Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/zuy_gXkZcS7QMxhHCD_0G78R3-U.roa
File: zuy_gXkZcS7QMxhHCD_0G78R3-U.roa (raw, json)
Hash identifier: QVqmJ1pRi/cyyhduPtehvtza7/8mc4Uyut3iUG5x7Qc=
Subject key identifier: CE:EC:BF:81:79:19:71:2E:D0:33:18:47:08:3F:F4:1B:BF:11:DF:E5
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E7F9660CDF738255D0CACAE2DAE4BA44E
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/zuy_gXkZcS7QMxhHCD_0G78R3-U.roa
Signing time: Wed 27 Mar 2024 11:05:45 +0000
ROA not before: Wed 27 Mar 2024 11:05:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12389
IP address blocks: 2.16.20.0/24 maxlen: 24
2.16.21.0/24 maxlen: 24
2.16.53.0/24 maxlen: 24
2.17.144.0/24 maxlen: 24
2.17.145.0/24 maxlen: 24
2.17.146.0/24 maxlen: 24
2.19.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:96:60:cd:f7:38:25:5d:0c:ac:ae:2d:ae:4b:a4:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 11:05:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceecbf817919712ed0331847083ff41bbf11dfe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e5:79:67:46:b4:c3:aa:54:9b:b6:8e:ab:31:
3f:b3:6f:3a:f5:fa:6e:dd:50:e4:e6:88:a7:0d:1b:
d1:72:d5:b2:40:e2:05:32:91:33:2a:40:15:c4:d3:
bf:5f:e0:df:3b:c3:a8:58:e8:1b:6a:7d:da:b4:67:
88:10:c9:5b:4d:f3:c6:47:20:4c:51:cf:ce:f5:eb:
6f:ae:f9:8e:de:7a:85:50:89:70:b2:7d:8a:59:66:
a3:51:9b:88:98:ff:e2:8d:84:3c:1d:fb:e0:3d:d3:
e5:f6:30:a7:eb:fb:e0:c4:e0:12:b5:4f:08:1f:6e:
42:a2:86:95:c8:33:17:92:66:29:1d:20:b7:46:48:
fe:a8:e6:4a:60:de:de:94:e0:0f:22:1c:06:21:2d:
87:bb:dd:bf:9c:87:b6:83:e1:18:de:65:90:e8:81:
e6:92:00:f1:8d:d9:f4:f5:e6:38:41:05:0a:82:52:
d0:4d:1a:21:3e:9c:6a:9b:9a:24:23:6a:c2:1d:fc:
97:23:60:22:bf:46:21:26:03:76:7e:d7:5b:55:68:
2b:3b:68:8f:cc:7a:cc:c8:c2:d7:cd:fe:d8:48:10:
ef:74:a0:43:9d:5e:04:f7:cc:27:c4:6a:31:3f:d6:
78:54:0f:f1:ea:07:47:1e:08:20:86:b4:53:15:a6:
b2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:EC:BF:81:79:19:71:2E:D0:33:18:47:08:3F:F4:1B:BF:11:DF:E5
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/zuy_gXkZcS7QMxhHCD_0G78R3-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.20.0/23
2.16.53.0/24
2.17.144.0-2.17.146.255
2.19.181.0/24
Signature Algorithm: sha256WithRSAEncryption
72:92:bb:e5:b3:05:c4:c8:ce:51:92:65:eb:76:c6:a8:26:f9:
ac:89:9b:b2:f4:c0:e7:16:af:37:1c:2c:45:8f:9b:1f:b3:4d:
fe:15:ac:59:9b:0c:11:a9:6e:f7:e4:a5:c1:3a:fe:ce:64:bc:
db:c3:79:17:d6:04:53:5a:d4:75:f7:25:54:fd:fb:4d:b9:27:
25:65:d2:a9:e8:74:b5:8e:57:1d:d4:0d:97:6a:90:03:34:74:
eb:dc:50:73:a4:3d:11:fb:51:fa:1e:cd:3a:96:e5:35:3a:8f:
ff:d5:0f:d3:6b:c4:53:1a:aa:44:ee:31:bb:ae:da:88:6a:4b:
39:75:d6:8e:c5:99:a6:ab:4e:35:82:40:1c:d1:37:9d:d2:12:
2b:00:3e:4b:d5:5b:e6:91:96:aa:20:c2:3c:18:09:c9:46:8b:
46:42:7a:ef:68:3c:a0:28:7a:a3:aa:6b:c7:3b:b1:41:82:28:
d0:3e:a0:97:c8:46:be:64:5a:41:93:96:59:d7:4d:55:e3:bc:
9c:50:bb:ce:75:e9:52:17:26:79:bb:75:76:d5:92:b0:77:41:
5c:31:0f:8b:40:97:d5:58:b0:6d:02:4d:c7:cf:8c:5c:e0:2b:
d4:96:10:ab:66:76:fe:d7:3f:73:e6:d6:ea:af:87:98:7e:24:
ef:43:2c:e0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY5/lmDN9zglXQysri2uS6ROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzI3MTEwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWVjYmY4MTc5MTk3MTJlZDAzMzE4NDcwODNmZjQxYmJmMTFkZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuV5Z0a0w6pUm7aOqzE/s2869fpu
3VDk5oinDRvRctWyQOIFMpEzKkAVxNO/X+DfO8OoWOgban3atGeIEMlbTfPGRyBM
Uc/O9etvrvmO3nqFUIlwsn2KWWajUZuImP/ijYQ8HfvgPdPl9jCn6/vgxOAStU8I
H25CooaVyDMXkmYpHSC3Rkj+qOZKYN7elOAPIhwGIS2Hu92/nIe2g+EY3mWQ6IHm
kgDxjdn09eY4QQUKglLQTRohPpxqm5okI2rCHfyXI2Aiv0YhJgN2ftdbVWgrO2iP
zHrMyMLXzf7YSBDvdKBDnV4E98wnxGoxP9Z4VA/x6gdHHggghrRTFaayfwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFM7sv4F5GXEu0DMYRwg/9Bu/Ed/lMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvenV5X2dYa1pjUzdRTXhoSENEXzBHNzhSMy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBAhAUAwQA
AhA1MAwDBAQCEZADBAACEZIDBAACE7UwDQYJKoZIhvcNAQELBQADggEBAHKSu+Wz
BcTIzlGSZet2xqgm+ayJm7L0wOcWrzccLEWPmx+zTf4VrFmbDBGpbvfkpcE6/s5k
vNvDeRfWBFNa1HX3JVT9+025JyVl0qnodLWOVx3UDZdqkAM0dOvcUHOkPRH7Ufoe
zTqW5TU6j//VD9NrxFMaqkTuMbuu2ohqSzl11o7FmaarTjWCQBzRN53SEisAPkvV
W+aRlqogwjwYCclGi0ZCeu9oPKAoeqOqa8c7sUGCKNA+oJfIRr5kWkGTllnXTVXj
vJxQu8516VIXJnm7dXbVkrB3QVwxD4tAl9VYsG0CTcfPjFzgK9SWEKtmdv7XP3Pm
1uqvh5h+JO9DLOA=
-----END CERTIFICATE-----
Generated at Sun May 19 14:17:24 2024 by rpki-client on console-fra.rpki-client.org