Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/zoivL_WzxVLkhrs5WJeJrMiSpL0.roa
File: zoivL_WzxVLkhrs5WJeJrMiSpL0.roa (raw, json)
Hash identifier: uulJv87eHKopdA5ii6HpoblGLnKccL2uJmNgMUcHZNA=
Subject key identifier: CE:88:AF:2F:F5:B3:C5:52:E4:86:BB:39:58:97:89:AC:C8:92:A4:BD
Certificate issuer: /CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Certificate serial: 018CC80184A3D1192B70B46D4C21DD27E703
Authority key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/zoivL_WzxVLkhrs5WJeJrMiSpL0.roa
Signing time: Tue 02 Jan 2024 02:29:51 +0000
ROA not before: Tue 02 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15577
IP address blocks: 217.9.0.0/24 maxlen: 24
217.9.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.mft
rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:84:a3:d1:19:2b:70:b4:6d:4c:21:dd:27:e7:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce88af2ff5b3c552e486bb39589789acc892a4bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bb:2c:d0:97:22:17:12:06:ee:24:d8:22:40:
6f:d0:19:20:76:90:db:2f:cc:6d:57:38:80:3f:83:
f1:11:9d:49:fb:82:0e:cb:45:95:9e:a4:60:5b:0f:
f7:d3:54:d2:30:dd:e4:2b:cd:aa:1a:e4:af:4f:d2:
9a:bf:62:fe:f3:54:df:d1:46:16:52:35:85:1a:aa:
4e:92:7a:ff:d3:9e:0c:c0:9a:a5:03:9d:02:6e:ae:
cd:8f:96:13:7a:33:d2:be:9c:02:2c:17:49:31:4b:
74:f1:7b:e4:c2:f1:f2:8b:33:f0:96:18:12:a7:90:
2d:ac:2d:23:48:3d:5e:28:d1:f9:81:55:d2:83:3c:
c2:4a:37:01:ec:fd:13:65:ca:26:69:26:5d:5d:1d:
10:da:9c:c1:4a:b8:66:d6:6e:18:2f:ca:38:13:83:
70:25:71:ac:58:1a:ff:78:01:0c:7b:f2:db:4e:6e:
2c:84:81:06:af:4a:ed:2f:8b:e0:02:5f:8e:e4:d1:
06:da:e5:71:ad:62:05:5e:96:9b:ac:09:70:06:51:
2c:16:72:7c:45:3b:ec:78:4d:7e:59:26:d2:d7:3a:
17:19:e4:05:ee:8a:88:5d:2d:3e:92:21:ed:fa:02:
c9:69:0c:70:f0:cb:99:a0:76:45:5d:f5:37:6e:d2:
7b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:88:AF:2F:F5:B3:C5:52:E4:86:BB:39:58:97:89:AC:C8:92:A4:BD
X509v3 Authority Key Identifier:
keyid:A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/zoivL_WzxVLkhrs5WJeJrMiSpL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.0.0/23
Signature Algorithm: sha256WithRSAEncryption
37:dd:f4:05:c7:c2:1a:d3:84:5a:b9:c9:82:bc:4e:21:4a:02:
6e:f9:ab:39:2e:70:39:67:06:d8:0f:af:1b:db:49:e2:c7:46:
9e:81:12:d2:e9:6a:83:27:22:0c:73:59:89:67:42:09:f2:ce:
71:6f:9d:1d:3a:ae:37:01:9b:ee:05:24:15:87:18:75:ed:58:
20:5a:f1:cc:a1:ff:1b:0c:63:c5:b4:3d:d3:7b:e8:e1:42:ad:
07:5f:5d:c3:42:57:86:d4:59:05:ef:72:ce:b4:d9:b8:cf:46:
f0:5f:db:40:c1:79:08:11:da:eb:3f:ce:75:dd:d6:6a:fa:cc:
11:e9:67:52:23:60:e1:99:4d:3f:e4:51:de:47:6b:81:36:d9:
b2:f9:d4:31:12:f6:75:1a:63:3a:31:5d:4b:f1:cb:40:d5:1e:
b9:9f:59:23:bc:9b:d9:51:c9:a1:46:5a:5f:d8:9f:fd:fd:af:
c7:3e:68:a2:dc:38:20:06:18:1c:90:0d:f1:1a:25:e7:a9:51:
9b:7b:23:be:76:95:02:fe:8c:b4:55:05:3a:c6:e5:73:5e:a6:
b7:a9:8f:a0:4f:b8:11:b6:df:30:d2:82:ba:b0:73:63:04:fa:
9c:2b:a5:aa:39:58:1d:c2:30:64:ed:2e:a9:33:d9:90:14:53:
01:5f:b0:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAYSj0RkrcLRtTCHdJ+cDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZWUxODJkOWM0M2E1Y2U3MDY4ZGZkOWJhN2FhOGVkOTBl
NWUwYmEwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTg4YWYyZmY1YjNjNTUyZTQ4NmJiMzk1ODk3ODlhY2M4OTJhNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLss0JciFxIG7iTYIkBv0BkgdpDb
L8xtVziAP4PxEZ1J+4IOy0WVnqRgWw/301TSMN3kK82qGuSvT9Kav2L+81Tf0UYW
UjWFGqpOknr/054MwJqlA50Cbq7Nj5YTejPSvpwCLBdJMUt08XvkwvHyizPwlhgS
p5AtrC0jSD1eKNH5gVXSgzzCSjcB7P0TZcomaSZdXR0Q2pzBSrhm1m4YL8o4E4Nw
JXGsWBr/eAEMe/LbTm4shIEGr0rtL4vgAl+O5NEG2uVxrWIFXpabrAlwBlEsFnJ8
RTvseE1+WSbS1zoXGeQF7oqIXS0+kiHt+gLJaQxw8MuZoHZFXfU3btJ72wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM6Iry/1s8VS5Ia7OViXiazIkqS9MB8GA1UdIwQY
MBaAFKfuGC2cQ6XOcGjf2bp6qO2Q5eC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDkt
NmI1ZjY4NTIyYTdkLzEvem9pdkxfV3p4VkxraHJzNVdKZUpyTWlTcEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDktNmI1ZjY4NTIyYTdk
LzEvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2QkAMA0G
CSqGSIb3DQEBCwUAA4IBAQA33fQFx8Ia04RaucmCvE4hSgJu+as5LnA5ZwbYD68b
20nix0aegRLS6WqDJyIMc1mJZ0IJ8s5xb50dOq43AZvuBSQVhxh17VggWvHMof8b
DGPFtD3Te+jhQq0HX13DQleG1FkF73LOtNm4z0bwX9tAwXkIEdrrP8513dZq+swR
6WdSI2DhmU0/5FHeR2uBNtmy+dQxEvZ1GmM6MV1L8ctA1R65n1kjvJvZUcmhRlpf
2J/9/a/HPmii3DggBhgckA3xGiXnqVGbeyO+dpUC/oy0VQU6xuVzXqa3qY+gT7gR
tt8w0oK6sHNjBPqcK6WqOVgdwjBk7S6pM9mQFFMBX7AW
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:02:18 2024 by rpki-client on console-ams.rpki-client.org