Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ZKjWCCl6cXXsUnUxNPsXibNcCEc.roa
File: ZKjWCCl6cXXsUnUxNPsXibNcCEc.roa (raw, json)
Hash identifier: 2pZ/UaPjnnHLdARfum/8VLl5B8irR8dMNzzZ8LEKoNA=
Subject key identifier: 64:A8:D6:08:29:7A:71:75:EC:52:75:31:34:FB:17:89:B3:5C:08:47
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCE2B9C05BE3B9F84A8B32DA9459E3
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ZKjWCCl6cXXsUnUxNPsXibNcCEc.roa
Signing time: Tue 02 Jan 2024 10:34:08 +0000
ROA not before: Tue 02 Jan 2024 10:34:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57044
IP address blocks: 2a02:2698:800::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e2:b9:c0:5b:e3:b9:f8:4a:8b:32:da:94:59:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64a8d608297a7175ec52753134fb1789b35c0847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:56:d0:a6:c8:99:e4:d2:1c:8d:75:35:71:0a:
91:33:bf:d2:ad:35:e9:23:bf:c8:fb:34:a7:6d:2f:
6d:e9:79:71:42:46:d2:94:f1:c0:42:37:a8:ce:18:
76:58:f2:7f:bb:a5:c4:ad:e1:91:5c:68:96:1a:bf:
46:60:7b:0a:7e:a0:3e:c3:39:f7:27:53:15:f4:57:
b9:d2:0c:40:d2:fd:a3:81:2f:d6:c1:63:d9:1c:e9:
3e:c2:32:aa:77:99:03:e9:fd:73:17:06:e5:04:47:
13:ee:be:ad:5d:e0:67:76:83:18:db:d0:89:61:78:
27:ec:f5:a5:e4:98:37:dc:96:b9:8f:af:1a:4d:21:
27:73:48:18:ec:af:e1:cc:f1:d4:b3:3d:a7:bc:6a:
10:00:40:d9:7b:e3:73:1b:07:49:b5:14:8f:e0:65:
92:30:4c:9d:c1:c5:9c:b3:bb:a6:7a:61:1d:7b:b9:
03:dd:e3:30:93:41:56:e1:99:36:83:42:25:ea:dc:
8a:f6:78:e8:7f:13:37:05:40:4d:52:2c:6d:f9:01:
1e:f0:83:21:46:4b:1f:7f:00:ab:7c:53:0b:c5:62:
bc:17:65:f6:b4:32:ef:f6:a7:d3:fe:99:b9:0f:b2:
84:e1:48:75:ea:7e:86:94:b8:2c:6f:66:a7:40:14:
ec:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A8:D6:08:29:7A:71:75:EC:52:75:31:34:FB:17:89:B3:5C:08:47
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ZKjWCCl6cXXsUnUxNPsXibNcCEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:800::/38
Signature Algorithm: sha256WithRSAEncryption
63:aa:29:a4:95:22:08:d2:be:49:fe:cc:a1:ab:df:9a:f3:04:
62:a5:e9:4c:4d:38:f4:c6:3f:a6:37:c5:3e:e8:77:fd:0d:d5:
f5:e7:42:22:8b:0b:71:5c:62:b3:6a:27:46:29:34:6d:45:50:
4d:fc:b0:bb:dc:e8:fc:61:85:e8:42:59:7c:98:95:e0:67:47:
5f:81:75:28:c5:ab:af:ff:61:22:30:e6:ee:6d:8a:5f:ca:0e:
94:02:48:c0:91:52:84:fa:3b:14:17:df:8c:fa:0b:51:4e:9a:
05:be:e5:ae:87:b7:8d:49:0d:ac:7a:ee:d6:40:40:09:38:c7:
ff:20:60:65:15:9a:fa:9f:64:ff:ff:c8:aa:96:72:24:5b:70:
68:65:dc:b5:ad:04:a0:92:c0:ce:71:f7:c8:0a:0e:ef:91:3d:
39:c2:a9:01:dc:fe:95:3c:7d:17:83:b7:5a:0c:f5:4f:52:c3:
0d:d6:e5:20:d8:61:ff:a6:d5:32:a9:d4:46:75:28:ad:96:08:
47:ea:5e:31:2e:3b:3d:a5:ee:4a:59:20:30:62:6b:85:f5:ea:
18:e0:d3:c3:26:51:dc:bb:fa:c6:d7:b7:11:10:15:62:8f:01:
92:8e:46:09:f3:63:ed:9e:78:e0:5f:83:37:e1:08:a5:87:c1:
e0:c8:83:d2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJvOK5wFvjufhKizLalFnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGE4ZDYwODI5N2E3MTc1ZWM1Mjc1MzEzNGZiMTc4OWIzNWMwODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFbQpsiZ5NIcjXU1cQqRM7/SrTXp
I7/I+zSnbS9t6XlxQkbSlPHAQjeozhh2WPJ/u6XEreGRXGiWGr9GYHsKfqA+wzn3
J1MV9Fe50gxA0v2jgS/WwWPZHOk+wjKqd5kD6f1zFwblBEcT7r6tXeBndoMY29CJ
YXgn7PWl5Jg33Ja5j68aTSEnc0gY7K/hzPHUsz2nvGoQAEDZe+NzGwdJtRSP4GWS
MEydwcWcs7umemEde7kD3eMwk0FW4Zk2g0Il6tyK9njofxM3BUBNUixt+QEe8IMh
RksffwCrfFMLxWK8F2X2tDLv9qfT/pm5D7KE4Uh16n6GlLgsb2anQBTsUwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGSo1ggpenF17FJ1MTT7F4mzXAhHMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvWktqV0NDbDZjWFhzVW5VeE5Qc1hpYk5jQ0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmAgw
DQYJKoZIhvcNAQELBQADggEBAGOqKaSVIgjSvkn+zKGr35rzBGKl6UxNOPTGP6Y3
xT7od/0N1fXnQiKLC3FcYrNqJ0YpNG1FUE38sLvc6PxhhehCWXyYleBnR1+BdSjF
q6//YSIw5u5til/KDpQCSMCRUoT6OxQX34z6C1FOmgW+5a6Ht41JDax67tZAQAk4
x/8gYGUVmvqfZP//yKqWciRbcGhl3LWtBKCSwM5x98gKDu+RPTnCqQHc/pU8fReD
t1oM9U9Sww3W5SDYYf+m1TKp1EZ1KK2WCEfqXjEuOz2l7kpZIDBia4X16hjg08Mm
Udy7+sbXtxEQFWKPAZKORgnzY+2eeOBfgzfhCKWHweDIg9I=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:36:45 2024 by rpki-client on console-fra.rpki-client.org