Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_zyHWREK1Pnt6xJW6oHFW4qqToY.roa
File: _zyHWREK1Pnt6xJW6oHFW4qqToY.roa (raw, json)
Hash identifier: q9RQD1eAWg8f/NDjneNm4ZQEQ210y1hWRdtdF4rVMRo=
Subject key identifier: FF:3C:87:59:11:0A:D4:F9:ED:EB:12:56:EA:81:C5:5B:8A:AA:4E:86
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FB2300399BD6F3DA0FBB50C068F38
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_zyHWREK1Pnt6xJW6oHFW4qqToY.roa
Signing time: Tue 02 Jan 2024 04:30:12 +0000
ROA not before: Tue 02 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203268
IP address blocks: 136.144.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:b2:30:03:99:bd:6f:3d:a0:fb:b5:0c:06:8f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff3c8759110ad4f9edeb1256ea81c55b8aaa4e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cf:76:0e:c0:03:a9:72:45:57:0e:64:59:1b:
1b:15:21:9d:bb:c7:7d:f1:37:4f:97:1b:db:47:48:
c3:c8:d2:31:4f:62:64:3e:1f:85:83:24:9a:1f:39:
94:15:c1:c7:4e:62:3c:b6:98:1b:44:10:1b:09:09:
1a:53:14:00:dd:42:ca:0e:e1:72:a2:11:e3:be:37:
6c:18:7d:7d:dc:9d:9a:43:93:fb:1c:e5:ee:57:01:
fb:dc:5d:b0:dd:fd:d7:8e:2f:0a:72:da:7d:bb:34:
cc:0f:26:07:13:52:62:c5:71:61:a7:e4:4d:e2:9c:
39:d7:b0:b7:d1:a4:f5:61:41:35:1c:2b:a9:54:b9:
a0:38:ca:35:6a:e0:5d:89:4a:de:cd:fd:ef:65:6e:
27:e2:d1:83:cb:6f:94:76:a5:ef:1a:ef:3e:e9:eb:
e5:3e:d9:19:8e:97:d1:52:6f:49:57:8e:90:0b:46:
b1:d8:9f:c4:bd:8c:07:7e:7f:7e:30:be:80:d4:7e:
d7:ed:44:ed:88:61:c6:f8:3b:f2:1c:50:ad:6b:d6:
eb:3d:84:1a:67:a2:99:76:2a:4c:76:d2:d6:dc:23:
70:31:20:e6:9b:b8:1d:a4:9f:42:bf:86:6f:e8:43:
00:62:17:d0:33:a7:b1:03:4b:d2:bd:6c:bd:4e:96:
de:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3C:87:59:11:0A:D4:F9:ED:EB:12:56:EA:81:C5:5B:8A:AA:4E:86
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_zyHWREK1Pnt6xJW6oHFW4qqToY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
136.144.44.0/22
Signature Algorithm: sha256WithRSAEncryption
70:bd:b9:b1:8e:57:55:18:93:38:bb:ce:26:f8:55:70:ed:8e:
4f:4c:82:4d:34:ef:87:54:2c:77:51:25:bf:04:ea:1b:dc:95:
a8:8b:f2:29:04:9d:81:64:d9:9c:63:6d:7f:a4:44:58:a5:b2:
05:d1:d2:a3:79:43:99:6b:4e:d6:24:d9:a3:32:b4:9b:f8:c3:
55:2e:d2:36:b2:19:95:c6:2c:bb:7c:67:e4:55:5d:32:52:6d:
da:8a:78:2e:42:24:57:0b:49:83:d1:8b:00:d2:03:a4:1b:e2:
82:1a:6d:36:04:11:db:47:4f:b9:fe:79:b8:e5:bd:d0:0e:46:
f0:28:6d:f4:0c:7a:b0:08:2c:f0:53:17:de:40:b1:61:fc:6d:
df:b3:bc:1c:55:dc:e3:ac:b3:bc:1b:e1:f0:28:8b:51:99:47:
fc:40:9f:77:a9:27:aa:b3:03:14:f9:c4:d7:ed:9f:3d:df:46:
0f:e1:f0:5a:ed:95:ea:ac:11:fb:ca:3a:92:e8:b0:b8:c8:bb:
32:db:25:08:cd:e1:29:bc:50:0c:61:66:8a:a9:b7:7f:98:ac:
97:e8:5f:53:d5:b1:45:97:77:de:d5:1d:e1:47:9a:79:7f:21:
27:1d:c3:f4:b4:93:81:f4:0e:4c:41:08:61:e2:34:16:bb:92:
e5:24:05:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb7IwA5m9bz2g+7UMBo84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjNjODc1OTExMGFkNGY5ZWRlYjEyNTZlYTgxYzU1YjhhYWE0ZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM92DsADqXJFVw5kWRsbFSGdu8d9
8TdPlxvbR0jDyNIxT2JkPh+FgySaHzmUFcHHTmI8tpgbRBAbCQkaUxQA3ULKDuFy
ohHjvjdsGH193J2aQ5P7HOXuVwH73F2w3f3Xji8Kctp9uzTMDyYHE1JixXFhp+RN
4pw517C30aT1YUE1HCupVLmgOMo1auBdiUrezf3vZW4n4tGDy2+UdqXvGu8+6evl
PtkZjpfRUm9JV46QC0ax2J/EvYwHfn9+ML6A1H7X7UTtiGHG+DvyHFCta9brPYQa
Z6KZdipMdtLW3CNwMSDmm7gdpJ9Cv4Zv6EMAYhfQM6exA0vSvWy9TpbeMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP88h1kRCtT57esSVuqBxVuKqk6GMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvX3p5SFdSRUsxUG50NnhKVzZvSEZXNHFxVG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCiJAsMA0G
CSqGSIb3DQEBCwUAA4IBAQBwvbmxjldVGJM4u84m+FVw7Y5PTIJNNO+HVCx3USW/
BOob3JWoi/IpBJ2BZNmcY21/pERYpbIF0dKjeUOZa07WJNmjMrSb+MNVLtI2shmV
xiy7fGfkVV0yUm3ainguQiRXC0mD0YsA0gOkG+KCGm02BBHbR0+5/nm45b3QDkbw
KG30DHqwCCzwUxfeQLFh/G3fs7wcVdzjrLO8G+HwKItRmUf8QJ93qSeqswMU+cTX
7Z8930YP4fBa7ZXqrBH7yjqS6LC4yLsy2yUIzeEpvFAMYWaKqbd/mKyX6F9T1bFF
l3fe1R3hR5p5fyEnHcP0tJOB9A5MQQhh4jQWu5LlJAUN
-----END CERTIFICATE-----
Generated at Fri May 17 07:06:24 2024 by rpki-client on console-fra.rpki-client.org