Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/Z65dooN8C78K2nTiNDviNF-GEJ8.roa
File: Z65dooN8C78K2nTiNDviNF-GEJ8.roa (raw, json)
Hash identifier: 4hlmB0cN80Fc8IokYfJhvh6cNiXIOUwNSOaMcLmwtJI=
Subject key identifier: 67:AE:5D:A2:83:7C:0B:BF:0A:DA:74:E2:34:3B:E2:34:5F:86:10:9F
Certificate issuer: /CN=dd010938d9ef72158fc98bd45de71b0b1a9ff729
Certificate serial: 018DD5F9B5E74BF98E7132934B39782108E0
Authority key identifier: DD:01:09:38:D9:EF:72:15:8F:C9:8B:D4:5D:E7:1B:0B:1A:9F:F7:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QEJONnvchWPyYvUXecbCxqf9yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/Z65dooN8C78K2nTiNDviNF-GEJ8.roa
Signing time: Fri 23 Feb 2024 12:38:48 +0000
ROA not before: Fri 23 Feb 2024 12:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.80.175.0/24 maxlen: 24
2a13:7c40:1::/48 maxlen: 48
2a13:7c40:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/3QEJONnvchWPyYvUXecbCxqf9yk.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/3QEJONnvchWPyYvUXecbCxqf9yk.mft
rsync://rpki.ripe.net/repository/DEFAULT/3QEJONnvchWPyYvUXecbCxqf9yk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 12:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d5:f9:b5:e7:4b:f9:8e:71:32:93:4b:39:78:21:08:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd010938d9ef72158fc98bd45de71b0b1a9ff729
Validity
Not Before: Feb 23 12:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ae5da2837c0bbf0ada74e2343be2345f86109f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:73:96:e8:f4:2e:0f:f4:6a:a0:93:1b:3e:35:
9d:a1:8c:9c:78:e6:84:c3:73:0f:f6:05:25:8b:52:
0c:88:9f:21:e3:88:16:aa:5c:08:c5:f4:53:9e:01:
08:e2:f9:95:9e:46:eb:fd:02:ba:f0:1a:f3:6d:50:
be:f5:1e:c0:31:88:1a:04:00:87:fd:37:07:c3:e3:
bc:6e:a7:ba:93:1b:90:48:b0:6f:1c:d0:bc:ae:14:
4b:44:46:3c:ba:d1:7f:cf:f0:2c:d5:d0:2f:6a:9c:
90:7e:e1:f9:cb:33:6d:64:7f:a8:dc:28:d2:a1:6b:
a5:b1:4d:e7:54:c3:ec:56:4e:7b:bd:e1:57:cf:a9:
b9:65:fc:31:9e:04:9d:01:6e:51:22:cf:e7:35:10:
a4:65:6b:f3:c4:a9:e2:09:48:79:ba:59:c7:64:ae:
c5:6d:80:be:a7:91:b2:b7:23:46:5e:a8:1f:7a:c8:
72:0b:a6:7c:78:54:a9:fe:9c:87:05:9e:6e:ad:02:
f7:3e:70:8c:e0:bd:6c:f3:c8:c2:cc:f3:ea:dc:07:
69:8f:43:98:90:af:2f:20:fa:4d:f8:63:be:16:68:
89:87:ce:20:45:06:36:16:44:ee:13:a7:82:f7:0a:
16:47:3e:64:a5:84:27:7a:1f:7d:94:31:5c:ef:e2:
c4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:AE:5D:A2:83:7C:0B:BF:0A:DA:74:E2:34:3B:E2:34:5F:86:10:9F
X509v3 Authority Key Identifier:
keyid:DD:01:09:38:D9:EF:72:15:8F:C9:8B:D4:5D:E7:1B:0B:1A:9F:F7:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QEJONnvchWPyYvUXecbCxqf9yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/Z65dooN8C78K2nTiNDviNF-GEJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/3QEJONnvchWPyYvUXecbCxqf9yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.175.0/24
IPv6:
2a13:7c40:1::-2a13:7c40:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
10:13:b6:74:73:d4:78:ab:ef:a2:c6:31:8c:aa:ad:d5:e9:92:
98:e9:ce:b7:63:4d:e2:50:fc:62:c2:db:ce:99:de:2f:b2:64:
95:e5:e1:1d:ba:b4:ba:2f:67:63:46:4c:9e:25:b9:23:8b:37:
bf:dc:97:d4:37:78:25:19:94:ad:e1:13:0c:f7:0f:c0:73:82:
fd:93:95:34:73:8b:27:ce:5c:71:da:75:c3:5b:af:c3:2d:3f:
9c:d2:a5:98:b5:cb:cc:ff:7f:84:8e:83:77:07:0a:18:7b:35:
28:78:2e:82:18:a6:76:d0:16:94:9e:80:3f:ba:6d:39:bd:fb:
75:c0:03:56:1a:d7:54:0c:b5:af:a3:0c:5d:f2:58:e1:ee:1f:
42:57:80:30:23:dd:b1:cc:fd:77:75:9c:7b:54:d2:54:6d:1e:
0e:5e:6b:f9:89:f4:13:7b:0e:d1:d2:d0:99:05:7d:98:ce:c8:
ad:38:43:fe:46:20:12:fc:fb:d1:54:6f:2c:46:64:17:6d:1d:
eb:6e:f8:ef:d3:3a:a2:97:db:34:78:de:55:0c:d4:84:2d:6d:
57:09:8b:af:b4:96:2e:b5:a2:7a:79:fd:3e:51:45:16:16:77:
9d:3f:4f:2a:ff:29:c9:a2:b1:db:fd:e0:21:ca:cf:34:1c:c9:
8f:3b:fb:2a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY3V+bXnS/mOcTKTSzl4IQjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMDEwOTM4ZDllZjcyMTU4ZmM5OGJkNDVkZTcxYjBiMWE5
ZmY3MjkwHhcNMjQwMjIzMTIzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2FlNWRhMjgzN2MwYmJmMGFkYTc0ZTIzNDNiZTIzNDVmODYxMDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHOW6PQuD/RqoJMbPjWdoYyceOaE
w3MP9gUli1IMiJ8h44gWqlwIxfRTngEI4vmVnkbr/QK68BrzbVC+9R7AMYgaBACH
/TcHw+O8bqe6kxuQSLBvHNC8rhRLREY8utF/z/As1dAvapyQfuH5yzNtZH+o3CjS
oWulsU3nVMPsVk57veFXz6m5ZfwxngSdAW5RIs/nNRCkZWvzxKniCUh5ulnHZK7F
bYC+p5GytyNGXqgfeshyC6Z8eFSp/pyHBZ5urQL3PnCM4L1s88jCzPPq3Adpj0OY
kK8vIPpN+GO+FmiJh84gRQY2FkTuE6eC9woWRz5kpYQneh99lDFc7+LEpwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGeuXaKDfAu/Ctp04jQ74jRfhhCfMB8GA1UdIwQY
MBaAFN0BCTjZ73IVj8mL1F3nGwsan/cpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1FFSk9ObnZjaFdQeVl2VVhlY2JDeHFmOXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jM2Y0MTktYTU5Ni00NmJlLThhZmYt
Y2VmZjU0NmM5MzNlLzEvWjY1ZG9vTjhDNzhLMm5UaU5EdmlORi1HRUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jM2Y0MTktYTU5Ni00NmJlLThhZmYtY2VmZjU0NmM5MzNl
LzEvM1FFSk9ObnZjaFdQeVl2VVhlY2JDeHFmOXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQALVCvMBoE
AgACMBQwEgMHACoTfEAAAQMHACoTfEAAAjANBgkqhkiG9w0BAQsFAAOCAQEAEBO2
dHPUeKvvosYxjKqt1emSmOnOt2NN4lD8YsLbzpneL7JkleXhHbq0ui9nY0ZMniW5
I4s3v9yX1Dd4JRmUreETDPcPwHOC/ZOVNHOLJ85ccdp1w1uvwy0/nNKlmLXLzP9/
hI6DdwcKGHs1KHgughimdtAWlJ6AP7ptOb37dcADVhrXVAy1r6MMXfJY4e4fQleA
MCPdscz9d3Wce1TSVG0eDl5r+Yn0E3sO0dLQmQV9mM7IrThD/kYgEvz70VRvLEZk
F20d627479M6opfbNHjeVQzUhC1tVwmLr7SWLrWienn9PlFFFhZ3nT9PKv8pyaKx
2/3gIcrPNBzJjzv7Kg==
-----END CERTIFICATE-----
Generated at Thu May 2 18:07:54 2024 by rpki-client on console-fra.rpki-client.org