Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/ZegdEngtFUD9ntKr0yRmFEBGVMI.roa
File: ZegdEngtFUD9ntKr0yRmFEBGVMI.roa (raw, json)
Hash identifier: rM7YbA9wcNNWjkAoMjTUXyoifyO1CqIr4Z6AA10tVTY=
Subject key identifier: 65:E8:1D:12:78:2D:15:40:FD:9E:D2:AB:D3:24:66:14:40:46:54:C2
Certificate issuer: /CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Certificate serial: 018CC3B72E38BF4DA4B99887FA7C722A1BF8
Authority key identifier: BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/ZegdEngtFUD9ntKr0yRmFEBGVMI.roa
Signing time: Mon 01 Jan 2024 06:30:11 +0000
ROA not before: Mon 01 Jan 2024 06:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54103
IP address blocks: 79.143.137.0/24 maxlen: 24
79.143.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2e:38:bf:4d:a4:b9:98:87:fa:7c:72:2a:1b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Validity
Not Before: Jan 1 06:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65e81d12782d1540fd9ed2abd3246614404654c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d7:50:db:27:17:d5:d3:ee:e2:26:fe:52:8c:
cd:27:3b:b6:68:31:65:61:65:7e:83:3f:f7:d6:0e:
65:e4:1a:59:4f:ea:09:c3:55:b5:b8:e5:0f:d5:1f:
8f:05:29:17:0f:c9:23:1c:66:60:1b:58:68:1f:50:
3e:0b:37:5d:27:0f:c3:82:d3:db:b0:9a:f5:70:05:
49:b1:63:67:55:54:4f:46:e5:5d:56:f3:10:d8:51:
c7:a7:88:7f:75:da:d6:c9:7d:19:9e:a9:9d:22:40:
89:65:9d:6c:45:d6:40:e4:9c:58:7a:8f:e6:46:d7:
98:ae:cf:1e:07:ce:c3:66:35:42:57:83:94:0f:d0:
28:d7:04:7b:2e:98:7b:55:ef:6f:14:d7:39:78:3c:
33:34:f4:21:d7:95:24:3a:90:4c:36:6e:9a:2c:07:
64:cf:d7:f4:47:02:aa:14:75:e3:0a:f8:ae:8c:76:
84:fb:b6:f9:c2:9e:8f:b8:3b:e2:13:f5:66:58:b8:
f7:b5:c2:7c:24:7c:d1:a4:3c:dd:f3:95:39:14:22:
ee:15:fb:be:7b:5d:dc:50:8a:e0:6e:ce:9a:68:bb:
c9:7d:da:5c:06:c9:e2:cc:b0:c1:93:3b:51:b7:33:
80:df:27:8d:2f:6d:b3:26:76:23:f9:f5:8c:53:49:
4b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E8:1D:12:78:2D:15:40:FD:9E:D2:AB:D3:24:66:14:40:46:54:C2
X509v3 Authority Key Identifier:
keyid:BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/ZegdEngtFUD9ntKr0yRmFEBGVMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.137.0/24
79.143.139.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:85:c9:f7:79:95:65:61:62:79:14:f9:dc:38:63:42:70:6a:
fe:39:3e:61:34:ff:77:34:03:0b:35:17:3a:94:99:13:c3:99:
cf:47:9b:2b:3a:c6:e1:7a:f1:2d:57:ff:57:e9:06:a4:47:27:
a0:b8:d3:6e:dc:66:69:be:2c:ba:44:23:58:c6:0c:13:2a:3f:
e9:27:93:b9:56:87:9d:5f:a5:b9:55:a5:21:be:66:8b:8d:da:
03:cf:f7:59:3e:4d:b8:be:69:f9:6c:aa:22:8a:a5:9c:3a:95:
7e:87:2a:59:d5:28:5e:d3:d8:56:8b:40:8e:93:e6:31:66:fd:
cd:92:66:c6:62:a3:ba:30:03:b1:f5:aa:f7:71:cd:df:34:02:
f8:02:48:66:31:f3:11:7a:26:e6:a4:2d:52:78:da:19:55:3e:
15:21:c6:d4:be:21:67:8a:a0:85:6a:b4:86:2d:8a:b6:86:7a:
74:e6:a6:b7:69:a2:e2:b8:ff:91:fa:19:f1:d3:5c:03:ab:38:
bb:ff:9a:1e:71:89:96:6f:5d:98:ec:ca:77:42:be:34:37:20:
17:6b:5b:19:55:d0:18:49:77:c9:fa:af:4b:6e:6d:2d:a2:0d:
4a:f8:8a:f9:96:4c:13:71:f1:12:03:32:5f:2e:e2:55:7c:9e:
3d:0d:54:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDty44v02kuZiH+nxyKhv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3YjRjMDFlOTI5YzM4OTIzOTgxYWI1MWM5NzI3YTFm
OWYwN2UwHhcNMjQwMTAxMDYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWU4MWQxMjc4MmQxNTQwZmQ5ZWQyYWJkMzI0NjYxNDQwNDY1NGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9dQ2ycX1dPu4ib+UozNJzu2aDFl
YWV+gz/31g5l5BpZT+oJw1W1uOUP1R+PBSkXD8kjHGZgG1hoH1A+CzddJw/DgtPb
sJr1cAVJsWNnVVRPRuVdVvMQ2FHHp4h/ddrWyX0ZnqmdIkCJZZ1sRdZA5JxYeo/m
RteYrs8eB87DZjVCV4OUD9Ao1wR7Lph7Ve9vFNc5eDwzNPQh15UkOpBMNm6aLAdk
z9f0RwKqFHXjCviujHaE+7b5wp6PuDviE/VmWLj3tcJ8JHzRpDzd85U5FCLuFfu+
e13cUIrgbs6aaLvJfdpcBsnizLDBkztRtzOA3yeNL22zJnYj+fWMU0lLaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGXoHRJ4LRVA/Z7Sq9MkZhRARlTCMB8GA1UdIwQY
MBaAFLqqe0wB6SnDiSOYGrUclyeh+fB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUt
ZTY4ZjZjZjJjMGQyLzEvWmVnZEVuZ3RGVUQ5bnRLcjB5Um1GRUJHVk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUtZTY4ZjZjZjJjMGQy
LzEvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT4+JAwQA
T4+LMA0GCSqGSIb3DQEBCwUAA4IBAQDdhcn3eZVlYWJ5FPncOGNCcGr+OT5hNP93
NAMLNRc6lJkTw5nPR5srOsbhevEtV/9X6QakRyeguNNu3GZpviy6RCNYxgwTKj/p
J5O5VoedX6W5VaUhvmaLjdoDz/dZPk24vmn5bKoiiqWcOpV+hypZ1She09hWi0CO
k+YxZv3NkmbGYqO6MAOx9ar3cc3fNAL4AkhmMfMReibmpC1SeNoZVT4VIcbUviFn
iqCFarSGLYq2hnp05qa3aaLiuP+R+hnx01wDqzi7/5oecYmWb12Y7Mp3Qr40NyAX
a1sZVdAYSXfJ+q9Lbm0tog1K+Ir5lkwTcfESAzJfLuJVfJ49DVRY
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:29:23 2024 by rpki-client on console-ams.rpki-client.org