Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/zXPYeDIHs-OMGLv6HH_M7H9lbYk.roa
File: zXPYeDIHs-OMGLv6HH_M7H9lbYk.roa (raw, json)
Hash identifier: uCZdrT7mzEOccqeIV2iS7Gmxa5fgiTAZvZ+mupdaRXQ=
Subject key identifier: CD:73:D8:78:32:07:B3:E3:8C:18:BB:FA:1C:7F:CC:EC:7F:65:6D:89
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 018CC64B78EB4279762FF2598EA8B7D147C9
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/zXPYeDIHs-OMGLv6HH_M7H9lbYk.roa
Signing time: Mon 01 Jan 2024 18:31:24 +0000
ROA not before: Mon 01 Jan 2024 18:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 328543
IP address blocks: 2a0c:640::/29 maxlen: 29
2a0d:2480::/29 maxlen: 29
2a0c:f480::/29 maxlen: 29
2a0c:9380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:78:eb:42:79:76:2f:f2:59:8e:a8:b7:d1:47:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Jan 1 18:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd73d8783207b3e38c18bbfa1c7fccec7f656d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c5:e9:a7:78:db:ff:3b:d7:b2:5d:1e:d3:59:
fa:a7:4d:3f:49:af:69:dc:f3:2e:3b:b5:2c:e9:db:
e4:fd:97:63:74:4d:48:8c:db:1c:21:e1:f4:9b:c6:
f5:41:b8:3f:4b:2d:24:5f:54:e1:a4:3b:3b:0c:c9:
1e:86:c9:b6:b4:af:8e:f3:18:a0:0c:82:a0:4e:89:
5e:69:99:92:e1:c8:6f:9b:48:31:3a:f9:fb:ac:d7:
2e:88:76:5e:e9:40:6d:c3:6a:34:ec:9a:e0:88:6b:
f8:22:ae:66:da:52:ee:94:20:3a:f9:af:9d:59:40:
98:35:a6:ea:17:78:46:c2:0f:4a:7f:79:22:0b:e8:
65:b8:8e:f5:f8:81:b6:55:c5:0a:1b:36:51:01:1e:
d7:a7:6d:d6:e0:7d:63:d4:f7:22:47:72:04:e7:cf:
c8:7d:f6:a8:ae:83:83:09:f2:cf:33:03:b6:70:b1:
75:d4:8a:0c:f0:41:7e:30:2e:a8:f9:2d:8d:98:8a:
1c:cc:2d:68:6a:10:ae:f5:b9:cf:03:d9:29:ec:40:
e3:2c:45:68:18:c1:22:4f:6b:37:35:0d:78:dd:62:
e5:32:5b:32:bb:ed:5d:47:9b:a0:20:dc:ab:ed:c4:
8a:b8:ce:d5:ed:e0:a0:fc:56:e8:94:76:22:ef:f1:
70:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:73:D8:78:32:07:B3:E3:8C:18:BB:FA:1C:7F:CC:EC:7F:65:6D:89
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/zXPYeDIHs-OMGLv6HH_M7H9lbYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:640::/29
2a0c:9380::/29
2a0c:f480::/29
2a0d:2480::/29
Signature Algorithm: sha256WithRSAEncryption
0c:78:74:64:1e:93:1b:c6:a6:4d:70:34:63:29:5a:0e:1c:ce:
ce:5b:66:78:5f:84:eb:db:3d:87:25:b3:a6:55:5d:80:e4:50:
e0:09:45:ee:48:48:6c:4c:a3:09:56:7c:78:ed:bf:be:00:33:
65:41:1a:a8:fe:06:74:f8:9e:ac:16:ea:9f:20:4d:15:14:93:
09:6e:a1:66:29:a8:0a:f5:15:dd:84:ad:d2:22:35:55:dd:d2:
06:10:86:38:13:47:9d:f8:97:ae:10:ed:7d:a3:cc:6e:05:ce:
4b:d8:77:30:f6:10:87:57:dd:10:32:66:cf:5d:ee:39:98:cb:
c7:08:7b:5f:7b:92:f2:5d:28:88:80:80:75:53:e7:0a:0f:01:
08:ff:45:0f:c9:f8:6e:ba:27:1f:cb:79:a6:cf:16:60:53:a5:
06:09:cf:78:a2:ca:da:c3:06:0f:ab:f4:b5:a2:32:81:5c:21:
de:8a:5b:26:d9:84:3d:f8:9e:29:a9:5e:a2:d8:5e:1d:1d:0f:
ff:cb:2d:a4:4b:73:37:28:4e:c8:44:95:85:e5:3b:a9:75:3f:
42:eb:30:d2:3b:1a:97:d0:f3:49:46:ed:f2:f2:84:6d:f6:8c:
04:22:64:ca:9f:16:57:b9:7d:08:b6:dd:6e:db:6d:a4:0c:b4:
f2:b7:ee:3c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGS3jrQnl2L/JZjqi30UfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjQwMTAxMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDczZDg3ODMyMDdiM2UzOGMxOGJiZmExYzdmY2NlYzdmNjU2ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisXpp3jb/zvXsl0e01n6p00/Sa9p
3PMuO7Us6dvk/ZdjdE1IjNscIeH0m8b1Qbg/Sy0kX1ThpDs7DMkehsm2tK+O8xig
DIKgToleaZmS4chvm0gxOvn7rNcuiHZe6UBtw2o07JrgiGv4Iq5m2lLulCA6+a+d
WUCYNabqF3hGwg9Kf3kiC+hluI71+IG2VcUKGzZRAR7Xp23W4H1j1PciR3IE58/I
ffaoroODCfLPMwO2cLF11IoM8EF+MC6o+S2NmIoczC1oahCu9bnPA9kp7EDjLEVo
GMEiT2s3NQ143WLlMlsyu+1dR5ugINyr7cSKuM7V7eCg/FbolHYi7/Fw1QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFM1z2HgyB7PjjBi7+hx/zOx/ZW2JMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvelhQWWVESUhzLU9NR0x2NkhIX003SDlsYllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgwGQAMF
AyoMk4ADBQMqDPSAAwUDKg0kgDANBgkqhkiG9w0BAQsFAAOCAQEADHh0ZB6TG8am
TXA0YylaDhzOzltmeF+E69s9hyWzplVdgORQ4AlF7khIbEyjCVZ8eO2/vgAzZUEa
qP4GdPierBbqnyBNFRSTCW6hZimoCvUV3YSt0iI1Vd3SBhCGOBNHnfiXrhDtfaPM
bgXOS9h3MPYQh1fdEDJmz13uOZjLxwh7X3uS8l0oiICAdVPnCg8BCP9FD8n4bron
H8t5ps8WYFOlBgnPeKLK2sMGD6v0taIygVwh3opbJtmEPfieKaleotheHR0P/8st
pEtzNyhOyESVheU7qXU/Qusw0jsal9DzSUbt8vKEbfaMBCJkyp8WV7l9CLbdbttt
pAy08rfuPA==
-----END CERTIFICATE-----
Generated at Fri Jun 14 19:41:01 2024 by rpki-client on console-fra.rpki-client.org