Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/z9iVptFKI5R17f4E0awYZQ2kWmQ.roa
File: z9iVptFKI5R17f4E0awYZQ2kWmQ.roa (raw, json)
Hash identifier: AqPa3VPdK6wi9PMlVVsn6LTcZ48mUlpkiqaBalCY6JM=
Subject key identifier: CF:D8:95:A6:D1:4A:23:94:75:ED:FE:04:D1:AC:18:65:0D:A4:5A:64
Certificate issuer: /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial: 018CC794FCF7EEBCC10C86617A98C92BF68A
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/z9iVptFKI5R17f4E0awYZQ2kWmQ.roa
Signing time: Tue 02 Jan 2024 00:31:19 +0000
ROA not before: Tue 02 Jan 2024 00:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399641
IP address blocks: 213.170.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:fc:f7:ee:bc:c1:0c:86:61:7a:98:c9:2b:f6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Validity
Not Before: Jan 2 00:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfd895a6d14a239475edfe04d1ac18650da45a64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:de:4a:46:37:ed:92:cd:61:5a:b8:e5:89:ed:
23:8e:09:90:e9:ce:c2:32:4f:d1:14:3f:01:ba:e3:
34:27:46:69:31:66:5c:01:00:f3:45:1f:73:e3:31:
ae:9e:a9:99:84:ea:27:0d:9b:e8:24:e2:df:aa:5c:
40:0f:e9:61:ee:d4:06:7c:cd:10:95:1a:54:48:99:
81:a4:7c:38:24:68:06:2d:c0:26:6e:7f:0b:d8:28:
b2:4a:6f:95:dd:a3:81:0e:49:85:c3:1a:a7:01:c8:
5a:e2:44:d8:5a:1d:e2:74:99:cd:8e:b4:a6:c8:e2:
2c:6f:7f:c8:62:24:db:6d:4b:6e:f8:a9:4a:fb:dc:
58:60:ba:50:66:a6:b5:36:55:5d:e4:0b:c5:60:d3:
bc:cf:09:ca:77:4b:d1:2b:ce:2f:57:88:a0:3c:a6:
fa:82:e7:84:44:21:66:87:0a:e6:fd:64:e9:d3:ab:
30:96:65:e1:37:42:54:de:16:0b:67:72:cb:e2:66:
b4:8e:36:7d:5b:80:9c:93:e0:6d:aa:e3:52:43:0a:
5a:5b:a5:b0:8f:0e:d2:48:86:cf:b7:5c:6d:26:33:
fa:cb:01:fa:75:48:28:23:33:ca:e2:84:1e:68:1e:
3b:cd:60:bb:a8:e5:f4:5c:a1:8d:69:55:df:2c:1b:
47:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D8:95:A6:D1:4A:23:94:75:ED:FE:04:D1:AC:18:65:0D:A4:5A:64
X509v3 Authority Key Identifier:
keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/z9iVptFKI5R17f4E0awYZQ2kWmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.170.145.0/24
Signature Algorithm: sha256WithRSAEncryption
98:c2:ad:8c:f4:2d:bc:12:c7:61:97:96:f7:b1:ee:69:78:d4:
e2:a4:38:c6:5a:27:81:04:8b:b9:4d:7c:11:f7:f6:61:c6:f9:
1c:7c:46:0f:67:ae:e9:78:75:44:e9:ea:f3:65:17:00:64:b2:
4a:20:e9:0b:a7:82:26:30:ae:28:87:a6:67:66:fe:db:2c:bc:
99:9a:f7:62:54:21:6a:3b:9e:c6:5c:bd:cc:af:9d:5c:1a:ce:
e2:4b:5b:45:c6:79:af:e3:2b:2d:f0:fe:0e:9d:f0:11:b2:00:
8c:1f:21:0c:7a:8a:57:83:c8:66:e0:92:05:d6:ed:76:38:d0:
6f:3e:10:c8:56:68:1d:da:c6:7d:f5:e5:7d:64:d4:fa:79:6f:
53:fb:02:78:8c:a7:7f:4c:8e:1f:07:8a:8f:36:d3:08:e4:fc:
b2:19:88:ba:14:7f:83:da:3d:d0:a8:0a:37:a7:a7:f8:ca:08:
19:e3:59:3d:9e:50:9e:5e:ca:29:0e:c3:a8:75:b2:ce:df:18:
ca:8c:46:33:df:26:f3:01:72:b1:a1:5f:b8:e9:c9:9d:89:93:
10:0f:6b:8a:eb:ac:f0:4d:d3:91:5d:6b:67:ad:ac:eb:94:c1:
0b:60:bb:7c:3d:f0:0e:6d:88:97:bc:ca:7d:a1:83:41:13:8d:
1d:ca:7e:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlPz37rzBDIZhepjJK/aKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjQwMTAyMDAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmQ4OTVhNmQxNGEyMzk0NzVlZGZlMDRkMWFjMTg2NTBkYTQ1YTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq95KRjftks1hWrjlie0jjgmQ6c7C
Mk/RFD8BuuM0J0ZpMWZcAQDzRR9z4zGunqmZhOonDZvoJOLfqlxAD+lh7tQGfM0Q
lRpUSJmBpHw4JGgGLcAmbn8L2CiySm+V3aOBDkmFwxqnAcha4kTYWh3idJnNjrSm
yOIsb3/IYiTbbUtu+KlK+9xYYLpQZqa1NlVd5AvFYNO8zwnKd0vRK84vV4igPKb6
gueERCFmhwrm/WTp06swlmXhN0JU3hYLZ3LL4ma0jjZ9W4Cck+BtquNSQwpaW6Ww
jw7SSIbPt1xtJjP6ywH6dUgoIzPK4oQeaB47zWC7qOX0XKGNaVXfLBtHaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM/YlabRSiOUde3+BNGsGGUNpFpkMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvejlpVnB0RktJNVIxN2Y0RTBhd1laUTJrV21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1aqRMA0G
CSqGSIb3DQEBCwUAA4IBAQCYwq2M9C28Esdhl5b3se5peNTipDjGWieBBIu5TXwR
9/ZhxvkcfEYPZ67peHVE6erzZRcAZLJKIOkLp4ImMK4oh6ZnZv7bLLyZmvdiVCFq
O57GXL3Mr51cGs7iS1tFxnmv4yst8P4OnfARsgCMHyEMeopXg8hm4JIF1u12ONBv
PhDIVmgd2sZ99eV9ZNT6eW9T+wJ4jKd/TI4fB4qPNtMI5PyyGYi6FH+D2j3QqAo3
p6f4yggZ41k9nlCeXsopDsOodbLO3xjKjEYz3ybzAXKxoV+46cmdiZMQD2uK66zw
TdORXWtnrazrlMELYLt8PfAObYiXvMp9oYNBE40dyn5K
-----END CERTIFICATE-----
Generated at Sun May 5 21:23:14 2024 by rpki-client on console-ams.rpki-client.org