Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/SzMewdfPShkpa2Vj4IiwA42Egk8.roa
File: SzMewdfPShkpa2Vj4IiwA42Egk8.roa (raw, json)
Hash identifier: E+MF0sg6HsQi5IrNCg4pu0ZBZ0UcaIbaiTwxG4Sb7YU=
Subject key identifier: 4B:33:1E:C1:D7:CF:4A:19:29:6B:65:63:E0:88:B0:03:8D:84:82:4F
Certificate issuer: /CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
Certificate serial: 0193554D9CC07840F336FFDBA04DF5DE2142
Authority key identifier: 65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/SzMewdfPShkpa2Vj4IiwA42Egk8.roa
Signing time: Fri 22 Nov 2024 19:16:09 +0000
ROA not before: Fri 22 Nov 2024 19:16:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30870
IP address blocks: 84.244.153.0/24 maxlen: 24
84.244.170.0/23 maxlen: 23
84.244.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:4d:9c:c0:78:40:f3:36:ff:db:a0:4d:f5:de:21:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
Validity
Not Before: Nov 22 19:16:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b331ec1d7cf4a19296b6563e088b0038d84824f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:31:e3:b0:e9:2b:77:9e:af:08:b5:38:4d:97:
28:a6:68:bd:b9:3a:1e:db:4a:db:d4:92:0a:f7:d5:
c4:17:c2:c1:19:47:f7:d9:bc:d3:3e:61:0f:67:03:
f9:76:78:c3:05:dd:b9:ee:b3:94:57:8d:25:da:70:
be:6c:5c:28:5c:3c:6b:d3:58:60:30:f1:61:9b:6a:
00:f6:b2:47:fa:8c:2d:c3:d1:d1:51:c4:54:8e:74:
a1:f2:1a:f2:3a:b8:8f:58:04:ac:36:8b:62:43:78:
68:9e:c1:b7:38:d6:1f:d3:cf:36:01:94:f8:8d:ca:
60:1f:da:2f:75:22:13:a8:bc:6d:f0:6b:ee:84:d2:
a8:0f:8d:59:80:56:92:35:29:2b:22:3f:6c:e3:1d:
76:2f:24:bc:4b:d2:60:19:cc:4d:98:65:2e:88:26:
b4:ad:85:8c:53:58:3f:36:12:6e:3e:a0:d0:76:e5:
0e:4d:66:2a:c4:aa:aa:25:7b:76:74:23:f1:b0:a0:
3f:80:ec:a0:66:ba:e3:3f:ea:d4:88:f5:ab:21:99:
b3:09:3d:6e:5f:8b:e0:8f:54:b4:42:c6:e0:ee:6c:
31:08:6d:0d:27:8f:aa:d2:c3:b0:48:09:be:f3:f7:
8c:3e:87:32:9c:62:d2:c6:49:a0:67:0d:f0:c6:f3:
44:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:33:1E:C1:D7:CF:4A:19:29:6B:65:63:E0:88:B0:03:8D:84:82:4F
X509v3 Authority Key Identifier:
keyid:65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/SzMewdfPShkpa2Vj4IiwA42Egk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.244.153.0/24
84.244.170.0-84.244.172.255
Signature Algorithm: sha256WithRSAEncryption
73:d7:65:f8:1b:c5:4c:48:e3:c1:66:df:a1:f0:c0:dc:fc:50:
02:63:70:09:71:f9:13:7c:36:a4:c9:d5:c9:8f:44:1b:4d:0c:
3a:d8:41:d9:52:d1:e6:dd:07:85:99:3e:97:d6:94:ae:7d:80:
0e:cf:4a:eb:ca:da:9f:86:60:f6:71:1b:86:ff:b6:da:e5:ff:
7b:1b:e2:6a:bc:cc:05:2e:3c:b4:42:4f:dc:aa:2b:05:2c:3e:
33:5d:6e:24:63:68:d7:8f:27:6c:d3:95:b7:ad:29:4c:00:0f:
9e:b9:46:cd:3f:5b:fb:f4:ba:c8:55:94:6d:a9:b7:34:8e:ac:
c3:2a:1a:c6:e9:29:b8:42:31:37:47:7c:03:dd:47:3d:e4:2d:
e3:a0:8b:21:1e:af:75:75:b2:30:de:3c:d3:72:cc:3c:44:7f:
56:a0:96:3d:38:5d:b0:a1:d6:40:03:9b:f1:91:7e:5f:e4:02:
ea:d6:c8:43:90:00:1f:b7:72:77:0c:b9:4d:8d:0f:b6:f2:96:
f4:2d:47:57:d5:b4:4f:f8:38:23:e3:e7:3d:bd:8d:20:2d:e8:
4a:e2:7d:18:47:35:b0:b9:ef:27:13:2b:9c:76:42:c8:cc:8a:
e3:17:0f:d5:91:46:64:5f:9e:11:9c:9e:34:3d:fb:97:43:c9:
53:87:64:f6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZNVTZzAeEDzNv/boE313iFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTFjZTVlMmY1M2I3YmI4Y2FjOGYzOWUyOTRlODlhNDVi
MjAwMjkwHhcNMjQxMTIyMTkxNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjMzMWVjMWQ3Y2Y0YTE5Mjk2YjY1NjNlMDg4YjAwMzhkODQ4MjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjHjsOkrd56vCLU4TZcopmi9uToe
20rb1JIK99XEF8LBGUf32bzTPmEPZwP5dnjDBd257rOUV40l2nC+bFwoXDxr01hg
MPFhm2oA9rJH+owtw9HRUcRUjnSh8hryOriPWASsNotiQ3honsG3ONYf0882AZT4
jcpgH9ovdSITqLxt8GvuhNKoD41ZgFaSNSkrIj9s4x12LyS8S9JgGcxNmGUuiCa0
rYWMU1g/NhJuPqDQduUOTWYqxKqqJXt2dCPxsKA/gOygZrrjP+rUiPWrIZmzCT1u
X4vgj1S0Qsbg7mwxCG0NJ4+q0sOwSAm+8/eMPocynGLSxkmgZw3wxvNEIQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEszHsHXz0oZKWtlY+CIsAONhIJPMB8GA1UdIwQY
MBaAFGURzl4vU7e7jKyPOeKU6JpFsgApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJIT1hpOVR0N3VNckk4NTRwVG9ta1d5QUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85MWIwOTMtYWNiNy00Y2I3LWJmOGYt
NWNiOTM0YTU1YjBkLzEvU3pNZXdkZlBTaGtwYTJWajRJaXdBNDJFZ2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85MWIwOTMtYWNiNy00Y2I3LWJmOGYtNWNiOTM0YTU1YjBk
LzEvWlJIT1hpOVR0N3VNckk4NTRwVG9ta1d5QUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVPSZMAwD
BAFU9KoDBABU9KwwDQYJKoZIhvcNAQELBQADggEBAHPXZfgbxUxI48Fm36HwwNz8
UAJjcAlx+RN8NqTJ1cmPRBtNDDrYQdlS0ebdB4WZPpfWlK59gA7PSuvK2p+GYPZx
G4b/ttrl/3sb4mq8zAUuPLRCT9yqKwUsPjNdbiRjaNePJ2zTlbetKUwAD565Rs0/
W/v0ushVlG2ptzSOrMMqGsbpKbhCMTdHfAPdRz3kLeOgiyEer3V1sjDePNNyzDxE
f1aglj04XbCh1kADm/GRfl/kAurWyEOQAB+3cncMuU2ND7bylvQtR1fVtE/4OCPj
5z29jSAt6ErifRhHNbC57ycTK5x2QsjMiuMXD9WRRmRfnhGcnjQ9+5dDyVOHZPY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:43:54 2024 by rpki-client on console-ams.rpki-client.org