Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/9x-t3vfSWd2gTffxD8u6_zboAMk.roa
File: 9x-t3vfSWd2gTffxD8u6_zboAMk.roa (raw, json)
Hash identifier: wqFOy7SfmKCxQuJRhOTvWvWfG57wvdb+pa58/m4+kIY=
Subject key identifier: F7:1F:AD:DE:F7:D2:59:DD:A0:4D:F7:F1:0F:CB:BA:FF:36:E8:00:C9
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 018CC801548DCAAD7E8E41C295080E654EC7
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/9x-t3vfSWd2gTffxD8u6_zboAMk.roa
Signing time: Tue 02 Jan 2024 02:29:39 +0000
ROA not before: Tue 02 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17650
IP address blocks: 57.100.0.0/21 maxlen: 24
57.68.248.0/21 maxlen: 24
57.100.64.0/21 maxlen: 24
57.100.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.mft
rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 11:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:54:8d:ca:ad:7e:8e:41:c2:95:08:0e:65:4e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 2 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f71faddef7d259dda04df7f10fcbbaff36e800c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:90:cc:5d:57:3d:a6:1e:d8:54:68:e7:f2:c0:
0f:41:c7:4b:2e:dd:cd:56:dd:35:51:e9:b4:0a:10:
1a:62:e8:cc:b8:cf:37:07:8e:db:54:f2:3f:d9:0a:
9d:c0:7b:07:ec:de:9b:ea:24:05:d7:3c:7d:6c:d7:
39:fe:cd:e5:40:d0:9b:91:97:b2:b8:b4:07:a1:8e:
67:0a:95:10:87:fe:e0:e4:a9:05:9e:49:f1:4c:82:
62:ca:1d:43:1d:1f:95:06:3f:4a:e6:e5:c1:18:98:
a7:42:b1:2a:30:b2:fb:5a:6f:61:cb:15:03:ff:af:
47:10:9d:fc:bc:1d:1b:6c:8d:a8:1d:a3:9f:4f:3f:
ee:ea:a1:5b:83:28:62:8f:82:16:24:22:98:8e:b0:
f1:73:d1:91:09:07:90:d7:dd:4a:ab:3a:0d:45:e9:
be:00:a0:46:e4:40:ed:9d:63:f1:6e:8c:a0:4c:c2:
ee:11:84:a3:ca:e7:8c:6d:56:8a:70:ff:99:eb:14:
6b:e6:76:ff:73:89:27:2f:c6:51:c7:71:d5:9a:59:
c9:2a:73:e7:4f:b3:03:82:3f:f9:fa:3f:79:fd:bc:
79:81:cc:85:30:5d:32:b1:04:28:ca:8b:a1:80:a0:
b0:7c:b1:2e:66:8c:f4:b0:11:4d:3a:d0:62:85:3c:
0e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:1F:AD:DE:F7:D2:59:DD:A0:4D:F7:F1:0F:CB:BA:FF:36:E8:00:C9
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/9x-t3vfSWd2gTffxD8u6_zboAMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.68.248.0/21
57.100.0.0/21
57.100.64.0/21
57.100.96.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:5f:4e:14:5a:0c:51:d1:eb:d6:de:f9:88:e4:36:a5:c1:fb:
f3:4b:50:19:2e:ef:27:0a:9a:ea:6b:45:88:84:77:ac:bf:1e:
f3:c9:06:fe:a9:1e:15:0e:41:f1:11:d7:9d:04:c2:e3:c0:20:
96:53:64:6f:8f:dc:13:0d:9b:56:04:6b:8d:99:b2:7b:b7:7a:
df:38:77:bf:33:01:f0:9b:38:e1:c9:42:8b:ab:a1:1d:59:ae:
e4:62:60:03:10:96:d9:31:13:78:fd:fc:01:c5:36:b7:36:24:
fa:e6:ed:53:5b:e5:88:f8:a1:49:ca:73:7d:47:c2:95:fb:c8:
6d:ce:99:48:7a:63:0b:8c:76:30:71:ef:82:bd:f5:bd:67:c0:
2d:93:99:d8:09:3d:0e:5e:ee:99:36:03:6e:12:67:51:b9:ad:
0e:ac:3a:38:3b:42:aa:ae:84:52:a4:38:a9:d7:27:2c:76:90:
86:3d:6b:f8:2e:50:46:79:97:0f:93:08:36:eb:39:22:b6:85:
47:7c:da:2e:de:27:de:90:10:6a:e3:fa:d2:6d:f5:5b:07:65:
c4:0e:8e:c2:b4:cf:3e:fb:9f:18:b5:3a:f2:f7:49:6d:6f:80:
57:02:b9:b6:5c:55:0e:d1:89:15:d5:ec:67:ad:df:0e:67:e0:
91:8a:2d:99
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAVSNyq1+jkHClQgOZU7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjQwMTAyMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzFmYWRkZWY3ZDI1OWRkYTA0ZGY3ZjEwZmNiYmFmZjM2ZTgwMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZDMXVc9ph7YVGjn8sAPQcdLLt3N
Vt01Uem0ChAaYujMuM83B47bVPI/2QqdwHsH7N6b6iQF1zx9bNc5/s3lQNCbkZey
uLQHoY5nCpUQh/7g5KkFnknxTIJiyh1DHR+VBj9K5uXBGJinQrEqMLL7Wm9hyxUD
/69HEJ38vB0bbI2oHaOfTz/u6qFbgyhij4IWJCKYjrDxc9GRCQeQ191KqzoNRem+
AKBG5EDtnWPxboygTMLuEYSjyueMbVaKcP+Z6xRr5nb/c4knL8ZRx3HVmlnJKnPn
T7MDgj/5+j95/bx5gcyFMF0ysQQoyouhgKCwfLEuZoz0sBFNOtBihTwO9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPcfrd730lndoE338Q/Luv826ADJMB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvOXgtdDN2ZlNXZDJnVGZmeEQ4dTZfemJvQU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDOUT4AwQD
OWQAAwQDOWRAAwQDOWRgMA0GCSqGSIb3DQEBCwUAA4IBAQAdX04UWgxR0evW3vmI
5DalwfvzS1AZLu8nCprqa0WIhHesvx7zyQb+qR4VDkHxEdedBMLjwCCWU2Rvj9wT
DZtWBGuNmbJ7t3rfOHe/MwHwmzjhyUKLq6EdWa7kYmADEJbZMRN4/fwBxTa3NiT6
5u1TW+WI+KFJynN9R8KV+8htzplIemMLjHYwce+CvfW9Z8Atk5nYCT0OXu6ZNgNu
EmdRua0OrDo4O0KqroRSpDip1ycsdpCGPWv4LlBGeZcPkwg26zkitoVHfNou3ife
kBBq4/rSbfVbB2XEDo7CtM8++58YtTry90ltb4BXArm2XFUO0YkV1exnrd8OZ+CR
ii2Z
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:34:51 2024 by rpki-client on console-ams.rpki-client.org