Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/IZoznliVtjVIYkEcgrXIXJKiizY.roa
File: IZoznliVtjVIYkEcgrXIXJKiizY.roa (raw, json)
Hash identifier: yHcwTtYvKUCq71UZTrraFcP1X2JvhkVWNBqzF0x1JwY=
Subject key identifier: 21:9A:33:9E:58:95:B6:35:48:62:41:1C:82:B5:C8:5C:92:A2:8B:36
Certificate issuer: /CN=b5473128de54976db62d9bd1614e77c43dee39b5
Certificate serial: 018CC2DB491C9A8F695C69C41A1F1796C221
Authority key identifier: B5:47:31:28:DE:54:97:6D:B6:2D:9B:D1:61:4E:77:C4:3D:EE:39:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUcxKN5Ul222LZvRYU53xD3uObU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/IZoznliVtjVIYkEcgrXIXJKiizY.roa
Signing time: Mon 01 Jan 2024 02:30:00 +0000
ROA not before: Mon 01 Jan 2024 02:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39526
IP address blocks: 193.111.29.0/24 maxlen: 32
2001:67c:2124::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/tUcxKN5Ul222LZvRYU53xD3uObU.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/tUcxKN5Ul222LZvRYU53xD3uObU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tUcxKN5Ul222LZvRYU53xD3uObU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:49:1c:9a:8f:69:5c:69:c4:1a:1f:17:96:c2:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5473128de54976db62d9bd1614e77c43dee39b5
Validity
Not Before: Jan 1 02:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=219a339e5895b6354862411c82b5c85c92a28b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e4:70:42:d4:dd:85:f2:f4:4a:a9:7e:a5:8e:
8d:f1:16:e8:6e:65:50:ff:16:7f:c2:bb:7a:0f:f2:
9c:d9:31:3e:c3:5e:96:4f:54:2a:21:a7:99:40:97:
00:05:a1:52:2b:3f:d3:e3:f4:57:57:55:41:36:76:
39:3a:f6:46:2d:c6:62:fd:c4:5c:88:bd:da:85:e1:
de:11:52:dd:be:b4:4c:93:9a:28:42:8f:7c:51:c9:
23:8a:82:69:b8:60:5e:43:d3:59:39:ff:0c:55:f5:
d1:42:f4:e2:7c:37:22:3f:9a:88:d0:6f:ff:6d:bb:
90:ca:27:6a:71:b6:86:25:59:17:4a:40:c2:45:71:
d3:e9:8b:e2:ca:e9:1c:0a:bb:e5:5e:73:db:d5:ae:
05:bd:c9:6d:f7:b5:ec:6c:79:02:36:af:dd:28:46:
18:15:81:19:ce:74:dd:dc:85:7b:61:46:a7:52:6b:
e8:9b:78:da:0e:0d:ee:89:b7:ef:90:19:1a:eb:06:
43:eb:27:a2:94:3f:45:97:d6:d9:a6:60:68:ba:c6:
25:83:ab:48:e2:2e:93:dd:b2:68:7d:90:7f:ff:17:
75:bf:94:4d:a8:fa:19:30:f7:ba:2a:94:8e:63:d4:
c3:33:25:7c:f7:0b:6a:6c:49:85:d6:84:b6:fe:90:
86:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:9A:33:9E:58:95:B6:35:48:62:41:1C:82:B5:C8:5C:92:A2:8B:36
X509v3 Authority Key Identifier:
keyid:B5:47:31:28:DE:54:97:6D:B6:2D:9B:D1:61:4E:77:C4:3D:EE:39:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUcxKN5Ul222LZvRYU53xD3uObU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/IZoznliVtjVIYkEcgrXIXJKiizY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/70de80-50e9-4c1d-a7b4-e904318342ee/1/tUcxKN5Ul222LZvRYU53xD3uObU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.29.0/24
IPv6:
2001:67c:2124::/48
Signature Algorithm: sha256WithRSAEncryption
8b:d8:ff:4f:e2:83:64:97:5f:33:ee:c7:86:28:b2:b7:61:91:
f5:31:16:9b:0a:6a:89:0a:12:89:36:4c:eb:45:0b:57:54:ad:
1e:cb:8e:a8:e1:66:ba:ed:49:c3:71:c5:1b:ed:51:f6:25:4c:
fb:01:86:d5:fd:26:96:46:c0:05:de:b2:b8:a2:0d:60:12:4b:
db:9c:60:ba:fa:83:3a:db:b3:3a:35:34:d9:90:d2:f0:71:4c:
d4:33:46:78:63:3d:47:fa:3f:b2:76:81:c9:ed:e7:c2:b6:9b:
71:7b:56:d6:f7:d7:e7:f3:b4:4a:de:b6:c3:a8:c1:17:0d:65:
78:4c:a9:5c:00:4c:97:b1:42:d5:46:77:7d:7f:65:68:b8:7e:
e9:5e:56:4a:5c:4d:00:9d:a3:15:56:97:7e:b6:10:b7:ea:2e:
ff:02:3e:7f:bf:c7:c2:b1:fb:24:5b:c0:93:c6:fa:6e:66:f8:
e2:e1:c1:d2:43:87:35:d8:1e:21:39:55:53:55:9e:ea:8d:d4:
6c:2a:bb:06:bf:7c:ce:1b:8d:4d:4b:6d:eb:35:03:29:55:cc:
45:f6:2d:42:b3:f1:36:fb:43:66:be:d1:4d:ed:c0:3c:d8:bc:
47:6f:46:77:27:47:2d:7a:62:c0:6d:4a:53:72:f6:f3:e2:b0:
0a:f0:95:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzC20kcmo9pXGnEGh8XlsIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDczMTI4ZGU1NDk3NmRiNjJkOWJkMTYxNGU3N2M0M2Rl
ZTM5YjUwHhcNMjQwMTAxMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTlhMzM5ZTU4OTViNjM1NDg2MjQxMWM4MmI1Yzg1YzkyYTI4YjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxORwQtTdhfL0Sql+pY6N8RbobmVQ
/xZ/wrt6D/Kc2TE+w16WT1QqIaeZQJcABaFSKz/T4/RXV1VBNnY5OvZGLcZi/cRc
iL3aheHeEVLdvrRMk5ooQo98UckjioJpuGBeQ9NZOf8MVfXRQvTifDciP5qI0G//
bbuQyidqcbaGJVkXSkDCRXHT6YviyukcCrvlXnPb1a4Fvclt97XsbHkCNq/dKEYY
FYEZznTd3IV7YUanUmvom3jaDg3uibfvkBka6wZD6yeilD9Fl9bZpmBousYlg6tI
4i6T3bJofZB//xd1v5RNqPoZMPe6KpSOY9TDMyV89wtqbEmF1oS2/pCGLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCGaM55YlbY1SGJBHIK1yFySoos2MB8GA1UdIwQY
MBaAFLVHMSjeVJdtti2b0WFOd8Q97jm1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVjeEtONVVsMjIyTFp2UllVNTN4RDN1T2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83MGRlODAtNTBlOS00YzFkLWE3YjQt
ZTkwNDMxODM0MmVlLzEvSVpvem5saVZ0alZJWWtFY2dyWElYSktpaXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83MGRlODAtNTBlOS00YzFkLWE3YjQtZTkwNDMxODM0MmVl
LzEvdFVjeEtONVVsMjIyTFp2UllVNTN4RDN1T2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwW8dMA8E
AgACMAkDBwAgAQZ8ISQwDQYJKoZIhvcNAQELBQADggEBAIvY/0/ig2SXXzPux4Yo
srdhkfUxFpsKaokKEok2TOtFC1dUrR7LjqjhZrrtScNxxRvtUfYlTPsBhtX9JpZG
wAXesriiDWASS9ucYLr6gzrbszo1NNmQ0vBxTNQzRnhjPUf6P7J2gcnt58K2m3F7
Vtb31+fztEretsOowRcNZXhMqVwATJexQtVGd31/ZWi4fuleVkpcTQCdoxVWl362
ELfqLv8CPn+/x8Kx+yRbwJPG+m5m+OLhwdJDhzXYHiE5VVNVnuqN1Gwquwa/fM4b
jU1Lbes1AylVzEX2LUKz8Tb7Q2a+0U3twDzYvEdvRncnRy16YsBtSlNy9vPisArw
lcQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:09:13 2024 by rpki-client on console-ams.rpki-client.org