Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/23Zqqvtz_N5UnJhfjtMbufFadJ8.roa
File: 23Zqqvtz_N5UnJhfjtMbufFadJ8.roa (raw, json)
Hash identifier: jll9yaHv7BSzQuq0SGRQhTaiZQcnA8trFKRVEPRwcco=
Subject key identifier: DB:76:6A:AA:FB:73:FC:DE:54:9C:98:5F:8E:D3:1B:B9:F1:5A:74:9F
Certificate issuer: /CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Certificate serial: 019091803B798FAF006902A61469E4F711E7
Authority key identifier: DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/23Zqqvtz_N5UnJhfjtMbufFadJ8.roa
Signing time: Mon 08 Jul 2024 08:40:18 +0000
ROA not before: Mon 08 Jul 2024 08:40:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215064
IP address blocks: 193.28.68.0/24 maxlen: 24
2a12:6900:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:91:80:3b:79:8f:af:00:69:02:a6:14:69:e4:f7:11:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dede91a0fb1f4dd17900d06db6e88336f78b5c05
Validity
Not Before: Jul 8 08:40:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db766aaafb73fcde549c985f8ed31bb9f15a749f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e1:ab:ce:27:01:76:50:1d:6d:ea:f7:be:06:
8c:ed:33:d4:9e:be:ad:5e:ad:eb:9e:70:e2:a8:99:
20:46:d1:0f:40:09:cb:5a:0b:1f:18:2f:b4:d9:bc:
33:b2:81:ea:76:d6:cf:46:c3:59:b2:84:10:06:04:
4a:02:e4:9c:63:5d:b6:87:15:65:3d:21:e0:dd:f0:
a2:7f:33:2f:52:68:77:6b:62:45:58:6b:7a:cf:36:
3e:9b:86:39:6e:0e:f3:0e:1a:0e:62:dc:4d:a1:3f:
c4:4d:5d:b9:ad:3d:85:b5:1f:d1:4e:a8:69:d1:28:
89:b1:29:79:23:5a:3f:5b:cc:5e:1b:b0:db:25:4b:
15:25:c9:78:ee:89:4a:95:0a:1d:b9:ed:cb:48:01:
cc:35:39:bf:5e:d2:18:e4:59:f2:2f:1e:7e:99:13:
58:74:cd:18:37:31:e6:e0:b1:9d:d6:39:12:7e:60:
96:12:e1:23:65:4d:cf:91:44:70:ed:17:ed:26:2d:
d1:cd:3f:78:a8:09:c3:9a:2d:5b:38:16:b9:2c:86:
24:4a:8d:ed:0b:0c:ff:5a:8a:14:4b:85:1d:46:af:
bf:03:a1:14:14:12:02:1d:dc:3c:0a:fe:f8:aa:e2:
b3:ac:c9:62:1d:d2:29:cd:2a:99:32:f5:bb:a8:96:
24:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:76:6A:AA:FB:73:FC:DE:54:9C:98:5F:8E:D3:1B:B9:F1:5A:74:9F
X509v3 Authority Key Identifier:
keyid:DE:DE:91:A0:FB:1F:4D:D1:79:00:D0:6D:B6:E8:83:36:F7:8B:5C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3t6RoPsfTdF5ANBttuiDNveLXAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/23Zqqvtz_N5UnJhfjtMbufFadJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/2321d6-bd6c-4b2a-af83-21a700c7119f/1/3t6RoPsfTdF5ANBttuiDNveLXAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.68.0/24
IPv6:
2a12:6900:2000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:ef:6d:4c:d9:d9:3d:eb:33:7d:14:8f:a9:de:2b:65:37:90:
35:35:ab:6e:63:64:85:fc:30:a0:94:40:1b:df:0d:ab:be:82:
80:20:a1:dd:84:5a:ff:fd:01:ad:98:7d:61:cf:96:aa:72:b4:
24:62:4e:43:51:35:78:4d:5d:67:44:8c:6c:86:73:31:c6:f7:
39:06:79:5f:79:93:ff:60:00:34:9b:e0:88:0c:01:02:03:85:
d4:7b:f9:b4:5a:1f:cb:d0:29:08:3e:04:d2:72:f7:11:d9:c3:
e3:05:c6:ed:37:21:1d:d5:2d:93:42:2b:dd:a1:40:b5:7d:1b:
06:6b:d5:44:01:72:57:dd:ef:dd:db:dd:32:4d:8f:db:3e:44:
04:22:89:ed:b2:e6:70:17:6c:a8:ca:22:f1:b0:82:31:3d:ba:
03:07:07:7c:4c:52:ad:11:78:0c:97:5b:43:8e:92:99:e6:7e:
24:e0:1d:ab:f2:f5:a0:0b:b3:7d:15:63:df:18:93:b5:95:bd:
ef:2c:46:e4:b2:4f:83:fa:75:e5:3e:cf:80:18:2e:e9:95:27:
10:ca:e8:df:f7:c7:a6:09:6c:b9:fc:5a:18:8f:19:f1:7a:62:
c1:fe:72:b8:d2:ba:2a:f6:e5:0e:84:c7:7b:17:c2:89:88:e9:
5f:5e:cf:92
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZCRgDt5j68AaQKmFGnk9xHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGU5MWEwZmIxZjRkZDE3OTAwZDA2ZGI2ZTg4MzM2Zjc4
YjVjMDUwHhcNMjQwNzA4MDg0MDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc2NmFhYWZiNzNmY2RlNTQ5Yzk4NWY4ZWQzMWJiOWYxNWE3NDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOGrzicBdlAdber3vgaM7TPUnr6t
Xq3rnnDiqJkgRtEPQAnLWgsfGC+02bwzsoHqdtbPRsNZsoQQBgRKAuScY122hxVl
PSHg3fCifzMvUmh3a2JFWGt6zzY+m4Y5bg7zDhoOYtxNoT/ETV25rT2FtR/RTqhp
0SiJsSl5I1o/W8xeG7DbJUsVJcl47olKlQodue3LSAHMNTm/XtIY5FnyLx5+mRNY
dM0YNzHm4LGd1jkSfmCWEuEjZU3PkURw7RftJi3RzT94qAnDmi1bOBa5LIYkSo3t
Cwz/WooUS4UdRq+/A6EUFBICHdw8Cv74quKzrMliHdIpzSqZMvW7qJYkVQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFNt2aqr7c/zeVJyYX47TG7nxWnSfMB8GA1UdIwQY
MBaAFN7ekaD7H03ReQDQbbbogzb3i1wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMt
MjFhNzAwYzcxMTlmLzEvMjNacXF2dHpfTjVVbkpoZmp0TWJ1ZkZhZEo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8yMzIxZDYtYmQ2Yy00YjJhLWFmODMtMjFhNzAwYzcxMTlm
LzEvM3Q2Um9Qc2ZUZEY1QU5CdHR1aUROdmVMWEFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwRxEMA4E
AgACMAgDBgAqEmkAIDANBgkqhkiG9w0BAQsFAAOCAQEAPe9tTNnZPeszfRSPqd4r
ZTeQNTWrbmNkhfwwoJRAG98Nq76CgCCh3YRa//0BrZh9Yc+WqnK0JGJOQ1E1eE1d
Z0SMbIZzMcb3OQZ5X3mT/2AANJvgiAwBAgOF1Hv5tFofy9ApCD4E0nL3EdnD4wXG
7TchHdUtk0Ir3aFAtX0bBmvVRAFyV93v3dvdMk2P2z5EBCKJ7bLmcBdsqMoi8bCC
MT26AwcHfExSrRF4DJdbQ46SmeZ+JOAdq/L1oAuzfRVj3xiTtZW97yxG5LJPg/p1
5T7PgBgu6ZUnEMro3/fHpglsufxaGI8Z8Xpiwf5yuNK6KvblDoTHexfCiYjpX17P
kg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:05:25 2024 by rpki-client on console-ams.rpki-client.org