Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/Z73sGD_acm7zYalr2Z9zUx3J6-g.roa
File: Z73sGD_acm7zYalr2Z9zUx3J6-g.roa (raw, json)
Hash identifier: FFymEIErfLnfTJagAeZPkGQIJz+S15r3B4wz7/vIVGw=
Subject key identifier: 67:BD:EC:18:3F:DA:72:6E:F3:61:A9:6B:D9:9F:73:53:1D:C9:EB:E8
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 018DF5152A64F91F65945BF40CC8A968F403
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/Z73sGD_acm7zYalr2Z9zUx3J6-g.roa
Signing time: Thu 29 Feb 2024 13:37:01 +0000
ROA not before: Thu 29 Feb 2024 13:37:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 84.247.104.0/24 maxlen: 24
84.247.106.0/24 maxlen: 24
84.247.107.0/24 maxlen: 24
84.247.108.0/24 maxlen: 24
84.247.109.0/24 maxlen: 24
84.247.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:15:2a:64:f9:1f:65:94:5b:f4:0c:c8:a9:68:f4:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Feb 29 13:37:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67bdec183fda726ef361a96bd99f73531dc9ebe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e3:ad:19:61:6d:9b:bb:aa:74:09:ca:a6:26:
c9:b9:52:39:e5:f5:94:2f:13:ac:1a:f1:80:6e:97:
ab:b0:77:8f:bb:57:e6:8c:ef:61:ab:69:28:95:05:
d8:b2:4a:c5:b8:fc:f7:ad:f8:de:f5:12:25:bd:b1:
c7:15:ed:fc:b4:70:77:93:8a:cf:d4:d1:4c:ab:3f:
be:d2:d3:88:79:a2:87:31:64:07:be:8a:27:2f:48:
7d:11:b0:41:87:ca:af:df:d1:db:3e:3f:ed:3a:9f:
43:98:25:56:85:75:75:fd:85:14:bd:c8:f2:ab:a4:
e9:4c:aa:9b:19:bc:64:2a:e0:aa:cb:60:80:ae:e9:
7c:f9:4a:39:54:0f:d6:96:d5:c4:24:77:61:98:c5:
5d:7d:66:26:d2:f9:65:b7:63:fc:91:da:5b:7d:71:
ce:c7:17:c6:ba:9f:13:dd:24:ec:94:be:8b:51:8d:
db:3d:48:b3:6f:dd:09:2c:37:a9:64:7b:6d:91:da:
47:87:bb:04:61:b3:45:f3:f4:c7:b0:54:ff:8c:ab:
c7:a2:81:0d:0c:e7:ad:3e:09:e1:29:13:94:1e:5a:
29:b8:45:b5:2d:c0:b2:46:6a:42:9f:35:2d:f4:3e:
e6:80:bd:e6:b2:3f:e4:82:a4:ee:24:72:38:05:81:
f4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:BD:EC:18:3F:DA:72:6E:F3:61:A9:6B:D9:9F:73:53:1D:C9:EB:E8
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/Z73sGD_acm7zYalr2Z9zUx3J6-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.104.0/24
84.247.106.0-84.247.110.255
Signature Algorithm: sha256WithRSAEncryption
91:0b:6e:97:22:d9:6f:35:f9:f1:86:61:ff:70:9d:74:f0:6c:
64:42:93:25:0a:29:f7:0c:48:aa:31:f4:89:3f:85:8f:fb:71:
e7:a6:a5:c9:87:09:84:1d:bc:4f:22:dd:01:9f:f9:1b:b2:1c:
9e:2f:dc:f2:70:e7:1a:b2:e9:c9:4f:b4:19:ab:fe:e1:5d:42:
66:5f:a5:ce:02:3d:8e:2b:8b:72:db:f6:85:ea:f6:26:a3:79:
02:52:f9:00:9f:42:d3:29:3c:b0:b6:39:d7:c8:15:87:eb:b5:
24:74:37:ab:75:99:cf:46:bf:01:a9:4a:1f:78:2c:cf:cd:f5:
6d:ef:a8:87:53:94:0b:37:2e:09:46:16:6b:74:80:c4:09:dc:
15:d6:03:6d:fd:15:3d:de:dd:df:23:7c:23:b5:1d:11:9d:9d:
b8:64:16:32:16:b8:a2:79:d5:65:bc:53:f1:ca:c7:c4:8f:8c:
10:47:c1:03:d8:15:d4:dc:f0:66:3f:cc:39:38:59:f9:67:23:
ce:40:d5:78:2d:ce:92:fe:aa:84:d0:60:2d:c8:30:0d:68:80:
eb:c6:2c:41:90:d4:03:c8:ff:28:9a:e4:42:49:36:29:c6:4a:
d8:ed:58:af:7a:5d:ef:3e:c0:57:2b:14:cb:68:79:61:3b:ac:
87:b6:4b:a2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY31FSpk+R9llFv0DMipaPQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjQwMjI5MTMzNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2JkZWMxODNmZGE3MjZlZjM2MWE5NmJkOTlmNzM1MzFkYzllYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeOtGWFtm7uqdAnKpibJuVI55fWU
LxOsGvGAbpersHePu1fmjO9hq2kolQXYskrFuPz3rfje9RIlvbHHFe38tHB3k4rP
1NFMqz++0tOIeaKHMWQHvoonL0h9EbBBh8qv39HbPj/tOp9DmCVWhXV1/YUUvcjy
q6TpTKqbGbxkKuCqy2CArul8+Uo5VA/WltXEJHdhmMVdfWYm0vllt2P8kdpbfXHO
xxfGup8T3STslL6LUY3bPUizb90JLDepZHttkdpHh7sEYbNF8/THsFT/jKvHooEN
DOetPgnhKROUHlopuEW1LcCyRmpCnzUt9D7mgL3msj/kgqTuJHI4BYH05wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGe97Bg/2nJu82Gpa9mfc1MdyevoMB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvWjczc0dEX2FjbTd6WWFscjJaOXpVeDNKNi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVPdoMAwD
BAFU92oDBABU924wDQYJKoZIhvcNAQELBQADggEBAJELbpci2W81+fGGYf9wnXTw
bGRCkyUKKfcMSKox9Ik/hY/7ceempcmHCYQdvE8i3QGf+RuyHJ4v3PJw5xqy6clP
tBmr/uFdQmZfpc4CPY4ri3Lb9oXq9iajeQJS+QCfQtMpPLC2OdfIFYfrtSR0N6t1
mc9GvwGpSh94LM/N9W3vqIdTlAs3LglGFmt0gMQJ3BXWA239FT3e3d8jfCO1HRGd
nbhkFjIWuKJ51WW8U/HKx8SPjBBHwQPYFdTc8GY/zDk4WflnI85A1XgtzpL+qoTQ
YC3IMA1ogOvGLEGQ1API/yia5EJJNinGStjtWK96Xe8+wFcrFMtoeWE7rIe2S6I=
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:56:20 2024 by rpki-client on console-ams.rpki-client.org