Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/ZbplHCox8DH-pUJBFdab1Zi-1H0.roa
File: ZbplHCox8DH-pUJBFdab1Zi-1H0.roa (raw, json)
Hash identifier: HLf2i/WTjMDx3evMSzCS0XNMOGj6JWR7SSGs4MSOR8g=
Subject key identifier: 65:BA:65:1C:2A:31:F0:31:FE:A5:42:41:15:D6:9B:D5:98:BE:D4:7D
Certificate issuer: /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial: 01927F7C189EE72C92A3718A586306917B69
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/ZbplHCox8DH-pUJBFdab1Zi-1H0.roa
Signing time: Sat 12 Oct 2024 06:48:12 +0000
ROA not before: Sat 12 Oct 2024 06:48:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6658
IP address blocks: 194.1.128.0/24 maxlen: 24
194.1.129.0/24 maxlen: 24
194.1.133.0/24 maxlen: 24
194.1.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7f:7c:18:9e:e7:2c:92:a3:71:8a:58:63:06:91:7b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Validity
Not Before: Oct 12 06:48:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65ba651c2a31f031fea5424115d69bd598bed47d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:91:e9:30:4d:49:94:19:6e:6e:d9:16:74:28:
84:e8:1e:e6:01:d9:d5:68:df:0e:91:bf:22:d9:18:
6d:d8:49:10:f2:54:e7:c2:bb:44:08:9d:4b:4f:91:
77:0a:d2:3b:42:a8:05:15:81:38:76:59:a7:58:5f:
d4:b3:d6:a1:55:12:34:b0:0b:b9:ca:8e:d2:26:6d:
d0:6f:35:d1:9b:88:f4:b5:0e:6a:f2:60:b4:53:bf:
a7:e0:6d:8b:bb:1b:a7:40:68:8a:d8:af:3f:7b:fd:
78:96:ce:16:04:7f:d1:95:a2:43:25:ac:5a:46:a5:
2b:be:19:03:ab:a6:95:8d:7d:b5:60:96:e7:05:67:
61:30:63:46:e5:f5:46:ba:d1:07:d1:e2:b9:7e:fc:
d4:b3:4f:fa:b2:3c:08:60:c7:10:10:10:6e:a4:64:
32:9b:21:9a:ab:d8:3b:33:0e:89:80:92:b6:82:8f:
92:30:05:4b:ba:8d:02:77:5c:5f:3a:60:39:17:e3:
9b:33:e6:cc:43:8a:46:b5:15:d5:3d:e4:23:e2:a3:
30:b6:21:1b:99:6a:92:f9:e2:9a:14:50:16:53:8a:
5e:f7:83:b2:86:2b:6b:3c:78:a4:0d:1c:b6:26:76:
d8:31:28:02:c3:c8:51:06:55:69:7e:f3:03:21:d3:
73:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BA:65:1C:2A:31:F0:31:FE:A5:42:41:15:D6:9B:D5:98:BE:D4:7D
X509v3 Authority Key Identifier:
keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/ZbplHCox8DH-pUJBFdab1Zi-1H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.128.0/23
194.1.133.0-194.1.134.255
Signature Algorithm: sha256WithRSAEncryption
32:f0:7f:76:fc:c1:0d:4d:49:f7:67:06:ca:6a:99:08:16:34:
75:d5:ab:3a:69:08:bc:27:6c:59:48:8a:90:5b:af:c0:45:58:
0b:9c:b8:45:e2:3c:95:a9:4c:a8:d6:0f:48:8b:a3:12:7e:d1:
d2:62:eb:84:16:67:c9:80:8a:62:d9:aa:bd:66:e2:9d:fa:58:
c0:9f:3f:a4:b8:03:c6:14:8d:61:b3:91:e1:3d:30:14:dc:2e:
e5:07:2d:bb:ae:df:f1:11:31:3f:e9:fe:a2:b7:e8:03:9e:05:
b7:84:e5:c6:5c:33:31:8d:dc:1f:e5:89:52:6e:c1:14:76:81:
0e:26:dc:28:fd:ba:ed:a3:9f:19:a2:dc:48:aa:c4:cd:12:49:
67:54:4d:50:4b:9f:be:3e:39:28:42:15:a5:eb:66:2c:6c:fa:
03:da:db:c6:da:22:d4:b7:a7:7d:98:e0:40:64:e9:2b:37:2e:
7e:50:68:43:bf:65:03:9f:47:e6:de:ae:0b:0f:41:de:79:f1:
21:be:9a:2e:7b:97:18:cf:fe:02:fa:d5:04:92:61:3a:0d:1c:
0a:14:4c:f5:21:2d:bf:64:a6:da:32:58:84:f5:a3:28:f1:ff:
42:8d:c9:84:d1:64:6b:d2:40:c1:dc:dd:e2:cc:d9:01:a5:c0:
96:f9:d5:1c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZJ/fBie5yySo3GKWGMGkXtpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjQxMDEyMDY0ODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWJhNjUxYzJhMzFmMDMxZmVhNTQyNDExNWQ2OWJkNTk4YmVkNDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZHpME1JlBlubtkWdCiE6B7mAdnV
aN8Okb8i2Rht2EkQ8lTnwrtECJ1LT5F3CtI7QqgFFYE4dlmnWF/Us9ahVRI0sAu5
yo7SJm3QbzXRm4j0tQ5q8mC0U7+n4G2LuxunQGiK2K8/e/14ls4WBH/RlaJDJaxa
RqUrvhkDq6aVjX21YJbnBWdhMGNG5fVGutEH0eK5fvzUs0/6sjwIYMcQEBBupGQy
myGaq9g7Mw6JgJK2go+SMAVLuo0Cd1xfOmA5F+ObM+bMQ4pGtRXVPeQj4qMwtiEb
mWqS+eKaFFAWU4pe94OyhitrPHikDRy2JnbYMSgCw8hRBlVpfvMDIdNzqQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGW6ZRwqMfAx/qVCQRXWm9WYvtR9MB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEvWmJwbEhDb3g4REgtcFVKQkZkYWIxWmktMUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBwgGAMAwD
BADCAYUDBADCAYYwDQYJKoZIhvcNAQELBQADggEBADLwf3b8wQ1NSfdnBspqmQgW
NHXVqzppCLwnbFlIipBbr8BFWAucuEXiPJWpTKjWD0iLoxJ+0dJi64QWZ8mAimLZ
qr1m4p36WMCfP6S4A8YUjWGzkeE9MBTcLuUHLbuu3/ERMT/p/qK36AOeBbeE5cZc
MzGN3B/liVJuwRR2gQ4m3Cj9uu2jnxmi3EiqxM0SSWdUTVBLn74+OShCFaXrZixs
+gPa28baItS3p32Y4EBk6Ss3Ln5QaEO/ZQOfR+bergsPQd558SG+mi57lxjP/gL6
1QSSYToNHAoUTPUhLb9kptoyWIT1oyjx/0KNyYTRZGvSQMHc3eLM2QGlwJb51Rw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:35:38 2024 by rpki-client on console-fra.rpki-client.org