Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cd2146-7fbe-4e5d-93ba-3ea2ebfe8707/1/z7fv5UlNfCDkNzsMdEgzIhGl6uk.roa
File: z7fv5UlNfCDkNzsMdEgzIhGl6uk.roa (raw, json)
Hash identifier: SXwXiCmbUYDdsZm+mCwEWslRbD+VAs4hGAUT8HKZszk=
Subject key identifier: CF:B7:EF:E5:49:4D:7C:20:E4:37:3B:0C:74:48:33:22:11:A5:EA:E9
Certificate issuer: /CN=cff374657f57078f3ca2c71109d35927c2248681
Certificate serial: 018CC9BCD1CF29267AA6BA4B04FAF7CE5FA2
Authority key identifier: CF:F3:74:65:7F:57:07:8F:3C:A2:C7:11:09:D3:59:27:C2:24:86:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z_N0ZX9XB488oscRCdNZJ8IkhoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cd2146-7fbe-4e5d-93ba-3ea2ebfe8707/1/z7fv5UlNfCDkNzsMdEgzIhGl6uk.roa
Signing time: Tue 02 Jan 2024 10:34:04 +0000
ROA not before: Tue 02 Jan 2024 10:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12963
IP address blocks: 176.100.0.0/24 maxlen: 24
176.100.1.0/24 maxlen: 24
176.100.2.0/23 maxlen: 24
176.100.4.0/24 maxlen: 24
176.100.8.0/24 maxlen: 24
176.100.9.0/24 maxlen: 24
176.100.10.0/23 maxlen: 24
176.100.5.0/24 maxlen: 24
176.100.6.0/24 maxlen: 24
176.100.14.0/24 maxlen: 24
176.100.15.0/24 maxlen: 24
176.100.16.0/24 maxlen: 24
176.100.17.0/24 maxlen: 24
176.100.16.0/20 maxlen: 20
176.100.12.0/24 maxlen: 24
176.100.13.0/24 maxlen: 24
176.100.24.0/24 maxlen: 24
176.100.21.0/24 maxlen: 24
176.100.22.0/24 maxlen: 24
176.100.23.0/24 maxlen: 24
176.100.18.0/24 maxlen: 24
176.100.19.0/24 maxlen: 24
176.100.20.0/24 maxlen: 24
176.100.28.0/24 maxlen: 24
176.100.29.0/24 maxlen: 24
176.100.30.0/24 maxlen: 24
176.100.25.0/24 maxlen: 24
176.100.26.0/24 maxlen: 24
176.100.27.0/24 maxlen: 24
176.100.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/cd2146-7fbe-4e5d-93ba-3ea2ebfe8707/1/z_N0ZX9XB488oscRCdNZJ8IkhoE.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/cd2146-7fbe-4e5d-93ba-3ea2ebfe8707/1/z_N0ZX9XB488oscRCdNZJ8IkhoE.mft
rsync://rpki.ripe.net/repository/DEFAULT/z_N0ZX9XB488oscRCdNZJ8IkhoE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 15:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d1:cf:29:26:7a:a6:ba:4b:04:fa:f7:ce:5f:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cff374657f57078f3ca2c71109d35927c2248681
Validity
Not Before: Jan 2 10:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfb7efe5494d7c20e4373b0c7448332211a5eae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5d:2a:2a:51:4c:02:83:44:f7:1b:96:c4:41:
23:db:73:b8:6b:14:87:9e:af:9b:15:f6:67:8b:00:
96:85:e1:14:3c:91:35:2c:5d:81:d1:de:d9:0a:09:
d5:34:bf:36:3c:3a:17:eb:94:2e:95:be:da:f9:8e:
f6:b4:1d:95:75:f0:cc:53:27:b1:1c:54:1a:ec:c4:
f6:7b:b1:1a:c0:4d:19:8f:ec:b3:ac:61:42:73:28:
e7:af:16:fd:21:68:96:cf:cd:c9:ec:8d:4a:0e:73:
1e:7d:b6:9d:4e:86:34:0c:23:51:08:1e:ab:c8:9c:
65:d0:8a:4f:32:d9:c6:31:12:7c:26:30:ae:cc:d0:
73:8e:56:ae:31:97:98:62:0e:a8:37:c2:22:a8:b5:
51:de:8f:b9:c9:15:12:28:bc:60:7b:e8:f0:38:cd:
af:5a:16:a8:ba:ba:bb:e9:fe:c9:da:fc:ef:3e:e8:
0b:8b:c4:03:61:e5:f4:5d:27:4f:cf:d3:d1:ba:cd:
c5:f5:d3:6a:11:f5:a2:1b:46:16:8f:5c:c8:de:8b:
e3:c1:05:4c:ea:d6:ff:65:a0:cd:d2:0d:74:b5:50:
ef:ba:5b:78:96:21:22:75:44:41:5b:2d:78:db:bc:
9f:87:9a:d0:e9:ae:92:4d:19:90:53:eb:5e:db:bd:
e8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B7:EF:E5:49:4D:7C:20:E4:37:3B:0C:74:48:33:22:11:A5:EA:E9
X509v3 Authority Key Identifier:
keyid:CF:F3:74:65:7F:57:07:8F:3C:A2:C7:11:09:D3:59:27:C2:24:86:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z_N0ZX9XB488oscRCdNZJ8IkhoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cd2146-7fbe-4e5d-93ba-3ea2ebfe8707/1/z7fv5UlNfCDkNzsMdEgzIhGl6uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cd2146-7fbe-4e5d-93ba-3ea2ebfe8707/1/z_N0ZX9XB488oscRCdNZJ8IkhoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.100.0.0-176.100.6.255
176.100.8.0-176.100.31.255
Signature Algorithm: sha256WithRSAEncryption
18:0d:a6:42:2e:af:98:db:b0:6c:9a:94:07:88:18:4a:5c:69:
ae:36:4b:71:fa:19:bd:3c:f4:96:e2:4c:51:06:78:36:1f:aa:
d1:ec:a2:d9:17:f5:10:b0:ef:e7:56:48:86:9b:45:64:33:1c:
eb:91:93:d4:6d:28:41:2b:b3:e3:0e:aa:8b:e4:6b:b9:37:1f:
26:90:da:af:e0:64:dd:40:61:36:46:25:ec:b5:f5:ee:fe:65:
45:43:e7:1e:fa:b7:22:c0:83:6d:87:26:3f:9e:55:72:13:06:
d5:56:10:de:8b:bd:3d:20:6f:76:0a:b7:a8:b0:10:b3:f3:82:
9d:70:1e:80:78:38:28:49:c0:44:5b:d7:84:ce:76:4b:9e:89:
68:9a:77:b6:ab:bc:0c:4c:33:cf:8c:96:01:0e:c0:ff:0c:cd:
d8:28:0c:76:c3:16:f5:2a:de:4d:59:de:74:75:4c:56:6f:1d:
ef:00:17:94:6e:80:36:be:42:1b:c8:cd:d7:d4:05:4e:42:a0:
a0:45:3d:f3:cc:f9:20:64:82:53:49:fd:38:ac:1e:51:57:36:
1f:87:f4:aa:1d:64:51:4e:e5:0b:67:d9:c5:42:8e:09:fd:51:
3f:8c:39:f3:10:00:f8:71:3d:12:70:9e:83:5d:bf:6c:68:91:
fd:3f:d3:e8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvNHPKSZ6prpLBPr3zl+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZjM3NDY1N2Y1NzA3OGYzY2EyYzcxMTA5ZDM1OTI3YzIy
NDg2ODEwHhcNMjQwMTAyMTAzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmI3ZWZlNTQ5NGQ3YzIwZTQzNzNiMGM3NDQ4MzMyMjExYTVlYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo10qKlFMAoNE9xuWxEEj23O4axSH
nq+bFfZniwCWheEUPJE1LF2B0d7ZCgnVNL82PDoX65Qulb7a+Y72tB2VdfDMUyex
HFQa7MT2e7EawE0Zj+yzrGFCcyjnrxb9IWiWz83J7I1KDnMefbadToY0DCNRCB6r
yJxl0IpPMtnGMRJ8JjCuzNBzjlauMZeYYg6oN8IiqLVR3o+5yRUSKLxge+jwOM2v
Whaourq76f7J2vzvPugLi8QDYeX0XSdPz9PRus3F9dNqEfWiG0YWj1zI3ovjwQVM
6tb/ZaDN0g10tVDvult4liEidURBWy1427yfh5rQ6a6STRmQU+te273oTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM+37+VJTXwg5Dc7DHRIMyIRperpMB8GA1UdIwQY
MBaAFM/zdGV/VwePPKLHEQnTWSfCJIaBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvel9OMFpYOVhCNDg4b3NjUkNkTlpKOElraG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jZDIxNDYtN2ZiZS00ZTVkLTkzYmEt
M2VhMmViZmU4NzA3LzEvejdmdjVVbE5mQ0RrTnpzTWRFZ3pJaEdsNnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jZDIxNDYtN2ZiZS00ZTVkLTkzYmEtM2VhMmViZmU4NzA3
LzEvel9OMFpYOVhCNDg4b3NjUkNkTlpKOElraG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAsDAwKwZAME
ALBkBjAMAwQDsGQIAwQFsGQAMA0GCSqGSIb3DQEBCwUAA4IBAQAYDaZCLq+Y27Bs
mpQHiBhKXGmuNktx+hm9PPSW4kxRBng2H6rR7KLZF/UQsO/nVkiGm0VkMxzrkZPU
bShBK7PjDqqL5Gu5Nx8mkNqv4GTdQGE2RiXstfXu/mVFQ+ce+rciwINthyY/nlVy
EwbVVhDei709IG92CreosBCz84KdcB6AeDgoScBEW9eEznZLnolomne2q7wMTDPP
jJYBDsD/DM3YKAx2wxb1Kt5NWd50dUxWbx3vABeUboA2vkIbyM3X1AVOQqCgRT3z
zPkgZIJTSf04rB5RVzYfh/SqHWRRTuULZ9nFQo4J/VE/jDnzEAD4cT0ScJ6DXb9s
aJH9P9Po
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:09:48 2024 by rpki-client on console-fra.rpki-client.org