Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/c931fc-df1e-4bb1-9de9-d74a12959ad7/1/Z4wN4VPf0PoXb2EB_vni5Q0Ecqc.roa
File: Z4wN4VPf0PoXb2EB_vni5Q0Ecqc.roa (raw, json)
Hash identifier: 7tYnBMu4bFpzk3U4GvjPn7bGeVwOybMX6wNPYWEpjfw=
Subject key identifier: 67:8C:0D:E1:53:DF:D0:FA:17:6F:61:01:FE:F9:E2:E5:0D:04:72:A7
Certificate issuer: /CN=5bd6cbdaa794a97a7d8266702cb054f1b249d4bf
Certificate serial: 018CC3B6EAB8C793C666E5226FCE0FD4B9D2
Authority key identifier: 5B:D6:CB:DA:A7:94:A9:7A:7D:82:66:70:2C:B0:54:F1:B2:49:D4:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9bL2qeUqXp9gmZwLLBU8bJJ1L8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/c931fc-df1e-4bb1-9de9-d74a12959ad7/1/Z4wN4VPf0PoXb2EB_vni5Q0Ecqc.roa
Signing time: Mon 01 Jan 2024 06:29:53 +0000
ROA not before: Mon 01 Jan 2024 06:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2200
IP address blocks: 192.33.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/c931fc-df1e-4bb1-9de9-d74a12959ad7/1/W9bL2qeUqXp9gmZwLLBU8bJJ1L8.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/c931fc-df1e-4bb1-9de9-d74a12959ad7/1/W9bL2qeUqXp9gmZwLLBU8bJJ1L8.mft
rsync://rpki.ripe.net/repository/DEFAULT/W9bL2qeUqXp9gmZwLLBU8bJJ1L8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ea:b8:c7:93:c6:66:e5:22:6f:ce:0f:d4:b9:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd6cbdaa794a97a7d8266702cb054f1b249d4bf
Validity
Not Before: Jan 1 06:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=678c0de153dfd0fa176f6101fef9e2e50d0472a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:99:81:b8:ec:1d:ab:21:ab:7c:5b:bb:3c:c2:
71:71:53:a3:91:54:41:ed:cb:2e:77:5a:35:b3:06:
1b:00:67:7f:f9:35:b0:6b:80:49:e6:f1:0a:5d:47:
85:d9:a3:46:1b:a5:69:3d:b4:64:a5:17:53:ce:14:
c9:3a:37:f0:01:d4:4e:0f:6e:a9:6a:0d:16:92:4f:
65:78:09:9f:b9:71:76:3e:cb:2d:80:be:cb:34:0c:
77:16:09:5a:79:6f:84:23:d7:fa:4b:c6:fb:01:a8:
d6:12:ae:45:fc:63:32:da:82:fd:b3:c7:df:10:95:
8d:51:f8:0d:24:a8:92:38:89:72:9c:b0:f9:70:e7:
c7:12:21:ff:c0:27:47:88:2d:8d:0b:61:38:f6:01:
1f:b1:df:c8:08:67:a9:d6:3f:df:41:22:14:7f:b2:
59:50:5f:41:f8:ca:f6:d8:cd:4b:28:9d:b1:d5:86:
1b:fa:c9:2b:a3:bc:af:6d:38:27:93:b7:af:67:37:
f1:5c:44:15:3c:ab:a0:38:46:54:c6:b8:d3:6e:34:
97:35:71:38:c2:40:6d:e4:0c:86:82:11:70:4e:da:
2c:14:89:77:d9:95:1e:38:8a:4b:f8:36:1e:2f:47:
16:a0:89:54:06:ff:2f:5e:24:45:f4:57:50:ff:f3:
78:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:8C:0D:E1:53:DF:D0:FA:17:6F:61:01:FE:F9:E2:E5:0D:04:72:A7
X509v3 Authority Key Identifier:
keyid:5B:D6:CB:DA:A7:94:A9:7A:7D:82:66:70:2C:B0:54:F1:B2:49:D4:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9bL2qeUqXp9gmZwLLBU8bJJ1L8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/c931fc-df1e-4bb1-9de9-d74a12959ad7/1/Z4wN4VPf0PoXb2EB_vni5Q0Ecqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/c931fc-df1e-4bb1-9de9-d74a12959ad7/1/W9bL2qeUqXp9gmZwLLBU8bJJ1L8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.33.156.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:0f:b8:99:cc:4e:5c:7c:73:9b:6a:b9:c7:5c:90:46:bf:47:
cf:d5:c4:c6:43:42:7c:80:5e:37:3a:2b:15:54:fb:bd:f2:13:
83:4b:66:e8:9a:ec:c0:54:8f:7c:b1:02:ce:ed:47:07:f2:1f:
aa:17:81:ad:fe:2f:a5:f1:d2:95:6e:8c:68:6c:b6:92:90:4b:
d2:97:c7:9c:c4:81:35:6c:18:7e:95:e1:73:99:bb:21:4c:28:
24:4f:80:00:0f:17:12:db:1d:cb:ee:7b:6f:cb:de:2e:fc:12:
29:6d:52:d1:1e:73:ab:98:84:bc:49:28:d4:6a:40:02:1b:52:
b6:9a:4a:93:13:2b:7b:ff:87:50:05:0a:1a:cd:f6:75:45:a3:
db:b0:1c:3d:fc:68:13:d7:02:24:59:c4:5e:57:7a:8a:9b:2b:
6a:d5:d3:20:0c:54:ee:27:83:83:f7:35:02:aa:44:e9:55:b2:
56:15:c1:3c:66:e6:5b:bd:c7:8e:b9:c2:fc:34:81:95:ae:8e:
e4:61:2c:a2:d9:cd:92:1d:b9:6d:5d:60:97:f4:88:fb:16:ed:
a6:4c:99:2b:70:73:68:b4:6c:86:ff:23:f0:4e:33:b2:4a:a9:
f4:06:c7:ba:d6:57:72:a0:82:69:b5:85:45:5e:9a:93:5e:1e:
48:c0:e3:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtuq4x5PGZuUib84P1LnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDZjYmRhYTc5NGE5N2E3ZDgyNjY3MDJjYjA1NGYxYjI0
OWQ0YmYwHhcNMjQwMTAxMDYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzhjMGRlMTUzZGZkMGZhMTc2ZjYxMDFmZWY5ZTJlNTBkMDQ3MmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipmBuOwdqyGrfFu7PMJxcVOjkVRB
7csud1o1swYbAGd/+TWwa4BJ5vEKXUeF2aNGG6VpPbRkpRdTzhTJOjfwAdROD26p
ag0Wkk9leAmfuXF2PsstgL7LNAx3FglaeW+EI9f6S8b7AajWEq5F/GMy2oL9s8ff
EJWNUfgNJKiSOIlynLD5cOfHEiH/wCdHiC2NC2E49gEfsd/ICGep1j/fQSIUf7JZ
UF9B+Mr22M1LKJ2x1YYb+skro7yvbTgnk7evZzfxXEQVPKugOEZUxrjTbjSXNXE4
wkBt5AyGghFwTtosFIl32ZUeOIpL+DYeL0cWoIlUBv8vXiRF9FdQ//N4DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGeMDeFT39D6F29hAf754uUNBHKnMB8GA1UdIwQY
MBaAFFvWy9qnlKl6fYJmcCywVPGySdS/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzliTDJxZVVxWHA5Z21ad0xMQlU4YkpKMUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9jOTMxZmMtZGYxZS00YmIxLTlkZTkt
ZDc0YTEyOTU5YWQ3LzEvWjR3TjRWUGYwUG9YYjJFQl92bmk1UTBFY3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9jOTMxZmMtZGYxZS00YmIxLTlkZTktZDc0YTEyOTU5YWQ3
LzEvVzliTDJxZVVxWHA5Z21ad0xMQlU4YkpKMUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCGcMA0G
CSqGSIb3DQEBCwUAA4IBAQCwD7iZzE5cfHObarnHXJBGv0fP1cTGQ0J8gF43OisV
VPu98hODS2bomuzAVI98sQLO7UcH8h+qF4Gt/i+l8dKVboxobLaSkEvSl8ecxIE1
bBh+leFzmbshTCgkT4AADxcS2x3L7ntvy94u/BIpbVLRHnOrmIS8SSjUakACG1K2
mkqTEyt7/4dQBQoazfZ1RaPbsBw9/GgT1wIkWcReV3qKmytq1dMgDFTuJ4OD9zUC
qkTpVbJWFcE8ZuZbvceOucL8NIGVro7kYSyi2c2SHbltXWCX9Ij7Fu2mTJkrcHNo
tGyG/yPwTjOySqn0Bse61ldyoIJptYVFXpqTXh5IwOPB
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:35:43 2024 by rpki-client on console-ams.rpki-client.org