Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/Z40_jrM1VyJ4YgAnbGrPEaDLbVM.roa
File: Z40_jrM1VyJ4YgAnbGrPEaDLbVM.roa (raw, json)
Hash identifier: +S35anUb3aTvjXFwLa+QUSE7BTidfnfd8HPnx4RiU2o=
Subject key identifier: 67:8D:3F:8E:B3:35:57:22:78:62:00:27:6C:6A:CF:11:A0:CB:6D:53
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 018CC8DF23E4B61AEF039CDF1480A76172E1
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/Z40_jrM1VyJ4YgAnbGrPEaDLbVM.roa
Signing time: Tue 02 Jan 2024 06:31:56 +0000
ROA not before: Tue 02 Jan 2024 06:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 178.175.128.0/19 maxlen: 24
178.17.160.0/20 maxlen: 24
178.175.160.0/20 maxlen: 24
103.197.148.0/22 maxlen: 24
2a00:1dc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.mft
rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:23:e4:b6:1a:ef:03:9c:df:14:80:a7:61:72:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Jan 2 06:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=678d3f8eb3355722786200276c6acf11a0cb6d53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:70:6f:e2:98:58:fe:62:17:0a:ba:db:d6:5b:
2d:73:26:c1:23:0e:2b:0c:c7:69:a0:73:af:0a:de:
48:e4:38:0e:c2:35:9d:c7:6b:5b:a1:7e:2e:b3:40:
b1:22:4c:1c:cf:f6:c1:03:ad:31:d2:10:d8:8a:5e:
f8:7e:eb:58:92:be:ec:11:dc:85:d8:7c:28:47:f0:
a0:0c:b1:4c:c2:e5:51:52:19:00:d2:5a:3a:00:b5:
34:a7:da:5a:ff:93:f2:f5:02:4a:04:fa:b8:c0:bc:
06:7c:de:7c:b7:e6:e3:cf:96:c1:4d:95:3b:33:fa:
a1:28:b2:b5:60:0f:9e:2b:17:b6:58:ad:3d:6f:64:
04:f8:41:13:85:8a:8a:4a:ee:26:3e:67:a3:96:0a:
9a:ab:3d:ea:2e:8c:e6:fe:18:45:39:6a:4c:2f:97:
bb:70:e4:5a:01:66:96:d9:f2:82:46:7a:b0:f3:52:
5d:66:c7:d1:32:f7:5e:af:70:1d:1f:64:ad:2b:4a:
78:39:34:73:45:46:e5:e6:43:e3:84:7d:e8:b2:5a:
1b:8b:63:0b:2b:65:dc:e3:c7:40:23:7b:80:bc:db:
6d:cb:71:e5:97:a2:a0:ca:eb:d5:2f:f1:24:11:ff:
71:31:f6:92:a0:93:fb:ac:54:db:8a:b5:ef:4a:38:
79:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:8D:3F:8E:B3:35:57:22:78:62:00:27:6C:6A:CF:11:A0:CB:6D:53
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/Z40_jrM1VyJ4YgAnbGrPEaDLbVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.197.148.0/22
178.17.160.0/20
178.175.128.0-178.175.175.255
IPv6:
2a00:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:36:47:2d:6b:4d:92:e2:84:4e:3d:99:45:78:d5:60:f3:69:
68:f1:58:69:1d:25:19:d9:8a:b5:fc:be:e7:4c:df:3b:1b:07:
a9:3b:a3:44:39:ee:f5:a7:39:2b:c2:a7:28:19:db:c9:ce:6c:
5f:d6:f3:fd:09:56:b1:b4:44:ae:a1:9f:06:d8:6e:2d:19:2c:
b2:bc:48:02:e6:6a:ae:90:65:37:79:f2:f7:d1:bc:b8:7c:b1:
a2:25:79:ae:04:c7:68:39:96:c7:68:92:f9:b1:eb:79:d8:be:
c0:d2:29:75:40:e2:a3:74:81:9a:68:c6:3c:e9:49:15:28:8e:
3c:2b:06:e5:1f:e4:37:8d:76:47:c8:8b:b5:1d:0c:e0:d9:83:
42:54:2e:1a:6c:26:ab:68:f3:33:ea:3c:6d:4b:5f:8f:87:b7:
28:70:d6:f9:67:d2:fe:53:81:9b:5c:5b:34:99:9a:f4:1b:90:
4a:d0:dc:49:21:34:19:24:97:15:b7:08:70:98:e9:74:2f:d8:
75:26:0f:0e:ad:9c:52:45:61:22:97:5e:4a:e7:ab:60:3b:bf:
90:04:70:67:7f:17:06:4f:fd:bc:d9:1f:4a:57:d4:c5:39:e6:
77:9f:5b:15:0c:0c:8c:14:51:c3:99:fb:d8:5d:3e:0c:97:c1:
7b:ed:04:0e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzI3yPkthrvA5zfFICnYXLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MWI5MTUwNDk4MzA5MTUwNmExYTk0NDQ1N2E0NTU4Yjk0
ZGFiN2YwHhcNMjQwMTAyMDYzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzhkM2Y4ZWIzMzU1NzIyNzg2MjAwMjc2YzZhY2YxMWEwY2I2ZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3Bv4phY/mIXCrrb1lstcybBIw4r
DMdpoHOvCt5I5DgOwjWdx2tboX4us0CxIkwcz/bBA60x0hDYil74futYkr7sEdyF
2HwoR/CgDLFMwuVRUhkA0lo6ALU0p9pa/5Py9QJKBPq4wLwGfN58t+bjz5bBTZU7
M/qhKLK1YA+eKxe2WK09b2QE+EEThYqKSu4mPmejlgqaqz3qLozm/hhFOWpML5e7
cORaAWaW2fKCRnqw81JdZsfRMvder3AdH2StK0p4OTRzRUbl5kPjhH3oslobi2ML
K2Xc48dAI3uAvNtty3Hll6KgyuvVL/EkEf9xMfaSoJP7rFTbirXvSjh5GwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGeNP46zNVcieGIAJ2xqzxGgy21TMB8GA1UdIwQY
MBaAFLkbkVBJgwkVBqGpREV6RVi5Tat/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjct
OWRkNmU4OGZjYzhkLzEvWjQwX2pyTTFWeUo0WWdBbmJHclBFYURMYlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjctOWRkNmU4OGZjYzhk
LzEvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCZ8WUAwQE
shGgMAwDBAeyr4ADBASyr6AwDQQCAAIwBwMFAyoAHcAwDQYJKoZIhvcNAQELBQAD
ggEBAEo2Ry1rTZLihE49mUV41WDzaWjxWGkdJRnZirX8vudM3zsbB6k7o0Q57vWn
OSvCpygZ28nObF/W8/0JVrG0RK6hnwbYbi0ZLLK8SALmaq6QZTd58vfRvLh8saIl
ea4Ex2g5lsdokvmx63nYvsDSKXVA4qN0gZpoxjzpSRUojjwrBuUf5DeNdkfIi7Ud
DODZg0JULhpsJqto8zPqPG1LX4+Htyhw1vln0v5TgZtcWzSZmvQbkErQ3EkhNBkk
lxW3CHCY6XQv2HUmDw6tnFJFYSKXXkrnq2A7v5AEcGd/FwZP/bzZH0pX1MU55nef
WxUMDIwUUcOZ+9hdPgyXwXvtBA4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:52:29 2024 by rpki-client on console-ams.rpki-client.org