Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/zXMFsEBmwMk1xPawM3nI2kDvaTc.roa
File: zXMFsEBmwMk1xPawM3nI2kDvaTc.roa (raw, json)
Hash identifier: rto2+7A3FmVTYH/U4YIWyweq7N5r+Xq5eTQ6ntX/P2k=
Subject key identifier: CD:73:05:B0:40:66:C0:C9:35:C4:F6:B0:33:79:C8:DA:40:EF:69:37
Certificate issuer: /CN=184d1c002f060ec956e64e5cfe4f1dc098587fd6
Certificate serial: 018CC64B2E11CCE489B158A81040D5104D11
Authority key identifier: 18:4D:1C:00:2F:06:0E:C9:56:E6:4E:5C:FE:4F:1D:C0:98:58:7F:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GE0cAC8GDslW5k5c_k8dwJhYf9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/zXMFsEBmwMk1xPawM3nI2kDvaTc.roa
Signing time: Mon 01 Jan 2024 18:31:04 +0000
ROA not before: Mon 01 Jan 2024 18:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201978
IP address blocks: 217.28.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/GE0cAC8GDslW5k5c_k8dwJhYf9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/GE0cAC8GDslW5k5c_k8dwJhYf9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GE0cAC8GDslW5k5c_k8dwJhYf9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:2e:11:cc:e4:89:b1:58:a8:10:40:d5:10:4d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=184d1c002f060ec956e64e5cfe4f1dc098587fd6
Validity
Not Before: Jan 1 18:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd7305b04066c0c935c4f6b03379c8da40ef6937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ed:9b:5a:6e:45:a0:d3:92:7e:ed:b9:6b:de:
cd:e0:6f:0e:5c:3b:15:45:6d:e9:3a:9f:06:98:e1:
50:46:e2:48:09:43:53:a0:ca:47:d6:a0:c8:5e:9e:
12:1a:25:9a:97:b7:e0:42:05:be:b2:b1:fd:fd:95:
f1:f7:71:a6:74:e2:be:e6:7c:dd:79:a7:87:07:63:
f3:3c:9c:1d:91:4c:c0:29:4c:63:80:c0:2d:bd:0b:
9d:c4:80:bd:81:38:31:44:2b:e7:50:c5:52:4b:16:
d3:32:11:1c:8b:21:5b:aa:ff:3b:ff:ae:d2:12:cb:
e6:42:20:1c:79:c0:44:5d:98:76:65:ac:84:0e:6e:
93:98:49:22:c0:43:e2:f6:21:2f:64:c8:47:08:f2:
ee:d8:39:3b:f6:a1:f9:91:80:8b:5e:5d:ed:4f:c0:
1e:4d:32:ab:62:6f:54:77:d9:6f:7f:28:74:17:0e:
6f:f7:ac:49:ed:d0:48:d1:e6:1d:10:06:75:16:70:
f1:1f:e5:32:83:be:8f:bb:9c:ea:bc:02:c9:d8:19:
c4:4f:5d:10:92:48:ed:c2:fb:c6:6c:fb:63:13:f2:
7a:ca:6f:7a:97:5c:9a:d8:12:7f:22:45:2d:6c:23:
8f:dc:85:61:4f:06:fe:7a:0b:0a:f5:d8:c6:1c:42:
14:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:73:05:B0:40:66:C0:C9:35:C4:F6:B0:33:79:C8:DA:40:EF:69:37
X509v3 Authority Key Identifier:
keyid:18:4D:1C:00:2F:06:0E:C9:56:E6:4E:5C:FE:4F:1D:C0:98:58:7F:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GE0cAC8GDslW5k5c_k8dwJhYf9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/zXMFsEBmwMk1xPawM3nI2kDvaTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04df92-a979-421f-8046-1415c9779e17/1/GE0cAC8GDslW5k5c_k8dwJhYf9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.139.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:bf:2e:d8:33:b9:de:f1:40:42:92:f9:5c:bc:6e:61:35:ff:
33:bb:57:82:f3:88:6d:66:26:a1:4c:ae:8a:57:85:89:24:d7:
74:17:35:51:2e:ed:cb:bb:41:0f:80:b1:83:f7:1d:27:8a:64:
31:11:59:1d:eb:6f:11:de:33:10:b0:f9:fb:a1:f0:18:de:2c:
d7:7c:b3:13:ab:60:ba:76:5b:89:7e:83:72:1b:0c:af:5e:1f:
c2:b9:90:d9:6d:c0:d6:a1:d2:89:21:04:22:fc:ea:14:6c:b7:
3e:ff:4a:c5:7a:76:14:5d:7a:b8:3d:c7:ea:5f:1c:4a:28:f3:
7a:94:84:51:2d:05:b9:09:54:fb:cf:30:b0:23:a9:53:9b:7b:
22:55:23:08:1f:58:10:20:a0:21:be:31:48:a4:b5:13:b9:aa:
80:51:64:9e:af:5b:2b:16:4d:6f:18:e0:ef:3a:e6:0d:aa:a9:
2a:18:ea:18:c3:81:7f:1f:63:3a:cc:0f:94:75:22:a2:d3:54:
26:61:28:4a:7f:80:e1:20:9c:54:65:d5:85:e5:4f:1e:42:ce:
26:f4:3c:97:1e:c2:ae:e4:46:35:c3:16:6e:93:44:a4:89:5c:
a7:b3:12:ae:01:cc:a6:05:fd:4f:ad:ea:ca:1e:b7:37:87:4e:
77:b0:2e:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSy4RzOSJsVioEEDVEE0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NGQxYzAwMmYwNjBlYzk1NmU2NGU1Y2ZlNGYxZGMwOTg1
ODdmZDYwHhcNMjQwMTAxMTgzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDczMDViMDQwNjZjMGM5MzVjNGY2YjAzMzc5YzhkYTQwZWY2OTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje2bWm5FoNOSfu25a97N4G8OXDsV
RW3pOp8GmOFQRuJICUNToMpH1qDIXp4SGiWal7fgQgW+srH9/ZXx93GmdOK+5nzd
eaeHB2PzPJwdkUzAKUxjgMAtvQudxIC9gTgxRCvnUMVSSxbTMhEciyFbqv87/67S
EsvmQiAcecBEXZh2ZayEDm6TmEkiwEPi9iEvZMhHCPLu2Dk79qH5kYCLXl3tT8Ae
TTKrYm9Ud9lvfyh0Fw5v96xJ7dBI0eYdEAZ1FnDxH+Uyg76Pu5zqvALJ2BnET10Q
kkjtwvvGbPtjE/J6ym96l1ya2BJ/IkUtbCOP3IVhTwb+egsK9djGHEIULQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM1zBbBAZsDJNcT2sDN5yNpA72k3MB8GA1UdIwQY
MBaAFBhNHAAvBg7JVuZOXP5PHcCYWH/WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0UwY0FDOEdEc2xXNWs1Y19rOGR3SmhZZjlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wNGRmOTItYTk3OS00MjFmLTgwNDYt
MTQxNWM5Nzc5ZTE3LzEvelhNRnNFQm13TWsxeFBhd00zbkkya0R2YVRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wNGRmOTItYTk3OS00MjFmLTgwNDYtMTQxNWM5Nzc5ZTE3
LzEvR0UwY0FDOEdEc2xXNWs1Y19rOGR3SmhZZjlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyLMA0G
CSqGSIb3DQEBCwUAA4IBAQDZvy7YM7ne8UBCkvlcvG5hNf8zu1eC84htZiahTK6K
V4WJJNd0FzVRLu3Lu0EPgLGD9x0nimQxEVkd628R3jMQsPn7ofAY3izXfLMTq2C6
dluJfoNyGwyvXh/CuZDZbcDWodKJIQQi/OoUbLc+/0rFenYUXXq4PcfqXxxKKPN6
lIRRLQW5CVT7zzCwI6lTm3siVSMIH1gQIKAhvjFIpLUTuaqAUWSer1srFk1vGODv
OuYNqqkqGOoYw4F/H2M6zA+UdSKi01QmYShKf4DhIJxUZdWF5U8eQs4m9DyXHsKu
5EY1wxZuk0SkiVynsxKuAcymBf1PrerKHrc3h053sC4e
-----END CERTIFICATE-----
Generated at Sat May 18 02:12:20 2024 by rpki-client on console-ams.rpki-client.org