Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/7QHfy7XVBLqwKz3bkLbmbw5VIB4.roa
File: 7QHfy7XVBLqwKz3bkLbmbw5VIB4.roa (raw, json)
Hash identifier: O+6FpMeQA8fA1QEykaCVbfJ04T2BRfpUijM6sSYmCO0=
Subject key identifier: ED:01:DF:CB:B5:D5:04:BA:B0:2B:3D:DB:90:B6:E6:6F:0E:55:20:1E
Certificate issuer: /CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Certificate serial: 01931A372442DCEC5192C864B69274769DA1
Authority key identifier: CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/7QHfy7XVBLqwKz3bkLbmbw5VIB4.roa
Signing time: Mon 11 Nov 2024 07:54:01 +0000
ROA not before: Mon 11 Nov 2024 07:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49181
IP address blocks: 2.57.37.0/24 maxlen: 24
2.57.38.0/24 maxlen: 24
2a09:d2c0::/32 maxlen: 32
2a09:d2c1:1::/48 maxlen: 48
2a09:d2c1:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/z81z-CwmDahzhtz3vibVxURVJvo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/z81z-CwmDahzhtz3vibVxURVJvo.mft
rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:37:24:42:dc:ec:51:92:c8:64:b6:92:74:76:9d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Validity
Not Before: Nov 11 07:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed01dfcbb5d504bab02b3ddb90b6e66f0e55201e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0e:67:5e:ab:7b:42:bc:dc:06:7c:65:2f:1e:
d6:4b:a8:e6:8d:5c:05:fb:83:0f:51:29:74:30:f7:
10:94:30:c5:36:3c:64:0d:9b:bb:5b:7f:83:15:5b:
9d:78:3d:07:f8:30:e7:1a:89:e1:36:8e:6e:bd:ba:
8e:7b:f7:56:ff:8d:dc:e8:58:e1:1e:9b:91:47:e1:
93:a7:ec:0d:c4:9e:02:e2:00:56:c5:db:e3:63:cb:
e6:53:48:bd:8c:84:e1:01:bc:36:8f:bf:63:75:26:
85:8f:c2:6f:1b:06:37:e9:5d:b4:ce:50:63:25:22:
fc:27:85:6a:46:33:b5:e6:84:ae:63:cb:eb:2d:fd:
b6:67:f5:ac:20:d0:ee:45:01:6c:ad:1f:2b:af:04:
a8:dc:d6:79:e0:bf:aa:0d:83:f6:0b:6a:a2:a6:30:
81:91:68:a5:e2:32:21:e2:05:3e:11:44:24:35:ac:
ac:eb:1d:51:2f:bd:ad:bd:3f:65:2d:12:64:72:a4:
d9:f1:e2:86:4f:24:77:aa:2c:68:7c:cf:f0:50:7a:
f6:35:dd:c8:90:b4:cc:82:9f:05:94:af:95:03:cd:
e9:b1:7a:21:fa:71:74:94:ee:96:2e:65:25:d1:a6:
cf:c2:c7:f4:8e:32:08:92:5d:b1:de:67:b2:a3:c8:
8a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:01:DF:CB:B5:D5:04:BA:B0:2B:3D:DB:90:B6:E6:6F:0E:55:20:1E
X509v3 Authority Key Identifier:
keyid:CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/7QHfy7XVBLqwKz3bkLbmbw5VIB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/z81z-CwmDahzhtz3vibVxURVJvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.37.0-2.57.38.255
IPv6:
2a09:d2c0::/32
2a09:d2c1:1::/48
2a09:d2c1:a::/48
Signature Algorithm: sha256WithRSAEncryption
76:ac:e7:8d:b5:69:f0:5a:95:90:6f:4b:a0:94:b8:15:26:56:
5c:9d:6b:b5:53:0d:12:c1:09:b1:f4:fc:a6:a7:cd:bf:c1:37:
dd:9b:a2:01:32:25:3c:8b:34:a1:4e:de:73:44:54:61:79:a3:
32:44:d7:94:14:c4:82:90:4a:d8:7c:23:69:45:51:04:5f:a4:
d3:6a:e5:a3:fd:0a:54:c9:0f:55:da:70:d0:39:e4:3e:88:01:
31:1e:9f:0e:2b:8b:eb:9b:57:ef:77:d6:f0:8c:38:ac:1f:92:
f9:09:f0:be:d6:7e:b0:07:07:e1:64:44:59:ac:10:89:1f:3f:
b1:47:14:16:38:67:df:6f:e2:45:7e:9d:7b:94:a3:bf:56:78:
7b:b4:53:38:d3:88:e6:9a:02:ce:42:78:bd:da:24:5a:fb:fc:
b9:95:dd:70:ac:d4:ba:ce:36:bc:66:ed:08:4c:c9:8a:42:ba:
40:6b:db:59:64:cf:3b:5d:4a:ef:9b:f9:63:ee:9f:1e:87:24:
2c:fe:b7:e9:21:50:94:bb:5f:88:93:13:8a:78:0a:d6:4a:3d:
e9:39:78:58:2b:a5:4f:66:cc:56:72:6b:e1:1c:d8:b4:dd:84:
6c:aa:01:5b:4d:2d:d6:b3:2a:bd:cc:c8:39:0f:d7:19:39:13:
a2:5d:68:23
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZMaNyRC3OxRkshktpJ0dp2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2Q3M2Y4MmMyNjBkYTg3Mzg2ZGNmN2JlMjZkNWM1NDQ1
NTI2ZmEwHhcNMjQxMTExMDc1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDAxZGZjYmI1ZDUwNGJhYjAyYjNkZGI5MGI2ZTY2ZjBlNTUyMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig5nXqt7QrzcBnxlLx7WS6jmjVwF
+4MPUSl0MPcQlDDFNjxkDZu7W3+DFVudeD0H+DDnGonhNo5uvbqOe/dW/43c6Fjh
HpuRR+GTp+wNxJ4C4gBWxdvjY8vmU0i9jIThAbw2j79jdSaFj8JvGwY36V20zlBj
JSL8J4VqRjO15oSuY8vrLf22Z/WsINDuRQFsrR8rrwSo3NZ54L+qDYP2C2qipjCB
kWil4jIh4gU+EUQkNays6x1RL72tvT9lLRJkcqTZ8eKGTyR3qixofM/wUHr2Nd3I
kLTMgp8FlK+VA83psXoh+nF0lO6WLmUl0abPwsf0jjIIkl2x3meyo8iKZQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFO0B38u11QS6sCs925C25m8OVSAeMB8GA1UdIwQY
MBaAFM/Nc/gsJg2oc4bc974m1cVEVSb6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTct
NmVkYzFiMjI1NjI1LzEvN1FIZnk3WFZCTHF3S3ozYmtMYm1idzVWSUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTctNmVkYzFiMjI1NjI1
LzEvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAUBAIAATAOMAwDBAACOSUD
BAACOSYwHwQCAAIwGQMFACoJ0sADBwAqCdLBAAEDBwAqCdLBAAowDQYJKoZIhvcN
AQELBQADggEBAHas5421afBalZBvS6CUuBUmVlyda7VTDRLBCbH0/Kanzb/BN92b
ogEyJTyLNKFO3nNEVGF5ozJE15QUxIKQSth8I2lFUQRfpNNq5aP9ClTJD1XacNA5
5D6IATEenw4ri+ubV+931vCMOKwfkvkJ8L7WfrAHB+FkRFmsEIkfP7FHFBY4Z99v
4kV+nXuUo79WeHu0UzjTiOaaAs5CeL3aJFr7/LmV3XCs1LrONrxm7QhMyYpCukBr
21lkzztdSu+b+WPunx6HJCz+t+khUJS7X4iTE4p4CtZKPek5eFgrpU9mzFZya+Ec
2LTdhGyqAVtNLdazKr3MyDkP1xk5E6JdaCM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:41:29 2024 by rpki-client on console-fra.rpki-client.org