Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/6b4023-adef-4e4d-8cf6-32669737c517/1/ZadXmpcwizt6YUTZbfn34lXbwvw.roa
File: ZadXmpcwizt6YUTZbfn34lXbwvw.roa (raw, json)
Hash identifier: X1mZi6oW1yi+ZFN8GF2A1pWee8MgDZkWAnva9pqaT4E=
Subject key identifier: 65:A7:57:9A:97:30:8B:3B:7A:61:44:D9:6D:F9:F7:E2:55:DB:C2:FC
Certificate issuer: /CN=1b534d47ad8db5894a5fc9342e4558f94e4f17f1
Certificate serial: 018CC5DC0E1F5C50CA77CA7C08337AA9B80F
Authority key identifier: 1B:53:4D:47:AD:8D:B5:89:4A:5F:C9:34:2E:45:58:F9:4E:4F:17:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G1NNR62NtYlKX8k0LkVY-U5PF_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/6b4023-adef-4e4d-8cf6-32669737c517/1/ZadXmpcwizt6YUTZbfn34lXbwvw.roa
Signing time: Mon 01 Jan 2024 16:29:42 +0000
ROA not before: Mon 01 Jan 2024 16:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15576
IP address blocks: 194.176.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/6b4023-adef-4e4d-8cf6-32669737c517/1/G1NNR62NtYlKX8k0LkVY-U5PF_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/6b4023-adef-4e4d-8cf6-32669737c517/1/G1NNR62NtYlKX8k0LkVY-U5PF_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/G1NNR62NtYlKX8k0LkVY-U5PF_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 22:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0e:1f:5c:50:ca:77:ca:7c:08:33:7a:a9:b8:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b534d47ad8db5894a5fc9342e4558f94e4f17f1
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65a7579a97308b3b7a6144d96df9f7e255dbc2fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:25:d9:2f:5b:63:6e:41:b6:9f:41:e8:68:3f:
4a:c9:9b:37:5c:0a:21:0a:53:79:12:44:0a:d4:d1:
60:2c:a4:1a:4b:3d:56:c3:bf:8a:0b:79:e9:8b:b0:
7b:24:49:0f:21:4c:74:b6:e9:a3:18:c9:46:ad:d0:
cf:a8:82:16:48:9f:00:a8:74:15:8c:63:1f:1b:f9:
c5:e6:b4:31:1f:db:3a:a1:11:06:4d:ed:30:0a:d7:
4a:64:19:23:4a:01:0f:5c:d4:80:58:75:d3:81:09:
8d:a6:0e:f8:03:a3:56:ff:c3:44:cf:28:13:18:82:
86:9c:fe:91:10:ad:36:91:4c:ce:d2:d4:43:ab:57:
ad:1f:c2:ef:c6:1d:a1:cb:ab:2a:9d:8d:95:32:27:
48:bd:16:32:71:a0:d4:0d:54:c2:17:45:6f:03:ca:
1e:db:76:ad:45:e2:cc:d5:d6:2e:4b:55:b5:cb:df:
90:f5:28:fe:d4:aa:16:bb:48:95:01:39:3f:dc:68:
bb:f6:63:08:85:da:15:ab:fc:7e:3d:28:29:e4:03:
50:de:5b:47:6b:22:b8:8d:d9:37:80:aa:d7:98:9c:
4a:fc:ff:f4:fc:09:48:74:06:12:05:58:e4:6e:2f:
e5:99:41:93:7a:8b:d7:b3:d8:31:9c:d7:57:79:6f:
67:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A7:57:9A:97:30:8B:3B:7A:61:44:D9:6D:F9:F7:E2:55:DB:C2:FC
X509v3 Authority Key Identifier:
keyid:1B:53:4D:47:AD:8D:B5:89:4A:5F:C9:34:2E:45:58:F9:4E:4F:17:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G1NNR62NtYlKX8k0LkVY-U5PF_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/6b4023-adef-4e4d-8cf6-32669737c517/1/ZadXmpcwizt6YUTZbfn34lXbwvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/6b4023-adef-4e4d-8cf6-32669737c517/1/G1NNR62NtYlKX8k0LkVY-U5PF_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.176.116.0/24
Signature Algorithm: sha256WithRSAEncryption
75:b6:48:f8:3c:4a:fb:32:b3:b3:a7:0c:cb:19:b8:d5:77:e0:
b7:53:40:c0:be:61:3b:9e:9b:66:88:91:10:8c:0f:2a:c8:73:
4c:90:14:01:c7:2f:0f:51:e0:e2:5e:50:0e:22:11:08:6c:bd:
3a:86:66:a5:b0:2a:32:c4:7a:db:b2:1a:d0:d3:57:a6:c4:61:
7d:d5:3a:88:a7:99:51:a9:59:f1:81:69:79:e7:c2:42:2a:de:
06:ab:28:19:de:87:8c:d0:a5:56:26:e5:60:69:b8:fc:2e:63:
4c:3e:60:77:41:ca:e9:ef:9c:9e:6d:fc:fd:67:80:d1:c0:5b:
4e:64:ca:f9:21:6e:07:1c:33:41:23:9b:83:63:a0:11:1a:b7:
c7:e2:43:8f:57:fd:fb:50:05:90:bb:b7:25:aa:c2:ba:96:3f:
94:46:62:a2:74:0a:1e:ea:77:4a:b6:67:8d:ad:90:20:21:31:
a3:e4:2a:6c:2a:59:93:e9:bf:fe:c5:4c:47:36:14:5c:8a:e1:
cf:d2:dc:fd:4e:45:7b:ee:27:22:de:12:bd:9e:04:3b:f1:c8:
4f:db:0a:f4:9f:7a:72:96:1f:90:63:26:51:f5:fc:8c:0a:f7:
8b:96:e8:d7:03:5f:a1:2e:6d:f9:b8:f6:69:8b:a3:5e:94:b6:
2f:00:47:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3A4fXFDKd8p8CDN6qbgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNTM0ZDQ3YWQ4ZGI1ODk0YTVmYzkzNDJlNDU1OGY5NGU0
ZjE3ZjEwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWE3NTc5YTk3MzA4YjNiN2E2MTQ0ZDk2ZGY5ZjdlMjU1ZGJjMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCXZL1tjbkG2n0HoaD9KyZs3XAoh
ClN5EkQK1NFgLKQaSz1Ww7+KC3npi7B7JEkPIUx0tumjGMlGrdDPqIIWSJ8AqHQV
jGMfG/nF5rQxH9s6oREGTe0wCtdKZBkjSgEPXNSAWHXTgQmNpg74A6NW/8NEzygT
GIKGnP6REK02kUzO0tRDq1etH8Lvxh2hy6sqnY2VMidIvRYycaDUDVTCF0VvA8oe
23atReLM1dYuS1W1y9+Q9Sj+1KoWu0iVATk/3Gi79mMIhdoVq/x+PSgp5ANQ3ltH
ayK4jdk3gKrXmJxK/P/0/AlIdAYSBVjkbi/lmUGTeovXs9gxnNdXeW9nswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGWnV5qXMIs7emFE2W359+JV28L8MB8GA1UdIwQY
MBaAFBtTTUetjbWJSl/JNC5FWPlOTxfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzFOTlI2Mk50WWxLWDhrMExrVlktVTVQRl9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi82YjQwMjMtYWRlZi00ZTRkLThjZjYt
MzI2Njk3MzdjNTE3LzEvWmFkWG1wY3dpenQ2WVVUWmJmbjM0bFhid3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi82YjQwMjMtYWRlZi00ZTRkLThjZjYtMzI2Njk3MzdjNTE3
LzEvRzFOTlI2Mk50WWxLWDhrMExrVlktVTVQRl9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrB0MA0G
CSqGSIb3DQEBCwUAA4IBAQB1tkj4PEr7MrOzpwzLGbjVd+C3U0DAvmE7nptmiJEQ
jA8qyHNMkBQBxy8PUeDiXlAOIhEIbL06hmalsCoyxHrbshrQ01emxGF91TqIp5lR
qVnxgWl558JCKt4GqygZ3oeM0KVWJuVgabj8LmNMPmB3Qcrp75yebfz9Z4DRwFtO
ZMr5IW4HHDNBI5uDY6ARGrfH4kOPV/37UAWQu7clqsK6lj+URmKidAoe6ndKtmeN
rZAgITGj5CpsKlmT6b/+xUxHNhRciuHP0tz9TkV77ici3hK9ngQ78chP2wr0n3py
lh+QYyZR9fyMCveLlujXA1+hLm35uPZpi6NelLYvAEc8
-----END CERTIFICATE-----
Generated at Sat May 18 05:45:24 2024 by rpki-client on console-fra.rpki-client.org