Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/A_ZWXFS7hnva8o0uCHwWMp9dsNo.roa
File: A_ZWXFS7hnva8o0uCHwWMp9dsNo.roa (raw, json)
Hash identifier: HLyp1enyS+az7jH4yxniLoyPOKwY0AONts1jSFEt290=
Subject key identifier: 03:F6:56:5C:54:BB:86:7B:DA:F2:8D:2E:08:7C:16:32:9F:5D:B0:DA
Certificate issuer: /CN=535ef40faf483433b3e33698e4d1ee95f3c94bec
Certificate serial: 018CC56ECD4C3869875036ECB63013775403
Authority key identifier: 53:5E:F4:0F:AF:48:34:33:B3:E3:36:98:E4:D1:EE:95:F3:C9:4B:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U170D69INDOz4zaY5NHulfPJS-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/A_ZWXFS7hnva8o0uCHwWMp9dsNo.roa
Signing time: Mon 01 Jan 2024 14:30:22 +0000
ROA not before: Mon 01 Jan 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209966
IP address blocks: 78.41.55.0/24 maxlen: 24
78.41.52.0/24 maxlen: 24
78.41.54.0/24 maxlen: 24
78.41.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/U170D69INDOz4zaY5NHulfPJS-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/U170D69INDOz4zaY5NHulfPJS-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/U170D69INDOz4zaY5NHulfPJS-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:cd:4c:38:69:87:50:36:ec:b6:30:13:77:54:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535ef40faf483433b3e33698e4d1ee95f3c94bec
Validity
Not Before: Jan 1 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03f6565c54bb867bdaf28d2e087c16329f5db0da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:42:c1:76:ba:1c:a0:b2:ed:71:ba:ec:7a:a9:
4f:70:a9:d6:b3:0f:10:00:3b:af:8d:3c:3a:c0:9d:
c6:ec:0b:f6:d0:54:ea:97:59:a2:c3:fb:a7:29:4e:
7c:1e:7d:06:f5:a7:88:48:30:17:6d:d3:d8:e7:07:
32:07:b3:50:4d:6c:76:2c:2e:1c:57:f9:79:51:9c:
be:d1:fc:48:b2:05:86:95:d2:8e:e6:c9:61:b5:1a:
64:9c:b6:51:3b:1a:e6:45:62:9a:35:2b:7b:aa:6a:
60:cb:ba:00:8b:e1:11:a6:9d:da:fd:7a:d2:84:a0:
59:ca:45:4a:d7:81:80:37:e7:8c:0a:90:66:6a:96:
d2:60:66:d5:25:82:5d:45:57:15:55:4f:33:18:d7:
cb:b2:46:53:ef:c4:d4:1e:20:f9:39:ff:2e:88:32:
8d:b5:43:35:f1:d0:fd:36:56:ab:ec:ee:4a:e0:43:
65:50:cf:23:02:f8:5f:47:cc:7d:36:b8:dc:df:49:
7f:38:5c:04:e8:75:2c:65:13:d2:15:28:25:26:84:
1a:21:06:2c:14:4a:cd:ff:83:af:0d:29:8a:2e:ac:
60:58:25:9e:f8:7a:0a:58:47:60:16:34:2b:79:54:
d6:0a:a1:92:29:a8:dd:1d:d1:96:8a:56:2b:a3:f7:
91:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F6:56:5C:54:BB:86:7B:DA:F2:8D:2E:08:7C:16:32:9F:5D:B0:DA
X509v3 Authority Key Identifier:
keyid:53:5E:F4:0F:AF:48:34:33:B3:E3:36:98:E4:D1:EE:95:F3:C9:4B:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U170D69INDOz4zaY5NHulfPJS-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/A_ZWXFS7hnva8o0uCHwWMp9dsNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/77a9f1-f1fb-485f-923f-7c3789405bd6/1/U170D69INDOz4zaY5NHulfPJS-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.52.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:a3:29:aa:47:a8:a9:57:cc:3f:cb:01:cf:0f:10:47:1d:a5:
b6:94:4b:c6:d6:c0:9e:51:91:61:30:07:6a:c8:6c:8d:59:30:
c8:c2:36:49:03:90:6d:19:90:d3:d4:b2:91:c0:44:95:11:23:
cc:05:29:e6:b5:7b:5c:bf:8b:d2:61:b5:b8:32:e2:40:fe:a0:
45:5c:d7:f2:cf:cd:98:44:d4:a7:02:5f:5a:a3:86:e6:83:71:
bd:8e:bf:51:41:61:9a:c2:96:8e:6f:be:f1:5f:f9:38:61:cd:
31:a8:63:de:c9:7f:7e:af:f3:7a:f6:46:ee:4d:51:37:5e:45:
84:40:67:42:36:34:73:c4:df:ae:cd:ba:6c:86:da:92:c7:02:
d3:98:94:f4:1e:28:22:b8:3b:10:49:4d:76:19:1d:70:a6:df:
8d:b9:ba:dc:d6:22:4d:ca:0c:fd:41:35:69:ac:38:6d:eb:bd:
ae:c5:e2:a0:2f:10:73:7c:cc:64:ea:d4:73:18:21:79:75:75:
c4:49:19:d5:fa:07:03:8f:22:9e:8f:ec:4f:eb:ff:80:f3:c7:
1b:99:02:c9:24:96:18:d4:12:b1:30:9b:c5:9f:5f:d3:80:38:
90:4b:3a:a8:9a:7d:62:d7:35:1e:3a:dc:ae:d6:d4:17:a6:e5:
db:07:56:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbs1MOGmHUDbstjATd1QDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWVmNDBmYWY0ODM0MzNiM2UzMzY5OGU0ZDFlZTk1ZjNj
OTRiZWMwHhcNMjQwMTAxMTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Y2NTY1YzU0YmI4NjdiZGFmMjhkMmUwODdjMTYzMjlmNWRiMGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ULBdrocoLLtcbrseqlPcKnWsw8Q
ADuvjTw6wJ3G7Av20FTql1miw/unKU58Hn0G9aeISDAXbdPY5wcyB7NQTWx2LC4c
V/l5UZy+0fxIsgWGldKO5slhtRpknLZROxrmRWKaNSt7qmpgy7oAi+ERpp3a/XrS
hKBZykVK14GAN+eMCpBmapbSYGbVJYJdRVcVVU8zGNfLskZT78TUHiD5Of8uiDKN
tUM18dD9Nlar7O5K4ENlUM8jAvhfR8x9Nrjc30l/OFwE6HUsZRPSFSglJoQaIQYs
FErN/4OvDSmKLqxgWCWe+HoKWEdgFjQreVTWCqGSKajdHdGWilYro/eRTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAP2VlxUu4Z72vKNLgh8FjKfXbDaMB8GA1UdIwQY
MBaAFFNe9A+vSDQzs+M2mOTR7pXzyUvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTE3MEQ2OUlORE96NHphWTVOSHVsZlBKUy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy83N2E5ZjEtZjFmYi00ODVmLTkyM2Yt
N2MzNzg5NDA1YmQ2LzEvQV9aV1hGUzdobnZhOG8wdUNId1dNcDlkc05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy83N2E5ZjEtZjFmYi00ODVmLTkyM2YtN2MzNzg5NDA1YmQ2
LzEvVTE3MEQ2OUlORE96NHphWTVOSHVsZlBKUy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTik0MA0G
CSqGSIb3DQEBCwUAA4IBAQDAoymqR6ipV8w/ywHPDxBHHaW2lEvG1sCeUZFhMAdq
yGyNWTDIwjZJA5BtGZDT1LKRwESVESPMBSnmtXtcv4vSYbW4MuJA/qBFXNfyz82Y
RNSnAl9ao4bmg3G9jr9RQWGawpaOb77xX/k4Yc0xqGPeyX9+r/N69kbuTVE3XkWE
QGdCNjRzxN+uzbpshtqSxwLTmJT0HigiuDsQSU12GR1wpt+Nubrc1iJNygz9QTVp
rDht672uxeKgLxBzfMxk6tRzGCF5dXXESRnV+gcDjyKej+xP6/+A88cbmQLJJJYY
1BKxMJvFn1/TgDiQSzqomn1i1zUeOtyu1tQXpuXbB1Zf
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:30 2024 by rpki-client on console-ams.rpki-client.org