3e:cc:f0:15:26:11:94:aa:37:08:c3:b0:61:ad:
14:8a:55:b4:34:e6:d5:78:a5:76:e5:93:98:c2:08:2e:93:49:
b6:10:27:3e:3a:25:fc:7a:41:ee:51:bd:df:ff:c4:61:3e:f5:
97:a4:5e:4a:20:b6:ef:a0:ab:bc:e9:23:41:e0:29:6f:e8:73:
28:b4:22:a6:0a:ae:e0:b3:0f:da:76:55:e5:f2:44:0f:08:62:
d8:da:5b:0d:bf:54:b5:e0:15:76:70:96:fd:0b:f7:0c:c2:23:
69:5d:9c:34:79:09:f0:ac:b0:e1:ca:61:1c:61:18:25:71:8d:
38:d6:0c:b3:bc:80:0f:42:ff:d7:16:2e:16:5b:e6:94:e5:97:
59:16:62:b9:49:b1:65:f9:32:d2:e5:c1:ad:d8:89:ae:85:3d:
8f:9e:91:33:19:5b:bc:40:10:78:32:0c:55:8e:b9:50:a8:19:
e1:50:38:40:40:3d:a9:85:9b:cf:e8:ef:2e:e0:4f:e1:f7:01:
9d:44:de:f7:f6:b5:fd:ef:bf:5f:f0:30:3e:f0:9d:90:67:9d:
f4:2a:23:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/i+M6yl0tY+feWMPHA1Wl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjQwNjA0MTExODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWVmOTUzYjFkZWNhNWY5YmNhMzk4MThlODQ2ZmNlNWE1NmUyMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwStZmu646DGleCHUESY2LE6CUIQH
m122RzAazMHlrtkJhQc3Lk/EKiSXlz0If8q9P8K6RVV0XzHBfxCaQM8NIqgNicP5
BQlg3t3mSLpZP8kmj11Xg1vvlHuJlblddVG0bWivDVpMNqwP43Evon2JBuE7nk/r
+umpL3OupBtQprEvGqbU7/q0xZCov6o9tzufaOXwSm6aPg//u0+HXMPMH3XuJ2t1
4SGWqEr+tLJXmyT5fouSfwCDo7Jy8uB7w+Ge4jkC1hv3EscyTaAH5qDyCC8UuQZ7
IaQtgAA9Sqqqu1bDxFRDlGamc4D9k2U3f4H2iSEIyOagQZAcQeQ2jjRFEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7vlTsd7KX5vKOYGOhG/OWlbiNIMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvenUtVk94M3NwZm04bzVnWTZFYjg1YVZ1STBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnWF7MA0G
CSqGSIb3DQEBCwUAA4IBAQCQLQDCSEg6uNz3lOCzEHo4iePJy14O5RwHzUNqFIeW
6xQ7OJjfaJkhPszwFSYRlKo3CMOwYa0UilW0NObVeKV25ZOYwgguk0m2ECc+OiX8
ekHuUb3f/8RhPvWXpF5KILbvoKu86SNB4Clv6HMotCKmCq7gsw/adlXl8kQPCGLY
2lsNv1S14BV2cJb9C/cMwiNpXZw0eQnwrLDhymEcYRglcY041gyzvIAPQv/XFi4W
W+aU5ZdZFmK5SbFl+TLS5cGt2ImuhT2PnpEzGVu8QBB4MgxVjrlQqBnhUDhAQD2p
hZvP6O8u4E/h9wGdRN739rX9779f8DA+8J2QZ530KiNc
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:55:12 2024 by rpki-client on console-fra.rpki-client.org