Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/ZufIpc7G6i1yaL3-5k4QZrH_ph0.roa
File: ZufIpc7G6i1yaL3-5k4QZrH_ph0.roa (raw, json)
Hash identifier: qbpJ6bh7yEDQoqQeaTJ4ekYqK3GZH52c16k3SYjk8g8=
Subject key identifier: 66:E7:C8:A5:CE:C6:EA:2D:72:68:BD:FE:E6:4E:10:66:B1:FF:A6:1D
Certificate issuer: /CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Certificate serial: 018CC3495EFE5EBC32339BEC560FF60AC40F
Authority key identifier: 2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/ZufIpc7G6i1yaL3-5k4QZrH_ph0.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51200
IP address blocks: 92.241.15.0/24 maxlen: 24
92.241.17.0/24 maxlen: 24
92.241.19.0/24 maxlen: 24
92.241.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5e:fe:5e:bc:32:33:9b:ec:56:0f:f6:0a:c4:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66e7c8a5cec6ea2d7268bdfee64e1066b1ffa61d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ab:1c:48:9d:5c:b6:1f:91:ff:02:84:f7:2f:
0f:ff:26:e8:15:92:c0:33:8b:fd:4f:6a:c0:0d:71:
82:0d:13:42:c0:08:44:c6:2b:2d:0a:5c:01:9a:53:
5a:7d:86:a7:9e:36:ad:42:ae:e6:de:2f:66:5c:90:
ed:21:10:fe:8a:e5:50:d8:a4:c7:ea:c8:26:5a:53:
82:26:ce:b8:bf:46:e6:29:4a:19:62:42:a0:2d:91:
d9:e5:08:9b:12:3d:40:78:77:34:ff:b1:45:7c:19:
ed:66:60:cb:19:45:c1:ac:06:55:e8:31:a7:19:60:
9a:3b:45:93:3e:a9:90:3a:2f:b5:97:2f:0a:82:71:
3e:88:e9:5c:7d:69:86:d4:6e:e7:87:a2:43:6d:3d:
c2:ff:20:4a:97:5d:62:19:3f:1c:b9:f0:d2:2e:94:
64:23:a2:18:9e:cf:d6:75:d8:5d:9e:1b:13:00:8e:
57:3d:7b:67:ff:51:cd:e2:aa:7e:cf:8b:e0:47:00:
1d:2c:fd:c3:36:cf:2a:42:3a:a7:49:63:7b:16:d2:
f5:fc:b4:bb:cb:3f:91:1b:34:90:df:44:c4:63:d5:
65:a3:4c:75:45:12:83:ce:d6:52:f8:5d:12:06:3a:
8b:e9:59:2f:61:b5:84:13:2c:c2:50:d9:59:1b:e2:
b5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E7:C8:A5:CE:C6:EA:2D:72:68:BD:FE:E6:4E:10:66:B1:FF:A6:1D
X509v3 Authority Key Identifier:
keyid:2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/ZufIpc7G6i1yaL3-5k4QZrH_ph0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.241.15.0/24
92.241.17.0/24
92.241.19.0-92.241.20.255
Signature Algorithm: sha256WithRSAEncryption
19:81:29:5d:9d:c9:de:1b:f4:aa:6e:50:02:10:3e:5f:96:de:
43:ff:18:14:1f:71:b5:4d:63:13:75:f8:26:a9:c1:ee:c6:aa:
77:9b:fb:e2:69:2b:3d:5d:54:57:52:3c:c2:d8:99:e2:49:d4:
6b:d3:3e:c2:6f:ac:41:f8:60:d9:47:fa:c9:3b:c8:23:62:d0:
df:7f:4b:2f:95:ef:25:9b:80:59:fb:4e:fe:d2:42:ad:25:27:
03:46:10:42:27:d9:41:b8:dd:a8:08:76:5e:05:c8:18:b7:ce:
ba:c5:8b:92:8a:72:6e:26:d6:8e:e6:77:10:2b:f8:5e:8c:78:
54:73:c7:a7:41:90:23:cc:13:7e:01:42:da:b7:1e:8b:56:1e:
53:52:dd:ca:1b:ad:14:79:14:50:00:05:c9:38:63:66:e1:c3:
bf:d4:f2:1c:9d:f9:dd:e5:d7:fb:21:51:a5:f0:cc:8c:88:de:
6e:4e:ad:d2:c4:8f:44:c7:ad:43:17:4d:ee:40:16:37:c1:ec:
87:fc:c1:56:b9:d3:94:7d:ee:3e:b5:44:d0:04:89:f3:92:1d:
d2:d8:bf:5b:9a:0f:3b:41:a3:bb:bf:60:5b:60:df:d3:50:e7:
40:03:1c:e8:ff:f4:d5:0a:bc:11:3e:a8:df:40:15:61:83:ed:
96:0a:83:44
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzDSV7+XrwyM5vsVg/2CsQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZWVjNTIzMWQyMTJiMzEwNTc5ZDc4ZmM0MTQ3OWNhNmVj
MmFhMDcwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmU3YzhhNWNlYzZlYTJkNzI2OGJkZmVlNjRlMTA2NmIxZmZhNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6scSJ1cth+R/wKE9y8P/yboFZLA
M4v9T2rADXGCDRNCwAhExistClwBmlNafYannjatQq7m3i9mXJDtIRD+iuVQ2KTH
6sgmWlOCJs64v0bmKUoZYkKgLZHZ5QibEj1AeHc0/7FFfBntZmDLGUXBrAZV6DGn
GWCaO0WTPqmQOi+1ly8KgnE+iOlcfWmG1G7nh6JDbT3C/yBKl11iGT8cufDSLpRk
I6IYns/WddhdnhsTAI5XPXtn/1HN4qp+z4vgRwAdLP3DNs8qQjqnSWN7FtL1/LS7
yz+RGzSQ30TEY9Vlo0x1RRKDztZS+F0SBjqL6VkvYbWEEyzCUNlZG+K1wQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGbnyKXOxuotcmi9/uZOEGax/6YdMB8GA1UdIwQY
MBaAFC7uxSMdISsxBXnXj8QUecpuwqoHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDIt
MjcxYTk1NzZlYWU3LzEvWnVmSXBjN0c2aTF5YUwzLTVrNFFackhfcGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDItMjcxYTk1NzZlYWU3
LzEvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAXPEPAwQA
XPERMAwDBABc8RMDBABc8RQwDQYJKoZIhvcNAQELBQADggEBABmBKV2dyd4b9Kpu
UAIQPl+W3kP/GBQfcbVNYxN1+Capwe7Gqneb++JpKz1dVFdSPMLYmeJJ1GvTPsJv
rEH4YNlH+sk7yCNi0N9/Sy+V7yWbgFn7Tv7SQq0lJwNGEEIn2UG43agIdl4FyBi3
zrrFi5KKcm4m1o7mdxAr+F6MeFRzx6dBkCPME34BQtq3HotWHlNS3cobrRR5FFAA
Bck4Y2bhw7/U8hyd+d3l1/shUaXwzIyI3m5OrdLEj0THrUMXTe5AFjfB7If8wVa5
05R97j61RNAEifOSHdLYv1uaDztBo7u/YFtg39NQ50ADHOj/9NUKvBE+qN9AFWGD
7ZYKg0Q=
-----END CERTIFICATE-----
Generated at Sat Nov 23 17:11:56 2024 by rpki-client on console-ams.rpki-client.org