Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/z3WY1RpUvqdNSi4lZFbpVvfGYCM.roa
File: z3WY1RpUvqdNSi4lZFbpVvfGYCM.roa (raw, json)
Hash identifier: 0aogVRV2LQEF6CD7KCNGYWj2vO2yFPfb9W6TnM+bwvs=
Subject key identifier: CF:75:98:D5:1A:54:BE:A7:4D:4A:2E:25:64:56:E9:56:F7:C6:60:23
Certificate issuer: /CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Certificate serial: 018F9AC1357C3DB57A999962F6AA4430A949
Authority key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/z3WY1RpUvqdNSi4lZFbpVvfGYCM.roa
Signing time: Tue 21 May 2024 10:45:04 +0000
ROA not before: Tue 21 May 2024 10:45:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12929
IP address blocks: 46.15.0.0/16 maxlen: 16
80.232.124.0/24 maxlen: 24
89.8.0.0/15 maxlen: 15
89.9.254.0/24 maxlen: 24
176.11.0.0/16 maxlen: 16
212.45.160.0/19 maxlen: 19
212.125.252.0/22 maxlen: 22
212.169.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9a:c1:35:7c:3d:b5:7a:99:99:62:f6:aa:44:30:a9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Validity
Not Before: May 21 10:45:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf7598d51a54bea74d4a2e256456e956f7c66023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e9:00:f4:ec:af:b4:fb:78:67:ca:a2:60:ce:
e5:66:9c:5f:6d:81:19:e9:24:bf:fb:8d:29:10:46:
d8:1c:d2:05:78:28:d5:c5:87:1b:4a:46:03:c8:7c:
7a:94:90:d0:30:6c:d1:7b:69:54:0f:30:2d:fd:7c:
df:7c:3c:c0:37:f1:2f:3c:7b:6a:25:10:be:41:2f:
54:cc:6a:dc:55:c7:2f:42:08:56:9a:9c:be:b8:75:
f0:3c:58:33:c0:4d:a2:4b:90:b5:b7:e8:2f:99:41:
bf:2d:db:75:92:3e:32:46:44:39:4c:3f:52:d3:54:
ce:92:40:18:77:46:33:2f:44:90:3b:15:ee:28:1f:
11:4b:81:8a:8a:5a:62:2f:97:79:c8:58:6a:9f:e7:
00:74:ef:fd:7e:90:50:07:3e:07:64:a2:5a:ad:8a:
0f:a4:ff:65:af:6b:dc:eb:bd:4d:43:90:79:da:ce:
23:44:c6:0e:a8:58:ec:4a:15:0d:2d:df:7f:de:19:
d4:7c:b8:be:5c:ca:f7:b9:b5:74:ce:48:9d:c1:45:
8d:42:3a:ba:2b:27:5b:84:49:49:e3:30:42:fa:b8:
45:0b:9a:91:ce:29:65:00:86:99:9d:d9:15:e9:77:
56:52:ea:40:18:f8:6c:e5:9f:07:c8:b9:9b:fe:6a:
bb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:75:98:D5:1A:54:BE:A7:4D:4A:2E:25:64:56:E9:56:F7:C6:60:23
X509v3 Authority Key Identifier:
keyid:AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/z3WY1RpUvqdNSi4lZFbpVvfGYCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.15.0.0/16
80.232.124.0/24
89.8.0.0/15
176.11.0.0/16
212.45.160.0/19
212.125.252.0/22
212.169.64.0/18
Signature Algorithm: sha256WithRSAEncryption
62:9d:c3:a2:c6:38:88:19:38:96:ea:a0:34:7a:eb:1f:14:4c:
78:7f:d9:c0:40:7b:95:7d:ba:dd:52:01:18:83:3f:64:aa:1d:
3f:b0:9f:af:a3:8d:d1:62:98:fe:64:12:04:a6:de:b3:4f:5c:
67:6b:ae:a1:9c:57:1d:ff:01:ec:c5:a4:7b:e5:79:8f:01:e1:
c5:21:38:93:b7:b4:ad:4c:01:3a:c0:04:0e:e3:0a:12:bc:c0:
d8:47:c9:cb:8a:f2:cc:d0:67:63:7a:84:01:31:dd:b8:7f:9b:
1b:bf:ae:9d:7c:65:05:5b:d8:51:34:c7:95:f9:bd:8c:6a:27:
cd:a7:21:de:4a:12:ec:ec:4c:c1:0a:69:24:2f:ff:84:75:6b:
8e:3e:36:b3:7b:46:f5:ca:74:b5:fb:7a:ac:bb:29:ff:66:53:
a4:77:3e:90:3b:b2:66:22:68:da:d7:ac:4f:e4:44:0f:26:18:
fb:a3:f5:0d:4a:36:45:69:1c:b3:18:04:32:ac:7e:2f:3c:8d:
f3:7a:31:85:a4:02:e9:72:ca:38:0a:ad:ae:69:89:c7:e8:58:
58:0b:1f:a8:6d:d8:4d:cd:68:f2:57:c7:b5:71:ea:c6:65:0f:
9e:4e:77:4c:e2:d8:43:c3:9e:ec:00:74:67:39:89:cb:8b:43:
99:b6:9b:9a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY+awTV8PbV6mZli9qpEMKlJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQzZGNmZjBjYjM4MjExZjdmZTdkYjNmOTEzMTY5YjQ0
Y2Y0NTYwHhcNMjQwNTIxMTA0NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjc1OThkNTFhNTRiZWE3NGQ0YTJlMjU2NDU2ZTk1NmY3YzY2MDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOkA9OyvtPt4Z8qiYM7lZpxfbYEZ
6SS/+40pEEbYHNIFeCjVxYcbSkYDyHx6lJDQMGzRe2lUDzAt/XzffDzAN/EvPHtq
JRC+QS9UzGrcVccvQghWmpy+uHXwPFgzwE2iS5C1t+gvmUG/Ldt1kj4yRkQ5TD9S
01TOkkAYd0YzL0SQOxXuKB8RS4GKilpiL5d5yFhqn+cAdO/9fpBQBz4HZKJarYoP
pP9lr2vc671NQ5B52s4jRMYOqFjsShUNLd9/3hnUfLi+XMr3ubV0zkidwUWNQjq6
KydbhElJ4zBC+rhFC5qRzillAIaZndkV6XdWUupAGPhs5Z8HyLmb/mq7+QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFM91mNUaVL6nTUouJWRW6Vb3xmAjMB8GA1UdIwQY
MBaAFK0kPc/wyzghH3/n2z+RMWm0TPRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMt
YjlmMjk4YTc5OGU0LzEvejNXWTFScFV2cWROU2k0bFpGYnBWdmZHWUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMtYjlmMjk4YTc5OGU0
LzEvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMALg8DBABQ
6HwDAwFZCAMDALALAwQF1C2gAwQC1H38AwQG1KlAMA0GCSqGSIb3DQEBCwUAA4IB
AQBincOixjiIGTiW6qA0eusfFEx4f9nAQHuVfbrdUgEYgz9kqh0/sJ+vo43RYpj+
ZBIEpt6zT1xna66hnFcd/wHsxaR75XmPAeHFITiTt7StTAE6wAQO4woSvMDYR8nL
ivLM0GdjeoQBMd24f5sbv66dfGUFW9hRNMeV+b2MaifNpyHeShLs7EzBCmkkL/+E
dWuOPjaze0b1ynS1+3qsuyn/ZlOkdz6QO7JmImja16xP5EQPJhj7o/UNSjZFaRyz
GAQyrH4vPI3zejGFpALpcso4Cq2uaYnH6FhYCx+obdhNzWjyV8e1cerGZQ+eTndM
4thDw57sAHRnOYnLi0OZtpua
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:01:05 2024 by rpki-client on console-ams.rpki-client.org