Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Z609qW5B5CPcGG79C_Ndf9PHCd0.roa
File: Z609qW5B5CPcGG79C_Ndf9PHCd0.roa (raw, json)
Hash identifier: +iu9cNAY/5Yt2JTqT+oPOlmsy4k1DrZ6kyUJ3z670w4=
Subject key identifier: 67:AD:3D:A9:6E:41:E4:23:DC:18:6E:FD:0B:F3:5D:7F:D3:C7:09:DD
Certificate issuer: /CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
Certificate serial: 018CCA99889C9837BC74D4ADD58751FE477A
Authority key identifier: 5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Z609qW5B5CPcGG79C_Ndf9PHCd0.roa
Signing time: Tue 02 Jan 2024 14:35:08 +0000
ROA not before: Tue 02 Jan 2024 14:35:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209834
IP address blocks: 176.53.188.0/22 maxlen: 24
2a09:e100::/29 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:88:9c:98:37:bc:74:d4:ad:d5:87:51:fe:47:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
Validity
Not Before: Jan 2 14:35:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ad3da96e41e423dc186efd0bf35d7fd3c709dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2e:56:2e:de:46:78:ac:ac:c6:ba:56:cf:d7:
ba:c4:d1:61:0c:7c:0f:68:c8:e8:23:aa:89:2a:83:
f3:a2:bb:36:2f:81:c8:d8:2c:d9:0c:46:fd:85:c6:
f9:fc:36:b9:82:0c:fe:7f:bf:2c:57:ab:12:2d:0b:
73:4b:39:83:57:84:1a:bb:e0:b0:ad:66:52:e8:16:
b8:b2:50:37:90:61:79:fe:88:d9:c1:29:c2:8f:d4:
47:02:fc:17:10:8a:31:71:24:d1:c1:c8:73:b2:0b:
28:87:43:c4:bd:f3:06:03:e6:97:29:dc:68:58:0d:
b1:91:4e:c3:5e:27:16:da:57:76:ee:45:e5:4b:24:
7f:4f:02:69:bf:b5:9d:1c:7a:a9:81:a0:5d:62:f7:
28:e0:0b:d0:74:c7:4d:65:72:f1:1a:38:9f:8a:e1:
b9:ae:56:05:4c:eb:03:2e:6a:bd:3f:7c:ba:85:20:
b5:e4:02:cb:e7:bb:50:6b:a0:52:bd:39:ab:91:34:
f3:17:5b:e2:50:0e:ba:09:8a:d9:2a:18:b4:fb:0c:
47:63:e7:f0:16:34:3b:c6:5f:77:35:98:d2:1b:9f:
a3:c3:d1:31:8d:5f:c2:98:81:18:9c:d5:1c:fe:ba:
8a:33:26:b9:11:ac:63:d0:8f:63:52:35:ff:2a:a0:
d9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:AD:3D:A9:6E:41:E4:23:DC:18:6E:FD:0B:F3:5D:7F:D3:C7:09:DD
X509v3 Authority Key Identifier:
keyid:5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Z609qW5B5CPcGG79C_Ndf9PHCd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.188.0/22
IPv6:
2a09:e100::/29
Signature Algorithm: sha256WithRSAEncryption
62:31:20:62:32:ad:bf:d4:90:72:be:de:20:e6:12:e1:2b:76:
92:8b:58:65:ee:bc:ce:c4:57:ae:8c:c1:15:80:15:52:c5:53:
34:28:85:5e:81:de:35:cd:bc:a1:08:cd:18:0c:e2:f1:90:89:
c6:08:63:fc:05:f2:8d:cb:e2:5e:ad:dd:a8:47:13:83:01:fb:
9c:bf:8b:6c:7a:8d:1e:a8:6b:f5:fe:77:21:b0:c2:cb:22:96:
74:15:46:fe:11:98:8a:56:03:8f:c4:ed:93:56:ee:4b:09:df:
e5:2d:6d:92:e2:e1:17:69:f2:90:e7:e4:3e:31:55:97:1b:8a:
2a:da:d4:c8:b8:d3:18:c0:a7:6f:7d:61:e4:86:58:49:7f:84:
09:c9:d7:dc:2a:5e:72:ca:fb:1e:33:02:d2:8d:b8:40:a9:6c:
1a:46:4b:42:22:04:fb:ca:70:83:f6:57:bd:62:15:6b:a0:fd:
29:7f:62:4f:aa:a8:36:f2:0c:7a:32:ab:a6:55:fb:81:85:cb:
c5:65:a6:e6:f5:05:4e:c4:17:1e:b9:3c:63:f4:61:1e:f1:e8:
98:b8:fc:4f:44:27:11:9d:58:8e:51:26:26:16:77:9c:05:78:
cb:fe:89:ec:e0:8e:2f:fb:8c:a0:21:67:12:8c:0a:98:81:e2:
89:e9:d1:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKmYicmDe8dNSt1YdR/kd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWQ0MDYwZmQ1MDFlYmFlOTNlZDQ0ZGE2YjdhNzllNjY3
MDViMmYwHhcNMjQwMTAyMTQzNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2FkM2RhOTZlNDFlNDIzZGMxODZlZmQwYmYzNWQ3ZmQzYzcwOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy5WLt5GeKysxrpWz9e6xNFhDHwP
aMjoI6qJKoPzors2L4HI2CzZDEb9hcb5/Da5ggz+f78sV6sSLQtzSzmDV4Qau+Cw
rWZS6Ba4slA3kGF5/ojZwSnCj9RHAvwXEIoxcSTRwchzsgsoh0PEvfMGA+aXKdxo
WA2xkU7DXicW2ld27kXlSyR/TwJpv7WdHHqpgaBdYvco4AvQdMdNZXLxGjifiuG5
rlYFTOsDLmq9P3y6hSC15ALL57tQa6BSvTmrkTTzF1viUA66CYrZKhi0+wxHY+fw
FjQ7xl93NZjSG5+jw9ExjV/CmIEYnNUc/rqKMya5Eaxj0I9jUjX/KqDZ4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGetPaluQeQj3Bhu/QvzXX/TxwndMB8GA1UdIwQY
MBaAFF4dQGD9UB666T7UTaa3p55mcFsvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQt
MGUxZGI5OGFkMjMxLzEvWjYwOXFXNUI1Q1BjR0c3OUNfTmRmOVBIQ2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQtMGUxZGI5OGFkMjMx
LzEvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCsDW8MA0E
AgACMAcDBQMqCeEAMA0GCSqGSIb3DQEBCwUAA4IBAQBiMSBiMq2/1JByvt4g5hLh
K3aSi1hl7rzOxFeujMEVgBVSxVM0KIVegd41zbyhCM0YDOLxkInGCGP8BfKNy+Je
rd2oRxODAfucv4tseo0eqGv1/nchsMLLIpZ0FUb+EZiKVgOPxO2TVu5LCd/lLW2S
4uEXafKQ5+Q+MVWXG4oq2tTIuNMYwKdvfWHkhlhJf4QJydfcKl5yyvseMwLSjbhA
qWwaRktCIgT7ynCD9le9YhVroP0pf2JPqqg28gx6MqumVfuBhcvFZabm9QVOxBce
uTxj9GEe8eiYuPxPRCcRnViOUSYmFnecBXjL/ons4I4v+4ygIWcSjAqYgeKJ6dFo
-----END CERTIFICATE-----
Generated at Tue Nov 26 21:06:47 2024 by rpki-client on console-fra.rpki-client.org