Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/7dc454-1516-4979-9c72-e4694afbb6fc/1/Z9Ox0LZ1UTAx0apEyHSgWj4cOWY.roa
File: Z9Ox0LZ1UTAx0apEyHSgWj4cOWY.roa (raw, json)
Hash identifier: PCLDMOS7yZoC6d36j1yOGTltxM0NEdrQoq5e4Ys5g6M=
Subject key identifier: 67:D3:B1:D0:B6:75:51:30:31:D1:AA:44:C8:74:A0:5A:3E:1C:39:66
Certificate issuer: /CN=270fff2185665b9df9008c9e1be62601189a7d7c
Certificate serial: 018CC870BEF8CCB6B4ACDB4E4A8EF096B5B3
Authority key identifier: 27:0F:FF:21:85:66:5B:9D:F9:00:8C:9E:1B:E6:26:01:18:9A:7D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jw__IYVmW535AIyeG-YmARiafXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/7dc454-1516-4979-9c72-e4694afbb6fc/1/Z9Ox0LZ1UTAx0apEyHSgWj4cOWY.roa
Signing time: Tue 02 Jan 2024 04:31:21 +0000
ROA not before: Tue 02 Jan 2024 04:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60855
IP address blocks: 194.5.173.0/24 maxlen: 24
194.5.172.0/23 maxlen: 23
194.5.172.0/24 maxlen: 24
194.5.171.0/24 maxlen: 24
194.5.170.0/23 maxlen: 23
194.5.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/7dc454-1516-4979-9c72-e4694afbb6fc/1/Jw__IYVmW535AIyeG-YmARiafXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/7dc454-1516-4979-9c72-e4694afbb6fc/1/Jw__IYVmW535AIyeG-YmARiafXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jw__IYVmW535AIyeG-YmARiafXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:be:f8:cc:b6:b4:ac:db:4e:4a:8e:f0:96:b5:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=270fff2185665b9df9008c9e1be62601189a7d7c
Validity
Not Before: Jan 2 04:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67d3b1d0b675513031d1aa44c874a05a3e1c3966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2f:b3:5e:e9:f1:f4:e3:f2:f8:dc:3f:48:56:
36:84:d5:36:77:fe:6c:6c:00:95:46:cf:b8:0b:cb:
7b:f1:8b:16:ea:d8:bd:09:62:80:15:38:3a:6f:de:
98:07:bd:35:6d:8a:ca:1e:69:cb:46:dc:32:0f:61:
d9:9f:37:f0:26:fe:79:1e:ab:c9:62:88:15:7b:42:
ce:4a:c9:59:3e:11:68:46:54:f0:a9:b8:ba:38:2d:
24:d1:3a:0c:37:e7:d5:12:02:b6:78:e8:07:44:76:
b9:5e:73:88:4e:91:1c:2b:0e:85:1f:e2:2a:5a:de:
ff:19:e4:49:34:22:d1:14:83:1d:ac:6f:05:eb:e4:
9e:0d:87:44:c0:d2:20:be:c3:0d:01:69:14:46:91:
1a:c4:21:d8:63:c1:46:7f:f5:5d:38:29:05:9d:bb:
1c:5d:83:76:f6:32:a8:60:ed:4e:e1:2e:b9:37:2a:
02:83:5a:f5:3b:b4:72:4c:a4:45:2a:ee:01:1a:1e:
af:ee:fc:d0:f1:e6:94:a1:03:2d:59:c8:8d:cb:78:
bd:82:4f:01:5e:fe:b7:db:e3:48:5f:64:ad:d4:3f:
e1:52:f3:1a:30:dc:6c:05:ac:37:a9:b2:02:97:b1:
6c:72:2f:54:52:c9:c2:e1:f0:a0:fb:0d:46:ec:75:
aa:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D3:B1:D0:B6:75:51:30:31:D1:AA:44:C8:74:A0:5A:3E:1C:39:66
X509v3 Authority Key Identifier:
keyid:27:0F:FF:21:85:66:5B:9D:F9:00:8C:9E:1B:E6:26:01:18:9A:7D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jw__IYVmW535AIyeG-YmARiafXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7dc454-1516-4979-9c72-e4694afbb6fc/1/Z9Ox0LZ1UTAx0apEyHSgWj4cOWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7dc454-1516-4979-9c72-e4694afbb6fc/1/Jw__IYVmW535AIyeG-YmARiafXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.170.0-194.5.173.255
Signature Algorithm: sha256WithRSAEncryption
b9:02:5a:71:42:2c:9d:13:0b:25:51:fc:b0:06:e1:06:f9:81:
1e:e3:00:26:8b:91:b5:35:77:28:08:73:20:87:54:e0:15:50:
cf:53:db:b2:3c:b5:ad:06:98:cc:55:8f:be:47:c8:d5:a4:d3:
9c:ec:6e:25:d8:ba:5a:ed:88:e1:36:b7:36:60:14:99:82:15:
ed:ee:e3:c1:2d:66:70:f8:cd:75:0b:0d:5f:99:6f:6d:c1:d3:
bf:d6:51:d0:ce:85:01:57:4c:06:40:c6:c8:54:81:33:1a:dd:
ba:ae:b4:19:e6:5f:58:01:9f:e0:1c:a1:f0:33:12:99:8e:d7:
5a:39:d2:ce:a1:a1:c9:7e:22:e6:3c:cb:29:0c:34:e7:e1:cf:
e8:22:3b:0f:da:66:d0:02:f2:4a:1b:ea:29:92:ae:d9:7f:09:
e0:5b:32:1f:8f:b2:e1:19:be:65:a0:16:58:56:07:ca:3b:79:
cc:6f:22:7b:a8:59:21:a5:55:0e:2c:81:cf:f9:69:41:8c:46:
26:d8:d1:69:8a:e5:3c:2e:ff:eb:c1:e7:20:12:48:e8:6d:c4:
c1:54:26:d6:a9:71:b6:47:a4:fd:15:71:a5:8c:2b:97:8d:2d:
f5:cf:20:b3:9d:83:4c:7f:9e:47:c5:37:75:3f:27:9b:00:ab:
1f:ea:07:37
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIcL74zLa0rNtOSo7wlrWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MGZmZjIxODU2NjViOWRmOTAwOGM5ZTFiZTYyNjAxMTg5
YTdkN2MwHhcNMjQwMTAyMDQzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2QzYjFkMGI2NzU1MTMwMzFkMWFhNDRjODc0YTA1YTNlMWMzOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyy+zXunx9OPy+Nw/SFY2hNU2d/5s
bACVRs+4C8t78YsW6ti9CWKAFTg6b96YB701bYrKHmnLRtwyD2HZnzfwJv55HqvJ
YogVe0LOSslZPhFoRlTwqbi6OC0k0ToMN+fVEgK2eOgHRHa5XnOITpEcKw6FH+Iq
Wt7/GeRJNCLRFIMdrG8F6+SeDYdEwNIgvsMNAWkURpEaxCHYY8FGf/VdOCkFnbsc
XYN29jKoYO1O4S65NyoCg1r1O7RyTKRFKu4BGh6v7vzQ8eaUoQMtWciNy3i9gk8B
Xv632+NIX2St1D/hUvMaMNxsBaw3qbICl7Fsci9UUsnC4fCg+w1G7HWqZwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGfTsdC2dVEwMdGqRMh0oFo+HDlmMB8GA1UdIwQY
MBaAFCcP/yGFZlud+QCMnhvmJgEYmn18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndfX0lZVm1XNTM1QUl5ZUctWW1BUmlhZlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83ZGM0NTQtMTUxNi00OTc5LTljNzIt
ZTQ2OTRhZmJiNmZjLzEvWjlPeDBMWjFVVEF4MGFwRXlIU2dXajRjT1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83ZGM0NTQtMTUxNi00OTc5LTljNzItZTQ2OTRhZmJiNmZj
LzEvSndfX0lZVm1XNTM1QUl5ZUctWW1BUmlhZlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHCBaoD
BAHCBawwDQYJKoZIhvcNAQELBQADggEBALkCWnFCLJ0TCyVR/LAG4Qb5gR7jACaL
kbU1dygIcyCHVOAVUM9T27I8ta0GmMxVj75HyNWk05zsbiXYulrtiOE2tzZgFJmC
Fe3u48EtZnD4zXULDV+Zb23B07/WUdDOhQFXTAZAxshUgTMa3bqutBnmX1gBn+Ac
ofAzEpmO11o50s6hocl+IuY8yykMNOfhz+giOw/aZtAC8kob6imSrtl/CeBbMh+P
suEZvmWgFlhWB8o7ecxvInuoWSGlVQ4sgc/5aUGMRibY0WmK5Twu/+vB5yASSOht
xMFUJtapcbZHpP0VcaWMK5eNLfXPILOdg0x/nkfFN3U/J5sAqx/qBzc=
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:58:05 2024 by rpki-client on console-ams.rpki-client.org