Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/ce69f0-b6e1-4ba6-b9e0-4eb2695a868d/1/sgXtfViQGsMb8O4-htHAasxRg30.roa
File: sgXtfViQGsMb8O4-htHAasxRg30.roa (raw, json)
Hash identifier: znT12lBJ5lcyB2Caaou3xAsL4WEdgvdtHsEi7BBnIJI=
Subject key identifier: B2:05:ED:7D:58:90:1A:C3:1B:F0:EE:3E:86:D1:C0:6A:CC:51:83:7D
Certificate issuer: /CN=cf1d7ff016fff5d039a9689a43c93e84fe45dbc8
Certificate serial: 018CC727353442B01BF7B1A649E6CEA38215
Authority key identifier: CF:1D:7F:F0:16:FF:F5:D0:39:A9:68:9A:43:C9:3E:84:FE:45:DB:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx1_8Bb_9dA5qWiaQ8k-hP5F28g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/ce69f0-b6e1-4ba6-b9e0-4eb2695a868d/1/sgXtfViQGsMb8O4-htHAasxRg30.roa
Signing time: Mon 01 Jan 2024 22:31:24 +0000
ROA not before: Mon 01 Jan 2024 22:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47477
IP address blocks: 192.164.161.0/24 maxlen: 24
192.164.164.0/24 maxlen: 24
192.164.172.0/24 maxlen: 24
192.164.167.0/24 maxlen: 24
192.164.173.0/24 maxlen: 24
192.164.174.0/24 maxlen: 24
2a04:62c2:1::/48 maxlen: 48
2a04:62c2:6::/48 maxlen: 48
2a04:62c1::/32 maxlen: 32
2a04:62c2:5::/48 maxlen: 48
2a04:62c2:4::/48 maxlen: 48
2a04:62c2:3::/48 maxlen: 48
2a04:62c0::/32 maxlen: 32
2a04:62c2:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/ce69f0-b6e1-4ba6-b9e0-4eb2695a868d/1/zx1_8Bb_9dA5qWiaQ8k-hP5F28g.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/ce69f0-b6e1-4ba6-b9e0-4eb2695a868d/1/zx1_8Bb_9dA5qWiaQ8k-hP5F28g.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx1_8Bb_9dA5qWiaQ8k-hP5F28g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:35:34:42:b0:1b:f7:b1:a6:49:e6:ce:a3:82:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1d7ff016fff5d039a9689a43c93e84fe45dbc8
Validity
Not Before: Jan 1 22:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b205ed7d58901ac31bf0ee3e86d1c06acc51837d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0d:75:7d:4b:07:8b:b0:90:20:90:68:dc:cf:
21:e3:da:80:96:77:fb:66:50:68:7b:70:10:69:9a:
a6:1e:71:11:aa:30:55:69:6e:a5:68:2c:e7:f0:d1:
70:9e:c9:e1:8d:5a:ac:a9:e2:dd:d1:5c:58:c9:fa:
f5:22:e1:e9:f1:7f:1e:07:4a:51:34:2e:7b:5e:a3:
2f:29:fa:78:6f:7e:9c:d2:da:ee:9f:0b:43:cd:5e:
5e:b1:b9:b8:45:e0:ff:1e:aa:14:61:a3:a5:03:5b:
25:03:27:ed:d3:48:cf:71:fe:e3:87:1e:3c:df:ca:
3b:44:03:a8:c4:a9:a7:5c:27:c1:2f:3e:b9:14:c7:
f3:88:71:16:48:d7:58:06:4f:a6:aa:c0:d6:0f:4d:
c1:e8:05:84:0e:bc:d2:4d:74:20:02:e0:95:3f:fd:
5d:dc:77:2b:87:c5:d2:12:00:d3:61:45:ae:42:cb:
bd:d6:6b:f0:de:00:1a:c5:cc:23:80:5f:7f:84:20:
a4:8d:32:a6:c9:02:6b:2a:27:95:ee:b9:99:dc:5e:
77:d5:32:9f:b9:1d:3f:68:47:fb:e6:82:be:74:75:
02:92:f8:8f:b9:57:02:bb:91:33:d8:20:f5:5e:5f:
f2:86:5a:cd:66:1c:a9:39:f1:f5:60:62:e7:d0:36:
26:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:05:ED:7D:58:90:1A:C3:1B:F0:EE:3E:86:D1:C0:6A:CC:51:83:7D
X509v3 Authority Key Identifier:
keyid:CF:1D:7F:F0:16:FF:F5:D0:39:A9:68:9A:43:C9:3E:84:FE:45:DB:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx1_8Bb_9dA5qWiaQ8k-hP5F28g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ce69f0-b6e1-4ba6-b9e0-4eb2695a868d/1/sgXtfViQGsMb8O4-htHAasxRg30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ce69f0-b6e1-4ba6-b9e0-4eb2695a868d/1/zx1_8Bb_9dA5qWiaQ8k-hP5F28g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.164.161.0/24
192.164.164.0/24
192.164.167.0/24
192.164.172.0-192.164.174.255
IPv6:
2a04:62c0::/31
2a04:62c2:1::-2a04:62c2:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0f:cf:a5:ab:ac:65:14:a6:44:00:fd:d9:2b:f9:12:fd:67:3a:
b1:88:a0:49:91:81:e1:8a:6b:b0:19:7b:ad:a7:94:89:22:38:
e7:40:ff:84:b7:2f:bb:39:5f:ad:24:f6:df:5e:eb:37:78:26:
55:64:a3:62:c0:bb:fa:62:59:82:df:46:b8:a1:0d:d4:9c:a9:
5c:42:24:a8:1d:4b:0a:5c:84:44:04:b0:c5:38:67:48:70:6d:
ae:8b:31:65:5c:d7:04:8c:c2:40:43:2f:41:45:1d:9f:50:9c:
a8:86:eb:b4:b9:41:8f:c5:c0:50:79:58:27:68:d9:09:12:e6:
51:06:c2:23:bf:4b:33:da:be:98:56:19:c2:78:17:67:d8:2e:
a1:f9:06:61:04:ca:59:47:7e:a5:83:92:84:da:fc:03:98:f7:
9f:4d:30:d6:7d:e3:fe:d1:de:ed:e2:fe:e5:b7:f9:37:88:bf:
03:4b:1d:b0:cb:38:c7:43:a4:e6:36:77:46:b9:90:dc:a1:d7:
60:f8:1f:d2:95:e0:e5:8a:20:f7:71:18:24:0a:87:0c:c9:b8:
cf:fd:bf:11:08:e2:75:12:95:03:1d:ca:82:d4:ba:b2:84:74:
68:b0:bd:2e:d1:cd:a9:f8:db:83:86:27:80:34:cf:94:c4:a4:
c6:2b:7c:e1
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYzHJzU0QrAb97GmSebOo4IVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWQ3ZmYwMTZmZmY1ZDAzOWE5Njg5YTQzYzkzZTg0ZmU0
NWRiYzgwHhcNMjQwMTAxMjIzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjA1ZWQ3ZDU4OTAxYWMzMWJmMGVlM2U4NmQxYzA2YWNjNTE4MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg11fUsHi7CQIJBo3M8h49qAlnf7
ZlBoe3AQaZqmHnERqjBVaW6laCzn8NFwnsnhjVqsqeLd0VxYyfr1IuHp8X8eB0pR
NC57XqMvKfp4b36c0trunwtDzV5esbm4ReD/HqoUYaOlA1slAyft00jPcf7jhx48
38o7RAOoxKmnXCfBLz65FMfziHEWSNdYBk+mqsDWD03B6AWEDrzSTXQgAuCVP/1d
3Hcrh8XSEgDTYUWuQsu91mvw3gAaxcwjgF9/hCCkjTKmyQJrKieV7rmZ3F531TKf
uR0/aEf75oK+dHUCkviPuVcCu5Ez2CD1Xl/yhlrNZhypOfH1YGLn0DYmDwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFLIF7X1YkBrDG/DuPobRwGrMUYN9MB8GA1UdIwQY
MBaAFM8df/AW//XQOalomkPJPoT+RdvIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengxXzhCYl85ZEE1cVdpYVE4ay1oUDVGMjhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9jZTY5ZjAtYjZlMS00YmE2LWI5ZTAt
NGViMjY5NWE4NjhkLzEvc2dYdGZWaVFHc01iOE80LWh0SEFhc3hSZzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9jZTY5ZjAtYjZlMS00YmE2LWI5ZTAtNGViMjY5NWE4Njhk
LzEvengxXzhCYl85ZEE1cVdpYVE4ay1oUDVGMjhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAmBAIAATAgAwQAwKShAwQA
wKSkAwQAwKSnMAwDBALApKwDBADApK4wIQQCAAIwGwMFASoEYsAwEgMHACoEYsIA
AQMHACoEYsIABjANBgkqhkiG9w0BAQsFAAOCAQEAD8+lq6xlFKZEAP3ZK/kS/Wc6
sYigSZGB4YprsBl7raeUiSI450D/hLcvuzlfrST2317rN3gmVWSjYsC7+mJZgt9G
uKEN1JypXEIkqB1LClyERASwxThnSHBtrosxZVzXBIzCQEMvQUUdn1CcqIbrtLlB
j8XAUHlYJ2jZCRLmUQbCI79LM9q+mFYZwngXZ9guofkGYQTKWUd+pYOShNr8A5j3
n00w1n3j/tHe7eL+5bf5N4i/A0sdsMs4x0Ok5jZ3RrmQ3KHXYPgf0pXg5Yog93EY
JAqHDMm4z/2/EQjidRKVAx3KgtS6soR0aLC9LtHNqfjbg4YngDTPlMSkxit84Q==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:16:01 2024 by rpki-client on console-ams.rpki-client.org