Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/z-1uHnk6ioN6Dh9LfL9KpBUsuAI.roa
File: z-1uHnk6ioN6Dh9LfL9KpBUsuAI.roa (raw, json)
Hash identifier: yp6OGueKEhnfTW3Trp5ufRSgpjmepa6KV/8/dRg4HJY=
Subject key identifier: CF:ED:6E:1E:79:3A:8A:83:7A:0E:1F:4B:7C:BF:4A:A4:15:2C:B8:02
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCD0126280104407F8930F06516CEE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/z-1uHnk6ioN6Dh9LfL9KpBUsuAI.roa
Signing time: Tue 02 Jan 2024 06:29:23 +0000
ROA not before: Tue 02 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15504
IP address blocks: 93.123.19.0/24 maxlen: 24
87.121.107.0/24 maxlen: 24
87.121.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:d0:12:62:80:10:44:07:f8:93:0f:06:51:6c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfed6e1e793a8a837a0e1f4b7cbf4aa4152cb802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:dc:a2:ea:6d:15:ef:6d:b4:62:e1:bc:96:8a:
fe:5e:5b:58:df:45:fc:ed:87:72:b3:dc:d2:d6:14:
73:f4:2d:88:a2:3c:a5:0c:80:59:d9:54:a4:24:21:
e9:71:7c:7c:c2:d4:47:01:5a:5f:db:a6:57:43:25:
83:32:c7:17:12:a5:c7:9d:b6:d8:28:93:9f:ff:83:
2d:94:27:6b:24:40:a9:22:7f:b5:9c:5f:5b:b9:cc:
4e:19:ed:35:83:10:a6:5f:78:bd:24:c2:c2:6a:ec:
02:a2:6f:b9:52:8f:d2:ac:82:0e:f6:b5:47:bc:35:
b7:9a:d0:dd:a7:7d:74:b1:b0:43:46:c9:31:98:bb:
d0:61:33:29:3b:6a:e7:1b:ad:a7:0f:44:7a:b8:64:
0d:ef:74:37:0c:56:61:bd:3d:c0:a1:34:11:c2:83:
9e:62:fc:dc:03:b3:8c:55:79:52:bd:3d:47:cb:76:
99:15:65:2e:21:68:cd:77:2b:7c:cf:06:29:0b:2b:
65:fd:09:41:c9:0d:42:aa:ba:ff:74:63:ed:0c:be:
4d:25:eb:17:37:5a:fc:64:59:2f:ff:5e:9d:8b:53:
00:37:a9:86:56:b6:4c:92:69:7b:54:64:71:e3:56:
68:8a:51:50:4b:ca:b9:b0:2c:e1:80:37:68:9c:45:
0e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:ED:6E:1E:79:3A:8A:83:7A:0E:1F:4B:7C:BF:4A:A4:15:2C:B8:02
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/z-1uHnk6ioN6Dh9LfL9KpBUsuAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.106.0/23
93.123.19.0/24
Signature Algorithm: sha256WithRSAEncryption
64:c8:4c:b4:41:13:e9:6d:85:30:b7:dd:b3:e7:53:b5:2a:78:
64:8c:54:af:87:8a:24:87:88:98:2e:22:b9:d5:56:78:cc:22:
69:30:8d:bb:67:eb:b4:9e:d2:9c:1a:48:66:3d:01:5c:b1:db:
e0:a4:77:f1:91:d0:80:a2:19:cf:2f:02:65:f9:eb:bb:cd:bb:
02:e7:a1:45:69:fd:f5:f0:75:db:1e:1f:c2:e3:ed:9b:86:04:
80:f0:2a:56:9e:92:85:6a:e6:a6:27:a8:41:d3:8f:3c:16:68:
18:94:14:ee:5a:bb:23:a6:37:65:3d:e4:31:50:c5:c2:39:aa:
36:85:dd:87:78:2d:fa:9c:3c:79:a5:ce:5f:13:a1:f6:59:85:
d3:1e:e1:f1:5e:6f:71:fe:74:00:c4:a4:a2:8c:bc:d0:37:ca:
3c:ba:34:4b:95:34:6e:c6:dd:4f:95:65:a6:23:8a:78:50:f0:
a9:4a:fc:d8:07:a6:d5:a0:d9:f6:54:64:04:79:c9:f3:27:a1:
96:3b:d4:84:e1:3a:f3:03:a4:f1:0c:e9:80:ea:b2:8a:15:6d:
57:a6:fa:fd:2c:65:81:10:f7:ae:03:d5:be:07:9a:e5:31:9e:
f7:76:fa:1f:ed:5c:25:b7:1c:de:5d:f1:a0:59:54:50:ab:44:
de:82:f3:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3NASYoAQRAf4kw8GUWzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmVkNmUxZTc5M2E4YTgzN2EwZTFmNGI3Y2JmNGFhNDE1MmNiODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidyi6m0V7220YuG8lor+XltY30X8
7Ydys9zS1hRz9C2IojylDIBZ2VSkJCHpcXx8wtRHAVpf26ZXQyWDMscXEqXHnbbY
KJOf/4MtlCdrJECpIn+1nF9bucxOGe01gxCmX3i9JMLCauwCom+5Uo/SrIIO9rVH
vDW3mtDdp310sbBDRskxmLvQYTMpO2rnG62nD0R6uGQN73Q3DFZhvT3AoTQRwoOe
YvzcA7OMVXlSvT1Hy3aZFWUuIWjNdyt8zwYpCytl/QlByQ1Cqrr/dGPtDL5NJesX
N1r8ZFkv/16di1MAN6mGVrZMkml7VGRx41ZoilFQS8q5sCzhgDdonEUOewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM/tbh55OoqDeg4fS3y/SqQVLLgCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvei0xdUhuazZpb042RGg5TGZMOUtwQlVzdUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBV3lqAwQA
XXsTMA0GCSqGSIb3DQEBCwUAA4IBAQBkyEy0QRPpbYUwt92z51O1KnhkjFSvh4ok
h4iYLiK51VZ4zCJpMI27Z+u0ntKcGkhmPQFcsdvgpHfxkdCAohnPLwJl+eu7zbsC
56FFaf318HXbHh/C4+2bhgSA8CpWnpKFauamJ6hB0488FmgYlBTuWrsjpjdlPeQx
UMXCOao2hd2HeC36nDx5pc5fE6H2WYXTHuHxXm9x/nQAxKSijLzQN8o8ujRLlTRu
xt1PlWWmI4p4UPCpSvzYB6bVoNn2VGQEecnzJ6GWO9SE4TrzA6TxDOmA6rKKFW1X
pvr9LGWBEPeuA9W+B5rlMZ73dvof7VwltxzeXfGgWVRQq0TegvNJ
-----END CERTIFICATE-----
Generated at Sun Apr 28 10:04:21 2024 by rpki-client on console-ams.rpki-client.org