Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zvFXZdlXt1BZKNiDtKqNFoak1Wc.roa
File: zvFXZdlXt1BZKNiDtKqNFoak1Wc.roa (raw, json)
Hash identifier: 1/dJh5qblfCTM4ruo9bkATvD6v5+jYvEKQ0kHV75s8w=
Subject key identifier: CE:F1:57:65:D9:57:B7:50:59:28:D8:83:B4:AA:8D:16:86:A4:D5:67
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01930C481327375F28EDAF0ACCE11C07C11C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zvFXZdlXt1BZKNiDtKqNFoak1Wc.roa
Signing time: Fri 08 Nov 2024 14:57:50 +0000
ROA not before: Fri 08 Nov 2024 14:57:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198037
IP address blocks: 192.124.189.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
194.87.25.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0c:48:13:27:37:5f:28:ed:af:0a:cc:e1:1c:07:c1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 8 14:57:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cef15765d957b7505928d883b4aa8d1686a4d567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ef:93:48:fb:81:c0:b6:86:62:56:34:70:0f:
e4:b8:5d:30:25:b2:df:cb:8e:87:75:51:0e:bb:44:
57:b9:47:7e:80:53:36:3c:0f:4a:2e:7c:9e:9e:d0:
8a:66:51:0a:06:1f:e8:58:c4:b9:23:05:f3:7c:26:
97:91:48:ea:fa:3a:cc:6a:e0:4d:cb:45:5f:c8:0b:
bf:f8:4c:da:d3:56:68:cb:68:27:2b:eb:28:e8:1b:
3a:72:a6:38:52:39:a5:77:b8:69:15:e5:58:94:10:
f3:0d:d0:81:43:29:10:1f:34:4e:ca:cc:36:3a:5a:
09:3c:6b:2f:f2:55:fd:cf:c7:44:a3:ea:9f:f1:a1:
18:7d:13:32:33:2c:0f:88:9a:f5:d6:5c:a4:da:10:
55:30:c7:a5:c6:97:38:48:c5:1c:f2:77:df:f9:32:
5a:83:3a:06:76:ee:27:c3:b3:fd:85:5e:27:7d:8a:
94:8b:19:5c:c3:b5:24:ec:b1:17:7b:87:da:be:a5:
ef:83:a6:2d:94:cf:b4:90:cc:cb:34:d5:14:5b:83:
41:ee:ca:4b:d3:30:b1:e6:b0:ad:a4:49:d7:ce:52:
80:35:28:e0:1d:62:fd:ca:61:cd:84:bc:59:66:f5:
54:4e:bf:c0:65:71:12:bc:c5:68:3f:0e:b4:bf:82:
2e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F1:57:65:D9:57:B7:50:59:28:D8:83:B4:AA:8D:16:86:A4:D5:67
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zvFXZdlXt1BZKNiDtKqNFoak1Wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.189.0/24
194.58.41.0/24
194.87.25.0/24
194.87.73.0/24
195.133.84.0/24
Signature Algorithm: sha256WithRSAEncryption
74:7f:a2:83:ca:5f:1c:98:58:c3:43:69:7e:9c:33:8e:d5:36:
80:1c:37:d1:50:d6:1c:b3:9b:83:39:18:77:48:9f:b8:7b:e1:
02:d1:e7:dc:27:76:24:ae:ec:f2:74:2b:c9:67:79:9d:17:95:
b7:fd:92:33:6e:1c:ff:83:63:ab:ef:f8:0e:d8:e2:19:e1:cb:
09:49:d4:20:06:81:de:72:73:a1:bb:bc:a9:38:3a:b7:1d:71:
e5:d0:bc:36:aa:4d:58:86:a9:23:b5:96:1f:35:b3:30:70:5c:
5f:6c:8c:82:25:4d:83:99:c9:c3:fa:59:70:59:69:43:90:e0:
2a:5e:32:e6:3c:c2:76:aa:1d:9b:75:3f:2d:22:1e:a4:23:55:
38:5d:5f:16:ca:a1:d2:e4:9c:29:3f:53:aa:83:07:0e:77:9f:
11:63:ab:d8:ce:ea:a8:76:60:b9:b4:ba:2c:17:a4:b4:bb:b8:
7c:40:2d:44:a7:5e:5f:0d:69:60:7a:91:91:72:e9:cc:15:fd:
1d:53:8b:48:48:77:d9:e4:72:9f:73:4f:9c:65:7a:b6:7a:d5:
c7:83:5a:a0:b9:b1:c7:9e:3a:0f:3b:34:9c:53:69:28:3a:6b:
52:ee:e6:51:d8:69:9f:d2:74:70:7c:a6:2f:c2:d4:f1:ba:ff:
07:c3:93:0f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZMMSBMnN18o7a8KzOEcB8EcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA4MTQ1NzUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWYxNTc2NWQ5NTdiNzUwNTkyOGQ4ODNiNGFhOGQxNjg2YTRkNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2u+TSPuBwLaGYlY0cA/kuF0wJbLf
y46HdVEOu0RXuUd+gFM2PA9KLnyentCKZlEKBh/oWMS5IwXzfCaXkUjq+jrMauBN
y0VfyAu/+Eza01Zoy2gnK+so6Bs6cqY4Ujmld7hpFeVYlBDzDdCBQykQHzROysw2
OloJPGsv8lX9z8dEo+qf8aEYfRMyMywPiJr11lyk2hBVMMelxpc4SMUc8nff+TJa
gzoGdu4nw7P9hV4nfYqUixlcw7Uk7LEXe4favqXvg6YtlM+0kMzLNNUUW4NB7spL
0zCx5rCtpEnXzlKANSjgHWL9ymHNhLxZZvVUTr/AZXESvMVoPw60v4Iu/QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM7xV2XZV7dQWSjYg7SqjRaGpNVnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvenZGWFpkbFh0MUJaS05pRHRLcU5Gb2FrMVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwHy9AwQA
wjopAwQAwlcZAwQAwldJAwQAw4VUMA0GCSqGSIb3DQEBCwUAA4IBAQB0f6KDyl8c
mFjDQ2l+nDOO1TaAHDfRUNYcs5uDORh3SJ+4e+EC0efcJ3YkruzydCvJZ3mdF5W3
/ZIzbhz/g2Or7/gO2OIZ4csJSdQgBoHecnOhu7ypODq3HXHl0Lw2qk1YhqkjtZYf
NbMwcFxfbIyCJU2DmcnD+llwWWlDkOAqXjLmPMJ2qh2bdT8tIh6kI1U4XV8WyqHS
5JwpP1OqgwcOd58RY6vYzuqodmC5tLosF6S0u7h8QC1Ep15fDWlgepGRcunMFf0d
U4tISHfZ5HKfc0+cZXq2etXHg1qgubHHnjoPOzScU2koOmtS7uZR2Gmf0nRwfKYv
wtTxuv8Hw5MP
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:35:43 2024 by rpki-client on console-ams.rpki-client.org