Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zERx0DigCDmmQvwLW_p2fulgXeY.roa
File: zERx0DigCDmmQvwLW_p2fulgXeY.roa (raw, json)
Hash identifier: Q9mdMFTpvvX/ZOro8/QzsQVlud7TQbGmVvg78K6Btyw=
Subject key identifier: CC:44:71:D0:38:A0:08:39:A6:42:FC:0B:5B:FA:76:7E:E9:60:5D:E6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E4CF80127D84EAAF676C574FE108A7396
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zERx0DigCDmmQvwLW_p2fulgXeY.roa
Signing time: Sun 17 Mar 2024 15:11:45 +0000
ROA not before: Sun 17 Mar 2024 15:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215311
IP address blocks: 87.121.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4c:f8:01:27:d8:4e:aa:f6:76:c5:74:fe:10:8a:73:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 17 15:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc4471d038a00839a642fc0b5bfa767ee9605de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2d:ab:57:5c:92:9b:9e:f9:17:9e:8c:04:28:
6f:52:8a:44:26:9f:31:40:fc:9d:c3:8e:b0:35:50:
8e:61:64:82:4f:7a:65:da:f8:69:9a:cb:2c:51:14:
7c:a8:1e:3b:c2:de:bb:0d:a7:3b:04:18:43:55:81:
ae:78:73:6d:b3:62:14:4c:af:62:ec:d4:ca:ea:e0:
80:b0:a4:d1:1f:78:f5:2c:ee:b2:7f:24:04:b2:29:
b7:d5:84:92:19:81:b6:8c:34:b2:82:56:87:d7:83:
9f:b7:f6:84:81:e0:e0:38:91:d2:2a:da:08:22:50:
c0:60:fa:2e:b4:0a:4e:fc:b1:04:12:b0:d2:07:5f:
3c:18:93:b0:59:e4:a2:44:b1:c0:55:f3:c8:4f:a9:
c1:3d:01:96:03:95:e6:40:f4:a0:80:93:54:a5:7e:
d9:b2:b2:0f:38:a5:69:dd:61:c2:0f:18:1e:e0:3e:
e5:be:e6:4a:92:38:c8:a7:f1:5c:8c:0b:2a:b6:ac:
60:a5:f3:6b:86:39:ee:60:a6:42:d8:94:ce:41:41:
c9:5d:84:51:86:29:5a:31:8d:79:50:29:46:14:77:
17:a3:f8:03:2b:b2:7d:8c:06:da:c7:19:7c:95:0b:
84:6e:1b:c1:17:e7:4f:90:0c:df:2a:1e:e3:d7:ec:
8c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:44:71:D0:38:A0:08:39:A6:42:FC:0B:5B:FA:76:7E:E9:60:5D:E6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zERx0DigCDmmQvwLW_p2fulgXeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.61.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:33:80:4d:b8:74:7b:62:e6:a5:a6:9d:ff:be:af:ec:ae:f2:
ac:a4:cf:ff:6d:dd:4a:4b:a1:54:95:cb:40:a0:9f:29:f3:0a:
ca:fa:d7:ce:73:23:c9:0d:16:92:d4:49:70:45:e5:74:66:c5:
6b:ed:58:a0:2c:ff:f0:df:73:02:18:4f:ba:a8:08:66:50:51:
2c:de:e1:7f:99:46:1a:6f:f0:87:d4:d5:e3:bd:2e:b5:59:6f:
68:fb:d9:12:9d:fc:23:71:b5:2b:18:fe:c4:c3:8d:31:bd:75:
0d:2b:4f:94:86:8f:11:35:79:8a:86:81:3d:2b:09:42:90:81:
4a:2f:00:4d:2d:a6:3e:95:4c:f0:c6:87:87:6e:85:67:a3:80:
2b:87:f7:f8:c0:15:bf:2a:b4:88:df:bc:ac:53:04:a7:3d:4d:
24:af:1c:fa:a0:d7:f0:16:ee:f9:01:65:c7:3c:4d:0a:35:11:
04:f3:5c:da:a2:ed:ef:f2:17:7c:84:58:73:54:e5:c6:09:5c:
2b:e7:3a:2f:f2:64:16:c5:81:10:7f:18:9a:82:6a:cb:38:57:
df:4f:d0:e8:98:82:46:73:38:09:14:37:9a:5d:03:da:ca:74:
b8:99:df:66:e0:70:0e:d1:0d:27:5d:02:29:26:06:27:a7:33:
b0:ba:46:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5M+AEn2E6q9nbFdP4QinOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE3MTUxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzQ0NzFkMDM4YTAwODM5YTY0MmZjMGI1YmZhNzY3ZWU5NjA1ZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS2rV1ySm575F56MBChvUopEJp8x
QPydw46wNVCOYWSCT3pl2vhpmsssURR8qB47wt67Dac7BBhDVYGueHNts2IUTK9i
7NTK6uCAsKTRH3j1LO6yfyQEsim31YSSGYG2jDSyglaH14Oft/aEgeDgOJHSKtoI
IlDAYPoutApO/LEEErDSB188GJOwWeSiRLHAVfPIT6nBPQGWA5XmQPSggJNUpX7Z
srIPOKVp3WHCDxge4D7lvuZKkjjIp/FcjAsqtqxgpfNrhjnuYKZC2JTOQUHJXYRR
hilaMY15UClGFHcXo/gDK7J9jAbaxxl8lQuEbhvBF+dPkAzfKh7j1+yM6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMxEcdA4oAg5pkL8C1v6dn7pYF3mMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvekVSeDBEaWdDRG1tUXZ3TFdfcDJmdWxnWGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3k9MA0G
CSqGSIb3DQEBCwUAA4IBAQAPM4BNuHR7Yualpp3/vq/srvKspM//bd1KS6FUlctA
oJ8p8wrK+tfOcyPJDRaS1ElwReV0ZsVr7VigLP/w33MCGE+6qAhmUFEs3uF/mUYa
b/CH1NXjvS61WW9o+9kSnfwjcbUrGP7Ew40xvXUNK0+Uho8RNXmKhoE9KwlCkIFK
LwBNLaY+lUzwxoeHboVno4Arh/f4wBW/KrSI37ysUwSnPU0krxz6oNfwFu75AWXH
PE0KNREE81zaou3v8hd8hFhzVOXGCVwr5zov8mQWxYEQfxiagmrLOFffT9DomIJG
czgJFDeaXQPaynS4md9m4HAO0Q0nXQIpJgYnpzOwukYe
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:28:46 2024 by rpki-client on console-ams.rpki-client.org