Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/zST73UVMK8qbVN32zGpvksisvRA.roa
File: zST73UVMK8qbVN32zGpvksisvRA.roa (raw, json)
Hash identifier: 6JcZcaAUOEHbE46wpUNJdsI7Mq2PcUfctkREnhLUapU=
Subject key identifier: CD:24:FB:DD:45:4C:2B:CA:9B:54:DD:F6:CC:6A:6F:92:C8:AC:BD:10
Certificate issuer: /CN=a4abaf1d37f0a141a814ca02fc01e3d9621c73d9
Certificate serial: 018CC8DEB6A4493090F39D119C2BC202C3BB
Authority key identifier: A4:AB:AF:1D:37:F0:A1:41:A8:14:CA:02:FC:01:E3:D9:62:1C:73:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pKuvHTfwoUGoFMoC_AHj2WIcc9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/zST73UVMK8qbVN32zGpvksisvRA.roa
Signing time: Tue 02 Jan 2024 06:31:28 +0000
ROA not before: Tue 02 Jan 2024 06:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 195.242.98.0/23 maxlen: 23
193.242.108.0/24 maxlen: 24
193.43.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/pKuvHTfwoUGoFMoC_AHj2WIcc9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:b6:a4:49:30:90:f3:9d:11:9c:2b:c2:02:c3:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4abaf1d37f0a141a814ca02fc01e3d9621c73d9
Validity
Not Before: Jan 2 06:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd24fbdd454c2bca9b54ddf6cc6a6f92c8acbd10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:08:80:7e:45:5e:60:62:93:c6:ac:d5:de:01:
06:d9:bf:76:f5:1d:03:38:df:6e:3b:e3:4a:fe:2d:
eb:2d:05:40:54:7e:fe:11:b0:8b:a7:66:98:63:64:
40:ec:46:92:51:7b:2c:62:0d:8e:12:07:91:81:42:
6a:2c:a1:6f:31:b1:67:0c:9e:a1:46:53:1a:61:08:
e2:d8:3e:c5:62:a3:8e:73:1f:37:0d:b1:11:c4:71:
b2:0f:a2:8d:dc:6b:3f:91:60:45:37:05:f8:f0:59:
51:d6:eb:ec:02:81:1b:5d:9d:d7:62:96:ff:f3:0f:
12:25:b3:2b:c7:29:b2:8e:55:d5:f2:2d:f3:86:5c:
79:05:2b:e5:ed:a3:cd:e9:c2:6d:b8:59:58:75:fa:
c1:9e:5d:ae:56:a3:7b:2b:0c:25:5a:a1:75:d9:df:
43:b1:7f:10:8f:bc:7e:19:9d:d3:c5:90:d9:f7:48:
ee:e1:04:32:c5:0f:4f:36:58:c9:47:0d:8c:40:ab:
76:7c:59:05:78:6c:00:dc:57:93:a1:3e:f3:a3:a2:
9f:6c:ec:4d:a3:09:b4:f2:7c:f0:a0:99:4d:38:14:
7d:a0:fa:1a:c8:8b:df:66:b1:77:58:81:7f:6b:74:
43:0e:ac:d0:dc:0a:76:95:e8:ef:26:58:a5:7f:c1:
e4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:24:FB:DD:45:4C:2B:CA:9B:54:DD:F6:CC:6A:6F:92:C8:AC:BD:10
X509v3 Authority Key Identifier:
keyid:A4:AB:AF:1D:37:F0:A1:41:A8:14:CA:02:FC:01:E3:D9:62:1C:73:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKuvHTfwoUGoFMoC_AHj2WIcc9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/zST73UVMK8qbVN32zGpvksisvRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/155bdc-b574-47f9-b348-93cf64f88990/1/pKuvHTfwoUGoFMoC_AHj2WIcc9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.92.0/24
193.242.108.0/24
195.242.98.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:6a:d8:6c:20:33:39:5e:b7:1f:a3:b0:30:04:50:a5:40:0b:
68:1e:c9:b9:aa:22:2f:dc:91:94:3b:34:69:7e:8a:a6:21:92:
4a:85:d8:32:ad:e3:34:ec:6d:43:03:0a:f0:00:bb:6e:32:1e:
b7:ab:13:de:c4:36:48:cd:58:58:01:81:34:58:0d:3f:69:b0:
ef:8f:79:e8:1a:66:92:90:dd:3a:fb:ab:9d:8d:b5:32:d6:e8:
cc:d6:16:28:89:bd:01:e2:94:3d:7b:41:67:a6:12:25:88:be:
9e:99:3e:cb:b3:c3:37:d8:5c:1c:72:9f:16:b3:15:a8:bd:0a:
fc:16:7d:d5:35:35:eb:69:e4:c2:ef:b2:44:be:fe:ad:cc:f7:
92:c8:e3:ec:5e:b4:03:4e:0c:5e:6e:0a:ce:68:9b:c7:d7:21:
34:2d:1a:7c:32:4c:14:1e:03:78:fb:67:6a:39:75:0e:0a:05:
c8:12:00:ac:d9:a7:8b:60:fb:88:7a:aa:3f:3f:3e:8c:53:e0:
33:f3:ba:6c:8b:aa:73:4f:01:0a:9e:95:40:b4:1b:75:17:4c:
8c:41:c2:23:29:ac:90:ac:3e:d1:4b:6c:e2:c0:30:36:01:eb:
95:98:60:c8:3f:55:4d:97:0b:fb:ee:db:56:c5:2d:19:fb:3d:
a5:e0:4d:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3rakSTCQ850RnCvCAsO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YWJhZjFkMzdmMGExNDFhODE0Y2EwMmZjMDFlM2Q5NjIx
YzczZDkwHhcNMjQwMTAyMDYzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI0ZmJkZDQ1NGMyYmNhOWI1NGRkZjZjYzZhNmY5MmM4YWNiZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngiAfkVeYGKTxqzV3gEG2b929R0D
ON9uO+NK/i3rLQVAVH7+EbCLp2aYY2RA7EaSUXssYg2OEgeRgUJqLKFvMbFnDJ6h
RlMaYQji2D7FYqOOcx83DbERxHGyD6KN3Gs/kWBFNwX48FlR1uvsAoEbXZ3XYpb/
8w8SJbMrxymyjlXV8i3zhlx5BSvl7aPN6cJtuFlYdfrBnl2uVqN7KwwlWqF12d9D
sX8Qj7x+GZ3TxZDZ90ju4QQyxQ9PNljJRw2MQKt2fFkFeGwA3FeToT7zo6KfbOxN
owm08nzwoJlNOBR9oPoayIvfZrF3WIF/a3RDDqzQ3Ap2lejvJlilf8HkdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM0k+91FTCvKm1Td9sxqb5LIrL0QMB8GA1UdIwQY
MBaAFKSrrx038KFBqBTKAvwB49liHHPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEt1dkhUZndvVUdvRk1vQ19BSGoyV0ljYzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xNTViZGMtYjU3NC00N2Y5LWIzNDgt
OTNjZjY0Zjg4OTkwLzEvelNUNzNVVk1LOHFiVk4zMnpHcHZrc2lzdlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xNTViZGMtYjU3NC00N2Y5LWIzNDgtOTNjZjY0Zjg4OTkw
LzEvcEt1dkhUZndvVUdvRk1vQ19BSGoyV0ljYzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwStcAwQA
wfJsAwQBw/JiMA0GCSqGSIb3DQEBCwUAA4IBAQALathsIDM5Xrcfo7AwBFClQAto
Hsm5qiIv3JGUOzRpfoqmIZJKhdgyreM07G1DAwrwALtuMh63qxPexDZIzVhYAYE0
WA0/abDvj3noGmaSkN06+6udjbUy1ujM1hYoib0B4pQ9e0FnphIliL6emT7Ls8M3
2Fwccp8WsxWovQr8Fn3VNTXraeTC77JEvv6tzPeSyOPsXrQDTgxebgrOaJvH1yE0
LRp8MkwUHgN4+2dqOXUOCgXIEgCs2aeLYPuIeqo/Pz6MU+Az87psi6pzTwEKnpVA
tBt1F0yMQcIjKayQrD7RS2ziwDA2AeuVmGDIP1VNlwv77ttWxS0Z+z2l4E0p
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:26 2024 by rpki-client on console-ams.rpki-client.org