Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/Zeio8G8F7d8ppWeP2ZyG17JXT6w.roa
File: Zeio8G8F7d8ppWeP2ZyG17JXT6w.roa (raw, json)
Hash identifier: nF3JyiKDubkFKWVoJeyww8LR0PDS9FDR2B455+zachk=
Subject key identifier: 65:E8:A8:F0:6F:05:ED:DF:29:A5:67:8F:D9:9C:86:D7:B2:57:4F:AC
Certificate issuer: /CN=3bfccd4a00422c865f5093b85bb868c2bb30c469
Certificate serial: 018CC6B9398CB90D683AFA05B5E72953D985
Authority key identifier: 3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/Zeio8G8F7d8ppWeP2ZyG17JXT6w.roa
Signing time: Mon 01 Jan 2024 20:31:16 +0000
ROA not before: Mon 01 Jan 2024 20:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8454
IP address blocks: 91.213.98.0/24 maxlen: 24
2001:67c:2f78::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:39:8c:b9:0d:68:3a:fa:05:b5:e7:29:53:d9:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfccd4a00422c865f5093b85bb868c2bb30c469
Validity
Not Before: Jan 1 20:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65e8a8f06f05eddf29a5678fd99c86d7b2574fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:a7:b4:ac:17:7b:f8:f6:ce:be:2d:ea:6e:
e9:a8:36:72:98:45:32:51:c9:fd:70:1a:e0:02:d9:
bc:4e:93:25:2e:f7:fd:b3:09:bc:c7:48:de:6d:d3:
d7:bc:1a:38:5d:81:bc:d8:a4:44:89:f2:05:33:af:
59:ff:be:38:f4:ef:a7:f0:dc:8f:fc:c4:5a:f3:fe:
a6:86:66:78:45:50:23:96:19:da:c8:af:58:94:09:
d8:2c:08:d4:41:6f:8e:d7:0a:1f:03:5b:c6:8a:de:
84:47:02:cf:f5:d3:87:a8:07:5c:59:5b:1d:a0:ab:
57:30:7c:21:9d:15:c4:f2:65:eb:3e:7b:ae:7d:01:
87:be:1e:83:ed:41:a5:40:19:fc:c0:50:ce:db:13:
7f:0d:8a:70:7a:f1:1e:64:2f:2d:a3:44:97:46:5a:
45:f9:08:ef:b1:65:10:42:b4:67:d6:ae:4e:23:31:
5c:0c:05:58:33:81:96:91:93:f2:47:68:3f:eb:a3:
3d:90:d0:0b:95:af:76:f6:3d:2c:76:7d:77:8d:ae:
0a:0f:f9:95:6e:63:51:f6:75:d0:e8:d5:c7:a9:34:
97:f3:1b:a9:05:08:d6:b1:73:f2:19:47:da:ce:ef:
e7:e4:9e:69:ef:ae:f3:9f:94:37:db:5d:c1:ad:f1:
f6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E8:A8:F0:6F:05:ED:DF:29:A5:67:8F:D9:9C:86:D7:B2:57:4F:AC
X509v3 Authority Key Identifier:
keyid:3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/Zeio8G8F7d8ppWeP2ZyG17JXT6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.98.0/24
IPv6:
2001:67c:2f78::/48
Signature Algorithm: sha256WithRSAEncryption
1c:19:a3:49:e4:05:42:b8:8f:41:4c:8c:fb:21:cb:7d:85:a9:
b3:16:f3:ad:2c:8e:52:c7:62:0f:bc:1c:68:aa:73:86:3c:f3:
97:87:ff:3d:f0:af:60:9f:1f:0a:09:6e:56:e5:d0:35:6f:e1:
e8:5d:96:d4:8a:ac:e1:e0:41:ee:c5:40:5d:de:1e:0e:6e:f0:
7d:22:f4:2f:89:7e:73:c0:a1:ec:ed:0f:33:1a:7d:70:c0:0d:
3c:fa:60:f6:f0:d7:5f:d7:01:68:7f:cc:34:f6:13:60:57:1a:
2a:0b:52:c1:38:9d:f0:55:4a:ed:e9:67:f4:da:13:e6:1e:a5:
ac:47:0f:ab:d8:6b:48:e1:49:f7:95:f7:5b:b8:c6:36:78:6d:
18:4c:4e:cc:07:6b:d0:b9:49:47:f0:6f:fd:49:a6:7c:c9:7a:
8a:36:db:74:1c:69:5f:db:33:94:90:17:21:61:9d:d7:97:0d:
28:d9:b7:ca:0d:ff:4d:4c:b1:b9:3a:11:1c:03:1d:d4:6a:9d:
00:89:e4:97:4d:13:b9:2d:b1:b5:ca:f9:89:99:84:d6:11:f5:
00:cd:78:f9:47:c4:79:9e:98:2b:80:a1:88:a2:87:58:f1:da:
d4:a2:1d:7f:ee:f6:14:0b:78:2c:45:01:d0:47:60:ab:28:33:
15:3d:e3:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGuTmMuQ1oOvoFtecpU9mFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmNjZDRhMDA0MjJjODY1ZjUwOTNiODViYjg2OGMyYmIz
MGM0NjkwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWU4YThmMDZmMDVlZGRmMjlhNTY3OGZkOTljODZkN2IyNTc0ZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDGntKwXe/j2zr4t6m7pqDZymEUy
Ucn9cBrgAtm8TpMlLvf9swm8x0jebdPXvBo4XYG82KREifIFM69Z/7449O+n8NyP
/MRa8/6mhmZ4RVAjlhnayK9YlAnYLAjUQW+O1wofA1vGit6ERwLP9dOHqAdcWVsd
oKtXMHwhnRXE8mXrPnuufQGHvh6D7UGlQBn8wFDO2xN/DYpwevEeZC8to0SXRlpF
+QjvsWUQQrRn1q5OIzFcDAVYM4GWkZPyR2g/66M9kNALla929j0sdn13ja4KD/mV
bmNR9nXQ6NXHqTSX8xupBQjWsXPyGUfazu/n5J5p767zn5Q3213BrfH24wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGXoqPBvBe3fKaVnj9mchteyV0+sMB8GA1UdIwQY
MBaAFDv8zUoAQiyGX1CTuFu4aMK7MMRpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYTcwZjItYjdhYy00MzQ2LTlkMDgt
NjNhZTBiZmMxNjlmLzEvWmVpbzhHOEY3ZDhwcFdlUDJaeUcxN0pYVDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYTcwZjItYjdhYy00MzQ2LTlkMDgtNjNhZTBiZmMxNjlm
LzEvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9ViMA8E
AgACMAkDBwAgAQZ8L3gwDQYJKoZIhvcNAQELBQADggEBABwZo0nkBUK4j0FMjPsh
y32FqbMW860sjlLHYg+8HGiqc4Y885eH/z3wr2CfHwoJblbl0DVv4ehdltSKrOHg
Qe7FQF3eHg5u8H0i9C+JfnPAoeztDzMafXDADTz6YPbw11/XAWh/zDT2E2BXGioL
UsE4nfBVSu3pZ/TaE+YepaxHD6vYa0jhSfeV91u4xjZ4bRhMTswHa9C5SUfwb/1J
pnzJeoo223QcaV/bM5SQFyFhndeXDSjZt8oN/01Msbk6ERwDHdRqnQCJ5JdNE7kt
sbXK+YmZhNYR9QDNePlHxHmemCuAoYiih1jx2tSiHX/u9hQLeCxFAdBHYKsoMxU9
4xA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:02:38 2024 by rpki-client on console-fra.rpki-client.org