Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/znLYZSL3YAQNdkfHzNbWKOUbkh0.roa
File: znLYZSL3YAQNdkfHzNbWKOUbkh0.roa (raw, json)
Hash identifier: P7CNuC8WCM8tvTHHiMT2A6wFA7wqdSAvJX07I3mTRwU=
Subject key identifier: CE:72:D8:65:22:F7:60:04:0D:76:47:C7:CC:D6:D6:28:E5:1B:92:1D
Certificate issuer: /CN=9d6cf689d49af30a17b810e7f275872fd916d858
Certificate serial: 018CC349637C49CE6C34E161444718411EC2
Authority key identifier: 9D:6C:F6:89:D4:9A:F3:0A:17:B8:10:E7:F2:75:87:2F:D9:16:D8:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nWz2idSa8woXuBDn8nWHL9kW2Fg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/znLYZSL3YAQNdkfHzNbWKOUbkh0.roa
Signing time: Mon 01 Jan 2024 04:30:15 +0000
ROA not before: Mon 01 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196682
IP address blocks: 193.9.28.0/24 maxlen: 24
91.219.31.0/24 maxlen: 24
91.219.28.0/24 maxlen: 24
91.219.29.0/24 maxlen: 24
91.219.30.0/24 maxlen: 24
2001:678:108::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/nWz2idSa8woXuBDn8nWHL9kW2Fg.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/nWz2idSa8woXuBDn8nWHL9kW2Fg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWz2idSa8woXuBDn8nWHL9kW2Fg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:63:7c:49:ce:6c:34:e1:61:44:47:18:41:1e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d6cf689d49af30a17b810e7f275872fd916d858
Validity
Not Before: Jan 1 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce72d86522f760040d7647c7ccd6d628e51b921d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a8:df:92:18:e4:78:ab:43:74:7d:26:23:78:
2f:e3:53:ef:be:a9:cd:71:38:dc:78:95:aa:4b:fa:
1b:7a:00:b9:8b:cb:67:b1:29:4d:97:3a:16:de:cb:
14:fc:61:b2:09:a1:e8:f0:e3:f7:c1:7a:d1:60:09:
13:de:5d:39:6f:c7:80:93:ec:06:e0:a5:49:13:56:
13:02:fc:95:95:2b:8f:ea:4a:f8:15:ab:1e:99:89:
a0:b4:a2:4a:de:12:42:f2:de:f0:60:20:2b:16:28:
13:08:72:ea:79:d0:15:ae:c2:bb:62:66:c7:a3:6f:
36:94:51:0d:81:f6:1e:28:88:be:0e:b8:4c:f7:04:
01:d2:cf:d1:db:9b:63:e7:32:5d:06:00:28:9d:19:
53:c8:2a:6e:dc:4d:c1:94:07:06:3b:2e:1f:62:bf:
4c:a9:60:4e:ed:c1:56:77:3c:08:10:6b:f8:dd:c6:
3b:12:7e:22:e5:0d:8a:e1:75:6f:85:2d:13:cd:62:
23:62:a5:10:b3:18:f4:3c:30:f5:2e:15:3f:b3:51:
1b:d4:c0:b1:b6:96:14:11:e7:cf:df:0c:01:28:5a:
82:b0:63:79:9f:70:0e:ef:3f:60:68:fb:62:80:9b:
70:37:5d:e5:95:4d:d7:1d:c0:28:ae:39:59:fb:64:
02:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:72:D8:65:22:F7:60:04:0D:76:47:C7:CC:D6:D6:28:E5:1B:92:1D
X509v3 Authority Key Identifier:
keyid:9D:6C:F6:89:D4:9A:F3:0A:17:B8:10:E7:F2:75:87:2F:D9:16:D8:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWz2idSa8woXuBDn8nWHL9kW2Fg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/znLYZSL3YAQNdkfHzNbWKOUbkh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/748359-eb6d-45f7-b5cb-4fd381b07f7d/1/nWz2idSa8woXuBDn8nWHL9kW2Fg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.28.0/22
193.9.28.0/24
IPv6:
2001:678:108::/48
Signature Algorithm: sha256WithRSAEncryption
3f:24:8d:9a:de:35:26:31:8a:4a:10:6e:a2:31:b0:5c:56:a1:
fa:ba:fe:42:19:93:9a:82:65:04:67:f7:be:52:d8:82:4a:e3:
9a:f1:7a:de:95:a9:d7:11:33:92:9b:f8:92:76:4e:fa:6b:1a:
b7:ff:fd:a9:f4:2d:33:e6:05:bf:38:e7:b5:e1:37:f3:c0:95:
63:ac:a3:ad:3e:69:ba:18:a5:25:2c:82:a7:b1:d1:15:7f:70:
c2:74:c2:ec:95:96:f1:4c:b6:ac:82:04:ea:5c:5d:4a:84:fe:
74:6f:25:11:07:f9:83:10:73:c6:1a:06:3f:6b:7a:8a:7c:77:
92:62:82:0d:78:84:74:88:fb:e0:74:d3:50:83:ea:e7:7c:42:
4d:d6:58:8a:bf:82:52:d0:16:9e:62:21:7c:db:d6:e7:b6:7b:
63:56:cf:8e:6d:35:2d:88:34:47:03:e5:89:06:36:2c:f8:ff:
aa:28:38:1c:38:77:1e:62:4e:d6:d7:08:62:b1:1a:9f:e0:31:
ec:c1:b6:f3:52:1c:c6:2d:71:98:22:fd:e1:d4:96:99:44:ff:
3a:03:33:e0:c6:a2:64:39:9a:c1:ba:3e:8a:6d:ef:4e:f0:be:
99:ce:51:7d:f4:25:ef:fd:6e:9b:d1:00:f6:f9:23:74:15:c9:
36:d1:6d:27
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDSWN8Sc5sNOFhREcYQR7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNmNmNjg5ZDQ5YWYzMGExN2I4MTBlN2YyNzU4NzJmZDkx
NmQ4NTgwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTcyZDg2NTIyZjc2MDA0MGQ3NjQ3YzdjY2Q2ZDYyOGU1MWI5MjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKjfkhjkeKtDdH0mI3gv41PvvqnN
cTjceJWqS/obegC5i8tnsSlNlzoW3ssU/GGyCaHo8OP3wXrRYAkT3l05b8eAk+wG
4KVJE1YTAvyVlSuP6kr4FasemYmgtKJK3hJC8t7wYCArFigTCHLqedAVrsK7YmbH
o282lFENgfYeKIi+DrhM9wQB0s/R25tj5zJdBgAonRlTyCpu3E3BlAcGOy4fYr9M
qWBO7cFWdzwIEGv43cY7En4i5Q2K4XVvhS0TzWIjYqUQsxj0PDD1LhU/s1Eb1MCx
tpYUEefP3wwBKFqCsGN5n3AO7z9gaPtigJtwN13llU3XHcAorjlZ+2QCwwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFM5y2GUi92AEDXZHx8zW1ijlG5IdMB8GA1UdIwQY
MBaAFJ1s9onUmvMKF7gQ5/J1hy/ZFthYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbld6MmlkU2E4d29YdUJEbjhuV0hMOWtXMkZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NDgzNTktZWI2ZC00NWY3LWI1Y2It
NGZkMzgxYjA3ZjdkLzEvem5MWVpTTDNZQVFOZGtmSHpOYldLT1Via2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NDgzNTktZWI2ZC00NWY3LWI1Y2ItNGZkMzgxYjA3Zjdk
LzEvbld6MmlkU2E4d29YdUJEbjhuV0hMOWtXMkZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW9scAwQA
wQkcMA8EAgACMAkDBwAgAQZ4AQgwDQYJKoZIhvcNAQELBQADggEBAD8kjZreNSYx
ikoQbqIxsFxWofq6/kIZk5qCZQRn975S2IJK45rxet6VqdcRM5Kb+JJ2TvprGrf/
/an0LTPmBb8457XhN/PAlWOso60+aboYpSUsgqex0RV/cMJ0wuyVlvFMtqyCBOpc
XUqE/nRvJREH+YMQc8YaBj9reop8d5Jigg14hHSI++B001CD6ud8Qk3WWIq/glLQ
Fp5iIXzb1ue2e2NWz45tNS2INEcD5YkGNiz4/6ooOBw4dx5iTtbXCGKxGp/gMezB
tvNSHMYtcZgi/eHUlplE/zoDM+DGomQ5msG6Popt707wvpnOUX30Je/9bpvRAPb5
I3QVyTbRbSc=
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:02:52 2024 by rpki-client on console-fra.rpki-client.org