Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/8d0bcf-6f35-4d79-884a-502b77ce92f8/1/Zy4DIlbVCyam7WF1QBVxT1bXlp8.roa
File: Zy4DIlbVCyam7WF1QBVxT1bXlp8.roa (raw, json)
Hash identifier: TBhnMc3p71F4OY3mUEPJVlbdf9TAXeJmWqajgCR5KOU=
Subject key identifier: 67:2E:03:22:56:D5:0B:26:A6:ED:61:75:40:15:71:4F:56:D7:96:9F
Certificate issuer: /CN=06f92e6831df1f2ebcd5d5eb0e5999c5b0475c51
Certificate serial: 018CC3B67EC70C2EFEEF5C297A57AA5E4838
Authority key identifier: 06:F9:2E:68:31:DF:1F:2E:BC:D5:D5:EB:0E:59:99:C5:B0:47:5C:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BvkuaDHfHy681dXrDlmZxbBHXFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/8d0bcf-6f35-4d79-884a-502b77ce92f8/1/Zy4DIlbVCyam7WF1QBVxT1bXlp8.roa
Signing time: Mon 01 Jan 2024 06:29:26 +0000
ROA not before: Mon 01 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51412
IP address blocks: 193.150.152.0/21 maxlen: 21
193.150.156.0/24 maxlen: 24
193.150.156.0/22 maxlen: 22
193.150.160.0/22 maxlen: 22
193.150.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/8d0bcf-6f35-4d79-884a-502b77ce92f8/1/BvkuaDHfHy681dXrDlmZxbBHXFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/8d0bcf-6f35-4d79-884a-502b77ce92f8/1/BvkuaDHfHy681dXrDlmZxbBHXFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/BvkuaDHfHy681dXrDlmZxbBHXFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 18:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7e:c7:0c:2e:fe:ef:5c:29:7a:57:aa:5e:48:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06f92e6831df1f2ebcd5d5eb0e5999c5b0475c51
Validity
Not Before: Jan 1 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=672e032256d50b26a6ed61754015714f56d7969f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d6:20:dc:4a:98:8a:08:96:1b:9a:64:3c:06:
90:14:fb:cc:13:bb:69:58:0c:40:93:39:a2:71:9e:
c8:03:ac:5a:ed:86:84:1f:bb:c0:cb:f2:9a:af:3c:
76:44:26:1f:4b:8d:48:9e:51:62:d5:cb:31:e3:59:
83:73:04:54:36:2d:d1:a5:9c:b6:89:c7:d0:c0:fb:
1f:10:03:bf:06:39:87:11:63:75:8d:28:78:59:c4:
3d:77:2e:00:ae:0c:61:3e:8b:cf:93:0b:7b:78:3a:
11:a9:dc:90:fa:d8:23:31:dc:44:3f:21:e0:45:2b:
b5:0f:37:82:56:2f:22:3a:cc:42:e4:8d:e7:82:98:
51:e1:d7:5d:df:21:2f:03:9a:51:ea:bb:70:da:63:
ea:f5:e8:c8:ca:a1:5e:5a:70:43:13:34:ea:2c:1d:
4b:7e:6a:a7:14:c9:cb:37:94:b1:fd:e9:db:d7:f0:
f0:96:cf:d2:e6:74:ae:fd:f8:d1:2e:d8:bd:ac:49:
06:35:9e:1b:a7:39:9c:c7:f9:1e:0b:67:34:48:55:
47:f6:d8:d0:90:39:00:0b:a9:91:8d:92:e0:1c:30:
9d:9e:31:55:71:77:41:65:b7:92:38:bb:77:4f:b0:
fa:ed:44:28:34:b8:75:40:3b:d8:c9:84:b9:60:9e:
f6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:2E:03:22:56:D5:0B:26:A6:ED:61:75:40:15:71:4F:56:D7:96:9F
X509v3 Authority Key Identifier:
keyid:06:F9:2E:68:31:DF:1F:2E:BC:D5:D5:EB:0E:59:99:C5:B0:47:5C:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BvkuaDHfHy681dXrDlmZxbBHXFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/8d0bcf-6f35-4d79-884a-502b77ce92f8/1/Zy4DIlbVCyam7WF1QBVxT1bXlp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/8d0bcf-6f35-4d79-884a-502b77ce92f8/1/BvkuaDHfHy681dXrDlmZxbBHXFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.150.152.0-193.150.164.255
Signature Algorithm: sha256WithRSAEncryption
57:f1:82:76:cc:25:d4:ce:eb:f0:7e:09:6a:cc:25:cf:0d:c0:
ae:17:bd:c1:9b:5f:ab:74:31:38:e8:f1:86:30:17:51:5a:f7:
fe:8a:a2:e9:09:bf:1d:da:7b:57:e4:cc:6c:74:b7:fc:61:1d:
20:71:e0:35:f6:c6:12:cf:01:c1:d6:a7:62:aa:9c:95:96:d6:
a6:fc:fa:66:4e:8d:8f:e1:50:75:b5:4b:a4:59:99:a7:bf:e0:
e7:94:dd:83:b4:2a:eb:c1:31:bc:5c:be:87:31:50:3d:a1:b2:
71:fb:36:73:07:51:d1:3f:ca:eb:7f:ab:12:1f:e7:90:cc:0e:
59:6d:a3:44:ef:2d:d9:34:2e:15:15:e4:6d:de:c2:e6:2b:9c:
34:ee:e1:ca:8b:60:47:b8:b2:da:51:96:d4:8d:3e:f2:bc:4c:
3a:c7:bb:6c:00:f3:a7:9b:fa:61:54:46:63:b0:96:9b:e0:73:
40:36:84:0c:41:67:74:16:d3:00:a0:4f:3a:83:32:52:30:16:
fe:f9:ae:c4:1f:eb:b1:29:fe:d6:e9:f4:a5:cf:a3:83:bf:18:
aa:dd:2d:13:8a:7c:b4:af:7c:fe:30:d3:4d:a5:02:63:cd:31:
65:08:e2:96:e3:87:51:75:a1:45:06:d3:c8:63:d6:fc:7e:b3:
f0:f5:d2:e3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDtn7HDC7+71wpeleqXkg4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZjkyZTY4MzFkZjFmMmViY2Q1ZDVlYjBlNTk5OWM1YjA0
NzVjNTEwHhcNMjQwMTAxMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzJlMDMyMjU2ZDUwYjI2YTZlZDYxNzU0MDE1NzE0ZjU2ZDc5NjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9Yg3EqYigiWG5pkPAaQFPvME7tp
WAxAkzmicZ7IA6xa7YaEH7vAy/Karzx2RCYfS41InlFi1csx41mDcwRUNi3RpZy2
icfQwPsfEAO/BjmHEWN1jSh4WcQ9dy4ArgxhPovPkwt7eDoRqdyQ+tgjMdxEPyHg
RSu1DzeCVi8iOsxC5I3ngphR4ddd3yEvA5pR6rtw2mPq9ejIyqFeWnBDEzTqLB1L
fmqnFMnLN5Sx/enb1/Dwls/S5nSu/fjRLti9rEkGNZ4bpzmcx/keC2c0SFVH9tjQ
kDkAC6mRjZLgHDCdnjFVcXdBZbeSOLt3T7D67UQoNLh1QDvYyYS5YJ72aQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGcuAyJW1Qsmpu1hdUAVcU9W15afMB8GA1UdIwQY
MBaAFAb5Lmgx3x8uvNXV6w5ZmcWwR1xRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnZrdWFESGZIeTY4MWRYckRsbVp4YkJIWEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy84ZDBiY2YtNmYzNS00ZDc5LTg4NGEt
NTAyYjc3Y2U5MmY4LzEvWnk0RElsYlZDeWFtN1dGMVFCVnhUMWJYbHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy84ZDBiY2YtNmYzNS00ZDc5LTg4NGEtNTAyYjc3Y2U5MmY4
LzEvQnZrdWFESGZIeTY4MWRYckRsbVp4YkJIWEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPBlpgD
BADBlqQwDQYJKoZIhvcNAQELBQADggEBAFfxgnbMJdTO6/B+CWrMJc8NwK4XvcGb
X6t0MTjo8YYwF1Fa9/6KoukJvx3ae1fkzGx0t/xhHSBx4DX2xhLPAcHWp2KqnJWW
1qb8+mZOjY/hUHW1S6RZmae/4OeU3YO0KuvBMbxcvocxUD2hsnH7NnMHUdE/yut/
qxIf55DMDllto0TvLdk0LhUV5G3ewuYrnDTu4cqLYEe4stpRltSNPvK8TDrHu2wA
86eb+mFURmOwlpvgc0A2hAxBZ3QW0wCgTzqDMlIwFv75rsQf67Ep/tbp9KXPo4O/
GKrdLROKfLSvfP4w002lAmPNMWUI4pbjh1F1oUUG08hj1vx+s/D10uM=
-----END CERTIFICATE-----
Generated at Wed May 29 03:39:45 2024 by rpki-client on console-ams.rpki-client.org