Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/ZLx4wVt1WtBpJ8WKTGIIRVEwqeQ.roa
File: ZLx4wVt1WtBpJ8WKTGIIRVEwqeQ.roa (raw, json)
Hash identifier: htxgzkTGNnAvlGwg9CHlbhDoegcFnV8BDnIAcsgDhUg=
Subject key identifier: 64:BC:78:C1:5B:75:5A:D0:69:27:C5:8A:4C:62:08:45:51:30:A9:E4
Certificate issuer: /CN=cc215f58159ec576a2022776ea64f61c5bb00194
Certificate serial: 018CC56EF45177AA533C0619681DF442289D
Authority key identifier: CC:21:5F:58:15:9E:C5:76:A2:02:27:76:EA:64:F6:1C:5B:B0:01:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCFfWBWexXaiAid26mT2HFuwAZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/ZLx4wVt1WtBpJ8WKTGIIRVEwqeQ.roa
Signing time: Mon 01 Jan 2024 14:30:32 +0000
ROA not before: Mon 01 Jan 2024 14:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25554
IP address blocks: 212.122.164.0/24 maxlen: 24
212.122.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/zCFfWBWexXaiAid26mT2HFuwAZQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/zCFfWBWexXaiAid26mT2HFuwAZQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/zCFfWBWexXaiAid26mT2HFuwAZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f4:51:77:aa:53:3c:06:19:68:1d:f4:42:28:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc215f58159ec576a2022776ea64f61c5bb00194
Validity
Not Before: Jan 1 14:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64bc78c15b755ad06927c58a4c6208455130a9e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3b:9c:32:0f:1e:f6:71:b0:4e:38:7c:84:de:
bc:04:f8:86:2a:c7:80:d0:23:0d:24:fc:83:69:09:
fe:5f:a8:d2:c4:b7:fd:a7:0e:1e:c6:cd:83:63:86:
56:71:bb:52:f8:ac:c9:20:16:98:df:37:c3:73:78:
f5:86:e4:10:63:49:3c:9f:d6:5a:71:f4:63:7b:b7:
58:77:08:e7:a9:ab:22:ba:93:76:84:57:05:b8:93:
6e:54:dd:91:dd:9b:7e:1e:12:29:41:72:1c:e5:1f:
9a:1a:c7:c1:1b:5c:b9:95:4d:9a:c3:2d:2d:d0:cb:
96:08:af:e1:1c:2a:0b:da:7b:19:22:33:c8:06:d6:
42:b7:4b:b9:6f:64:37:5e:3d:d4:31:a5:0c:49:4f:
97:2a:c7:41:d3:e0:34:02:66:90:53:28:6d:98:2f:
79:f8:18:13:4e:10:9c:01:93:3e:69:80:92:cb:fa:
a2:bc:f2:b6:28:cf:c8:2e:9b:d8:69:72:c3:76:99:
1b:99:74:e9:0a:0b:ce:3b:53:50:73:2e:9c:dd:66:
36:d8:cd:c8:1d:3d:21:8d:81:f2:eb:5e:d1:08:b9:
09:e9:26:8b:43:1d:76:8b:47:8d:3f:7d:d8:27:2e:
2d:b6:21:09:86:41:de:6f:98:02:bb:bf:e9:81:08:
b3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:BC:78:C1:5B:75:5A:D0:69:27:C5:8A:4C:62:08:45:51:30:A9:E4
X509v3 Authority Key Identifier:
keyid:CC:21:5F:58:15:9E:C5:76:A2:02:27:76:EA:64:F6:1C:5B:B0:01:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCFfWBWexXaiAid26mT2HFuwAZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/ZLx4wVt1WtBpJ8WKTGIIRVEwqeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ebc748-6826-4140-a8e0-843eeee0a260/1/zCFfWBWexXaiAid26mT2HFuwAZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.122.164.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:e0:d2:b5:47:74:26:1d:a8:fc:68:00:d1:49:4a:41:d7:fe:
d2:f4:df:73:c3:5d:8d:4c:df:2f:f2:af:51:fd:36:1c:83:15:
3d:d0:c2:f8:ea:69:a4:6d:0c:03:bd:ef:88:70:0d:e2:33:9f:
ef:77:cc:c1:32:db:91:89:d6:09:c7:73:3a:df:26:7b:52:42:
b1:00:82:2e:81:b3:bb:18:63:6f:bc:99:24:c7:c9:9d:56:89:
f1:14:20:05:66:2a:56:71:db:32:ec:24:eb:22:99:0c:b9:7b:
8f:c9:dc:c1:b9:c4:c8:53:92:07:54:d4:6e:3b:6b:a9:36:bd:
6b:bf:7d:5b:0d:d1:12:e0:b5:95:cf:bf:31:c7:bc:c8:a1:83:
f9:2b:0d:14:6c:49:4d:91:c5:b2:0a:fd:51:21:3d:10:26:78:
ad:50:60:ed:be:f3:1f:22:d1:37:0a:cb:ce:1f:22:18:1a:e1:
c6:5b:d2:42:09:f8:a5:91:e9:9e:b1:3e:50:32:a8:ee:47:dc:
1b:c6:1b:5f:3c:fa:99:14:7c:66:8b:6c:88:9f:ce:1c:56:7b:
cc:7a:ee:cd:b8:98:a0:a3:89:38:17:8f:cb:cc:e2:c6:55:86:
c7:ef:05:44:20:e0:24:6e:27:46:15:23:77:cb:80:47:75:4b:
6e:09:29:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbvRRd6pTPAYZaB30QiidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjE1ZjU4MTU5ZWM1NzZhMjAyMjc3NmVhNjRmNjFjNWJi
MDAxOTQwHhcNMjQwMTAxMTQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGJjNzhjMTViNzU1YWQwNjkyN2M1OGE0YzYyMDg0NTUxMzBhOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozucMg8e9nGwTjh8hN68BPiGKseA
0CMNJPyDaQn+X6jSxLf9pw4exs2DY4ZWcbtS+KzJIBaY3zfDc3j1huQQY0k8n9Za
cfRje7dYdwjnqasiupN2hFcFuJNuVN2R3Zt+HhIpQXIc5R+aGsfBG1y5lU2awy0t
0MuWCK/hHCoL2nsZIjPIBtZCt0u5b2Q3Xj3UMaUMSU+XKsdB0+A0AmaQUyhtmC95
+BgTThCcAZM+aYCSy/qivPK2KM/ILpvYaXLDdpkbmXTpCgvOO1NQcy6c3WY22M3I
HT0hjYHy617RCLkJ6SaLQx12i0eNP33YJy4ttiEJhkHeb5gCu7/pgQizyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGS8eMFbdVrQaSfFikxiCEVRMKnkMB8GA1UdIwQY
MBaAFMwhX1gVnsV2ogIndupk9hxbsAGUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNGZldCV2V4WGFpQWlkMjZtVDJIRnV3QVpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9lYmM3NDgtNjgyNi00MTQwLWE4ZTAt
ODQzZWVlZTBhMjYwLzEvWkx4NHdWdDFXdEJwSjhXS1RHSUlSVkV3cWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9lYmM3NDgtNjgyNi00MTQwLWE4ZTAtODQzZWVlZTBhMjYw
LzEvekNGZldCV2V4WGFpQWlkMjZtVDJIRnV3QVpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1HqkMA0G
CSqGSIb3DQEBCwUAA4IBAQCs4NK1R3QmHaj8aADRSUpB1/7S9N9zw12NTN8v8q9R
/TYcgxU90ML46mmkbQwDve+IcA3iM5/vd8zBMtuRidYJx3M63yZ7UkKxAIIugbO7
GGNvvJkkx8mdVonxFCAFZipWcdsy7CTrIpkMuXuPydzBucTIU5IHVNRuO2upNr1r
v31bDdES4LWVz78xx7zIoYP5Kw0UbElNkcWyCv1RIT0QJnitUGDtvvMfItE3CsvO
HyIYGuHGW9JCCfilkemesT5QMqjuR9wbxhtfPPqZFHxmi2yIn84cVnvMeu7NuJig
o4k4F4/LzOLGVYbH7wVEIOAkbidGFSN3y4BHdUtuCSne
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:38:50 2024 by rpki-client on console-fra.rpki-client.org