Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z_PiXAs60_JevgxyXpxtBaiokm4.roa
File: z_PiXAs60_JevgxyXpxtBaiokm4.roa (raw, json)
Hash identifier: 8kvun45LLfkqbVZVolUIbXYUO2zgU8tITj7m8IrWIwo=
Subject key identifier: CF:F3:E2:5C:0B:3A:D3:F2:5E:BE:0C:72:5E:9C:6D:05:A8:A8:92:6E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019025774FE3F173C86DDC44D27D2659EBB1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z_PiXAs60_JevgxyXpxtBaiokm4.roa
Signing time: Mon 17 Jun 2024 09:11:34 +0000
ROA not before: Mon 17 Jun 2024 09:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 02:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:25:77:4f:e3:f1:73:c8:6d:dc:44:d2:7d:26:59:eb:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 17 09:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cff3e25c0b3ad3f25ebe0c725e9c6d05a8a8926e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3d:d4:b1:05:79:77:f2:54:60:f2:b9:96:f4:
81:62:8a:45:cb:dc:73:cd:82:35:6e:81:79:47:3a:
f1:56:a2:df:52:62:8e:17:a9:fc:a4:4d:c7:fc:d7:
c1:1d:af:63:0a:e5:cf:8a:d9:24:c1:79:cf:d5:79:
50:d6:f1:b9:90:be:7b:39:9f:88:97:3d:68:59:c0:
11:e6:59:3a:c4:5f:83:1a:22:f2:ca:7a:b1:a4:28:
4c:c7:76:1d:db:89:de:87:88:44:d1:85:1d:5f:4e:
8f:27:1b:ca:c9:be:47:26:50:23:63:d5:a9:bd:8d:
ff:12:3c:9e:5c:82:4a:46:15:b1:13:ee:1c:bb:0b:
46:5d:74:e7:86:61:3d:2f:d6:e4:d3:72:f4:22:ef:
e6:95:5b:0e:36:28:52:e8:8e:1b:71:bf:1f:2f:15:
ff:79:0b:17:68:6c:3c:ee:23:fa:74:d4:df:84:b3:
2c:92:57:b6:66:4a:4b:0b:da:cf:e0:be:ca:58:ba:
0b:73:60:8a:6e:16:9b:55:82:88:31:17:94:c2:50:
5f:51:e5:cb:30:c4:8a:ac:80:e3:c2:ca:58:a8:58:
82:eb:ae:79:8c:40:3d:cb:43:85:fb:57:e5:fc:98:
63:ef:d3:c2:4a:90:23:81:fc:f5:00:e8:b4:f1:23:
57:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F3:E2:5C:0B:3A:D3:F2:5E:BE:0C:72:5E:9C:6D:05:A8:A8:92:6E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/z_PiXAs60_JevgxyXpxtBaiokm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:31:2b:78:7f:b4:22:22:40:ee:7e:a1:c0:35:d1:c6:c7:d7:
db:c3:43:84:10:9e:29:79:97:c2:ef:7b:ab:17:52:fe:9b:ce:
02:b8:e6:a5:58:d4:9b:68:26:01:3b:7c:1b:d0:02:44:e9:67:
b3:fa:32:8a:d4:24:69:49:3d:19:44:4f:e7:c9:f3:2f:cd:ac:
70:a2:2b:a4:ec:7a:d3:f3:c5:5b:7e:71:31:25:27:47:29:06:
3e:86:ec:b2:8e:bb:58:7a:32:8e:54:35:5c:ae:5d:78:c6:c0:
42:53:d4:af:35:4d:d9:58:34:a8:ab:26:8b:4a:50:8a:02:46:
32:74:60:d5:49:10:4a:f2:4d:ad:57:fb:2f:87:38:af:cf:54:
e2:66:b6:ce:9c:50:86:38:31:a6:15:42:3f:0e:60:7c:58:dc:
1a:dd:f8:d3:eb:2c:71:c9:9f:1a:6e:fe:fc:39:30:51:70:fd:
d0:90:d2:65:ed:ff:c8:61:8e:6e:f4:41:2a:5e:29:83:9e:77:
3a:04:78:b7:ff:52:53:79:30:c9:b2:33:11:5a:32:7f:d6:18:
eb:7d:36:59:77:c8:95:23:10:cd:62:d6:4d:2a:58:10:84:5f:
44:d6:1f:d4:a7:c2:e7:53:34:55:3b:3a:a9:b9:01:54:86:21:
8a:ae:f6:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAld0/j8XPIbdxE0n0mWeuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE3MDkxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmYzZTI1YzBiM2FkM2YyNWViZTBjNzI1ZTljNmQwNWE4YTg5MjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD3UsQV5d/JUYPK5lvSBYopFy9xz
zYI1boF5RzrxVqLfUmKOF6n8pE3H/NfBHa9jCuXPitkkwXnP1XlQ1vG5kL57OZ+I
lz1oWcAR5lk6xF+DGiLyynqxpChMx3Yd24neh4hE0YUdX06PJxvKyb5HJlAjY9Wp
vY3/EjyeXIJKRhWxE+4cuwtGXXTnhmE9L9bk03L0Iu/mlVsONihS6I4bcb8fLxX/
eQsXaGw87iP6dNTfhLMskle2ZkpLC9rP4L7KWLoLc2CKbhabVYKIMReUwlBfUeXL
MMSKrIDjwspYqFiC6655jEA9y0OF+1fl/Jhj79PCSpAjgfz1AOi08SNXnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM/z4lwLOtPyXr4Mcl6cbQWoqJJuMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvel9QaVhBczYwX0pldmd4eVhweHRCYWlva200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACoxK3h/tCIiQO5+ocA1
0cbH19vDQ4QQnil5l8Lve6sXUv6bzgK45qVY1JtoJgE7fBvQAkTpZ7P6MorUJGlJ
PRlET+fJ8y/NrHCiK6TsetPzxVt+cTElJ0cpBj6G7LKOu1h6Mo5UNVyuXXjGwEJT
1K81TdlYNKirJotKUIoCRjJ0YNVJEEryTa1X+y+HOK/PVOJmts6cUIY4MaYVQj8O
YHxY3Brd+NPrLHHJnxpu/vw5MFFw/dCQ0mXt/8hhjm70QSpeKYOedzoEeLf/UlN5
MMmyMxFaMn/WGOt9Nll3yJUjEM1i1k0qWBCEX0TWH9SnwudTNFU7Oqm5AVSGIYqu
9iQ=
-----END CERTIFICATE-----
Generated at Mon Jun 17 10:09:09 2024 by rpki-client on console-fra.rpki-client.org