Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/ZR1dHbcDEQu0Jnv2cSZmQYTuDDk.roa
File: ZR1dHbcDEQu0Jnv2cSZmQYTuDDk.roa (raw, json)
Hash identifier: IgGeLumMzQ4TZQtMVp12obO9MB8hL2ty8Mjv0Gep5AE=
Subject key identifier: 65:1D:5D:1D:B7:03:11:0B:B4:26:7B:F6:71:26:66:41:84:EE:0C:39
Certificate issuer: /CN=3c177b528043a85953fc250f991d9d8020e2810d
Certificate serial: 018CC492E016B75D4402E203DA465D72594D
Authority key identifier: 3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/ZR1dHbcDEQu0Jnv2cSZmQYTuDDk.roa
Signing time: Mon 01 Jan 2024 10:30:09 +0000
ROA not before: Mon 01 Jan 2024 10:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202572
IP address blocks: 2a0a:2303::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e0:16:b7:5d:44:02:e2:03:da:46:5d:72:59:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c177b528043a85953fc250f991d9d8020e2810d
Validity
Not Before: Jan 1 10:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=651d5d1db703110bb4267bf67126664184ee0c39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:20:9c:34:88:de:2c:c4:b7:af:a9:7f:04:83:
5e:61:35:e0:61:09:1b:99:20:03:e3:c6:cf:ff:3e:
40:04:1a:e4:6c:a9:33:d8:27:56:86:f6:8e:86:b6:
dc:4d:1f:00:82:f7:1c:70:ba:4e:c9:9e:ac:c6:d0:
04:ac:d6:b2:84:6b:6a:34:53:60:02:9e:c6:77:9c:
f7:4e:66:85:5f:65:7c:bc:9d:97:4f:10:24:79:ef:
46:9f:30:e0:6d:70:a6:3b:c3:68:38:92:08:c4:a2:
c3:98:d7:fc:20:68:52:42:3c:b5:29:0e:1f:dc:13:
12:f0:1a:71:72:a7:9c:c4:ec:eb:e9:60:f0:5c:92:
31:95:1c:71:6f:10:c6:92:13:ab:f7:8b:37:5a:b0:
76:48:8b:65:c6:d3:d5:ec:e4:f1:1e:de:e6:bb:e5:
46:99:31:20:ad:e5:59:dc:59:8b:14:88:b0:bc:6f:
12:78:bf:77:ed:17:52:db:d5:c6:8e:1c:1f:e9:d1:
3a:ed:4f:62:9e:5f:48:73:6f:1a:7b:50:70:89:1f:
62:b0:0a:53:70:c4:a1:c8:60:1b:40:4d:25:1b:64:
62:d4:ec:63:a1:e8:d9:c0:2e:54:0b:d2:4b:58:08:
21:8f:e9:85:aa:fb:4f:bb:98:d3:28:fc:89:1a:b3:
cd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1D:5D:1D:B7:03:11:0B:B4:26:7B:F6:71:26:66:41:84:EE:0C:39
X509v3 Authority Key Identifier:
keyid:3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/ZR1dHbcDEQu0Jnv2cSZmQYTuDDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2303::/32
Signature Algorithm: sha256WithRSAEncryption
ba:4f:3a:55:bb:89:64:1a:c3:2d:c6:32:71:d2:e0:14:10:fb:
66:39:70:37:64:81:88:a0:02:33:d6:d0:ca:f5:6b:04:4a:ee:
85:8d:e8:1e:d0:06:10:2f:d0:1b:0e:fb:7a:c1:d7:b0:40:95:
e0:8b:5e:ba:fa:ce:b4:78:9f:15:6d:36:88:fb:d1:96:26:30:
46:95:aa:5f:5e:9d:bf:af:c0:3c:3a:0a:8f:0e:a2:67:49:ba:
89:55:e4:8c:42:2f:e2:dc:ee:64:e7:87:4a:44:ab:ea:69:5e:
e5:56:29:ac:8b:44:52:98:94:a0:2c:97:fc:fe:38:c4:be:57:
52:bd:8d:19:ce:e3:92:ae:8e:a4:b4:53:be:49:3d:0a:3d:d1:
33:5e:12:64:d1:aa:df:d7:b5:b8:36:2c:ba:d3:93:02:91:a3:
be:46:e1:c5:df:75:61:6b:8d:54:7b:9c:7d:f5:99:34:a4:91:
5c:67:84:be:8f:2b:4e:e6:a9:ad:5e:ed:41:5a:8e:d7:fd:d0:
e0:13:30:22:27:67:f7:79:16:fb:37:c8:70:64:8f:71:ec:20:
fe:42:ce:53:33:b8:da:fd:e1:1a:bc:fb:ee:70:15:d2:28:2a:
fb:62:c5:cd:41:1a:ef:b1:15:65:8b:c2:3d:7d:62:f7:52:a9:
10:2a:17:8e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEkuAWt11EAuID2kZdcllNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTc3YjUyODA0M2E4NTk1M2ZjMjUwZjk5MWQ5ZDgwMjBl
MjgxMGQwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTFkNWQxZGI3MDMxMTBiYjQyNjdiZjY3MTI2NjY0MTg0ZWUwYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCCcNIjeLMS3r6l/BINeYTXgYQkb
mSAD48bP/z5ABBrkbKkz2CdWhvaOhrbcTR8AgvcccLpOyZ6sxtAErNayhGtqNFNg
Ap7Gd5z3TmaFX2V8vJ2XTxAkee9GnzDgbXCmO8NoOJIIxKLDmNf8IGhSQjy1KQ4f
3BMS8BpxcqecxOzr6WDwXJIxlRxxbxDGkhOr94s3WrB2SItlxtPV7OTxHt7mu+VG
mTEgreVZ3FmLFIiwvG8SeL937RdS29XGjhwf6dE67U9inl9Ic28ae1BwiR9isApT
cMShyGAbQE0lG2Ri1OxjoejZwC5UC9JLWAghj+mFqvtPu5jTKPyJGrPNjwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGUdXR23AxELtCZ79nEmZkGE7gw5MB8GA1UdIwQY
MBaAFDwXe1KAQ6hZU/wlD5kdnYAg4oENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMt
YTQxNTFiNWUyZmNmLzEvWlIxZEhiY0RFUXUwSm52MmNTWm1RWVR1RERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMtYTQxNTFiNWUyZmNm
LzEvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgojAzAN
BgkqhkiG9w0BAQsFAAOCAQEAuk86VbuJZBrDLcYycdLgFBD7ZjlwN2SBiKACM9bQ
yvVrBEruhY3oHtAGEC/QGw77esHXsECV4IteuvrOtHifFW02iPvRliYwRpWqX16d
v6/APDoKjw6iZ0m6iVXkjEIv4tzuZOeHSkSr6mle5VYprItEUpiUoCyX/P44xL5X
Ur2NGc7jkq6OpLRTvkk9Cj3RM14SZNGq39e1uDYsutOTApGjvkbhxd91YWuNVHuc
ffWZNKSRXGeEvo8rTuaprV7tQVqO1/3Q4BMwIidn93kW+zfIcGSPcewg/kLOUzO4
2v3hGrz77nAV0igq+2LFzUEa77EVZYvCPX1i91KpECoXjg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:24:37 2024 by rpki-client on console-fra.rpki-client.org