Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/66bd3a-5121-490d-8c92-6ea94a961d4c/1/zFw-1hc-4VLas3san14VnAc6zgw.roa
File: zFw-1hc-4VLas3san14VnAc6zgw.roa (raw, json)
Hash identifier: ToPWGghxVOGsF1UR6AgVhdspNpemmMzn92+cEf9k0pE=
Subject key identifier: CC:5C:3E:D6:17:3E:E1:52:DA:B3:7B:1A:9F:5E:15:9C:07:3A:CE:0C
Certificate issuer: /CN=4f4da09fbbe90fb79f0f08b207f835f0f0da29fe
Certificate serial: 018CC4935E95BE71A107BD3C1216731BCE93
Authority key identifier: 4F:4D:A0:9F:BB:E9:0F:B7:9F:0F:08:B2:07:F8:35:F0:F0:DA:29:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T02gn7vpD7efDwiyB_g18PDaKf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/66bd3a-5121-490d-8c92-6ea94a961d4c/1/zFw-1hc-4VLas3san14VnAc6zgw.roa
Signing time: Mon 01 Jan 2024 10:30:41 +0000
ROA not before: Mon 01 Jan 2024 10:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41622
IP address blocks: 193.104.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/66bd3a-5121-490d-8c92-6ea94a961d4c/1/T02gn7vpD7efDwiyB_g18PDaKf4.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/66bd3a-5121-490d-8c92-6ea94a961d4c/1/T02gn7vpD7efDwiyB_g18PDaKf4.mft
rsync://rpki.ripe.net/repository/DEFAULT/T02gn7vpD7efDwiyB_g18PDaKf4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:03:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:5e:95:be:71:a1:07:bd:3c:12:16:73:1b:ce:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f4da09fbbe90fb79f0f08b207f835f0f0da29fe
Validity
Not Before: Jan 1 10:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc5c3ed6173ee152dab37b1a9f5e159c073ace0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:12:fd:7f:84:45:6e:e2:9f:f4:86:8b:8e:7a:
22:1d:99:6a:22:dc:d1:b2:d6:82:f1:4a:c4:ec:f5:
84:30:84:2d:d2:8e:64:a0:d2:f6:32:1f:70:94:2d:
1f:9a:59:0d:7d:6b:f5:01:68:34:9f:89:c0:5a:a9:
cc:c0:c5:52:69:8e:d0:42:57:e8:47:58:bd:08:47:
b4:8f:b2:3c:37:0c:13:22:0d:ac:9c:87:cf:8e:34:
f2:7a:06:86:ea:07:bb:bf:9e:e2:0e:5c:f6:bd:7d:
77:ef:e4:3d:01:b2:a0:9a:fb:cb:b5:2e:03:18:af:
9a:9a:b3:d3:01:ad:d7:89:eb:32:b5:de:97:88:a3:
04:f3:3d:91:ee:f9:3e:55:91:ad:ed:f0:7d:ce:f4:
09:ce:72:ac:57:3a:f0:47:1a:43:c5:00:3c:73:15:
1a:e8:52:34:aa:ed:44:57:35:42:eb:20:75:12:3a:
32:26:5a:a7:1e:e7:6a:78:99:4b:65:8b:38:c7:e1:
c8:50:c8:c2:dc:cf:ce:af:3a:a3:9e:c5:a4:d5:9a:
52:6b:3e:f5:a2:f4:13:5e:b3:e0:51:6d:25:10:49:
79:f3:2e:ec:59:bb:9d:32:3e:32:1d:b4:3e:ae:f0:
f1:3b:62:47:4d:e1:fa:6f:11:a4:94:33:0f:48:94:
90:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:5C:3E:D6:17:3E:E1:52:DA:B3:7B:1A:9F:5E:15:9C:07:3A:CE:0C
X509v3 Authority Key Identifier:
keyid:4F:4D:A0:9F:BB:E9:0F:B7:9F:0F:08:B2:07:F8:35:F0:F0:DA:29:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T02gn7vpD7efDwiyB_g18PDaKf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/66bd3a-5121-490d-8c92-6ea94a961d4c/1/zFw-1hc-4VLas3san14VnAc6zgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/66bd3a-5121-490d-8c92-6ea94a961d4c/1/T02gn7vpD7efDwiyB_g18PDaKf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.116.0/24
Signature Algorithm: sha256WithRSAEncryption
16:18:7a:ab:f7:8f:a8:b2:a4:64:df:3e:61:e6:80:ca:f2:23:
66:c2:1b:2e:5e:25:80:38:5f:3d:0d:8f:26:62:bc:18:7f:83:
44:75:0d:00:74:c9:d9:f0:1a:47:9a:e4:99:0b:fc:e3:61:92:
30:50:c4:42:fb:da:41:93:7a:32:e3:c2:ea:9c:94:55:b6:5d:
24:4f:14:82:31:f1:09:62:32:d2:f5:2f:b1:0b:cd:63:06:04:
41:1d:cb:a3:c9:f3:a3:3b:31:cd:63:05:31:47:be:f8:c1:a2:
3c:40:f6:a4:e9:c9:a4:46:b2:fb:98:9a:5a:40:3b:a0:26:1b:
b6:8f:9d:40:3e:34:6b:30:b4:40:b0:59:aa:88:a6:d8:e4:21:
c9:4a:f8:10:3c:94:ee:a7:56:df:3e:1e:6d:32:36:91:6d:ab:
28:45:f1:92:6f:dd:c7:9d:b6:55:98:b7:85:7c:42:1b:82:38:
1d:aa:75:5a:e2:7a:12:3b:f4:c3:08:ae:91:32:3e:43:ca:13:
76:aa:bd:28:b5:b5:bf:30:63:14:d6:16:84:32:16:4c:f6:92:
4f:80:b4:3b:a2:d6:53:19:f4:b8:b3:f9:bc:fa:55:12:7f:56:
37:74:a8:f1:b6:65:a9:d1:9f:c0:6a:b6:2a:19:62:45:fc:9f:
bb:1f:77:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk16VvnGhB708EhZzG86TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNGRhMDlmYmJlOTBmYjc5ZjBmMDhiMjA3ZjgzNWYwZjBk
YTI5ZmUwHhcNMjQwMTAxMTAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzVjM2VkNjE3M2VlMTUyZGFiMzdiMWE5ZjVlMTU5YzA3M2FjZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBL9f4RFbuKf9IaLjnoiHZlqItzR
staC8UrE7PWEMIQt0o5koNL2Mh9wlC0fmlkNfWv1AWg0n4nAWqnMwMVSaY7QQlfo
R1i9CEe0j7I8NwwTIg2snIfPjjTyegaG6ge7v57iDlz2vX137+Q9AbKgmvvLtS4D
GK+amrPTAa3Xiesytd6XiKME8z2R7vk+VZGt7fB9zvQJznKsVzrwRxpDxQA8cxUa
6FI0qu1EVzVC6yB1EjoyJlqnHudqeJlLZYs4x+HIUMjC3M/OrzqjnsWk1ZpSaz71
ovQTXrPgUW0lEEl58y7sWbudMj4yHbQ+rvDxO2JHTeH6bxGklDMPSJSQRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMxcPtYXPuFS2rN7Gp9eFZwHOs4MMB8GA1UdIwQY
MBaAFE9NoJ+76Q+3nw8Isgf4NfDw2in+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDAyZ243dnBEN2VmRHdpeUJfZzE4UERhS2Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My82NmJkM2EtNTEyMS00OTBkLThjOTIt
NmVhOTRhOTYxZDRjLzEvekZ3LTFoYy00VkxhczNzYW4xNFZuQWM2emd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My82NmJkM2EtNTEyMS00OTBkLThjOTItNmVhOTRhOTYxZDRj
LzEvVDAyZ243dnBEN2VmRHdpeUJfZzE4UERhS2Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWh0MA0G
CSqGSIb3DQEBCwUAA4IBAQAWGHqr94+osqRk3z5h5oDK8iNmwhsuXiWAOF89DY8m
YrwYf4NEdQ0AdMnZ8BpHmuSZC/zjYZIwUMRC+9pBk3oy48LqnJRVtl0kTxSCMfEJ
YjLS9S+xC81jBgRBHcujyfOjOzHNYwUxR774waI8QPak6cmkRrL7mJpaQDugJhu2
j51APjRrMLRAsFmqiKbY5CHJSvgQPJTup1bfPh5tMjaRbasoRfGSb93HnbZVmLeF
fEIbgjgdqnVa4noSO/TDCK6RMj5DyhN2qr0otbW/MGMU1haEMhZM9pJPgLQ7otZT
GfS4s/m8+lUSf1Y3dKjxtmWp0Z/AarYqGWJF/J+7H3c8
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:09:56 2024 by rpki-client on console-fra.rpki-client.org