Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/ZNHupz7oPGoXXYcueoEXVqCBIJg.roa
File: ZNHupz7oPGoXXYcueoEXVqCBIJg.roa (raw, json)
Hash identifier: zYN34GsPw4X/SrGtGuNQFVvXBRSgUOak0TP/msmtvbk=
Subject key identifier: 64:D1:EE:A7:3E:E8:3C:6A:17:5D:87:2E:7A:81:17:56:A0:81:20:98
Certificate issuer: /CN=0db0f9f755b0e303cc16d1a633f958c036034945
Certificate serial: 018CC3493F15534FD16052396205DEA6BB49
Authority key identifier: 0D:B0:F9:F7:55:B0:E3:03:CC:16:D1:A6:33:F9:58:C0:36:03:49:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbD591Ww4wPMFtGmM_lYwDYDSUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/ZNHupz7oPGoXXYcueoEXVqCBIJg.roa
Signing time: Mon 01 Jan 2024 04:30:06 +0000
ROA not before: Mon 01 Jan 2024 04:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15966
IP address blocks: 95.128.0.0/21 maxlen: 21
2a01:a640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/DbD591Ww4wPMFtGmM_lYwDYDSUU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/DbD591Ww4wPMFtGmM_lYwDYDSUU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DbD591Ww4wPMFtGmM_lYwDYDSUU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 22:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:3f:15:53:4f:d1:60:52:39:62:05:de:a6:bb:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db0f9f755b0e303cc16d1a633f958c036034945
Validity
Not Before: Jan 1 04:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64d1eea73ee83c6a175d872e7a811756a0812098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:18:03:d0:84:28:7e:4c:45:d7:4f:00:21:b5:
fa:14:ea:80:c4:51:bb:93:ed:d5:0f:63:12:f1:95:
0b:37:a6:74:08:a3:b8:a5:95:5d:9b:89:f7:a4:90:
1c:a3:f9:53:de:fa:81:c7:28:d2:c5:cc:92:98:ec:
2f:6d:89:84:f3:da:db:e5:93:29:e6:da:59:0e:e0:
98:0c:19:8d:3e:32:ce:56:bb:c9:d3:c5:d2:3b:87:
82:84:56:29:95:30:8e:cb:73:4f:b3:92:69:00:ad:
50:3b:27:fe:48:bb:ab:82:b4:7e:c3:dd:73:a1:cd:
9d:a5:d7:3d:44:8b:32:52:6f:22:4f:42:8e:aa:64:
e2:5f:71:c0:16:82:f4:de:01:f1:fa:22:49:48:5a:
04:9f:31:6d:48:38:d3:57:87:ff:8c:10:84:bb:e1:
bb:8d:c6:d2:21:d2:a6:ff:d1:a5:61:0f:8a:f9:df:
d7:25:fb:bb:3e:31:51:8a:cc:1b:cf:4a:d6:c0:8f:
b5:1e:fe:e5:66:88:2f:39:67:ad:da:e9:91:7f:13:
6b:53:55:41:a4:97:cf:b0:e6:f0:c3:93:67:cd:5e:
8e:2c:30:ac:4a:a7:6c:3c:63:67:60:43:0b:be:10:
83:43:b6:d0:5b:ed:22:60:5d:fe:b9:69:62:6d:aa:
19:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D1:EE:A7:3E:E8:3C:6A:17:5D:87:2E:7A:81:17:56:A0:81:20:98
X509v3 Authority Key Identifier:
keyid:0D:B0:F9:F7:55:B0:E3:03:CC:16:D1:A6:33:F9:58:C0:36:03:49:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbD591Ww4wPMFtGmM_lYwDYDSUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/ZNHupz7oPGoXXYcueoEXVqCBIJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/03afc6-88f5-4660-8015-64c9c2cc9609/1/DbD591Ww4wPMFtGmM_lYwDYDSUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.0.0/21
IPv6:
2a01:a640::/32
Signature Algorithm: sha256WithRSAEncryption
9e:a2:89:0e:fc:45:6e:d4:46:f4:11:9a:71:8b:c8:50:e3:a9:
d9:1f:e0:05:f4:79:ea:c9:a9:7e:d2:4a:bb:23:b4:9f:37:91:
ca:ed:b3:c2:8f:e8:58:3a:e5:e7:f3:c2:10:a6:49:da:91:f7:
94:b9:2f:c9:ab:83:4f:68:b4:7c:87:bc:9d:28:62:00:5b:78:
d7:6d:8a:2f:b5:e8:1f:63:e3:f2:a8:b8:4f:82:d4:bf:80:4e:
25:33:23:56:e0:bf:8e:9a:35:17:a3:c0:61:a3:2d:54:6a:f3:
8d:8c:ca:ff:70:07:68:d8:30:73:2b:ad:ec:68:f5:fc:f0:9c:
d7:57:ac:df:2f:cb:b8:c9:a0:64:6b:b0:5c:62:c6:2d:28:69:
84:18:97:f3:02:da:81:83:7f:93:ed:82:3e:00:63:f2:0f:5d:
6b:a0:2f:6d:17:20:1a:09:f1:3e:13:04:ec:de:99:ff:b3:28:
0a:9d:0d:7d:17:6b:79:27:e5:89:65:0f:c1:8f:c0:ef:db:32:
11:a6:13:f4:c4:9f:29:8e:8d:bb:fd:2c:90:4c:a6:ff:70:e4:
0b:7c:96:ec:79:b1:99:b3:75:de:3c:7b:e6:36:98:b9:4c:5c:
62:ea:94:74:51:2a:64:14:fd:73:84:51:98:84:6a:f3:00:ca:
df:78:6c:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDST8VU0/RYFI5YgXeprtJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjBmOWY3NTViMGUzMDNjYzE2ZDFhNjMzZjk1OGMwMzYw
MzQ5NDUwHhcNMjQwMTAxMDQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGQxZWVhNzNlZTgzYzZhMTc1ZDg3MmU3YTgxMTc1NmEwODEyMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBgD0IQofkxF108AIbX6FOqAxFG7
k+3VD2MS8ZULN6Z0CKO4pZVdm4n3pJAco/lT3vqBxyjSxcySmOwvbYmE89rb5ZMp
5tpZDuCYDBmNPjLOVrvJ08XSO4eChFYplTCOy3NPs5JpAK1QOyf+SLurgrR+w91z
oc2dpdc9RIsyUm8iT0KOqmTiX3HAFoL03gHx+iJJSFoEnzFtSDjTV4f/jBCEu+G7
jcbSIdKm/9GlYQ+K+d/XJfu7PjFRiswbz0rWwI+1Hv7lZogvOWet2umRfxNrU1VB
pJfPsObww5NnzV6OLDCsSqdsPGNnYEMLvhCDQ7bQW+0iYF3+uWlibaoZzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGTR7qc+6DxqF12HLnqBF1aggSCYMB8GA1UdIwQY
MBaAFA2w+fdVsOMDzBbRpjP5WMA2A0lFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJENTkxV3c0d1BNRnRHbU1fbFl3RFlEU1VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wM2FmYzYtODhmNS00NjYwLTgwMTUt
NjRjOWMyY2M5NjA5LzEvWk5IdXB6N29QR29YWFljdWVvRVhWcUNCSUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wM2FmYzYtODhmNS00NjYwLTgwMTUtNjRjOWMyY2M5NjA5
LzEvRGJENTkxV3c0d1BNRnRHbU1fbFl3RFlEU1VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDX4AAMA0E
AgACMAcDBQAqAaZAMA0GCSqGSIb3DQEBCwUAA4IBAQCeookO/EVu1Eb0EZpxi8hQ
46nZH+AF9Hnqyal+0kq7I7SfN5HK7bPCj+hYOuXn88IQpknakfeUuS/Jq4NPaLR8
h7ydKGIAW3jXbYovtegfY+PyqLhPgtS/gE4lMyNW4L+OmjUXo8Bhoy1UavONjMr/
cAdo2DBzK63saPX88JzXV6zfL8u4yaBka7BcYsYtKGmEGJfzAtqBg3+T7YI+AGPy
D11roC9tFyAaCfE+EwTs3pn/sygKnQ19F2t5J+WJZQ/Bj8Dv2zIRphP0xJ8pjo27
/SyQTKb/cOQLfJbsebGZs3XePHvmNpi5TFxi6pR0USpkFP1zhFGYhGrzAMrfeGxf
-----END CERTIFICATE-----
Generated at Wed May 22 03:17:27 2024 by rpki-client on console-ams.rpki-client.org