Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/_ZeURdZ_Cnu61RG7l0IHAmAyiSc.roa
File: _ZeURdZ_Cnu61RG7l0IHAmAyiSc.roa (raw, json)
Hash identifier: DjrSA/+wvmiJYvWWi+flE9/3ebWGfoasJlXKS2i8FdM=
Subject key identifier: FD:97:94:45:D6:7F:0A:7B:BA:D5:11:BB:97:42:07:02:60:32:89:27
Certificate issuer: /CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Certificate serial: 018CC56DFA9270C5BF9DD0C43C48D1BF5F9A
Authority key identifier: 9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/_ZeURdZ_Cnu61RG7l0IHAmAyiSc.roa
Signing time: Mon 01 Jan 2024 14:29:28 +0000
ROA not before: Mon 01 Jan 2024 14:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44696
IP address blocks: 85.202.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/mnuajNgZ9KkgM01-cuwjQIcNd0k.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/mnuajNgZ9KkgM01-cuwjQIcNd0k.mft
rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fa:92:70:c5:bf:9d:d0:c4:3c:48:d1:bf:5f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Validity
Not Before: Jan 1 14:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd979445d67f0a7bbad511bb9742070260328927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:87:d7:8d:02:40:2d:27:a9:e0:d3:c0:1d:54:
d0:1d:3c:08:9b:57:0b:4a:0f:c6:2c:ce:75:75:b6:
f1:29:c7:3c:45:b5:33:ba:a7:5d:19:4e:e5:de:7b:
0a:22:00:9b:ed:5f:3a:f4:90:14:2f:a3:9f:76:36:
37:35:88:72:f2:f6:a2:19:7b:e9:37:5b:39:6f:10:
82:1b:04:75:55:ff:7c:9d:7e:f7:08:f4:8c:da:c1:
36:6e:55:c8:92:1c:e0:96:09:f5:4d:db:e2:ed:6b:
68:55:2a:81:6f:f4:37:58:8b:14:d7:13:83:45:27:
d7:62:f3:98:92:aa:51:ae:70:01:55:2a:f9:ab:85:
25:fe:e6:48:57:fe:65:03:a4:2b:cc:c7:16:83:ec:
2b:05:9d:14:c3:b9:b6:c8:cc:3b:64:39:73:83:ae:
af:8a:d1:16:9c:59:f1:fb:22:a3:7f:16:98:a0:67:
02:57:db:80:d5:68:d3:d5:ee:73:f4:06:75:ee:c5:
e7:fa:e4:55:1b:3c:05:e1:bd:1a:d5:47:d2:4a:e6:
38:fe:74:ad:fd:2e:95:a2:f5:13:b8:d1:4d:bb:d1:
f0:a0:6e:16:44:03:f3:01:bc:8f:35:2d:52:e1:4b:
d1:56:a2:e5:9c:6c:e6:62:ec:a0:95:61:ac:26:c7:
e5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:97:94:45:D6:7F:0A:7B:BA:D5:11:BB:97:42:07:02:60:32:89:27
X509v3 Authority Key Identifier:
keyid:9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/_ZeURdZ_Cnu61RG7l0IHAmAyiSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/mnuajNgZ9KkgM01-cuwjQIcNd0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.240.0/20
Signature Algorithm: sha256WithRSAEncryption
6f:11:ed:c6:fb:f1:74:7c:8a:4e:9d:81:2a:c2:1f:b3:51:19:
8f:ec:79:e6:72:b7:38:63:13:82:bb:42:34:93:26:42:94:57:
bd:44:ee:ef:97:f9:27:4c:d7:6e:68:e0:89:98:7a:5c:e8:a6:
20:c1:11:14:21:be:4d:fb:4f:9d:9a:2c:d7:32:fe:92:cd:2a:
b2:f5:83:f0:c3:c3:b1:ad:74:5c:53:b1:28:6d:5b:4b:20:12:
e3:d6:e5:66:da:c7:28:09:5e:53:fd:cb:40:c1:42:ad:02:49:
a1:0a:64:d1:23:f0:a7:c1:9d:53:5b:19:02:15:44:d4:da:29:
4f:3f:9c:46:93:93:17:78:d5:9f:97:d5:28:8d:d2:1a:1c:20:
23:ec:7d:d6:2f:eb:5f:8e:15:6e:03:4e:72:26:11:00:d4:07:
ca:3b:ff:2b:5a:f3:08:69:97:16:a0:6a:89:62:e4:c3:f8:9c:
2d:f4:b9:8d:ce:92:cb:f7:5d:6c:3a:9a:89:b2:f9:97:c0:ba:
02:8c:ff:11:1c:87:79:2a:ad:c6:dc:0f:5f:81:5b:93:f7:7c:
70:69:62:a4:38:cf:de:5c:68:45:55:71:8c:f1:1d:51:78:0b:
e5:6b:1b:73:98:b9:fd:d3:e2:cc:9a:7c:86:cc:7c:25:38:3c:
97:7f:22:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbfqScMW/ndDEPEjRv1+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhN2I5YThjZDgxOWY0YTkyMDMzNGQ3ZTcyZWMyMzQwODcw
ZDc3NDkwHhcNMjQwMTAxMTQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDk3OTQ0NWQ2N2YwYTdiYmFkNTExYmI5NzQyMDcwMjYwMzI4OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYfXjQJALSep4NPAHVTQHTwIm1cL
Sg/GLM51dbbxKcc8RbUzuqddGU7l3nsKIgCb7V869JAUL6OfdjY3NYhy8vaiGXvp
N1s5bxCCGwR1Vf98nX73CPSM2sE2blXIkhzglgn1Tdvi7WtoVSqBb/Q3WIsU1xOD
RSfXYvOYkqpRrnABVSr5q4Ul/uZIV/5lA6QrzMcWg+wrBZ0Uw7m2yMw7ZDlzg66v
itEWnFnx+yKjfxaYoGcCV9uA1WjT1e5z9AZ17sXn+uRVGzwF4b0a1UfSSuY4/nSt
/S6VovUTuNFNu9HwoG4WRAPzAbyPNS1S4UvRVqLlnGzmYuyglWGsJsflvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2XlEXWfwp7utURu5dCBwJgMoknMB8GA1UdIwQY
MBaAFJp7mozYGfSpIDNNfnLsI0CHDXdJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYt
MjFmYWYxNDRjYjYyLzEvX1plVVJkWl9DbnU2MVJHN2wwSUhBbUF5aVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYtMjFmYWYxNDRjYjYy
LzEvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEVcrwMA0G
CSqGSIb3DQEBCwUAA4IBAQBvEe3G+/F0fIpOnYEqwh+zURmP7Hnmcrc4YxOCu0I0
kyZClFe9RO7vl/knTNduaOCJmHpc6KYgwREUIb5N+0+dmizXMv6SzSqy9YPww8Ox
rXRcU7EobVtLIBLj1uVm2scoCV5T/ctAwUKtAkmhCmTRI/CnwZ1TWxkCFUTU2ilP
P5xGk5MXeNWfl9UojdIaHCAj7H3WL+tfjhVuA05yJhEA1AfKO/8rWvMIaZcWoGqJ
YuTD+Jwt9LmNzpLL911sOpqJsvmXwLoCjP8RHId5Kq3G3A9fgVuT93xwaWKkOM/e
XGhFVXGM8R1ReAvlaxtzmLn90+LMmnyGzHwlODyXfyJ+
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:48:44 2024 by rpki-client on console-fra.rpki-client.org