Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/584997-83ab-4817-aac3-88cf72ca9e46/1/ZUn3d4nI4YLs60e6M_KYwzM6T1w.roa
File: ZUn3d4nI4YLs60e6M_KYwzM6T1w.roa (raw, json)
Hash identifier: 4aq5kCFp1qttLbIVpxIZNlT9eGwcMJ+Y2j/unhxjMxQ=
Subject key identifier: 65:49:F7:77:89:C8:E1:82:EC:EB:47:BA:33:F2:98:C3:33:3A:4F:5C
Certificate issuer: /CN=6eb64fa8e05a2d7f564acf289ae757c404cdd9d0
Certificate serial: 019049DCA2B476FBE5206369650AC450EC8A
Authority key identifier: 6E:B6:4F:A8:E0:5A:2D:7F:56:4A:CF:28:9A:E7:57:C4:04:CD:D9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/brZPqOBaLX9WSs8omudXxATN2dA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/584997-83ab-4817-aac3-88cf72ca9e46/1/ZUn3d4nI4YLs60e6M_KYwzM6T1w.roa
Signing time: Mon 24 Jun 2024 10:48:34 +0000
ROA not before: Mon 24 Jun 2024 10:48:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 194.164.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/584997-83ab-4817-aac3-88cf72ca9e46/1/brZPqOBaLX9WSs8omudXxATN2dA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/584997-83ab-4817-aac3-88cf72ca9e46/1/brZPqOBaLX9WSs8omudXxATN2dA.mft
rsync://rpki.ripe.net/repository/DEFAULT/brZPqOBaLX9WSs8omudXxATN2dA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:dc:a2:b4:76:fb:e5:20:63:69:65:0a:c4:50:ec:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eb64fa8e05a2d7f564acf289ae757c404cdd9d0
Validity
Not Before: Jun 24 10:48:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6549f77789c8e182eceb47ba33f298c3333a4f5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:11:fb:b0:45:8a:28:a6:74:45:6b:7c:23:cc:
7c:b5:f8:e8:80:54:fb:73:8a:0f:c4:38:89:b5:28:
e1:10:c1:8d:4e:39:2b:ce:f3:71:ff:76:d5:74:b4:
9e:f5:28:56:db:17:58:53:bc:05:6c:aa:0d:f2:77:
ec:d3:2d:81:3d:08:d6:65:ac:1e:03:41:60:b4:58:
16:68:5d:94:2f:cc:60:0f:ae:5a:f6:6a:0a:74:99:
b1:e7:83:b6:84:97:a9:2b:32:a1:b2:f8:1a:9b:92:
bc:af:4a:65:6d:fb:f0:a8:49:7d:bf:34:0a:a1:1d:
e8:7c:4b:08:f5:02:27:e2:8e:80:65:85:2e:84:18:
06:4b:fb:43:74:87:0a:e5:01:df:7b:3c:8b:0b:e8:
53:72:57:8a:1c:21:53:71:66:ee:3a:73:07:d1:12:
cd:ed:d5:ed:fd:ae:46:53:48:74:dd:f3:59:aa:1e:
93:37:f1:86:4a:0b:5d:f2:13:71:71:06:f1:9e:60:
f6:fd:8d:5c:ff:69:b8:07:09:85:55:13:61:c7:99:
cc:f9:f5:94:af:a9:c9:ae:a4:d8:e7:dd:af:22:58:
31:4b:50:39:03:a7:d0:ed:b8:15:0b:73:2c:0f:89:
1a:94:6b:76:7e:0a:f3:33:53:81:ff:b7:a6:89:6a:
95:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:49:F7:77:89:C8:E1:82:EC:EB:47:BA:33:F2:98:C3:33:3A:4F:5C
X509v3 Authority Key Identifier:
keyid:6E:B6:4F:A8:E0:5A:2D:7F:56:4A:CF:28:9A:E7:57:C4:04:CD:D9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/brZPqOBaLX9WSs8omudXxATN2dA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/584997-83ab-4817-aac3-88cf72ca9e46/1/ZUn3d4nI4YLs60e6M_KYwzM6T1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/584997-83ab-4817-aac3-88cf72ca9e46/1/brZPqOBaLX9WSs8omudXxATN2dA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.164.246.0/24
Signature Algorithm: sha256WithRSAEncryption
64:e0:8b:bd:e1:01:89:cd:32:42:35:7a:a5:4f:2e:72:3d:23:
d4:c0:47:6c:ae:c0:ea:39:73:ee:1e:07:75:72:22:50:96:fc:
7e:72:44:47:dd:8f:62:b2:ab:04:c0:28:75:eb:3d:8e:c1:74:
b5:62:e6:52:ae:06:3d:3d:6e:23:ab:10:da:80:d3:11:eb:36:
3d:22:3e:fd:ff:22:a2:ef:82:b6:98:65:2e:a1:a9:da:d6:74:
26:a4:d1:18:4e:e7:78:8e:85:99:90:cc:52:85:54:ad:01:fb:
9a:b9:26:93:97:5c:29:03:1d:9d:63:5a:3b:4c:49:db:01:44:
b2:4a:d4:a0:44:0b:56:e8:1c:d4:15:ae:d1:ff:c4:84:ac:e6:
ac:93:f3:bc:f2:21:4d:8f:fc:10:73:92:24:24:f4:ea:62:e9:
bb:ca:76:8e:a9:28:67:09:ff:3e:2d:1b:aa:d0:47:fe:2f:79:
03:ac:08:af:fb:b0:5f:25:2b:5b:af:ae:89:24:45:53:60:95:
c0:5c:fc:57:5d:7b:2f:93:14:67:99:de:45:a6:80:64:dc:49:
d4:3d:b3:40:fa:62:1c:be:d5:74:2a:ec:b3:13:4f:ca:73:f0:
0e:9d:fc:81:69:2b:0c:12:2d:7b:ff:6b:fb:b5:e0:b7:c8:e8:
46:5f:25:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBJ3KK0dvvlIGNpZQrEUOyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYjY0ZmE4ZTA1YTJkN2Y1NjRhY2YyODlhZTc1N2M0MDRj
ZGQ5ZDAwHhcNMjQwNjI0MTA0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQ5Zjc3Nzg5YzhlMTgyZWNlYjQ3YmEzM2YyOThjMzMzM2E0ZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBH7sEWKKKZ0RWt8I8x8tfjogFT7
c4oPxDiJtSjhEMGNTjkrzvNx/3bVdLSe9ShW2xdYU7wFbKoN8nfs0y2BPQjWZawe
A0FgtFgWaF2UL8xgD65a9moKdJmx54O2hJepKzKhsvgam5K8r0plbfvwqEl9vzQK
oR3ofEsI9QIn4o6AZYUuhBgGS/tDdIcK5QHfezyLC+hTcleKHCFTcWbuOnMH0RLN
7dXt/a5GU0h03fNZqh6TN/GGSgtd8hNxcQbxnmD2/Y1c/2m4BwmFVRNhx5nM+fWU
r6nJrqTY592vIlgxS1A5A6fQ7bgVC3MsD4kalGt2fgrzM1OB/7emiWqVdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGVJ93eJyOGC7OtHujPymMMzOk9cMB8GA1UdIwQY
MBaAFG62T6jgWi1/VkrPKJrnV8QEzdnQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnJaUHFPQmFMWDlXU3M4b211ZFh4QVROMmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy81ODQ5OTctODNhYi00ODE3LWFhYzMt
ODhjZjcyY2E5ZTQ2LzEvWlVuM2Q0bkk0WUxzNjBlNk1fS1l3ek02VDF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy81ODQ5OTctODNhYi00ODE3LWFhYzMtODhjZjcyY2E5ZTQ2
LzEvYnJaUHFPQmFMWDlXU3M4b211ZFh4QVROMmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqT2MA0G
CSqGSIb3DQEBCwUAA4IBAQBk4Iu94QGJzTJCNXqlTy5yPSPUwEdsrsDqOXPuHgd1
ciJQlvx+ckRH3Y9isqsEwCh16z2OwXS1YuZSrgY9PW4jqxDagNMR6zY9Ij79/yKi
74K2mGUuoana1nQmpNEYTud4joWZkMxShVStAfuauSaTl1wpAx2dY1o7TEnbAUSy
StSgRAtW6BzUFa7R/8SErOask/O88iFNj/wQc5IkJPTqYum7ynaOqShnCf8+LRuq
0Ef+L3kDrAiv+7BfJStbr66JJEVTYJXAXPxXXXsvkxRnmd5FpoBk3EnUPbNA+mIc
vtV0KuyzE0/Kc/AOnfyBaSsMEi17/2v7teC3yOhGXyXH
-----END CERTIFICATE-----
Generated at Sat Sep 7 21:00:23 2024 by rpki-client on console-ams.rpki-client.org