Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/zp6z3WfXpBxhmUQVIX6JARr0tS4.roa
File: zp6z3WfXpBxhmUQVIX6JARr0tS4.roa (raw, json)
Hash identifier: rFyV9K4VUGMQTtUgBLXZI8iM3oPqLL1AUtOF072Sv6w=
Subject key identifier: CE:9E:B3:DD:67:D7:A4:1C:61:99:44:15:21:7E:89:01:1A:F4:B5:2E
Certificate issuer: /CN=86022e162f6e6b9755ce4ce845120e62939506f7
Certificate serial: 018CC9BBB3A357F15E216C69CC62984631F6
Authority key identifier: 86:02:2E:16:2F:6E:6B:97:55:CE:4C:E8:45:12:0E:62:93:95:06:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hgIuFi9ua5dVzkzoRRIOYpOVBvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/zp6z3WfXpBxhmUQVIX6JARr0tS4.roa
Signing time: Tue 02 Jan 2024 10:32:50 +0000
ROA not before: Tue 02 Jan 2024 10:32:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61049
IP address blocks: 83.136.52.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/hgIuFi9ua5dVzkzoRRIOYpOVBvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/hgIuFi9ua5dVzkzoRRIOYpOVBvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/hgIuFi9ua5dVzkzoRRIOYpOVBvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:b3:a3:57:f1:5e:21:6c:69:cc:62:98:46:31:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86022e162f6e6b9755ce4ce845120e62939506f7
Validity
Not Before: Jan 2 10:32:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce9eb3dd67d7a41c61994415217e89011af4b52e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:31:83:e6:22:7b:90:4f:20:82:1c:50:8c:b0:
b9:bb:48:c6:d3:d9:6f:45:0e:d9:36:10:15:5a:da:
9c:7c:8e:eb:5b:03:54:0d:51:59:b9:e4:ff:25:4b:
1f:aa:76:23:e0:2b:27:d3:d2:ad:48:aa:69:6c:4f:
aa:07:f3:90:35:46:7c:db:4d:21:72:64:ec:8d:e3:
47:5c:59:56:63:83:60:73:18:85:0d:61:0c:28:13:
3b:53:44:ee:77:dc:3d:24:da:de:0b:17:c0:bc:8c:
cb:d2:84:a7:d2:da:60:01:ff:57:05:a3:3c:d0:1c:
9e:e6:20:60:45:95:cd:04:27:ed:7f:0e:85:29:80:
a5:a5:22:ee:a8:85:c2:1d:b1:a9:44:f3:36:3c:a4:
1d:14:3a:58:89:96:f3:0a:8e:a5:6b:a6:33:7b:51:
0a:b5:51:b9:61:cc:a7:3d:65:29:c7:e5:54:dd:51:
80:76:45:df:28:d5:f5:d0:e4:cf:9e:3d:fc:a4:64:
c0:3a:e6:80:46:29:a8:d1:06:86:d1:db:df:90:12:
2d:ea:81:da:27:27:76:44:31:4a:36:cd:20:3e:7c:
ca:bb:75:8a:7e:1e:85:45:a3:ec:72:01:02:35:e6:
58:48:c9:93:bd:3c:ed:0c:d2:12:d4:fc:0f:50:76:
3f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9E:B3:DD:67:D7:A4:1C:61:99:44:15:21:7E:89:01:1A:F4:B5:2E
X509v3 Authority Key Identifier:
keyid:86:02:2E:16:2F:6E:6B:97:55:CE:4C:E8:45:12:0E:62:93:95:06:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hgIuFi9ua5dVzkzoRRIOYpOVBvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/zp6z3WfXpBxhmUQVIX6JARr0tS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/782c07-4bba-4810-b98b-059dbcc8dcef/1/hgIuFi9ua5dVzkzoRRIOYpOVBvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.52.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:d6:f2:3f:85:5d:a5:04:d4:f3:50:ca:8d:94:15:26:27:c8:
6e:c9:22:4d:d3:c3:54:aa:d7:d7:83:f0:c6:76:43:3e:29:b3:
de:76:91:41:4d:40:82:8b:40:c7:45:33:59:dd:31:af:77:87:
22:5c:56:d7:0d:9d:15:3a:e0:51:0c:9f:e6:50:08:3a:14:83:
78:49:b8:44:0e:7e:c0:59:d1:0d:49:ce:72:25:d9:c9:3c:20:
61:f3:96:88:1a:8d:4b:e1:6b:99:af:d4:d2:76:1c:f2:6d:2c:
47:6f:22:13:1d:fc:b1:86:65:ea:97:e8:7b:32:d9:89:55:fd:
f8:1b:9d:b7:f8:cb:aa:eb:61:6d:4b:c3:b2:bf:30:9d:c3:6e:
6d:6e:07:fb:65:96:2a:da:21:fe:3e:58:78:8f:af:6f:7c:36:
e7:c3:2a:1c:21:5b:81:ed:d7:12:37:6c:9b:48:2d:68:30:b5:
17:40:bf:85:99:2b:ce:12:58:cf:6a:31:44:ed:e3:9a:89:c7:
b6:68:d9:04:4f:bb:09:84:1a:14:4a:d6:5f:6e:6d:f5:17:37:
fb:70:0f:91:62:eb:6f:7c:54:52:86:ba:34:a1:0c:e5:20:c6:
78:4f:98:3e:5e:16:e2:d9:f7:58:af:b7:22:21:3a:50:93:7e:
1d:14:bb:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu7OjV/FeIWxpzGKYRjH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MDIyZTE2MmY2ZTZiOTc1NWNlNGNlODQ1MTIwZTYyOTM5
NTA2ZjcwHhcNMjQwMTAyMTAzMjUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTllYjNkZDY3ZDdhNDFjNjE5OTQ0MTUyMTdlODkwMTFhZjRiNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzGD5iJ7kE8gghxQjLC5u0jG09lv
RQ7ZNhAVWtqcfI7rWwNUDVFZueT/JUsfqnYj4Csn09KtSKppbE+qB/OQNUZ8200h
cmTsjeNHXFlWY4NgcxiFDWEMKBM7U0Tud9w9JNreCxfAvIzL0oSn0tpgAf9XBaM8
0Bye5iBgRZXNBCftfw6FKYClpSLuqIXCHbGpRPM2PKQdFDpYiZbzCo6la6Yze1EK
tVG5YcynPWUpx+VU3VGAdkXfKNX10OTPnj38pGTAOuaARimo0QaG0dvfkBIt6oHa
Jyd2RDFKNs0gPnzKu3WKfh6FRaPscgECNeZYSMmTvTztDNIS1PwPUHY//QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM6es91n16QcYZlEFSF+iQEa9LUuMB8GA1UdIwQY
MBaAFIYCLhYvbmuXVc5M6EUSDmKTlQb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGdJdUZpOXVhNWRWemt6b1JSSU9ZcE9WQnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC83ODJjMDctNGJiYS00ODEwLWI5OGIt
MDU5ZGJjYzhkY2VmLzEvenA2ejNXZlhwQnhobVVRVklYNkpBUnIwdFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC83ODJjMDctNGJiYS00ODEwLWI5OGItMDU5ZGJjYzhkY2Vm
LzEvaGdJdUZpOXVhNWRWemt6b1JSSU9ZcE9WQnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU4g0MA0G
CSqGSIb3DQEBCwUAA4IBAQCN1vI/hV2lBNTzUMqNlBUmJ8huySJN08NUqtfXg/DG
dkM+KbPedpFBTUCCi0DHRTNZ3TGvd4ciXFbXDZ0VOuBRDJ/mUAg6FIN4SbhEDn7A
WdENSc5yJdnJPCBh85aIGo1L4WuZr9TSdhzybSxHbyITHfyxhmXql+h7MtmJVf34
G523+Muq62FtS8OyvzCdw25tbgf7ZZYq2iH+Plh4j69vfDbnwyocIVuB7dcSN2yb
SC1oMLUXQL+FmSvOEljPajFE7eOaice2aNkET7sJhBoUStZfbm31Fzf7cA+RYutv
fFRShro0oQzlIMZ4T5g+Xhbi2fdYr7ciITpQk34dFLut
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:59 2024 by rpki-client on console-ams.rpki-client.org