Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/zjIGaBW1fi4A-WFNYUQtva3xDZ8.roa
File: zjIGaBW1fi4A-WFNYUQtva3xDZ8.roa (raw, json)
Hash identifier: 6QOpGwPOUFdMHOUzcLtXszh6C4ke0Uz4nt9mdZUDuVk=
Subject key identifier: CE:32:06:68:15:B5:7E:2E:00:F9:61:4D:61:44:2D:BD:AD:F1:0D:9F
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 018CC8DF835DCF7F02CE1DF998423C8D3B33
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/zjIGaBW1fi4A-WFNYUQtva3xDZ8.roa
Signing time: Tue 02 Jan 2024 06:32:20 +0000
ROA not before: Tue 02 Jan 2024 06:32:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212828
IP address blocks: 2a10:9903:602::/48 maxlen: 48
2a10:9903:607::/48 maxlen: 48
2a10:9903:604::/48 maxlen: 48
2a10:9903:609::/48 maxlen: 48
2a10:9903:601::/48 maxlen: 48
2a10:9903:606::/48 maxlen: 48
2a10:9903:603::/48 maxlen: 48
2a10:9903:608::/48 maxlen: 48
2a10:9903:600::/48 maxlen: 48
2a10:9903:605::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:83:5d:cf:7f:02:ce:1d:f9:98:42:3c:8d:3b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Jan 2 06:32:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce32066815b57e2e00f9614d61442dbdadf10d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:43:da:ee:91:4b:50:15:80:05:59:b4:58:28:
3c:fd:89:57:e4:77:bf:d6:f8:2d:9e:fa:df:27:87:
c4:c7:38:ab:cc:9b:d1:38:ab:59:c5:f8:03:a6:b8:
63:2b:4a:cb:5d:bc:f2:2e:10:fc:4c:bb:c4:24:6b:
3b:bc:2f:d3:1e:e8:b6:3d:8a:d6:be:d5:96:4e:5a:
65:5a:81:ec:d3:d5:29:bf:ef:ed:1e:b2:70:c6:60:
fe:16:cb:37:72:b5:30:15:c2:01:53:ff:4d:48:e2:
30:d8:45:cb:5e:92:75:b9:b5:9d:ad:fa:17:c1:aa:
c2:19:90:21:57:78:cf:4f:d3:ff:18:b3:35:29:7d:
d4:2a:82:52:15:83:33:51:e3:65:25:1c:34:e9:38:
5b:eb:8c:cd:44:da:84:5f:f3:07:15:b5:2e:0f:22:
79:9e:28:33:9e:bc:54:6f:3d:f2:60:9b:6f:8d:91:
f6:3f:19:5f:b1:8e:0a:f2:d1:4b:bd:73:c9:ce:a2:
52:ef:e8:63:bd:2e:fd:93:26:16:7f:b2:93:2d:5d:
9e:71:ab:92:cf:21:0e:02:69:da:dd:b2:52:a5:dd:
ef:a6:7c:9f:d9:11:eb:28:9a:d3:d3:df:b3:0c:0e:
9e:8c:37:09:2e:c9:39:d7:d3:2b:65:68:96:08:64:
93:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:32:06:68:15:B5:7E:2E:00:F9:61:4D:61:44:2D:BD:AD:F1:0D:9F
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/zjIGaBW1fi4A-WFNYUQtva3xDZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9903:600::-2a10:9903:609:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
10:fa:c6:8d:8b:62:e7:89:1b:18:da:d5:0b:f7:21:8b:ed:39:
96:18:fc:17:73:53:38:ab:87:84:1f:a3:79:36:a2:37:5b:d4:
59:5e:3b:d3:bc:52:77:87:20:9b:04:1d:85:a4:53:9b:4e:1b:
81:5b:20:1d:d6:de:aa:79:25:09:0d:27:56:ce:05:ca:f2:d5:
9b:92:ca:ee:b6:7f:56:f2:9d:b5:bc:58:27:1a:b2:1b:31:74:
68:a4:f6:78:93:7a:6f:88:ed:1f:d5:66:fd:d9:ff:5d:db:d8:
3e:77:cc:b6:23:e9:3c:31:eb:ac:e6:14:a1:7b:be:9e:8c:cc:
16:a9:e6:35:c5:df:9f:bf:1e:61:97:b2:60:d0:27:47:26:6f:
89:05:9f:00:a4:fa:43:7f:be:cf:38:1a:67:f6:91:a0:16:9b:
70:34:0f:58:26:2c:2c:49:5c:a5:8e:f5:f1:ee:07:dc:94:e6:
90:f1:b5:9d:84:06:27:0f:84:00:2f:14:99:47:29:0d:48:3d:
5e:22:44:04:47:b1:e6:22:3e:b5:13:8a:1c:5c:d2:b4:6b:2a:
cc:1d:48:45:9a:5b:f1:dd:9c:af:f4:c7:10:10:44:e1:ad:a6:
c0:39:9b:db:53:db:98:ab:66:0b:75:a9:07:3b:5c:06:b8:c6:
c3:14:fe:b1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzI34Ndz38Czh35mEI8jTszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjQwMTAyMDYzMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTMyMDY2ODE1YjU3ZTJlMDBmOTYxNGQ2MTQ0MmRiZGFkZjEwZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkPa7pFLUBWABVm0WCg8/YlX5He/
1vgtnvrfJ4fExzirzJvROKtZxfgDprhjK0rLXbzyLhD8TLvEJGs7vC/THui2PYrW
vtWWTlplWoHs09Upv+/tHrJwxmD+Fss3crUwFcIBU/9NSOIw2EXLXpJ1ubWdrfoX
warCGZAhV3jPT9P/GLM1KX3UKoJSFYMzUeNlJRw06Thb64zNRNqEX/MHFbUuDyJ5
nigznrxUbz3yYJtvjZH2PxlfsY4K8tFLvXPJzqJS7+hjvS79kyYWf7KTLV2ecauS
zyEOAmna3bJSpd3vpnyf2RHrKJrT09+zDA6ejDcJLsk519MrZWiWCGST9wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFM4yBmgVtX4uAPlhTWFELb2t8Q2fMB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvempJR2FCVzFmaTRBLVdGTllVUXR2YTN4RFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATMBEDBgEqEJkD
BgMHASoQmQMGCDANBgkqhkiG9w0BAQsFAAOCAQEAEPrGjYti54kbGNrVC/chi+05
lhj8F3NTOKuHhB+jeTaiN1vUWV4707xSd4cgmwQdhaRTm04bgVsgHdbeqnklCQ0n
Vs4FyvLVm5LK7rZ/VvKdtbxYJxqyGzF0aKT2eJN6b4jtH9Vm/dn/XdvYPnfMtiPp
PDHrrOYUoXu+nozMFqnmNcXfn78eYZeyYNAnRyZviQWfAKT6Q3++zzgaZ/aRoBab
cDQPWCYsLElcpY718e4H3JTmkPG1nYQGJw+EAC8UmUcpDUg9XiJEBEex5iI+tROK
HFzStGsqzB1IRZpb8d2cr/THEBBE4a2mwDmb21PbmKtmC3WpBztcBrjGwxT+sQ==
-----END CERTIFICATE-----
Generated at Tue Nov 26 05:16:03 2024 by rpki-client on console-fra.rpki-client.org