Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9f108a-7785-4d3f-9f0c-2ad2bb532613/1/1ZWW97jhAU94C7jUQmj8I4vPW5s.roa
File: 1ZWW97jhAU94C7jUQmj8I4vPW5s.roa (raw, json)
Hash identifier: GCZdc25l4il73b6WeQtkKWMIVMctm5OlYo4sCGjQ+xw=
Subject key identifier: D5:95:96:F7:B8:E1:01:4F:78:0B:B8:D4:42:68:FC:23:8B:CF:5B:9B
Certificate issuer: /CN=17a10234cfb5522aa29b3260a75f8a9f79933e7b
Certificate serial: 018E3D947CDF712EB9B36C47CB8A7C95D087
Authority key identifier: 17:A1:02:34:CF:B5:52:2A:A2:9B:32:60:A7:5F:8A:9F:79:93:3E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F6ECNM-1UiqimzJgp1-Kn3mTPns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/9f108a-7785-4d3f-9f0c-2ad2bb532613/1/1ZWW97jhAU94C7jUQmj8I4vPW5s.roa
Signing time: Thu 14 Mar 2024 15:28:45 +0000
ROA not before: Thu 14 Mar 2024 15:28:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44177
IP address blocks: 91.201.100.0/22 maxlen: 24
194.76.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/9f108a-7785-4d3f-9f0c-2ad2bb532613/1/F6ECNM-1UiqimzJgp1-Kn3mTPns.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/9f108a-7785-4d3f-9f0c-2ad2bb532613/1/F6ECNM-1UiqimzJgp1-Kn3mTPns.mft
rsync://rpki.ripe.net/repository/DEFAULT/F6ECNM-1UiqimzJgp1-Kn3mTPns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:94:7c:df:71:2e:b9:b3:6c:47:cb:8a:7c:95:d0:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17a10234cfb5522aa29b3260a75f8a9f79933e7b
Validity
Not Before: Mar 14 15:28:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d59596f7b8e1014f780bb8d44268fc238bcf5b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:30:0d:29:39:15:e5:49:16:f9:c2:a2:5b:8c:
53:62:c8:ee:f7:1b:5e:62:dc:71:f3:e6:b6:12:ea:
0a:a6:50:5b:d4:99:a3:81:a2:11:6d:a9:06:5f:90:
2e:dd:ed:e2:69:51:06:06:e3:e2:ca:60:79:d2:bc:
90:42:fc:36:6c:df:e3:09:c0:67:05:21:89:e4:8d:
7d:b6:a1:fa:50:b4:b0:72:b9:23:0c:39:11:57:04:
90:d8:01:f1:0e:51:70:55:17:66:d9:95:3b:3f:03:
33:f6:ef:b9:64:ab:fa:a5:d7:8f:fb:b1:a1:9e:19:
1a:ed:08:bd:8f:e5:48:8e:78:82:35:94:df:1a:94:
cf:2e:80:13:22:4c:15:7a:23:2b:27:93:2c:1f:7c:
f8:8f:32:27:3c:ee:28:2a:84:fe:08:0b:4a:98:e3:
ca:40:96:b4:44:d3:91:30:f5:4e:bc:64:de:fe:d9:
99:2b:20:fd:61:cb:95:03:c5:b9:26:00:19:50:0c:
33:89:46:e7:c4:f0:56:2e:d2:f4:ee:60:9c:6d:19:
fc:e3:51:a9:aa:be:6b:21:ec:27:fa:71:99:64:5c:
84:e5:c4:d9:7b:28:eb:ba:d5:20:db:56:62:e0:e4:
89:03:fc:cf:57:a4:89:80:74:ec:6a:5e:1d:25:83:
67:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:95:96:F7:B8:E1:01:4F:78:0B:B8:D4:42:68:FC:23:8B:CF:5B:9B
X509v3 Authority Key Identifier:
keyid:17:A1:02:34:CF:B5:52:2A:A2:9B:32:60:A7:5F:8A:9F:79:93:3E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F6ECNM-1UiqimzJgp1-Kn3mTPns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9f108a-7785-4d3f-9f0c-2ad2bb532613/1/1ZWW97jhAU94C7jUQmj8I4vPW5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9f108a-7785-4d3f-9f0c-2ad2bb532613/1/F6ECNM-1UiqimzJgp1-Kn3mTPns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.100.0/22
194.76.193.0/24
Signature Algorithm: sha256WithRSAEncryption
37:7a:d7:ef:f8:ea:00:48:ca:89:23:c2:52:7b:94:85:7d:96:
6c:5c:52:2a:7d:05:30:44:ba:17:ec:fa:74:b0:92:b8:ec:98:
d0:f9:46:21:89:1f:7d:e0:17:a2:9c:68:2d:d7:e2:35:d6:39:
aa:c8:5b:fd:cf:d8:ea:c7:b2:5f:bb:bd:83:6c:65:a8:3b:7b:
39:6b:d8:d0:1c:eb:80:20:4b:b0:0a:17:ec:51:1b:46:63:6d:
82:c4:c1:14:4d:fe:0a:a3:82:90:cd:55:c8:ba:97:63:f7:34:
13:29:86:ac:89:cb:3e:57:59:41:52:b8:4c:e0:7f:01:30:70:
12:06:1e:57:43:c5:79:25:c6:a3:0d:21:ea:fc:3b:24:35:1e:
2d:26:6c:09:c1:f6:e5:c7:7c:a7:3e:81:74:6d:0d:fd:41:d2:
eb:27:5c:40:35:07:b1:4d:b1:83:cd:e5:aa:b4:ef:a1:f2:8c:
24:f2:dc:56:53:a4:c1:72:32:f9:0f:7c:0c:fc:ac:58:c5:da:
92:02:5a:44:7a:09:32:60:9d:67:db:46:d5:1e:1c:25:c1:1f:
de:4b:23:e4:b2:89:6b:b7:d0:12:12:85:6d:d9:1c:4f:5c:30:
b7:4e:33:3a:d9:23:82:92:b7:26:3f:4d:be:fe:e7:46:c3:e5:
bb:a0:60:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY49lHzfcS65s2xHy4p8ldCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YTEwMjM0Y2ZiNTUyMmFhMjliMzI2MGE3NWY4YTlmNzk5
MzNlN2IwHhcNMjQwMzE0MTUyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk1OTZmN2I4ZTEwMTRmNzgwYmI4ZDQ0MjY4ZmMyMzhiY2Y1YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDANKTkV5UkW+cKiW4xTYsju9xte
Ytxx8+a2EuoKplBb1JmjgaIRbakGX5Au3e3iaVEGBuPiymB50ryQQvw2bN/jCcBn
BSGJ5I19tqH6ULSwcrkjDDkRVwSQ2AHxDlFwVRdm2ZU7PwMz9u+5ZKv6pdeP+7Gh
nhka7Qi9j+VIjniCNZTfGpTPLoATIkwVeiMrJ5MsH3z4jzInPO4oKoT+CAtKmOPK
QJa0RNORMPVOvGTe/tmZKyD9YcuVA8W5JgAZUAwziUbnxPBWLtL07mCcbRn841Gp
qr5rIewn+nGZZFyE5cTZeyjrutUg21Zi4OSJA/zPV6SJgHTsal4dJYNnJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNWVlve44QFPeAu41EJo/COLz1ubMB8GA1UdIwQY
MBaAFBehAjTPtVIqopsyYKdfip95kz57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjZFQ05NLTFVaXFpbXpKZ3AxLUtuM21UUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85ZjEwOGEtNzc4NS00ZDNmLTlmMGMt
MmFkMmJiNTMyNjEzLzEvMVpXVzk3amhBVTk0QzdqVVFtajhJNHZQVzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85ZjEwOGEtNzc4NS00ZDNmLTlmMGMtMmFkMmJiNTMyNjEz
LzEvRjZFQ05NLTFVaXFpbXpKZ3AxLUtuM21UUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8lkAwQA
wkzBMA0GCSqGSIb3DQEBCwUAA4IBAQA3etfv+OoASMqJI8JSe5SFfZZsXFIqfQUw
RLoX7Pp0sJK47JjQ+UYhiR994BeinGgt1+I11jmqyFv9z9jqx7Jfu72DbGWoO3s5
a9jQHOuAIEuwChfsURtGY22CxMEUTf4Ko4KQzVXIupdj9zQTKYasics+V1lBUrhM
4H8BMHASBh5XQ8V5JcajDSHq/DskNR4tJmwJwfblx3ynPoF0bQ39QdLrJ1xANQex
TbGDzeWqtO+h8owk8txWU6TBcjL5D3wM/KxYxdqSAlpEegkyYJ1n20bVHhwlwR/e
SyPksolrt9ASEoVt2RxPXDC3TjM62SOCkrcmP02+/udGw+W7oGBw
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:13:00 2024 by rpki-client on console-fra.rpki-client.org