Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/a_Z8EnjS_G5a9KFaFWs02IsBBdU.roa
File: a_Z8EnjS_G5a9KFaFWs02IsBBdU.roa (raw, json)
Hash identifier: 3TpBuxOUM819kyiH2DBv9VtLnCigtbeLxT2DXAkSCjE=
Subject key identifier: 6B:F6:7C:12:78:D2:FC:6E:5A:F4:A1:5A:15:6B:34:D8:8B:01:05:D5
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492E08A416EF4773A661559EE118C20
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/a_Z8EnjS_G5a9KFaFWs02IsBBdU.roa
Signing time: Mon 01 Jan 2024 10:30:09 +0000
ROA not before: Mon 01 Jan 2024 10:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61176
IP address blocks: 5.160.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e0:8a:41:6e:f4:77:3a:66:15:59:ee:11:8c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bf67c1278d2fc6e5af4a15a156b34d88b0105d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6b:29:5b:78:18:8c:b4:00:62:5d:fd:d4:60:
7a:b0:03:dd:d2:b5:13:70:6c:3d:91:88:1a:2e:f6:
8a:93:af:bb:5d:29:81:00:45:5e:d5:d3:f9:a0:f1:
08:25:00:d4:24:0d:76:59:de:33:76:71:85:be:5e:
33:9c:54:e0:75:78:2d:ec:57:7c:24:90:3c:c3:23:
c6:a6:38:b3:71:19:65:42:65:ec:2e:7a:39:22:11:
a0:88:3b:ab:74:d8:b3:e6:6a:92:a5:c5:4d:50:b5:
24:aa:1c:18:36:d7:e8:89:08:ea:47:d4:c1:60:e6:
8c:38:63:a3:e1:9a:65:af:17:d8:6e:f0:71:85:ff:
28:59:2b:69:13:81:79:2c:03:f0:33:7a:92:c3:c6:
a9:df:9f:17:14:3b:30:6b:01:b9:18:27:e7:ad:15:
3e:d2:27:28:e1:53:e3:37:fe:d4:46:29:41:87:3d:
6c:bb:fa:53:e5:90:92:9a:fd:b9:68:c5:ac:3a:3d:
5a:9a:9d:7f:0a:36:fb:2e:3a:98:46:7b:7e:15:ea:
2a:28:c5:6b:91:db:5b:00:4a:92:d3:a9:fb:1e:42:
e5:c4:37:59:0b:62:e2:c0:b1:0c:d7:87:fa:44:ea:
03:8c:e1:39:0d:8b:48:f9:ca:53:ad:15:39:a6:b4:
27:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F6:7C:12:78:D2:FC:6E:5A:F4:A1:5A:15:6B:34:D8:8B:01:05:D5
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/a_Z8EnjS_G5a9KFaFWs02IsBBdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.15.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:78:b3:12:4f:50:a9:fb:0e:16:ab:1e:b7:96:f8:48:6b:b9:
53:c6:3f:2b:39:29:66:1d:ca:52:c3:f6:7f:7e:f0:53:b9:18:
63:ba:47:23:8a:06:de:75:b6:5b:01:8e:03:f0:87:c1:72:5e:
2d:8d:30:96:50:7f:e9:63:eb:6c:5d:79:0e:1d:21:00:95:23:
6f:45:45:cf:1b:94:d9:63:03:a0:bf:ac:4c:f4:f4:cf:c9:b7:
3d:3c:3f:4d:18:07:18:e7:53:fa:4a:b8:ef:28:a6:8d:e0:f7:
8b:0f:7b:02:e5:70:42:47:41:1f:78:5e:ed:77:de:8a:70:06:
c8:a9:a0:69:56:92:99:b9:b5:2f:8e:44:05:9a:35:ea:0b:63:
65:9a:59:fd:6c:9a:ee:50:57:70:79:01:42:84:9a:93:9f:c8:
66:3e:b1:99:4d:62:b7:63:df:14:79:f6:e0:a6:58:79:92:7b:
75:88:f7:db:87:7c:ca:71:ed:5a:8d:fc:fe:08:47:43:0c:cf:
d2:39:70:1d:46:63:4b:3b:12:5c:74:89:8e:a8:54:27:b1:bf:
f5:82:38:04:d3:06:90:0a:48:66:12:28:45:49:ae:f0:3d:0e:
ef:08:df:ca:c4:ab:14:e9:83:c6:0d:05:0b:8f:fe:29:11:96:
c6:00:47:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkuCKQW70dzpmFVnuEYwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmY2N2MxMjc4ZDJmYzZlNWFmNGExNWExNTZiMzRkODhiMDEwNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmspW3gYjLQAYl391GB6sAPd0rUT
cGw9kYgaLvaKk6+7XSmBAEVe1dP5oPEIJQDUJA12Wd4zdnGFvl4znFTgdXgt7Fd8
JJA8wyPGpjizcRllQmXsLno5IhGgiDurdNiz5mqSpcVNULUkqhwYNtfoiQjqR9TB
YOaMOGOj4ZplrxfYbvBxhf8oWStpE4F5LAPwM3qSw8ap358XFDswawG5GCfnrRU+
0ico4VPjN/7URilBhz1su/pT5ZCSmv25aMWsOj1amp1/Cjb7LjqYRnt+FeoqKMVr
kdtbAEqS06n7HkLlxDdZC2LiwLEM14f6ROoDjOE5DYtI+cpTrRU5prQn6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGv2fBJ40vxuWvShWhVrNNiLAQXVMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvYV9aOEVualNfRzVhOUtGYUZXczAySXNCQmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaAPMA0G
CSqGSIb3DQEBCwUAA4IBAQBteLMST1Cp+w4Wqx63lvhIa7lTxj8rOSlmHcpSw/Z/
fvBTuRhjukcjigbedbZbAY4D8IfBcl4tjTCWUH/pY+tsXXkOHSEAlSNvRUXPG5TZ
YwOgv6xM9PTPybc9PD9NGAcY51P6SrjvKKaN4PeLD3sC5XBCR0EfeF7td96KcAbI
qaBpVpKZubUvjkQFmjXqC2Nlmln9bJruUFdweQFChJqTn8hmPrGZTWK3Y98Uefbg
plh5knt1iPfbh3zKce1ajfz+CEdDDM/SOXAdRmNLOxJcdImOqFQnsb/1gjgE0waQ
CkhmEihFSa7wPQ7vCN/KxKsU6YPGDQULj/4pEZbGAEcz
-----END CERTIFICATE-----
Generated at Sat Sep 28 18:39:16 2024 by rpki-client on console-fra.rpki-client.org