Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/a2FyqCsLjS5UVaaMA8vt4unxXbI.roa
File: a2FyqCsLjS5UVaaMA8vt4unxXbI.roa (raw, json)
Hash identifier: NVrcjTFT+Fm0aRleB1hCc6AcTLTj8qNvGE0aZysVGwQ=
Subject key identifier: 6B:61:72:A8:2B:0B:8D:2E:54:55:A6:8C:03:CB:ED:E2:E9:F1:5D:B2
Certificate issuer: /CN=64f873adb6a1f3e81b3343c74998947526c43dcf
Certificate serial: 018CC5DC77536EDA168CC1D107FAD3BC4B5D
Authority key identifier: 64:F8:73:AD:B6:A1:F3:E8:1B:33:43:C7:49:98:94:75:26:C4:3D:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPhzrbah8-gbM0PHSZiUdSbEPc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/a2FyqCsLjS5UVaaMA8vt4unxXbI.roa
Signing time: Mon 01 Jan 2024 16:30:09 +0000
ROA not before: Mon 01 Jan 2024 16:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61234
IP address blocks: 91.198.224.0/24 maxlen: 24
194.145.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/ZPhzrbah8-gbM0PHSZiUdSbEPc8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/ZPhzrbah8-gbM0PHSZiUdSbEPc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZPhzrbah8-gbM0PHSZiUdSbEPc8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 07:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:77:53:6e:da:16:8c:c1:d1:07:fa:d3:bc:4b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64f873adb6a1f3e81b3343c74998947526c43dcf
Validity
Not Before: Jan 1 16:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b6172a82b0b8d2e5455a68c03cbede2e9f15db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b9:91:ff:b8:44:0d:58:5e:f7:b0:ab:06:81:
39:f2:cd:be:95:11:53:5d:7c:12:06:4e:ab:fd:87:
bd:53:6d:0b:a9:b6:b7:33:2a:c4:1a:cb:62:4c:ed:
66:1e:ec:4a:78:db:08:43:6d:73:b8:84:ae:6c:49:
cc:b0:42:ce:70:a5:db:b5:db:67:0b:db:d5:54:09:
f1:33:d5:09:52:6f:fa:c4:67:e8:3d:88:53:33:bd:
36:4c:fa:3f:8c:bf:01:c5:33:25:10:13:f1:9b:0b:
21:59:2f:37:97:38:bf:12:31:d6:32:c0:bd:f9:50:
c5:5f:d1:b1:e3:91:f2:73:72:39:79:e6:b9:2e:a4:
5d:b3:0f:ef:31:23:9e:a2:62:ea:9b:6f:41:e9:89:
c8:d8:aa:27:d5:f2:b0:c6:9c:14:32:87:79:f2:0e:
60:f1:1c:e0:ee:18:5c:52:11:34:de:f1:7d:f2:68:
5a:a3:f4:35:bc:64:bd:8f:35:52:6f:f2:ad:68:4b:
29:58:17:7d:f7:f1:27:92:97:97:e8:0e:c0:43:de:
26:f9:b1:e8:7b:24:fa:44:93:ba:2f:ab:b1:d0:f2:
9e:b6:f3:a9:f7:98:96:55:3a:7b:34:bc:a0:a1:49:
ab:d3:08:3a:fb:34:41:3a:e3:29:41:0c:27:d7:0d:
bc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:61:72:A8:2B:0B:8D:2E:54:55:A6:8C:03:CB:ED:E2:E9:F1:5D:B2
X509v3 Authority Key Identifier:
keyid:64:F8:73:AD:B6:A1:F3:E8:1B:33:43:C7:49:98:94:75:26:C4:3D:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPhzrbah8-gbM0PHSZiUdSbEPc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/a2FyqCsLjS5UVaaMA8vt4unxXbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/ZPhzrbah8-gbM0PHSZiUdSbEPc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.224.0/24
194.145.224.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:e2:f1:2c:c7:d2:2e:24:94:29:a1:ef:09:d3:34:a3:c9:d3:
60:39:f5:94:7e:28:34:e4:f4:51:eb:ab:cf:36:68:76:e6:10:
17:ce:e5:05:30:cf:ae:93:b8:e7:01:5a:bc:73:85:00:88:da:
82:23:af:8d:3e:57:4e:93:b7:de:2d:4a:e6:aa:82:7d:00:f1:
2b:fc:9c:ce:f6:a4:91:3b:a6:38:1a:e6:ce:dc:74:0a:49:a9:
3f:8c:f0:01:3b:6c:59:b8:e1:22:e2:fd:af:79:2d:49:64:00:
ad:24:dd:12:09:71:c0:7e:3e:75:18:07:ab:e0:52:f8:21:6b:
4e:2b:0f:ef:59:aa:02:dd:da:46:6b:f1:f8:92:5f:1e:b4:13:
04:16:9a:3a:f1:3e:15:af:75:49:64:1f:4d:96:c9:ba:1d:6c:
3c:44:ac:d9:6d:52:6b:b2:97:40:36:6f:91:6b:f0:97:99:20:
01:4e:8d:0e:c0:b2:17:3c:ce:fd:f0:de:18:b2:32:14:f7:64:
10:6e:48:23:38:90:f5:83:95:44:56:94:93:52:9e:fa:0c:dc:
5d:0c:20:53:1f:0a:4e:77:6c:22:3d:28:02:4b:e7:f0:bc:81:
1a:ce:d7:61:f3:0f:aa:64:69:6d:7f:53:0c:9e:ff:b2:21:f2:
52:c0:7e:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3HdTbtoWjMHRB/rTvEtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Zjg3M2FkYjZhMWYzZTgxYjMzNDNjNzQ5OTg5NDc1MjZj
NDNkY2YwHhcNMjQwMTAxMTYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjYxNzJhODJiMGI4ZDJlNTQ1NWE2OGMwM2NiZWRlMmU5ZjE1ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLmR/7hEDVhe97CrBoE58s2+lRFT
XXwSBk6r/Ye9U20Lqba3MyrEGstiTO1mHuxKeNsIQ21zuISubEnMsELOcKXbtdtn
C9vVVAnxM9UJUm/6xGfoPYhTM702TPo/jL8BxTMlEBPxmwshWS83lzi/EjHWMsC9
+VDFX9Gx45Hyc3I5eea5LqRdsw/vMSOeomLqm29B6YnI2Kon1fKwxpwUMod58g5g
8Rzg7hhcUhE03vF98mhao/Q1vGS9jzVSb/KtaEspWBd99/EnkpeX6A7AQ94m+bHo
eyT6RJO6L6ux0PKetvOp95iWVTp7NLygoUmr0wg6+zRBOuMpQQwn1w28nQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGthcqgrC40uVFWmjAPL7eLp8V2yMB8GA1UdIwQY
MBaAFGT4c622ofPoGzNDx0mYlHUmxD3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBoenJiYWg4LWdiTTBQSFNaaVVkU2JFUGM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9iOWU0YzQtYTNkYy00NmU4LWFhM2Ut
Mzk3ZjM2YzkxOTgyLzEvYTJGeXFDc0xqUzVVVmFhTUE4dnQ0dW54WGJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9iOWU0YzQtYTNkYy00NmU4LWFhM2UtMzk3ZjM2YzkxOTgy
LzEvWlBoenJiYWg4LWdiTTBQSFNaaVVkU2JFUGM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8bgAwQA
wpHgMA0GCSqGSIb3DQEBCwUAA4IBAQBc4vEsx9IuJJQpoe8J0zSjydNgOfWUfig0
5PRR66vPNmh25hAXzuUFMM+uk7jnAVq8c4UAiNqCI6+NPldOk7feLUrmqoJ9APEr
/JzO9qSRO6Y4GubO3HQKSak/jPABO2xZuOEi4v2veS1JZACtJN0SCXHAfj51GAer
4FL4IWtOKw/vWaoC3dpGa/H4kl8etBMEFpo68T4Vr3VJZB9Nlsm6HWw8RKzZbVJr
spdANm+Ra/CXmSABTo0OwLIXPM798N4YsjIU92QQbkgjOJD1g5VEVpSTUp76DNxd
DCBTHwpOd2wiPSgCS+fwvIEaztdh8w+qZGltf1MMnv+yIfJSwH5v
-----END CERTIFICATE-----
Generated at Tue Nov 26 13:12:29 2024 by rpki-client on console-fra.rpki-client.org