Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/ZvJuu1B1zEkO_y6gw4m-plsKXdY.roa
File: ZvJuu1B1zEkO_y6gw4m-plsKXdY.roa (raw, json)
Hash identifier: sG1vw7z7fOHMbIkWAvI0SgtkJgW7W3hglClXDs+KguQ=
Subject key identifier: 66:F2:6E:BB:50:75:CC:49:0E:FF:2E:A0:C3:89:BE:A6:5B:0A:5D:D6
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 018CC801786EF0A078EA88B39CB12173EEE3
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/ZvJuu1B1zEkO_y6gw4m-plsKXdY.roa
Signing time: Tue 02 Jan 2024 02:29:48 +0000
ROA not before: Tue 02 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 394973
IP address blocks: 213.19.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 16:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:78:6e:f0:a0:78:ea:88:b3:9c:b1:21:73:ee:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jan 2 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66f26ebb5075cc490eff2ea0c389bea65b0a5dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a2:6b:08:15:7a:0c:c1:02:d2:ec:7f:d4:10:
a9:3f:9f:c7:e7:06:08:01:0e:c2:9e:be:fd:ec:c5:
45:e0:bc:68:2c:aa:e2:82:c0:c0:08:d7:8f:72:36:
1b:9c:2d:4d:20:17:ec:34:e8:3e:bf:22:08:80:7b:
3e:18:74:74:74:b8:11:0b:ac:27:44:ad:05:76:2b:
d1:4d:d8:68:2c:1f:23:03:24:cf:83:96:86:23:68:
00:00:bf:4f:72:8d:36:cb:5f:d9:e4:11:d2:1b:0a:
3d:15:3b:20:9b:10:62:5a:d4:9a:84:41:5c:3c:c6:
9a:d3:b1:e2:0a:48:a0:2b:fb:42:d7:38:49:eb:36:
73:fd:7e:61:e6:6a:cc:52:19:69:9e:90:e1:bf:48:
7f:5f:db:ca:52:d2:5c:a4:02:07:7a:d5:11:f9:59:
eb:b5:63:d8:2e:57:8b:03:a7:e2:30:ba:3b:e4:a5:
4a:25:c4:68:10:51:16:f3:17:7a:5a:58:d4:bd:f5:
a5:aa:0f:f5:68:3b:bc:36:aa:c9:99:94:a8:53:0d:
22:ad:db:f8:b0:9d:c6:88:f5:f9:cb:81:b6:0c:a7:
72:d3:db:b2:48:5b:30:33:9c:8c:f4:67:bc:eb:9b:
b5:2a:4e:0c:15:79:03:49:9d:78:c6:69:25:9e:9c:
3a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F2:6E:BB:50:75:CC:49:0E:FF:2E:A0:C3:89:BE:A6:5B:0A:5D:D6
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/ZvJuu1B1zEkO_y6gw4m-plsKXdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.19.145.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:b6:2f:99:ee:13:2c:5c:7b:22:9c:1d:b5:2a:db:f1:fa:80:
68:ad:56:63:4d:c9:1f:36:bd:22:b2:3e:70:a7:a7:9a:cb:02:
1b:16:8d:2c:a2:ad:95:72:bb:48:7a:e4:61:35:fb:cd:6e:f3:
35:96:6b:e1:74:e6:9d:af:16:4b:35:4f:b0:f1:43:ab:4b:29:
5a:49:ef:6f:1a:a8:27:44:91:fe:43:df:84:6b:60:14:b9:83:
4b:db:24:9a:76:83:4f:02:fe:6c:4e:18:42:ab:81:4b:76:8f:
11:16:83:7e:e9:6f:11:c4:a4:2b:73:61:3f:76:ac:06:65:9b:
f7:49:29:5b:23:f2:e5:b8:0d:b5:6e:55:7a:28:86:ab:3c:1d:
09:73:cc:f7:c8:bf:e9:09:1a:c0:a4:29:b5:df:48:24:90:db:
d2:59:13:00:1b:17:fa:8c:66:64:2e:bd:66:72:7f:50:3b:f8:
b2:d3:a5:9c:bc:68:9d:06:fb:53:e7:85:9d:05:38:d3:de:ed:
23:86:86:8b:1d:df:73:28:a3:d4:88:7b:9a:61:d2:06:0d:38:
eb:3a:96:38:5d:d7:95:fc:10:60:9e:c3:7e:ce:2d:32:f4:01:
e0:f8:ab:60:ca:cc:09:85:98:ac:b5:49:4d:51:a0:63:b9:4f:
59:3a:a3:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAXhu8KB46oiznLEhc+7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjQwMTAyMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmYyNmViYjUwNzVjYzQ5MGVmZjJlYTBjMzg5YmVhNjViMGE1ZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqJrCBV6DMEC0ux/1BCpP5/H5wYI
AQ7Cnr797MVF4LxoLKrigsDACNePcjYbnC1NIBfsNOg+vyIIgHs+GHR0dLgRC6wn
RK0FdivRTdhoLB8jAyTPg5aGI2gAAL9Pco02y1/Z5BHSGwo9FTsgmxBiWtSahEFc
PMaa07HiCkigK/tC1zhJ6zZz/X5h5mrMUhlpnpDhv0h/X9vKUtJcpAIHetUR+Vnr
tWPYLleLA6fiMLo75KVKJcRoEFEW8xd6WljUvfWlqg/1aDu8NqrJmZSoUw0irdv4
sJ3GiPX5y4G2DKdy09uySFswM5yM9Ge865u1Kk4MFXkDSZ14xmklnpw6iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGbybrtQdcxJDv8uoMOJvqZbCl3WMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvWnZKdXUxQjF6RWtPX3k2Z3c0bS1wbHNLWGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RORMA0G
CSqGSIb3DQEBCwUAA4IBAQDCti+Z7hMsXHsinB21Ktvx+oBorVZjTckfNr0isj5w
p6eaywIbFo0soq2VcrtIeuRhNfvNbvM1lmvhdOadrxZLNU+w8UOrSylaSe9vGqgn
RJH+Q9+Ea2AUuYNL2ySadoNPAv5sThhCq4FLdo8RFoN+6W8RxKQrc2E/dqwGZZv3
SSlbI/LluA21blV6KIarPB0Jc8z3yL/pCRrApCm130gkkNvSWRMAGxf6jGZkLr1m
cn9QO/iy06WcvGidBvtT54WdBTjT3u0jhoaLHd9zKKPUiHuaYdIGDTjrOpY4XdeV
/BBgnsN+zi0y9AHg+KtgyswJhZistUlNUaBjuU9ZOqMh
-----END CERTIFICATE-----
Generated at Sun May 5 19:13:33 2024 by rpki-client on console-fra.rpki-client.org