Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/vTYNJoTcnTJqP0iw1rGNixm2bZg.roa
File: vTYNJoTcnTJqP0iw1rGNixm2bZg.roa (raw, json)
Hash identifier: U8Oo3iIh/rFa8f6xJeNo5TkneUv4eMXMFP0y2KJUshg=
Subject key identifier: BD:36:0D:26:84:DC:9D:32:6A:3F:48:B0:D6:B1:8D:8B:19:B6:6D:98
Certificate issuer: /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial: 018D8EDDC7CFBAC58B8F999127F3CCEE55D7
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/vTYNJoTcnTJqP0iw1rGNixm2bZg.roa
Signing time: Fri 09 Feb 2024 17:15:15 +0000
ROA not before: Fri 09 Feb 2024 17:15:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204582
IP address blocks: 45.144.44.0/29 maxlen: 29
45.144.44.0/30 maxlen: 30
2a0e:eac0:2000::/44 maxlen: 44
2a0e:eac0:2010::/44 maxlen: 44
2a0e:eac0:2100::/44 maxlen: 44
2a0e:eac0:2101::/48 maxlen: 48
2a0e:eac0:2110::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:dd:c7:cf:ba:c5:8b:8f:99:91:27:f3:cc:ee:55:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Validity
Not Before: Feb 9 17:15:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd360d2684dc9d326a3f48b0d6b18d8b19b66d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:84:ca:7d:31:38:4a:38:e1:65:88:d2:e5:b4:
49:32:58:b5:1a:b8:16:72:91:56:e6:01:71:af:69:
39:91:68:e9:90:23:27:f2:8f:a4:90:e8:3e:6e:34:
74:35:18:2c:10:ac:bf:7b:f9:85:19:9f:e7:36:5d:
61:e2:b6:34:35:1b:35:c8:a6:0e:a6:16:31:d3:a3:
02:23:23:10:1a:27:34:93:98:41:3e:d5:70:30:f1:
ea:fb:76:a1:bc:9d:4c:d8:9b:26:d7:a8:37:81:d1:
2a:9c:19:31:40:17:ee:04:10:0b:db:35:c1:07:8c:
d6:b1:3e:9a:a3:f2:b7:17:b6:fe:b5:3d:fe:08:b5:
8c:0f:07:26:89:b0:4a:4f:af:9f:ee:ae:ff:ee:0b:
f0:3b:21:00:2b:79:94:eb:61:8c:d3:41:c8:d5:24:
af:6e:d9:b7:81:47:8c:9f:c5:10:6b:16:00:60:2d:
4c:ea:54:35:7f:eb:b4:f0:70:c5:e5:bd:24:28:08:
57:32:00:19:bd:cb:0a:8a:b3:82:18:1f:8a:4f:ee:
40:70:27:a7:73:16:b6:11:e5:30:c8:2b:54:d0:71:
21:a9:9a:2d:b8:3f:ef:76:4a:7d:de:59:2b:50:10:
17:d9:2c:ed:4e:13:b3:3c:9d:c2:2c:4f:80:c6:95:
c5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:36:0D:26:84:DC:9D:32:6A:3F:48:B0:D6:B1:8D:8B:19:B6:6D:98
X509v3 Authority Key Identifier:
keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/vTYNJoTcnTJqP0iw1rGNixm2bZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.44.0/29
IPv6:
2a0e:eac0:2000::/43
2a0e:eac0:2100::/43
Signature Algorithm: sha256WithRSAEncryption
38:52:ec:19:b1:06:d2:ba:b7:b2:71:4e:6c:f6:66:8a:b8:c7:
7c:10:6c:44:72:a4:e9:01:55:fc:b2:27:eb:f7:e5:ae:6b:29:
53:f7:ca:7c:08:53:7e:a1:1c:53:f0:57:8f:ac:7b:7d:92:d1:
e7:bf:5d:8b:61:f4:9b:34:e6:55:65:30:ad:67:24:8d:6e:a1:
f9:67:4b:20:97:a1:4f:44:81:ef:8b:19:fd:8d:5a:49:ac:a2:
ce:f1:85:55:3c:7c:cd:2b:e2:2a:a5:98:b3:ca:5d:05:93:53:
a3:18:4b:f4:c5:9c:2c:44:59:9a:a6:5c:32:d1:10:39:c5:7c:
e1:40:44:7c:d0:21:cb:d8:39:07:34:1d:01:37:88:75:1f:eb:
f8:60:67:c6:15:10:69:c4:f2:33:6e:58:6f:37:2f:b4:c6:c8:
0a:81:7c:d7:0f:6b:3d:7a:7d:0f:f1:6a:c4:42:81:e8:40:10:
2a:30:82:df:ad:b8:63:a1:ee:4b:78:29:5a:49:da:4e:6b:ce:
e3:d6:d6:b6:21:aa:f2:b5:7b:2e:62:d8:ee:1f:ce:34:19:3c:
46:7d:12:ba:6d:68:50:77:a0:33:30:15:6c:69:f2:fe:70:44:
0d:a5:1d:e9:72:11:26:f2:b6:3c:9c:59:2b:02:07:6e:06:e6:
1b:bc:4b:6a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY2O3cfPusWLj5mRJ/PM7lXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmQ3ZTUxOTFmODFmZjBhMTlmMTAyYjE3MThhYjRmOWUw
ZWEzYTAwHhcNMjQwMjA5MTcxNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDM2MGQyNjg0ZGM5ZDMyNmEzZjQ4YjBkNmIxOGQ4YjE5YjY2ZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoTKfTE4SjjhZYjS5bRJMli1GrgW
cpFW5gFxr2k5kWjpkCMn8o+kkOg+bjR0NRgsEKy/e/mFGZ/nNl1h4rY0NRs1yKYO
phYx06MCIyMQGic0k5hBPtVwMPHq+3ahvJ1M2Jsm16g3gdEqnBkxQBfuBBAL2zXB
B4zWsT6ao/K3F7b+tT3+CLWMDwcmibBKT6+f7q7/7gvwOyEAK3mU62GM00HI1SSv
btm3gUeMn8UQaxYAYC1M6lQ1f+u08HDF5b0kKAhXMgAZvcsKirOCGB+KT+5AcCen
cxa2EeUwyCtU0HEhqZotuD/vdkp93lkrUBAX2SztThOzPJ3CLE+AxpXFXQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL02DSaE3J0yaj9IsNaxjYsZtm2YMB8GA1UdIwQY
MBaAFCttflGR+B/woZ8QKxcYq0+eDqOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAt
MDBjYTMxMjZiM2ZlLzEvdlRZTkpvVGNuVEpxUDBpdzFyR05peG0yYlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAtMDBjYTMxMjZiM2Zl
LzEvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTANBAIAATAHAwUDLZAsADAY
BAIAAjASAwcFKg7qwCAAAwcFKg7qwCEAMA0GCSqGSIb3DQEBCwUAA4IBAQA4UuwZ
sQbSureycU5s9maKuMd8EGxEcqTpAVX8sifr9+WuaylT98p8CFN+oRxT8FePrHt9
ktHnv12LYfSbNOZVZTCtZySNbqH5Z0sgl6FPRIHvixn9jVpJrKLO8YVVPHzNK+Iq
pZizyl0Fk1OjGEv0xZwsRFmaplwy0RA5xXzhQER80CHL2DkHNB0BN4h1H+v4YGfG
FRBpxPIzblhvNy+0xsgKgXzXD2s9en0P8WrEQoHoQBAqMILfrbhjoe5LeClaSdpO
a87j1ta2IarytXsuYtjuH840GTxGfRK6bWhQd6AzMBVsafL+cEQNpR3pchEm8rY8
nFkrAgduBuYbvEtq
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:24:00 2024 by rpki-client on console-fra.rpki-client.org