Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/ZW9ugMjX3oTan3zgRGDqE4oQ4hw.roa
File: ZW9ugMjX3oTan3zgRGDqE4oQ4hw.roa (raw, json)
Hash identifier: ZgQ0TCzYxAnNZz2JigMNT/B6Uo0epjU6iWuVQu6D7Y0=
Subject key identifier: 65:6F:6E:80:C8:D7:DE:84:DA:9F:7C:E0:44:60:EA:13:8A:10:E2:1C
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492D73E37FD720BE79617513D151346
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/ZW9ugMjX3oTan3zgRGDqE4oQ4hw.roa
Signing time: Mon 01 Jan 2024 10:30:06 +0000
ROA not before: Mon 01 Jan 2024 10:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49433
IP address blocks: 5.160.242.0/24 maxlen: 24
2a00:15c8:1000:3000::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:d7:3e:37:fd:72:0b:e7:96:17:51:3d:15:13:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=656f6e80c8d7de84da9f7ce04460ea138a10e21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:05:73:c4:6b:e9:1c:0f:27:7c:e1:b3:bc:d4:
d8:80:99:ce:9c:76:fb:f7:26:88:c7:3c:9f:05:81:
59:31:34:99:d8:94:03:72:7f:e4:a4:23:d1:54:86:
30:9a:27:5e:57:ff:b5:cb:2d:f9:36:22:de:6e:6b:
96:23:6e:45:d7:31:ee:dd:fa:be:41:86:17:4a:09:
06:60:71:14:d6:98:43:1e:b6:eb:0a:a0:59:36:26:
fb:74:0d:fb:56:c9:84:a7:90:47:20:ad:0e:5f:e0:
8f:43:eb:a8:2e:82:ea:bf:70:fc:94:08:b8:2c:36:
4d:98:36:7e:bc:9c:53:be:c2:1e:40:b3:64:30:b8:
de:b9:78:88:5c:16:7f:da:7e:ce:a8:cf:89:84:e4:
4d:a9:25:f4:ad:57:69:b5:82:1d:18:31:ae:08:c5:
3d:f4:f2:47:fc:ff:76:d5:86:ea:41:d6:52:21:d0:
40:4a:65:3e:cf:6d:79:87:bb:c5:35:6f:05:55:89:
4a:e9:6b:b0:f4:b8:9c:e5:aa:25:f1:3f:cf:c1:aa:
35:f5:b6:0f:cf:ee:1e:63:3f:fd:f9:fc:05:d1:16:
f9:3c:0e:8a:c1:ba:85:1b:88:90:26:9e:b3:d6:84:
a3:c1:4e:9c:fb:b9:ca:96:72:6d:fc:c4:40:46:02:
0f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:6F:6E:80:C8:D7:DE:84:DA:9F:7C:E0:44:60:EA:13:8A:10:E2:1C
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/ZW9ugMjX3oTan3zgRGDqE4oQ4hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.242.0/24
IPv6:
2a00:15c8:1000:3000::/64
Signature Algorithm: sha256WithRSAEncryption
75:45:08:07:69:2b:e0:66:e1:e6:33:3c:2a:91:2f:4d:e6:3f:
4e:1d:dc:2e:e2:96:ec:94:e1:2e:5d:02:c5:0a:66:66:45:50:
d5:88:6b:75:33:a1:7f:8d:ba:8a:f4:5d:1c:f9:74:38:fc:f5:
ed:30:20:d4:0a:13:06:eb:89:7c:ad:1b:f9:4c:83:f2:7a:41:
bf:15:dd:e9:5a:49:d7:5a:b7:f9:48:69:5f:41:07:ca:3d:db:
70:f6:c6:d4:08:15:ef:57:5a:a6:9f:6c:88:dd:2d:fc:0e:53:
01:44:a0:06:d2:d2:05:59:30:17:4a:91:ad:25:88:0a:7c:f4:
0f:7b:83:21:21:a6:d2:75:b4:cf:8c:dc:95:ad:ea:3a:37:b9:
25:6c:01:61:1c:16:2c:58:83:9c:02:6c:96:cd:35:64:ef:40:
58:db:a2:76:65:ca:31:ef:dd:6f:eb:d5:70:52:9c:00:a8:5e:
04:c9:35:dc:f1:3c:77:b7:0c:78:e7:fa:63:0a:6f:fb:20:7b:
c6:b1:fc:41:3f:4f:35:83:32:15:c5:0b:61:83:c6:40:21:39:
5b:c8:b5:fc:0d:1b:f2:7b:4a:4a:08:e0:bb:46:aa:b5:87:65:
02:cd:0b:7c:af:b1:8d:3d:b6:b6:06:98:33:54:f7:2a:63:74:
56:37:78:43
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzEktc+N/1yC+eWF1E9FRNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTZmNmU4MGM4ZDdkZTg0ZGE5ZjdjZTA0NDYwZWExMzhhMTBlMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgVzxGvpHA8nfOGzvNTYgJnOnHb7
9yaIxzyfBYFZMTSZ2JQDcn/kpCPRVIYwmideV/+1yy35NiLebmuWI25F1zHu3fq+
QYYXSgkGYHEU1phDHrbrCqBZNib7dA37VsmEp5BHIK0OX+CPQ+uoLoLqv3D8lAi4
LDZNmDZ+vJxTvsIeQLNkMLjeuXiIXBZ/2n7OqM+JhORNqSX0rVdptYIdGDGuCMU9
9PJH/P921YbqQdZSIdBASmU+z215h7vFNW8FVYlK6Wuw9Lic5aol8T/Pwao19bYP
z+4eYz/9+fwF0Rb5PA6KwbqFG4iQJp6z1oSjwU6c+7nKlnJt/MRARgIP8QIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFGVvboDI196E2p984ERg6hOKEOIcMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvWlc5dWdNalgzb1RhbjN6Z1JHRHFFNG9RNGh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQABaDyMBEE
AgACMAsDCQAqABXIEAAwADANBgkqhkiG9w0BAQsFAAOCAQEAdUUIB2kr4Gbh5jM8
KpEvTeY/Th3cLuKW7JThLl0CxQpmZkVQ1YhrdTOhf426ivRdHPl0OPz17TAg1AoT
BuuJfK0b+UyD8npBvxXd6VpJ11q3+UhpX0EHyj3bcPbG1AgV71dapp9siN0t/A5T
AUSgBtLSBVkwF0qRrSWICnz0D3uDISGm0nW0z4zcla3qOje5JWwBYRwWLFiDnAJs
ls01ZO9AWNuidmXKMe/db+vVcFKcAKheBMk13PE8d7cMeOf6Ywpv+yB7xrH8QT9P
NYMyFcULYYPGQCE5W8i1/A0b8ntKSgjgu0aqtYdlAs0LfK+xjT22tgaYM1T3KmN0
Vjd4Qw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:22 2024 by rpki-client on console-fra.rpki-client.org