Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/tZn7lyIq6tEiWekXEXz-SkGHzo8.roa
File: tZn7lyIq6tEiWekXEXz-SkGHzo8.roa (raw, json)
Hash identifier: NiWdg4ql85ZeEHdfy/wWhInM+oz1hYXzPT2nTZIi4FY=
Subject key identifier: B5:99:FB:97:22:2A:EA:D1:22:59:E9:17:11:7C:FE:4A:41:87:CE:8F
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018CC6B7B98F5C1D15546CB0D61DD6BD192B
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/tZn7lyIq6tEiWekXEXz-SkGHzo8.roa
Signing time: Mon 01 Jan 2024 20:29:38 +0000
ROA not before: Mon 01 Jan 2024 20:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395092
IP address blocks: 45.140.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:b9:8f:5c:1d:15:54:6c:b0:d6:1d:d6:bd:19:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 20:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b599fb97222aead12259e917117cfe4a4187ce8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cd:c9:e8:d8:28:17:63:40:e0:20:1a:92:69:
7b:9d:90:89:df:bb:cf:0e:76:35:c5:94:24:da:62:
0b:34:59:d1:4c:92:8f:bf:91:35:42:8c:c2:ba:4b:
c0:7b:95:e1:26:7d:ba:69:95:16:06:bd:e8:a6:2c:
be:3e:8a:75:a6:86:71:3b:29:18:cf:d1:f2:c0:d0:
54:4b:66:e5:d4:a6:9e:97:b7:ac:46:9b:27:1d:e1:
8e:0b:a2:cf:ec:bb:3b:ca:d6:cb:08:05:34:c0:a0:
53:31:52:70:e2:18:ab:ec:09:50:85:fd:07:ae:f5:
23:02:45:2a:6a:1d:f5:cd:bb:a7:fb:38:97:f5:7f:
d8:73:1d:f3:b3:dd:70:f1:23:5c:17:33:02:63:d0:
98:f3:10:74:5b:fe:8d:9f:68:dc:b0:73:2d:1f:dc:
84:55:02:6e:55:11:e4:e1:f2:fb:42:7b:d4:e4:60:
5a:27:aa:41:1b:d2:f9:73:08:67:93:ac:e3:4d:77:
29:61:31:f2:02:2b:2d:e6:45:c8:e5:4a:8c:59:a9:
0b:b6:7e:b6:e5:b6:23:3d:8a:36:eb:4f:eb:9c:50:
59:b5:ed:0f:93:7f:ce:63:d9:95:8f:53:63:89:5b:
55:ae:19:d4:60:ec:64:6d:1a:d5:fa:80:30:08:8a:
1e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:99:FB:97:22:2A:EA:D1:22:59:E9:17:11:7C:FE:4A:41:87:CE:8F
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/tZn7lyIq6tEiWekXEXz-SkGHzo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.174.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:03:4e:28:30:95:7e:bb:34:13:fb:6f:da:a0:62:a5:c0:69:
0c:2d:2c:64:ab:bd:c6:d5:37:0a:b8:cb:b6:7b:d8:6e:f5:07:
7c:8f:e8:87:ed:4e:c2:61:a6:f3:eb:25:74:76:b9:73:9c:58:
a9:19:d8:af:53:dc:c1:21:bb:3a:53:2f:b9:26:f3:87:21:4b:
34:44:32:24:cf:74:ca:63:19:fb:5d:5d:33:d2:9f:d5:f0:f6:
88:3c:50:53:43:91:43:cf:2e:3c:59:6a:3c:0b:27:ee:7c:6a:
ae:9d:45:4f:32:62:06:dc:1f:83:2b:20:7e:00:89:58:40:eb:
2d:01:4d:54:08:f1:ea:fc:3e:cc:0f:13:d7:00:68:17:9c:2a:
53:6b:3b:75:10:c6:31:31:d5:b4:49:30:0c:43:bf:06:f9:aa:
58:91:ac:9d:3f:77:37:66:ba:a5:ff:89:fd:63:97:e8:42:cb:
4e:ca:d9:86:10:97:5b:d4:35:6c:ef:72:32:18:44:7c:9b:da:
86:a2:ba:d7:74:a9:50:d2:b6:3e:f9:89:c4:7c:73:d6:27:db:
62:25:87:2d:78:cd:3c:6a:33:45:81:4b:22:34:4a:93:9c:e7:
ad:64:9f:0a:65:68:db:28:c0:75:89:44:02:13:84:54:79:49:
65:db:67:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt7mPXB0VVGyw1h3WvRkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTk5ZmI5NzIyMmFlYWQxMjI1OWU5MTcxMTdjZmU0YTQxODdjZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgc3J6NgoF2NA4CAakml7nZCJ37vP
DnY1xZQk2mILNFnRTJKPv5E1QozCukvAe5XhJn26aZUWBr3opiy+Pop1poZxOykY
z9HywNBUS2bl1Kael7esRpsnHeGOC6LP7Ls7ytbLCAU0wKBTMVJw4hir7AlQhf0H
rvUjAkUqah31zbun+ziX9X/Ycx3zs91w8SNcFzMCY9CY8xB0W/6Nn2jcsHMtH9yE
VQJuVRHk4fL7QnvU5GBaJ6pBG9L5cwhnk6zjTXcpYTHyAist5kXI5UqMWakLtn62
5bYjPYo260/rnFBZte0Pk3/OY9mVj1NjiVtVrhnUYOxkbRrV+oAwCIoeQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLWZ+5ciKurRIlnpFxF8/kpBh86PMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvdFpuN2x5SXE2dEVpV2VrWEVYei1Ta0dIem84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYyuMA0G
CSqGSIb3DQEBCwUAA4IBAQBqA04oMJV+uzQT+2/aoGKlwGkMLSxkq73G1TcKuMu2
e9hu9Qd8j+iH7U7CYabz6yV0drlznFipGdivU9zBIbs6Uy+5JvOHIUs0RDIkz3TK
Yxn7XV0z0p/V8PaIPFBTQ5FDzy48WWo8CyfufGqunUVPMmIG3B+DKyB+AIlYQOst
AU1UCPHq/D7MDxPXAGgXnCpTazt1EMYxMdW0STAMQ78G+apYkaydP3c3Zrql/4n9
Y5foQstOytmGEJdb1DVs73IyGER8m9qGorrXdKlQ0rY++YnEfHPWJ9tiJYcteM08
ajNFgUsiNEqTnOetZJ8KZWjbKMB1iUQCE4RUeUll22cJ
-----END CERTIFICATE-----
Generated at Sat Jun 15 19:56:58 2024 by rpki-client on console-fra.rpki-client.org