Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Z_e71hj2oOgBz5IuU18Wz30iY7A.roa
File: Z_e71hj2oOgBz5IuU18Wz30iY7A.roa (raw, json)
Hash identifier: 6DejAFnrnwgY06QDp0LhDZBWpdvZoFHnL8ARCBk6A04=
Subject key identifier: 67:F7:BB:D6:18:F6:A0:E8:01:CF:92:2E:53:5F:16:CF:7D:22:63:B0
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018CC94DFEB1C1F71A364763A58C2995A50A
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Z_e71hj2oOgBz5IuU18Wz30iY7A.roa
Signing time: Tue 02 Jan 2024 08:33:01 +0000
ROA not before: Tue 02 Jan 2024 08:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34723
IP address blocks: 86.106.200.0/21 maxlen: 24
89.45.16.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:fe:b1:c1:f7:1a:36:47:63:a5:8c:29:95:a5:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 2 08:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67f7bbd618f6a0e801cf922e535f16cf7d2263b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ee:e4:6e:2b:32:4b:5e:0c:34:d7:ac:65:da:
a2:67:68:fb:ff:d8:17:98:5c:0c:ea:c4:3d:7b:03:
73:f7:8d:b9:c7:5a:a0:09:19:8b:33:c2:97:32:9c:
ad:31:4b:1c:72:58:8e:2f:80:77:a5:41:fa:28:f3:
6b:fa:3c:7e:ff:c1:f3:67:ea:6a:d8:b4:00:57:2d:
02:cf:58:f2:f0:10:0a:5c:ba:90:c2:82:40:08:36:
22:6f:31:ec:08:6e:c9:98:5e:0f:53:16:e9:99:56:
bb:cc:7a:69:52:d1:bc:70:7d:01:e2:03:b8:a4:01:
26:db:2e:c6:26:c2:0c:28:4d:ca:b7:ac:25:00:c0:
7e:11:b4:34:23:cc:a6:b4:c3:f4:9f:5d:53:6e:c4:
64:2d:ce:3c:e6:06:23:06:9f:1c:70:69:b7:e5:2d:
d1:e9:62:64:06:d0:5e:f3:29:4c:a3:2f:bb:4e:6a:
bb:2e:f6:ab:fb:ab:f7:85:b9:79:eb:e4:ad:9e:93:
a0:9a:f2:08:52:a2:72:7a:b4:fa:f5:06:94:ea:46:
c9:39:89:bc:c6:eb:a1:09:3a:82:ee:7f:79:f2:d5:
5a:88:49:cc:d4:cb:36:68:05:59:8a:7e:e3:62:bd:
3d:e9:f5:e1:77:88:4a:33:73:c9:81:16:3e:d5:d9:
3d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F7:BB:D6:18:F6:A0:E8:01:CF:92:2E:53:5F:16:CF:7D:22:63:B0
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Z_e71hj2oOgBz5IuU18Wz30iY7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.200.0/21
89.45.16.0/21
Signature Algorithm: sha256WithRSAEncryption
54:8d:53:34:b7:ae:75:00:0c:0f:46:19:67:11:1c:5e:4a:7e:
1d:4d:7f:a7:c2:36:52:1c:1a:e0:6b:1d:5f:43:8c:1f:67:3a:
d9:6c:01:70:a4:80:69:e7:d9:b6:b2:a3:11:88:a5:a9:00:b3:
f0:ae:02:81:73:ed:7b:3a:a5:87:21:d9:59:23:cc:47:41:93:
bc:da:f5:15:44:3b:86:d6:1a:cf:e4:54:1a:c8:b1:1a:2a:65:
e0:58:6c:58:6c:94:ed:a6:84:8d:9e:59:ce:7f:5c:b9:c3:b8:
a5:74:1a:d3:6a:98:2e:e1:05:62:39:4f:ac:00:ea:7c:13:64:
26:69:61:3c:56:35:05:b2:75:4b:3d:13:61:86:00:6d:50:b4:
00:fb:87:9f:5d:5a:70:50:31:6e:b3:43:6f:20:26:8a:18:d4:
2a:c0:97:68:1f:9d:d4:6f:a1:64:3f:b9:61:73:f6:34:77:a2:
19:15:5d:0c:28:61:ce:45:c6:6c:50:72:42:7f:1b:8b:00:fe:
e6:40:76:a0:74:0e:68:08:47:60:a9:d6:a1:3a:7b:86:19:9e:
f0:cc:a3:fa:a5:83:99:79:4a:c8:1b:23:43:5c:be:44:89:10:
64:dc:3b:65:1e:41:63:32:8c:53:ae:70:1d:d1:8a:59:3a:34:
7d:3c:58:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTf6xwfcaNkdjpYwplaUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTAyMDgzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Y3YmJkNjE4ZjZhMGU4MDFjZjkyMmU1MzVmMTZjZjdkMjI2M2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju7kbisyS14MNNesZdqiZ2j7/9gX
mFwM6sQ9ewNz9425x1qgCRmLM8KXMpytMUsccliOL4B3pUH6KPNr+jx+/8HzZ+pq
2LQAVy0Cz1jy8BAKXLqQwoJACDYibzHsCG7JmF4PUxbpmVa7zHppUtG8cH0B4gO4
pAEm2y7GJsIMKE3Kt6wlAMB+EbQ0I8ymtMP0n11TbsRkLc485gYjBp8ccGm35S3R
6WJkBtBe8ylMoy+7Tmq7Lvar+6v3hbl56+StnpOgmvIIUqJyerT69QaU6kbJOYm8
xuuhCTqC7n958tVaiEnM1Ms2aAVZin7jYr096fXhd4hKM3PJgRY+1dk96QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGf3u9YY9qDoAc+SLlNfFs99ImOwMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvWl9lNzFoajJvT2dCejVJdVUxOFd6MzBpWTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVmrIAwQD
WS0QMA0GCSqGSIb3DQEBCwUAA4IBAQBUjVM0t651AAwPRhlnERxeSn4dTX+nwjZS
HBrgax1fQ4wfZzrZbAFwpIBp59m2sqMRiKWpALPwrgKBc+17OqWHIdlZI8xHQZO8
2vUVRDuG1hrP5FQayLEaKmXgWGxYbJTtpoSNnlnOf1y5w7ildBrTapgu4QViOU+s
AOp8E2QmaWE8VjUFsnVLPRNhhgBtULQA+4efXVpwUDFus0NvICaKGNQqwJdoH53U
b6FkP7lhc/Y0d6IZFV0MKGHORcZsUHJCfxuLAP7mQHagdA5oCEdgqdahOnuGGZ7w
zKP6pYOZeUrIGyNDXL5EiRBk3DtlHkFjMoxTrnAd0YpZOjR9PFj7
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:33:06 2024 by rpki-client on console-ams.rpki-client.org