Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/ZW72xB-w1tVcBy76S89IZpycl2k.roa
File: ZW72xB-w1tVcBy76S89IZpycl2k.roa (raw, json)
Hash identifier: bhjjT7T2SeifLeUDfroIKPOsVwXyhFWWxrl1zPVndR4=
Subject key identifier: 65:6E:F6:C4:1F:B0:D6:D5:5C:07:2E:FA:4B:CF:48:66:9C:9C:97:69
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 018CC4933C56D8CE53D88FAA7D5143225908
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/ZW72xB-w1tVcBy76S89IZpycl2k.roa
Signing time: Mon 01 Jan 2024 10:30:32 +0000
ROA not before: Mon 01 Jan 2024 10:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207369
IP address blocks: 45.140.26.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:3c:56:d8:ce:53:d8:8f:aa:7d:51:43:22:59:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 10:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=656ef6c41fb0d6d55c072efa4bcf48669c9c9769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:44:b3:83:d8:49:ae:14:03:82:e9:45:4a:ac:
2e:7b:b8:29:ef:f1:a0:b2:37:af:31:98:e9:4b:db:
48:e8:23:55:51:c5:55:d8:83:3c:50:46:16:97:c5:
64:25:0f:60:d3:39:c8:e3:89:8b:99:ce:70:13:b7:
0c:7a:de:e1:32:d0:07:be:43:57:c8:7f:e4:65:87:
ad:7b:b4:27:b1:e9:98:02:fb:e7:78:c3:75:05:0d:
17:67:21:92:35:16:6f:c5:3b:e4:e1:9c:fa:06:1b:
80:e1:29:94:38:87:ab:16:ec:12:91:bd:14:f5:73:
25:e0:86:aa:56:6b:6c:03:9a:c5:86:22:2f:78:8e:
a6:03:78:a4:85:44:8e:05:e0:dd:9b:91:4a:42:28:
a0:77:71:43:40:0d:8c:a1:bc:1c:22:a3:fd:1c:f7:
b7:3c:4c:6a:9a:02:94:8f:85:6a:c5:df:e1:9e:60:
1e:06:fe:66:04:2f:4c:34:cf:77:ef:bc:52:81:eb:
40:2c:85:a7:72:94:80:70:8b:bb:c9:ff:7e:47:52:
0e:3e:48:c9:39:5e:27:a2:4c:81:eb:c8:69:56:2e:
1a:89:47:d6:5a:88:6e:c0:1b:53:fe:bb:a3:d7:eb:
e2:85:bf:b4:f5:f0:82:24:b9:7f:d4:92:a1:5d:c5:
fb:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:6E:F6:C4:1F:B0:D6:D5:5C:07:2E:FA:4B:CF:48:66:9C:9C:97:69
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/ZW72xB-w1tVcBy76S89IZpycl2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.26.0/23
Signature Algorithm: sha256WithRSAEncryption
55:f5:72:3d:68:10:46:3b:c0:9d:4d:7c:87:53:53:b0:67:0e:
6d:14:a9:74:60:68:bd:75:eb:e2:90:e7:4e:b3:60:44:d7:ba:
6b:01:56:bd:46:e1:f2:10:9e:6c:ea:d1:e8:96:48:94:97:d6:
6f:18:fc:b3:01:78:7d:64:14:bd:39:a1:f0:6a:5f:4b:61:53:
86:ca:c1:8a:d1:9a:2e:b1:a1:50:40:27:c9:93:20:92:34:c7:
1f:32:92:81:7a:f3:b0:c1:f0:cd:b6:76:41:ee:38:32:6b:a5:
fe:09:d0:3e:16:e6:75:4e:67:4b:96:38:38:5c:93:9b:17:9e:
56:c8:14:43:da:8c:02:38:e5:76:68:6f:3a:51:8c:ea:52:88:
85:a0:43:81:50:5f:fa:ee:cb:65:d4:3b:84:51:c0:05:6b:f9:
82:7d:29:cc:13:4e:a0:b7:96:ce:2c:f3:8a:89:67:48:2c:62:
f2:5a:b7:89:83:2c:5e:cf:c3:e4:76:25:66:93:d4:5e:c2:11:
9e:cc:d9:3a:c8:4f:09:a7:20:73:61:a3:7b:6e:32:6f:bd:fe:
fc:9c:f8:48:f9:7c:ac:bf:55:e4:62:ee:4f:0c:7e:38:48:0c:
56:2b:7f:63:18:21:4e:6f:41:47:63:81:a9:28:8a:74:48:75:
0d:82:b0:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkzxW2M5T2I+qfVFDIlkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjQwMTAxMTAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTZlZjZjNDFmYjBkNmQ1NWMwNzJlZmE0YmNmNDg2NjljOWM5NzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArESzg9hJrhQDgulFSqwue7gp7/Gg
sjevMZjpS9tI6CNVUcVV2IM8UEYWl8VkJQ9g0znI44mLmc5wE7cMet7hMtAHvkNX
yH/kZYete7QnsemYAvvneMN1BQ0XZyGSNRZvxTvk4Zz6BhuA4SmUOIerFuwSkb0U
9XMl4IaqVmtsA5rFhiIveI6mA3ikhUSOBeDdm5FKQiigd3FDQA2MobwcIqP9HPe3
PExqmgKUj4Vqxd/hnmAeBv5mBC9MNM9377xSgetALIWncpSAcIu7yf9+R1IOPkjJ
OV4nokyB68hpVi4aiUfWWohuwBtT/ruj1+vihb+09fCCJLl/1JKhXcX7BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGVu9sQfsNbVXAcu+kvPSGacnJdpMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvWlc3MnhCLXcxdFZjQnk3NlM4OUlacHljbDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYwaMA0G
CSqGSIb3DQEBCwUAA4IBAQBV9XI9aBBGO8CdTXyHU1OwZw5tFKl0YGi9devikOdO
s2BE17prAVa9RuHyEJ5s6tHolkiUl9ZvGPyzAXh9ZBS9OaHwal9LYVOGysGK0Zou
saFQQCfJkyCSNMcfMpKBevOwwfDNtnZB7jgya6X+CdA+FuZ1TmdLljg4XJObF55W
yBRD2owCOOV2aG86UYzqUoiFoEOBUF/67stl1DuEUcAFa/mCfSnME06gt5bOLPOK
iWdILGLyWreJgyxez8PkdiVmk9RewhGezNk6yE8JpyBzYaN7bjJvvf78nPhI+Xys
v1XkYu5PDH44SAxWK39jGCFOb0FHY4GpKIp0SHUNgrCD
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:07:54 2024 by rpki-client on console-fra.rpki-client.org