Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ZdFkgGv5RO8qCLGxlkqlkFgFktw.roa
File: ZdFkgGv5RO8qCLGxlkqlkFgFktw.roa (raw, json)
Hash identifier: TmYqxWN95IMIKi+TIJhYeU8oWLuQJC96mwmCYhgpV5M=
Subject key identifier: 65:D1:64:80:6B:F9:44:EF:2A:08:B1:B1:96:4A:A5:90:58:05:92:DC
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018CC7944E975EB9C96E916D16E07C506DC4
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ZdFkgGv5RO8qCLGxlkqlkFgFktw.roa
Signing time: Tue 02 Jan 2024 00:30:34 +0000
ROA not before: Tue 02 Jan 2024 00:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 582
IP address blocks: 2.179.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:4e:97:5e:b9:c9:6e:91:6d:16:e0:7c:50:6d:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 00:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65d164806bf944ef2a08b1b1964aa590580592dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:48:3d:83:a7:5f:fc:3d:3f:0d:2e:ad:37:43:
14:b8:e5:04:e7:01:72:e7:ca:5f:e9:ac:5a:b2:36:
b9:5c:a1:04:69:a6:5e:48:d8:49:46:36:da:c6:54:
a5:a1:23:90:c3:a5:5e:39:52:6e:50:dc:5e:40:4e:
01:58:07:fc:3f:4d:0b:da:c5:f4:77:2c:5d:c4:75:
72:83:9b:1a:ed:43:04:68:25:48:98:d4:7b:b6:f4:
d9:d4:3b:12:8c:f7:62:56:a9:a4:ee:bb:80:cf:03:
5d:41:9f:b2:63:2f:8c:4d:70:3e:32:d0:9b:31:cb:
85:77:21:8c:8e:5e:e1:cc:4a:9a:1c:89:42:21:88:
eb:15:e3:53:fa:3f:c6:29:ce:ae:d7:4d:52:8c:50:
d8:43:36:cf:5c:a7:96:b9:a1:5d:c2:76:16:bc:f6:
ba:40:18:67:ae:cc:77:4b:6b:34:6d:e8:47:39:54:
6e:6f:e4:f5:5a:e0:0a:d3:c3:74:20:0f:25:34:ba:
06:6f:dc:26:d4:48:b0:9c:61:a2:97:cf:8b:e5:39:
1c:00:ac:e9:10:e6:e8:20:19:3a:96:34:35:12:f3:
4b:41:92:71:4f:01:c4:4a:8f:1e:58:1f:bd:62:e7:
bf:85:a7:81:8d:70:ec:c2:9b:c6:31:7e:e4:2c:88:
f8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D1:64:80:6B:F9:44:EF:2A:08:B1:B1:96:4A:A5:90:58:05:92:DC
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/ZdFkgGv5RO8qCLGxlkqlkFgFktw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.179.16.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:06:9e:7a:e7:25:51:d4:6e:90:ad:d7:2f:a0:cb:bb:47:d6:
c0:1b:3f:84:dc:3d:31:af:29:06:42:6c:86:8e:c6:c0:38:ee:
a0:78:d3:98:00:6c:6f:83:13:1d:91:bc:d3:82:24:59:0f:32:
54:1f:86:90:55:ee:41:eb:09:90:b1:d3:e8:6a:16:2e:ca:7e:
08:5a:51:06:8e:9f:57:16:45:15:aa:7d:af:32:5b:5d:6e:e9:
75:cb:17:b7:d1:29:f6:28:6c:97:20:f8:f5:48:49:91:fe:fe:
3e:3a:ce:9a:e0:d8:12:d7:a9:35:b4:a8:52:c0:a4:1b:35:7c:
59:4a:1e:63:29:5e:2d:36:69:2a:12:7f:be:38:c6:29:b1:eb:
b6:d1:25:99:f3:3b:4c:ce:d8:62:22:e2:7f:04:3f:83:c1:bb:
b7:ba:84:41:11:2e:ac:b1:11:94:91:47:50:53:0d:4e:80:88:
09:28:1a:65:ce:95:f5:16:7c:21:06:4f:de:b1:17:2b:44:24:
be:a1:e1:1a:72:3a:47:4c:c6:46:c4:e8:c1:90:ca:83:c2:01:
7f:01:d7:37:3f:38:42:c8:f9:d1:ba:85:30:e6:28:03:3c:27:
1f:c9:e0:b0:c3:ad:6a:00:df:31:80:d7:0a:7a:f8:59:9d:25:
d4:e9:af:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlE6XXrnJbpFtFuB8UG3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjQwMTAyMDAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQxNjQ4MDZiZjk0NGVmMmEwOGIxYjE5NjRhYTU5MDU4MDU5MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkg9g6df/D0/DS6tN0MUuOUE5wFy
58pf6axasja5XKEEaaZeSNhJRjbaxlSloSOQw6VeOVJuUNxeQE4BWAf8P00L2sX0
dyxdxHVyg5sa7UMEaCVImNR7tvTZ1DsSjPdiVqmk7ruAzwNdQZ+yYy+MTXA+MtCb
McuFdyGMjl7hzEqaHIlCIYjrFeNT+j/GKc6u101SjFDYQzbPXKeWuaFdwnYWvPa6
QBhnrsx3S2s0behHOVRub+T1WuAK08N0IA8lNLoGb9wm1EiwnGGil8+L5TkcAKzp
EOboIBk6ljQ1EvNLQZJxTwHESo8eWB+9Yue/haeBjXDswpvGMX7kLIj4AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGXRZIBr+UTvKgixsZZKpZBYBZLcMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvWmRGa2dHdjVSTzhxQ0xHeGxrcWxrRmdGa3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCArMQMA0G
CSqGSIb3DQEBCwUAA4IBAQBPBp565yVR1G6QrdcvoMu7R9bAGz+E3D0xrykGQmyG
jsbAOO6geNOYAGxvgxMdkbzTgiRZDzJUH4aQVe5B6wmQsdPoahYuyn4IWlEGjp9X
FkUVqn2vMltdbul1yxe30Sn2KGyXIPj1SEmR/v4+Os6a4NgS16k1tKhSwKQbNXxZ
Sh5jKV4tNmkqEn++OMYpseu20SWZ8ztMzthiIuJ/BD+Dwbu3uoRBES6ssRGUkUdQ
Uw1OgIgJKBplzpX1FnwhBk/esRcrRCS+oeEacjpHTMZGxOjBkMqDwgF/Adc3PzhC
yPnRuoUw5igDPCcfyeCww61qAN8xgNcKevhZnSXU6a8N
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:01:26 2024 by rpki-client on console-fra.rpki-client.org