Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/ZnUU2Bqq8BfInOKqYttPP_bIAi4.roa
File: ZnUU2Bqq8BfInOKqYttPP_bIAi4.roa (raw, json)
Hash identifier: tnoWrb9LrASpH0j2YXHa9/kpO5zlCcxoK4VzR2vipj8=
Subject key identifier: 66:75:14:D8:1A:AA:F0:17:C8:9C:E2:AA:62:DB:4F:3F:F6:C8:02:2E
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D330217E67C0C89A8A3CC1B38E47D
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/ZnUU2Bqq8BfInOKqYttPP_bIAi4.roa
Signing time: Mon 01 Jan 2024 00:29:45 +0000
ROA not before: Mon 01 Jan 2024 00:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208370
IP address blocks: 2a0e:aa07:e010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 09:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:33:02:17:e6:7c:0c:89:a8:a3:cc:1b:38:e4:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=667514d81aaaf017c89ce2aa62db4f3ff6c8022e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:53:3a:49:81:f7:89:7b:84:c2:ef:68:3b:fc:
34:c6:83:7a:c6:b3:a6:ba:88:a3:cf:7d:63:48:55:
1a:ad:1f:0e:4f:82:f5:d3:b8:ad:f0:71:4d:28:bb:
db:b8:52:d9:45:f4:2a:5f:74:b3:3a:09:43:0a:0c:
3f:35:91:db:bc:1d:33:63:d3:42:a5:15:d0:0c:7e:
f3:f2:4b:73:b1:1f:11:c5:63:b4:10:fc:4e:9b:91:
c0:38:da:46:53:7a:b5:54:cf:59:c6:a5:3e:63:d1:
fd:80:0c:6c:5b:b3:ff:92:0f:92:12:a2:a0:25:d4:
51:6f:b1:ef:a2:4d:eb:b4:b0:7e:7c:fd:15:5c:70:
09:f0:da:73:58:e3:c3:76:d0:ef:4c:2b:3e:9d:a0:
21:21:32:f2:8b:d7:67:03:43:16:e1:47:6b:f4:90:
07:fa:0e:c8:94:e9:a2:a9:92:0c:98:b0:6c:28:db:
d0:9d:e3:e0:ea:cf:b5:c9:17:ce:fd:47:72:cb:a2:
ad:44:3b:68:38:a6:bd:d7:11:af:a4:25:ab:54:31:
c0:3d:01:79:22:83:5c:7c:16:98:c5:88:45:86:53:
fb:a9:33:f3:aa:5a:9b:55:2f:36:59:6c:39:ae:3d:
42:c4:02:a3:54:a2:3f:ee:6d:24:61:ad:db:f9:af:
0d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:75:14:D8:1A:AA:F0:17:C8:9C:E2:AA:62:DB:4F:3F:F6:C8:02:2E
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/ZnUU2Bqq8BfInOKqYttPP_bIAi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e010::/48
Signature Algorithm: sha256WithRSAEncryption
7c:19:de:c3:c1:47:d5:6f:47:db:66:97:4e:68:0d:69:b9:b4:
b1:f3:54:77:60:37:7b:44:ea:42:f4:1a:55:71:d5:fe:f5:56:
b5:6b:a4:a3:55:7b:ee:60:b6:24:58:0e:59:5e:a8:ee:8f:dd:
ae:a8:43:7c:14:75:89:d4:07:d5:3b:7e:ab:b3:9e:38:6d:8d:
03:b3:e4:e8:20:de:74:3e:35:80:8a:31:bd:3e:ff:fa:dc:c4:
59:bd:e2:ee:45:b3:e2:62:70:78:43:2e:bc:2d:9d:f8:4a:8f:
d0:87:ff:5a:4e:37:f5:72:6f:3b:d4:62:49:e5:44:70:76:c0:
3c:df:33:00:a2:9f:80:4d:4f:d2:29:f4:45:27:6b:00:9c:07:
16:f4:ae:92:fd:c9:9d:ac:7c:2a:fc:d2:95:82:e7:b8:14:7d:
06:67:10:a5:d5:ce:d5:3f:ef:67:99:2a:c4:e1:15:1b:53:56:
08:3a:64:ff:e8:c5:34:90:e9:a3:44:fc:2d:8a:fa:93:1d:4c:
64:30:f1:81:72:36:50:f3:ed:12:f2:0d:0b:0b:8e:79:9d:f8:
2f:1b:75:dc:54:2c:d6:cc:a9:20:7b:ac:f5:fe:ea:82:b0:73:
41:54:1f:97:d0:f3:3f:a1:af:57:b1:b4:43:4e:66:17:7c:38:
a9:93:e8:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbTMCF+Z8DImoo8wbOOR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njc1MTRkODFhYWFmMDE3Yzg5Y2UyYWE2MmRiNGYzZmY2YzgwMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9VM6SYH3iXuEwu9oO/w0xoN6xrOm
uoijz31jSFUarR8OT4L107it8HFNKLvbuFLZRfQqX3SzOglDCgw/NZHbvB0zY9NC
pRXQDH7z8ktzsR8RxWO0EPxOm5HAONpGU3q1VM9ZxqU+Y9H9gAxsW7P/kg+SEqKg
JdRRb7Hvok3rtLB+fP0VXHAJ8NpzWOPDdtDvTCs+naAhITLyi9dnA0MW4Udr9JAH
+g7IlOmiqZIMmLBsKNvQnePg6s+1yRfO/Udyy6KtRDtoOKa91xGvpCWrVDHAPQF5
IoNcfBaYxYhFhlP7qTPzqlqbVS82WWw5rj1CxAKjVKI/7m0kYa3b+a8NtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGZ1FNgaqvAXyJziqmLbTz/2yAIuMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvWm5VVTJCcXE4QmZJbk9LcVl0dFBQX2JJQWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+AQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB8Gd7DwUfVb0fbZpdOaA1pubSx81R3YDd7ROpC
9BpVcdX+9Va1a6SjVXvuYLYkWA5ZXqjuj92uqEN8FHWJ1AfVO36rs544bY0Ds+To
IN50PjWAijG9Pv/63MRZveLuRbPiYnB4Qy68LZ34So/Qh/9aTjf1cm871GJJ5URw
dsA83zMAop+ATU/SKfRFJ2sAnAcW9K6S/cmdrHwq/NKVgue4FH0GZxCl1c7VP+9n
mSrE4RUbU1YIOmT/6MU0kOmjRPwtivqTHUxkMPGBcjZQ8+0S8g0LC455nfgvG3Xc
VCzWzKkge6z1/uqCsHNBVB+X0PM/oa9XsbRDTmYXfDipk+hW
-----END CERTIFICATE-----
Generated at Fri May 3 18:27:01 2024 by rpki-client on console-ams.rpki-client.org