Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/b69c6a-b788-4a1f-9c5d-c07fff746938/1/zLD88dkW7EI27vIeV67ZT-hY7HU.roa
File: zLD88dkW7EI27vIeV67ZT-hY7HU.roa (raw, json)
Hash identifier: iorFOG464jgj9SGIcfs8/VAgLLfZzwdeZESehiFEfro=
Subject key identifier: CC:B0:FC:F1:D9:16:EC:42:36:EE:F2:1E:57:AE:D9:4F:E8:58:EC:75
Certificate issuer: /CN=28dc81ea389dd6aac4efbc34d52d778eba7a7fc4
Certificate serial: 018CC56EDDA2D6F701060CB67E17E5DED7A0
Authority key identifier: 28:DC:81:EA:38:9D:D6:AA:C4:EF:BC:34:D5:2D:77:8E:BA:7A:7F:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KNyB6jid1qrE77w01S13jrp6f8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/b69c6a-b788-4a1f-9c5d-c07fff746938/1/zLD88dkW7EI27vIeV67ZT-hY7HU.roa
Signing time: Mon 01 Jan 2024 14:30:26 +0000
ROA not before: Mon 01 Jan 2024 14:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61013
IP address blocks: 45.143.40.0/22 maxlen: 24
194.53.160.0/22 maxlen: 24
194.53.164.0/23 maxlen: 24
2001:67c:2828::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/b69c6a-b788-4a1f-9c5d-c07fff746938/1/KNyB6jid1qrE77w01S13jrp6f8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/b69c6a-b788-4a1f-9c5d-c07fff746938/1/KNyB6jid1qrE77w01S13jrp6f8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/KNyB6jid1qrE77w01S13jrp6f8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 14:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:dd:a2:d6:f7:01:06:0c:b6:7e:17:e5:de:d7:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28dc81ea389dd6aac4efbc34d52d778eba7a7fc4
Validity
Not Before: Jan 1 14:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccb0fcf1d916ec4236eef21e57aed94fe858ec75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:68:4e:30:f5:5a:e2:a5:36:e9:a5:0a:2e:19:
e5:de:0f:9d:8b:19:17:2f:7f:0f:a5:34:c5:18:f6:
cc:30:b7:ae:01:1c:02:d8:1d:a9:58:8f:2c:dc:56:
c2:1b:e5:03:3a:60:d3:11:b2:45:bc:b4:1f:f3:1a:
ea:14:b3:9b:39:22:63:25:64:65:d2:8f:5f:86:0e:
cd:bb:b0:37:da:f0:e3:87:aa:63:f8:29:08:ec:76:
aa:b8:d1:e2:72:16:a0:19:26:57:e6:52:e0:be:32:
ed:72:dd:01:f1:84:d0:77:2a:77:a8:1f:1c:1a:8c:
bd:12:a0:46:fc:ac:b2:ed:64:52:ce:9d:ae:dd:01:
53:7c:ab:f6:87:34:76:52:be:35:84:32:2c:2c:e9:
5a:c7:e9:64:d9:f9:7b:d4:0c:5f:06:f9:21:e1:51:
13:e8:57:6d:70:6f:7d:53:38:fa:0f:22:62:06:04:
f0:04:4c:bc:c6:1a:83:ae:fc:8e:02:b4:fe:b7:71:
d2:15:78:a1:ec:04:27:4c:a3:00:bb:da:1c:8b:0a:
b8:37:3e:e9:3a:bf:d1:d8:0e:6c:4e:36:48:37:80:
39:15:ad:c5:20:bf:b1:52:e0:ae:28:3e:00:b3:f6:
3e:25:b9:67:03:70:29:a9:26:4c:41:de:b3:b3:74:
6d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B0:FC:F1:D9:16:EC:42:36:EE:F2:1E:57:AE:D9:4F:E8:58:EC:75
X509v3 Authority Key Identifier:
keyid:28:DC:81:EA:38:9D:D6:AA:C4:EF:BC:34:D5:2D:77:8E:BA:7A:7F:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNyB6jid1qrE77w01S13jrp6f8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/b69c6a-b788-4a1f-9c5d-c07fff746938/1/zLD88dkW7EI27vIeV67ZT-hY7HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/b69c6a-b788-4a1f-9c5d-c07fff746938/1/KNyB6jid1qrE77w01S13jrp6f8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.40.0/22
194.53.160.0-194.53.165.255
IPv6:
2001:67c:2828::/48
Signature Algorithm: sha256WithRSAEncryption
17:71:0b:65:a6:58:63:d3:7a:7c:82:aa:85:db:4c:75:34:69:
9d:97:fd:51:56:c0:c8:6e:2a:36:0f:f8:a4:ac:86:a9:60:db:
9b:f9:cd:af:55:9b:41:ae:29:a1:ba:04:48:b7:ea:e3:19:ee:
c7:1d:fb:9c:dc:53:32:67:4f:4f:b7:2b:cb:f2:c4:ed:0a:85:
e9:b1:f0:77:40:43:15:e0:d6:e9:99:30:c8:27:36:5a:41:99:
66:3a:4e:9f:14:3b:04:7b:e8:91:ff:60:a9:5f:07:34:fb:0e:
22:26:cb:d8:90:91:d3:6a:b9:94:a6:7f:4b:1b:d5:8e:9a:69:
58:94:95:cc:b9:c1:72:1c:48:cb:53:5c:e1:e3:c0:41:89:82:
29:75:32:e7:52:0b:03:99:5d:f5:79:3d:11:62:16:39:04:5c:
03:c6:ef:98:d3:5b:99:9a:a2:34:e3:d8:84:36:ec:ff:32:6c:
8f:80:b0:1c:28:50:d5:a5:6a:63:ed:7e:14:c5:20:68:d0:b4:
ab:a5:d4:50:d3:be:ef:56:b3:85:73:93:64:7b:0c:49:81:d1:
f3:e4:03:e3:da:3e:05:96:cd:62:47:81:6e:68:83:5b:4f:92:
97:f2:e7:da:61:dd:3d:f1:72:46:e7:60:dd:56:f8:98:24:67:
5f:28:b6:01
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzFbt2i1vcBBgy2fhfl3tegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZGM4MWVhMzg5ZGQ2YWFjNGVmYmMzNGQ1MmQ3NzhlYmE3
YTdmYzQwHhcNMjQwMTAxMTQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2IwZmNmMWQ5MTZlYzQyMzZlZWYyMWU1N2FlZDk0ZmU4NThlYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WhOMPVa4qU26aUKLhnl3g+dixkX
L38PpTTFGPbMMLeuARwC2B2pWI8s3FbCG+UDOmDTEbJFvLQf8xrqFLObOSJjJWRl
0o9fhg7Nu7A32vDjh6pj+CkI7HaquNHichagGSZX5lLgvjLtct0B8YTQdyp3qB8c
Goy9EqBG/Kyy7WRSzp2u3QFTfKv2hzR2Ur41hDIsLOlax+lk2fl71AxfBvkh4VET
6FdtcG99Uzj6DyJiBgTwBEy8xhqDrvyOArT+t3HSFXih7AQnTKMAu9ociwq4Nz7p
Or/R2A5sTjZIN4A5Fa3FIL+xUuCuKD4As/Y+JblnA3ApqSZMQd6zs3RtQQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFMyw/PHZFuxCNu7yHleu2U/oWOx1MB8GA1UdIwQY
MBaAFCjcgeo4ndaqxO+8NNUtd466en/EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS055QjZqaWQxcXJFNzd3MDFTMTNqcnA2ZjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9iNjljNmEtYjc4OC00YTFmLTljNWQt
YzA3ZmZmNzQ2OTM4LzEvekxEODhka1c3RUkyN3ZJZVY2N1pULWhZN0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9iNjljNmEtYjc4OC00YTFmLTljNWQtYzA3ZmZmNzQ2OTM4
LzEvS055QjZqaWQxcXJFNzd3MDFTMTNqcnA2ZjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQCLY8oMAwD
BAXCNaADBAHCNaQwDwQCAAIwCQMHACABBnwoKDANBgkqhkiG9w0BAQsFAAOCAQEA
F3ELZaZYY9N6fIKqhdtMdTRpnZf9UVbAyG4qNg/4pKyGqWDbm/nNr1WbQa4poboE
SLfq4xnuxx37nNxTMmdPT7cry/LE7QqF6bHwd0BDFeDW6ZkwyCc2WkGZZjpOnxQ7
BHvokf9gqV8HNPsOIibL2JCR02q5lKZ/SxvVjpppWJSVzLnBchxIy1Nc4ePAQYmC
KXUy51ILA5ld9Xk9EWIWOQRcA8bvmNNbmZqiNOPYhDbs/zJsj4CwHChQ1aVqY+1+
FMUgaNC0q6XUUNO+71azhXOTZHsMSYHR8+QD49o+BZbNYkeBbmiDW0+Sl/Ln2mHd
PfFyRudg3Vb4mCRnXyi2AQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:35:26 2024 by rpki-client on console-ams.rpki-client.org