Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/Z4VaaAH-F3FA138AMhi6Q04plKs.roa
File: Z4VaaAH-F3FA138AMhi6Q04plKs.roa (raw, json)
Hash identifier: QbNMMh9KVkUyXd8R/Oo37DpQ3jqDM9A6owodc6GElgU=
Subject key identifier: 67:85:5A:68:01:FE:17:71:40:D7:7F:00:32:18:BA:43:4E:29:94:AB
Certificate issuer: /CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Certificate serial: 018CC26D73A14E623C81775E93FD056D90DC
Authority key identifier: A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/Z4VaaAH-F3FA138AMhi6Q04plKs.roa
Signing time: Mon 01 Jan 2024 00:30:02 +0000
ROA not before: Mon 01 Jan 2024 00:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41969
IP address blocks: 192.108.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:73:a1:4e:62:3c:81:77:5e:93:fd:05:6d:90:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Validity
Not Before: Jan 1 00:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67855a6801fe177140d77f003218ba434e2994ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ba:4b:f6:0b:b7:49:ed:ef:33:66:88:33:d1:
66:78:e3:16:82:75:43:08:38:8e:77:23:ce:76:8e:
26:a4:0e:2d:b5:89:e2:22:97:16:b3:77:65:1f:9d:
32:fa:d3:22:7f:b6:b6:52:61:d2:c7:b7:25:4b:1d:
37:22:3d:ae:bc:c0:b3:f4:bf:e7:c9:a1:0e:dc:c8:
1b:50:53:ba:fe:88:c4:cf:cd:f3:7e:fb:33:66:d4:
91:89:27:1b:48:44:65:9e:2f:bb:f1:a2:46:a6:07:
21:6c:b0:28:1e:71:c8:ab:16:d8:60:be:50:47:97:
13:02:05:72:14:9c:62:60:81:c4:32:df:06:56:1d:
cc:79:41:fb:ab:58:b6:3f:90:dc:c5:9f:48:e9:a4:
be:81:4a:84:f8:15:ff:dd:59:06:c5:10:e5:8b:65:
1b:cc:13:fc:09:e1:12:e4:83:66:b2:76:ef:ba:78:
a3:60:5f:40:e4:43:38:45:77:2c:4a:81:fa:f0:17:
96:3d:54:c0:0c:22:51:c1:19:2b:a2:5e:00:0e:19:
cb:e0:83:98:46:40:e4:78:e7:c1:9c:59:e8:eb:6b:
4a:01:e7:28:00:49:94:d3:b1:20:16:c0:e7:b2:c1:
46:18:9a:81:bf:e4:de:4c:67:90:b6:16:88:49:0e:
ee:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:85:5A:68:01:FE:17:71:40:D7:7F:00:32:18:BA:43:4E:29:94:AB
X509v3 Authority Key Identifier:
keyid:A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/Z4VaaAH-F3FA138AMhi6Q04plKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.108.72.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:69:69:bd:95:56:de:d9:56:a0:64:b8:55:cc:75:e4:ed:65:
db:17:48:30:4d:2b:27:b9:e5:69:3b:a9:63:cd:4e:8e:45:6f:
9c:8f:ba:89:54:97:4e:0f:08:fa:85:36:57:67:0a:ae:11:88:
8f:5d:1a:de:f7:0b:35:2d:5e:91:35:ed:96:1a:3b:51:ae:0e:
bd:8b:19:94:ad:c1:5c:5a:9a:ee:48:8a:4e:ca:68:7b:1f:40:
0d:ed:b4:90:44:6e:f4:db:ed:57:79:f1:1c:a6:9b:6c:01:f4:
7d:a3:29:5f:d0:87:0b:89:a0:6c:0d:81:37:ba:bc:d6:2d:99:
ba:7d:56:1a:af:dd:82:d3:2a:7f:72:0e:8b:5f:11:93:1c:81:
4c:38:dd:33:c2:3c:de:5b:54:1e:12:9a:31:b4:79:93:b9:38:
29:0d:f0:cf:c4:ab:98:f4:5a:70:d3:e4:0c:4e:c8:a3:80:b9:
20:3f:bf:02:3f:8c:91:b1:22:17:b9:ec:05:f8:bc:b2:89:19:
dd:2e:fb:93:37:33:04:ea:e6:34:89:25:ab:72:df:30:57:ac:
6a:04:06:e9:5a:7b:f1:05:b9:75:e6:74:75:ab:7c:12:f5:63:
90:21:99:91:d4:91:15:59:b2:7a:68:91:b6:a8:19:51:56:df:
dd:c0:21:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbXOhTmI8gXdek/0FbZDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OTk5MDNkYWI4NWY2YTU5NzcyYjNlZGZkNGJmMGU0OTFh
ZjU3YzQwHhcNMjQwMTAxMDAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzg1NWE2ODAxZmUxNzcxNDBkNzdmMDAzMjE4YmE0MzRlMjk5NGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrpL9gu3Se3vM2aIM9FmeOMWgnVD
CDiOdyPOdo4mpA4ttYniIpcWs3dlH50y+tMif7a2UmHSx7clSx03Ij2uvMCz9L/n
yaEO3MgbUFO6/ojEz83zfvszZtSRiScbSERlni+78aJGpgchbLAoHnHIqxbYYL5Q
R5cTAgVyFJxiYIHEMt8GVh3MeUH7q1i2P5DcxZ9I6aS+gUqE+BX/3VkGxRDli2Ub
zBP8CeES5INmsnbvunijYF9A5EM4RXcsSoH68BeWPVTADCJRwRkrol4ADhnL4IOY
RkDkeOfBnFno62tKAecoAEmU07EgFsDnssFGGJqBv+TeTGeQthaISQ7uwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGeFWmgB/hdxQNd/ADIYukNOKZSrMB8GA1UdIwQY
MBaAFKSZkD2rhfall3Kz7f1L8OSRr1fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQt
NTdlYzEyZTg2NDFlLzEvWjRWYWFBSC1GM0ZBMTM4QU1oaTZRMDRwbEtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQtNTdlYzEyZTg2NDFl
LzEvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwGxIMA0G
CSqGSIb3DQEBCwUAA4IBAQCLaWm9lVbe2VagZLhVzHXk7WXbF0gwTSsnueVpO6lj
zU6ORW+cj7qJVJdODwj6hTZXZwquEYiPXRre9ws1LV6RNe2WGjtRrg69ixmUrcFc
WpruSIpOymh7H0AN7bSQRG702+1XefEcpptsAfR9oylf0IcLiaBsDYE3urzWLZm6
fVYar92C0yp/cg6LXxGTHIFMON0zwjzeW1QeEpoxtHmTuTgpDfDPxKuY9Fpw0+QM
TsijgLkgP78CP4yRsSIXuewF+LyyiRndLvuTNzME6uY0iSWrct8wV6xqBAbpWnvx
Bbl15nR1q3wS9WOQIZmR1JEVWbJ6aJG2qBlRVt/dwCHE
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:16:51 2024 by rpki-client on console-fra.rpki-client.org