Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/ZG6SMVxJxOsv4iAQ0G8FXAAvS3w.roa
File: ZG6SMVxJxOsv4iAQ0G8FXAAvS3w.roa (raw, json)
Hash identifier: 4OpNq0pUSJQFRQs1ARHw08fsO1oXwY1ATovCRBhSeR4=
Subject key identifier: 64:6E:92:31:5C:49:C4:EB:2F:E2:20:10:D0:6F:05:5C:00:2F:4B:7C
Certificate issuer: /CN=7367c490447f5045c02367db8d21b4e08749fa76
Certificate serial: 018CC50145D71B527E21E1B6C5E27439B2A1
Authority key identifier: 73:67:C4:90:44:7F:50:45:C0:23:67:DB:8D:21:B4:E0:87:49:FA:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c2fEkER_UEXAI2fbjSG04IdJ-nY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/ZG6SMVxJxOsv4iAQ0G8FXAAvS3w.roa
Signing time: Mon 01 Jan 2024 12:30:44 +0000
ROA not before: Mon 01 Jan 2024 12:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24837
IP address blocks: 176.108.178.0/23 maxlen: 24
176.108.176.0/23 maxlen: 24
176.108.182.0/23 maxlen: 24
176.108.180.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/c2fEkER_UEXAI2fbjSG04IdJ-nY.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/c2fEkER_UEXAI2fbjSG04IdJ-nY.mft
rsync://rpki.ripe.net/repository/DEFAULT/c2fEkER_UEXAI2fbjSG04IdJ-nY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:45:d7:1b:52:7e:21:e1:b6:c5:e2:74:39:b2:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7367c490447f5045c02367db8d21b4e08749fa76
Validity
Not Before: Jan 1 12:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=646e92315c49c4eb2fe22010d06f055c002f4b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5c:83:ec:80:f1:62:11:53:0f:9d:49:b5:17:
58:d3:92:12:3f:6b:4e:a6:80:aa:70:70:a1:47:b5:
9e:78:8a:33:17:1b:ed:e3:7d:4d:e7:8f:a6:5c:03:
9e:3c:00:62:b1:7b:a8:84:04:aa:0c:c8:23:a7:48:
9e:55:6f:63:b6:72:45:85:3d:04:94:27:ae:00:a9:
ff:53:f4:8a:37:91:ab:49:1b:58:79:b5:ba:81:53:
be:e5:2e:d9:45:34:63:c3:49:7c:cb:bb:67:e8:e6:
a7:6a:f5:f7:2f:ad:77:83:ab:77:59:63:ad:21:9a:
04:92:95:7e:3a:34:d2:28:f5:a4:54:70:aa:9a:e5:
52:37:3f:d0:14:7a:fd:ec:93:7e:3d:ef:4e:3c:cd:
50:30:f3:50:13:4c:4b:ac:a3:22:25:ef:ac:37:2a:
72:40:5e:9a:76:e1:c3:c0:40:1d:7d:bd:79:7c:af:
28:95:fd:9a:b8:e6:76:fb:2c:88:2e:4e:80:71:b4:
fd:16:98:9b:df:56:2d:0a:3d:8d:94:72:f1:d5:1c:
93:d1:e1:2d:98:42:61:88:6e:f0:81:82:27:f4:f2:
58:6c:e1:80:09:16:47:0b:e7:9e:1b:ca:80:71:6a:
28:eb:3c:64:dd:63:cf:83:5d:55:11:71:ea:95:68:
ed:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:6E:92:31:5C:49:C4:EB:2F:E2:20:10:D0:6F:05:5C:00:2F:4B:7C
X509v3 Authority Key Identifier:
keyid:73:67:C4:90:44:7F:50:45:C0:23:67:DB:8D:21:B4:E0:87:49:FA:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2fEkER_UEXAI2fbjSG04IdJ-nY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/ZG6SMVxJxOsv4iAQ0G8FXAAvS3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/62584a-47ce-4aa8-8992-5ba756e78869/1/c2fEkER_UEXAI2fbjSG04IdJ-nY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.176.0/21
Signature Algorithm: sha256WithRSAEncryption
5e:03:cb:06:56:13:e5:fa:19:5d:bd:64:f9:73:fc:99:f6:c0:
35:fe:f4:61:9f:45:8f:a9:44:31:f8:8c:1a:f2:e7:91:90:49:
0d:10:fc:26:95:e3:42:50:ff:60:71:32:ce:34:9f:c4:9f:46:
eb:9e:96:18:21:bb:42:cf:57:02:6b:f9:38:bf:76:2e:72:0d:
98:05:0f:a6:33:93:bb:3c:b8:01:d6:4c:8c:56:92:ab:d0:de:
c5:09:39:87:fe:5c:06:83:93:de:b2:23:0a:bf:ab:81:67:19:
e7:f0:75:ae:cb:c9:bf:c8:df:77:d9:15:ba:7f:d3:31:14:52:
39:df:60:37:76:c7:de:1b:fc:08:99:57:fc:be:51:36:12:89:
13:99:77:0f:5e:07:11:4e:8c:e1:e0:f6:a8:e3:70:4c:f7:36:
6f:11:d2:9f:7f:28:87:ba:f9:7b:81:7c:7e:70:8c:ab:5c:81:
b5:aa:55:0e:31:31:6a:01:3d:62:c4:19:55:1b:83:43:d7:b7:
72:6f:d5:fe:53:3a:3d:97:a0:2d:91:a5:2c:61:27:6d:28:36:
8e:c4:c6:8d:64:ae:9c:1b:13:40:17:c7:a0:37:ea:11:a1:11:
87:48:eb:6d:43:dc:b8:56:1c:21:40:37:7c:71:d6:b8:96:a1:
e6:0a:f9:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAUXXG1J+IeG2xeJ0ObKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNjdjNDkwNDQ3ZjUwNDVjMDIzNjdkYjhkMjFiNGUwODc0
OWZhNzYwHhcNMjQwMTAxMTIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDZlOTIzMTVjNDljNGViMmZlMjIwMTBkMDZmMDU1YzAwMmY0YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFyD7IDxYhFTD51JtRdY05ISP2tO
poCqcHChR7WeeIozFxvt431N54+mXAOePABisXuohASqDMgjp0ieVW9jtnJFhT0E
lCeuAKn/U/SKN5GrSRtYebW6gVO+5S7ZRTRjw0l8y7tn6OanavX3L613g6t3WWOt
IZoEkpV+OjTSKPWkVHCqmuVSNz/QFHr97JN+Pe9OPM1QMPNQE0xLrKMiJe+sNypy
QF6aduHDwEAdfb15fK8olf2auOZ2+yyILk6AcbT9Fpib31YtCj2NlHLx1RyT0eEt
mEJhiG7wgYIn9PJYbOGACRZHC+eeG8qAcWoo6zxk3WPPg11VEXHqlWjtNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRukjFcScTrL+IgENBvBVwAL0t8MB8GA1UdIwQY
MBaAFHNnxJBEf1BFwCNn240htOCHSfp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzJmRWtFUl9VRVhBSTJmYmpTRzA0SWRKLW5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS82MjU4NGEtNDdjZS00YWE4LTg5OTIt
NWJhNzU2ZTc4ODY5LzEvWkc2U01WeEp4T3N2NGlBUTBHOEZYQUF2UzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS82MjU4NGEtNDdjZS00YWE4LTg5OTItNWJhNzU2ZTc4ODY5
LzEvYzJmRWtFUl9VRVhBSTJmYmpTRzA0SWRKLW5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsGywMA0G
CSqGSIb3DQEBCwUAA4IBAQBeA8sGVhPl+hldvWT5c/yZ9sA1/vRhn0WPqUQx+Iwa
8ueRkEkNEPwmleNCUP9gcTLONJ/En0brnpYYIbtCz1cCa/k4v3Yucg2YBQ+mM5O7
PLgB1kyMVpKr0N7FCTmH/lwGg5PesiMKv6uBZxnn8HWuy8m/yN932RW6f9MxFFI5
32A3dsfeG/wImVf8vlE2EokTmXcPXgcRTozh4Pao43BM9zZvEdKffyiHuvl7gXx+
cIyrXIG1qlUOMTFqAT1ixBlVG4ND17dyb9X+Uzo9l6AtkaUsYSdtKDaOxMaNZK6c
GxNAF8egN+oRoRGHSOttQ9y4VhwhQDd8cda4lqHmCvlN
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:55:20 2024 by rpki-client on console-ams.rpki-client.org