Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/Zg176TuCln-UPNFBwvW11Nq1bDE.roa
File: Zg176TuCln-UPNFBwvW11Nq1bDE.roa (raw, json)
Hash identifier: qLffc+KE1aJzb5E5iQeXS7PQvo/Rm5UKFPeJX7ELTek=
Subject key identifier: 66:0D:7B:E9:3B:82:96:7F:94:3C:D1:41:C2:F5:B5:D4:DA:B5:6C:31
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 018CC56ED9F4173D1C445412BE7639EF40C4
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/Zg176TuCln-UPNFBwvW11Nq1bDE.roa
Signing time: Mon 01 Jan 2024 14:30:25 +0000
ROA not before: Mon 01 Jan 2024 14:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63889
IP address blocks: 45.121.104.0/24 maxlen: 24
45.121.107.0/24 maxlen: 24
45.121.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d9:f4:17:3d:1c:44:54:12:be:76:39:ef:40:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Jan 1 14:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660d7be93b82967f943cd141c2f5b5d4dab56c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:34:de:98:d7:06:c2:4d:b4:7a:53:2a:bb:57:
b0:e2:40:17:d4:76:46:d2:9b:e6:b7:6f:d0:20:29:
83:b9:89:82:b3:ca:7c:73:e4:7f:fc:d2:5d:8f:dc:
57:9d:c9:da:7d:cc:d8:4e:c7:b0:d9:96:d2:19:4b:
ca:24:4a:ee:3d:9c:cf:da:00:9f:e4:ff:b8:68:24:
27:65:b1:f7:fc:1b:21:6d:b8:67:02:b8:cd:76:9c:
3c:d5:de:e8:f6:1f:17:69:79:ca:06:69:85:43:e8:
42:84:b2:cf:2d:9d:ba:9c:e2:ce:06:5f:74:ac:ba:
9e:d8:f7:15:37:e4:7d:7a:d4:0a:93:a3:41:6f:af:
9a:3d:e1:d8:02:ac:1f:ac:89:ff:cc:16:82:8e:e7:
61:1a:c4:18:32:2e:a4:b4:3e:2c:93:61:23:b8:f5:
12:b0:b3:a8:0d:99:97:86:cc:e0:74:ad:db:2a:82:
45:32:36:2d:f6:55:60:13:c9:50:c6:38:a0:1a:90:
fe:23:40:98:b1:82:ed:1d:f9:65:cc:e8:95:e7:b5:
c3:34:1d:d5:48:e5:1e:cf:6f:c0:6d:1b:f9:2d:dd:
8c:1b:d6:7a:d3:7c:6d:28:c8:1c:56:8f:0d:12:78:
91:79:2d:40:3f:a3:00:49:73:ea:4a:f1:42:cb:74:
10:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:0D:7B:E9:3B:82:96:7F:94:3C:D1:41:C2:F5:B5:D4:DA:B5:6C:31
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/Zg176TuCln-UPNFBwvW11Nq1bDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.121.104.0/24
45.121.106.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:a7:87:9f:e9:0a:41:a3:b9:9e:c3:3a:30:e9:52:27:d3:7e:
13:85:a7:27:a2:b4:de:36:8b:a0:84:75:33:50:22:cb:29:4e:
26:5b:02:cb:5c:ee:53:f5:c5:81:05:b6:2e:19:20:3f:f1:87:
99:ee:b7:66:49:07:ed:05:ed:f7:46:da:a0:02:b5:6d:01:30:
9c:d8:26:43:b2:57:ed:12:af:c6:7a:cd:b1:b4:37:22:75:55:
cd:6b:1f:0a:56:63:b1:78:14:3c:c7:84:69:a3:96:88:5a:36:
e3:cf:63:53:c8:52:0c:b0:84:54:47:61:78:35:b1:f6:a8:49:
0e:a9:d1:8a:bd:c8:52:ca:ff:6b:bd:8a:fc:0a:51:96:38:14:
34:61:9f:f3:4d:aa:fd:74:fd:b9:e4:ee:5e:1f:4e:fe:e3:20:
9f:df:50:aa:be:f9:e4:a2:a7:79:f7:86:28:34:be:ab:b5:99:
1d:48:ba:0b:34:01:b8:09:05:05:9a:03:85:76:8a:ad:95:e8:
f3:1f:83:e3:22:2a:be:bc:3c:13:bd:47:86:a4:e3:18:61:d2:
a6:9c:f0:ed:3a:ca:9b:90:cc:c0:54:e8:15:36:34:7d:fd:98:
47:0e:d7:73:71:57:82:2f:90:b4:29:34:99:82:be:7b:c5:4e:
7f:f5:8b:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbtn0Fz0cRFQSvnY570DEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjQwMTAxMTQzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjBkN2JlOTNiODI5NjdmOTQzY2QxNDFjMmY1YjVkNGRhYjU2YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjTemNcGwk20elMqu1ew4kAX1HZG
0pvmt2/QICmDuYmCs8p8c+R//NJdj9xXncnafczYTsew2ZbSGUvKJEruPZzP2gCf
5P+4aCQnZbH3/BshbbhnArjNdpw81d7o9h8XaXnKBmmFQ+hChLLPLZ26nOLOBl90
rLqe2PcVN+R9etQKk6NBb6+aPeHYAqwfrIn/zBaCjudhGsQYMi6ktD4sk2EjuPUS
sLOoDZmXhszgdK3bKoJFMjYt9lVgE8lQxjigGpD+I0CYsYLtHfllzOiV57XDNB3V
SOUez2/AbRv5Ld2MG9Z603xtKMgcVo8NEniReS1AP6MASXPqSvFCy3QQowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGYNe+k7gpZ/lDzRQcL1tdTatWwxMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvWmcxNzZUdUNsbi1VUE5GQnd2VzExTnExYkRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALXloAwQB
LXlqMA0GCSqGSIb3DQEBCwUAA4IBAQCyp4ef6QpBo7mewzow6VIn034ThacnorTe
NoughHUzUCLLKU4mWwLLXO5T9cWBBbYuGSA/8YeZ7rdmSQftBe33RtqgArVtATCc
2CZDslftEq/Ges2xtDcidVXNax8KVmOxeBQ8x4Rpo5aIWjbjz2NTyFIMsIRUR2F4
NbH2qEkOqdGKvchSyv9rvYr8ClGWOBQ0YZ/zTar9dP255O5eH07+4yCf31Cqvvnk
oqd594YoNL6rtZkdSLoLNAG4CQUFmgOFdoqtlejzH4PjIiq+vDwTvUeGpOMYYdKm
nPDtOsqbkMzAVOgVNjR9/ZhHDtdzcVeCL5C0KTSZgr57xU5/9YuC
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:56:10 2024 by rpki-client on console-fra.rpki-client.org