Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/ZHNuON2tR0MdUcsPnsqA3NxWKzE.roa
File: ZHNuON2tR0MdUcsPnsqA3NxWKzE.roa (raw, json)
Hash identifier: crZh1I2c9Idzn5Q+hoDLEi0jmWhjqfpMxaODiO32DLg=
Subject key identifier: 64:73:6E:38:DD:AD:47:43:1D:51:CB:0F:9E:CA:80:DC:DC:56:2B:31
Certificate issuer: /CN=cf2eee78a0084d831de1a2500183e16489516ccf
Certificate serial: 018CC3491C3C1BE8223533F22C8C3DC430FF
Authority key identifier: CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/ZHNuON2tR0MdUcsPnsqA3NxWKzE.roa
Signing time: Mon 01 Jan 2024 04:29:57 +0000
ROA not before: Mon 01 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211215
IP address blocks: 45.95.8.0/24 maxlen: 24
2a0c:3300::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1c:3c:1b:e8:22:35:33:f2:2c:8c:3d:c4:30:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf2eee78a0084d831de1a2500183e16489516ccf
Validity
Not Before: Jan 1 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64736e38ddad47431d51cb0f9eca80dcdc562b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:80:dd:e0:76:cb:c1:32:d9:3f:a7:57:74:64:
8f:a2:71:c7:7e:17:7c:44:63:2c:ee:9a:40:35:aa:
52:e3:1c:45:fa:7f:25:b0:e9:f4:d4:fb:32:b6:f0:
d0:b5:d9:25:7e:86:21:03:9c:0f:17:99:f9:90:4d:
4b:7c:67:24:c4:58:89:4f:a1:d6:53:52:d5:cb:c3:
eb:53:6c:65:1b:9f:7f:46:ad:ac:aa:e3:2c:ba:41:
d2:42:2b:71:f9:e8:43:f9:d1:31:52:eb:ed:23:e4:
87:88:17:e1:2a:06:2b:b6:d0:aa:f0:66:3f:48:25:
85:54:cc:c0:a5:de:6e:ce:43:c2:11:7c:93:0f:03:
d0:7c:70:8e:26:c2:9f:a1:e7:98:ae:56:90:3b:f1:
0d:2e:df:ae:42:f0:29:d6:0a:d4:78:29:0a:8c:e7:
5a:51:d7:72:fc:ff:99:8a:53:c5:b5:f0:9d:dc:40:
36:3a:35:1f:39:03:5d:6e:2e:dd:29:af:ee:32:98:
ab:67:64:ae:6f:a8:f5:67:bc:84:b3:80:97:16:f3:
f9:b9:c3:48:23:17:76:ee:f8:a9:9d:b1:37:68:e4:
14:f1:77:e1:53:01:eb:b9:13:ab:cf:0b:4e:90:99:
02:21:62:c4:33:ba:73:82:bb:fb:ba:b4:11:ce:32:
63:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:73:6E:38:DD:AD:47:43:1D:51:CB:0F:9E:CA:80:DC:DC:56:2B:31
X509v3 Authority Key Identifier:
keyid:CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/ZHNuON2tR0MdUcsPnsqA3NxWKzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.8.0/24
IPv6:
2a0c:3300::/32
Signature Algorithm: sha256WithRSAEncryption
53:5c:5c:d5:ef:c5:c5:14:4a:ae:9b:f7:92:dd:a0:8c:64:14:
e2:1b:e6:3a:bd:03:66:20:1a:d3:4f:6f:b3:c8:2e:07:de:20:
18:3f:dc:18:73:8c:39:6e:a7:36:b1:fe:24:6e:e6:d9:a6:df:
1b:ed:f0:df:6c:11:b0:f4:e4:4a:5d:f9:34:97:51:37:aa:e0:
1c:c5:5c:6a:20:ab:fe:a0:f5:41:e3:80:98:b1:3c:b5:18:7c:
04:b7:26:b8:14:53:4d:4a:b0:4f:8d:17:67:50:b7:61:db:9e:
50:db:8c:57:8a:c2:eb:10:37:e9:b8:14:c3:27:76:96:81:28:
be:54:66:60:3f:86:84:9a:84:a2:dc:7a:13:3a:b6:13:96:be:
0e:e0:fd:d9:fc:63:4b:36:4b:32:f4:e0:95:1f:b3:2c:26:92:
22:d8:a4:5b:27:43:df:b1:23:4b:51:34:0b:36:ba:a0:7d:07:
b5:c4:6b:cd:76:4b:79:aa:f0:f1:33:5a:f7:6c:51:48:f0:39:
98:8b:10:6c:c3:5c:65:80:3b:cd:ed:a7:66:f9:84:0c:bc:61:
a6:49:20:8e:54:50:ba:cd:87:b2:db:e0:db:cb:fe:15:76:53:
b9:e7:60:01:e1:c8:00:8d:77:98:52:45:8c:d5:1b:59:22:36:
a4:0e:88:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSRw8G+giNTPyLIw9xDD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMmVlZTc4YTAwODRkODMxZGUxYTI1MDAxODNlMTY0ODk1
MTZjY2YwHhcNMjQwMTAxMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDczNmUzOGRkYWQ0NzQzMWQ1MWNiMGY5ZWNhODBkY2RjNTYyYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4Dd4HbLwTLZP6dXdGSPonHHfhd8
RGMs7ppANapS4xxF+n8lsOn01PsytvDQtdklfoYhA5wPF5n5kE1LfGckxFiJT6HW
U1LVy8PrU2xlG59/Rq2squMsukHSQitx+ehD+dExUuvtI+SHiBfhKgYrttCq8GY/
SCWFVMzApd5uzkPCEXyTDwPQfHCOJsKfoeeYrlaQO/ENLt+uQvAp1grUeCkKjOda
Uddy/P+ZilPFtfCd3EA2OjUfOQNdbi7dKa/uMpirZ2Sub6j1Z7yEs4CXFvP5ucNI
Ixd27vipnbE3aOQU8XfhUwHruROrzwtOkJkCIWLEM7pzgrv7urQRzjJjnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGRzbjjdrUdDHVHLD57KgNzcVisxMB8GA1UdIwQY
MBaAFM8u7nigCE2DHeGiUAGD4WSJUWzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenk3dWVLQUlUWU1kNGFKUUFZUGhaSWxSYk04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kN2U2NjAtNjkxMi00MzgwLWFiNGYt
NzE4YjljNDBmZDI1LzEvWkhOdU9OMnRSME1kVWNzUG5zcUEzTnhXS3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kN2U2NjAtNjkxMi00MzgwLWFiNGYtNzE4YjljNDBmZDI1
LzEvenk3dWVLQUlUWU1kNGFKUUFZUGhaSWxSYk04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALV8IMA0E
AgACMAcDBQAqDDMAMA0GCSqGSIb3DQEBCwUAA4IBAQBTXFzV78XFFEqum/eS3aCM
ZBTiG+Y6vQNmIBrTT2+zyC4H3iAYP9wYc4w5bqc2sf4kbubZpt8b7fDfbBGw9ORK
Xfk0l1E3quAcxVxqIKv+oPVB44CYsTy1GHwEtya4FFNNSrBPjRdnULdh255Q24xX
isLrEDfpuBTDJ3aWgSi+VGZgP4aEmoSi3HoTOrYTlr4O4P3Z/GNLNksy9OCVH7Ms
JpIi2KRbJ0PfsSNLUTQLNrqgfQe1xGvNdkt5qvDxM1r3bFFI8DmYixBsw1xlgDvN
7adm+YQMvGGmSSCOVFC6zYey2+Dby/4VdlO552AB4cgAjXeYUkWM1RtZIjakDoi0
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:13 2024 by rpki-client on console-fra.rpki-client.org