Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/zu_e7JJTj44LsjI4x2d1aeE_wPk.roa
File: zu_e7JJTj44LsjI4x2d1aeE_wPk.roa (raw, json)
Hash identifier: U/hfm5v9S3TcsDdpncz184Nf8nADywVa5eESWXh+bMk=
Subject key identifier: CE:EF:DE:EC:92:53:8F:8E:0B:B2:32:38:C7:67:75:69:E1:3F:C0:F9
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018CC7941EB6F56B78E71793C1C2462D8CEE
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/zu_e7JJTj44LsjI4x2d1aeE_wPk.roa
Signing time: Tue 02 Jan 2024 00:30:22 +0000
ROA not before: Tue 02 Jan 2024 00:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60931
IP address blocks: 46.8.80.0/20 maxlen: 20
46.8.80.0/21 maxlen: 21
46.8.84.0/22 maxlen: 22
46.8.80.0/22 maxlen: 22
46.8.88.0/21 maxlen: 21
46.8.88.0/22 maxlen: 22
46.8.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:1e:b6:f5:6b:78:e7:17:93:c1:c2:46:2d:8c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 00:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceefdeec92538f8e0bb23238c7677569e13fc0f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:81:d9:d9:00:07:ae:29:bd:16:13:47:de:22:
31:83:ac:7f:cf:cf:c1:ad:bd:9e:ff:d8:0d:a7:f8:
fe:f4:2b:df:fa:46:d2:ed:8f:5b:ed:7a:79:59:dd:
87:ae:33:95:3b:5d:6c:7e:fb:c0:b2:64:c0:4b:00:
f5:2d:d7:67:4c:1f:a4:48:87:93:f2:12:8b:10:ea:
ff:36:ee:2b:ae:56:36:89:95:bc:56:e5:3b:f3:da:
a9:d4:d6:fa:9f:db:45:6e:db:1b:8c:20:e1:f9:6d:
8b:27:ed:1a:82:68:a6:37:1d:26:60:8e:10:75:29:
3a:30:85:3f:ef:22:88:fa:b8:de:35:a6:4d:87:b4:
2f:a4:ff:bb:4a:01:2d:05:f2:cb:94:89:59:f9:c5:
6a:24:08:ef:54:80:52:f6:1a:77:52:00:20:e1:df:
64:e0:55:5f:5b:f2:f7:5c:79:e1:9d:22:df:ae:b7:
89:ef:6c:97:9b:34:f9:78:68:e7:30:ea:80:08:15:
55:10:52:e8:91:1c:33:7f:b6:2f:36:89:96:40:a9:
41:02:7a:1c:00:c0:97:15:04:e4:4d:a8:0c:ed:5a:
65:79:7a:a8:bc:94:89:59:71:5d:41:94:a1:fa:e9:
b9:11:8a:ec:16:d9:5e:5b:a1:a0:9c:bb:65:9d:79:
22:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:EF:DE:EC:92:53:8F:8E:0B:B2:32:38:C7:67:75:69:E1:3F:C0:F9
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/zu_e7JJTj44LsjI4x2d1aeE_wPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.80.0/20
Signature Algorithm: sha256WithRSAEncryption
1f:ae:5e:e5:49:44:b7:44:4a:26:3a:99:3c:c4:9d:b6:2d:bf:
87:1e:22:20:2a:72:10:f1:e7:bc:f7:5a:10:5e:85:ec:5a:ba:
b9:d1:68:e4:9f:2f:dd:ec:45:be:77:e1:bd:17:50:a1:e7:80:
e3:78:e1:31:4b:5f:a5:92:40:06:d1:e5:73:ad:9c:a7:92:5c:
52:7f:df:25:32:61:bd:c4:de:66:a2:da:2f:ab:05:b8:0d:00:
bd:e6:82:d5:45:7e:76:54:bf:c4:04:7d:63:d1:c3:01:a8:b8:
9e:26:59:a9:ae:22:10:61:91:07:06:78:a1:6d:83:af:43:fd:
09:8c:cb:23:9c:7a:f0:7b:be:7b:39:dc:af:88:e0:7e:91:25:
6d:66:e4:b7:84:60:aa:ba:84:ca:a7:07:63:49:e2:7a:e5:03:
11:58:d1:29:9d:02:ac:26:24:0a:d8:a0:2f:a8:05:d7:0e:79:
12:bc:bd:17:9b:9c:7f:d1:55:06:78:25:bf:81:76:f6:55:16:
49:72:8e:fe:43:15:e2:cb:f0:d0:1b:8b:51:eb:55:1a:a3:40:
7f:5c:aa:68:3d:03:c8:57:45:3c:63:88:0c:b0:dd:be:23:c2:
6d:34:11:29:61:95:25:ca:f0:0f:5b:15:d6:48:dd:94:63:84:
7c:8f:f5:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlB629Wt45xeTwcJGLYzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTAyMDAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWVmZGVlYzkyNTM4ZjhlMGJiMjMyMzhjNzY3NzU2OWUxM2ZjMGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4HZ2QAHrim9FhNH3iIxg6x/z8/B
rb2e/9gNp/j+9Cvf+kbS7Y9b7Xp5Wd2HrjOVO11sfvvAsmTASwD1LddnTB+kSIeT
8hKLEOr/Nu4rrlY2iZW8VuU789qp1Nb6n9tFbtsbjCDh+W2LJ+0agmimNx0mYI4Q
dSk6MIU/7yKI+rjeNaZNh7QvpP+7SgEtBfLLlIlZ+cVqJAjvVIBS9hp3UgAg4d9k
4FVfW/L3XHnhnSLfrreJ72yXmzT5eGjnMOqACBVVEFLokRwzf7YvNomWQKlBAnoc
AMCXFQTkTagM7VpleXqovJSJWXFdQZSh+um5EYrsFtleW6GgnLtlnXkifQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7v3uySU4+OC7IyOMdndWnhP8D5MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvenVfZTdKSlRqNDRMc2pJNHgyZDFhZUVfd1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELghQMA0G
CSqGSIb3DQEBCwUAA4IBAQAfrl7lSUS3REomOpk8xJ22Lb+HHiIgKnIQ8ee891oQ
XoXsWrq50Wjkny/d7EW+d+G9F1Ch54DjeOExS1+lkkAG0eVzrZynklxSf98lMmG9
xN5motovqwW4DQC95oLVRX52VL/EBH1j0cMBqLieJlmpriIQYZEHBnihbYOvQ/0J
jMsjnHrwe757OdyviOB+kSVtZuS3hGCquoTKpwdjSeJ65QMRWNEpnQKsJiQK2KAv
qAXXDnkSvL0Xm5x/0VUGeCW/gXb2VRZJco7+QxXiy/DQG4tR61Uao0B/XKpoPQPI
V0U8Y4gMsN2+I8JtNBEpYZUlyvAPWxXWSN2UY4R8j/Up
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:46:43 2024 by rpki-client on console-ams.rpki-client.org