Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/ed879b-e3c4-4b7a-bd0c-34e4e0679333/1/1zw5ye0zStw-QWvWG4H2Tzm77n0.roa
File: 1zw5ye0zStw-QWvWG4H2Tzm77n0.roa (raw, json)
Hash identifier: QKpO0vnO6MWgtTazONk36sWTQ6cdhtRGepK5mLIe38s=
Subject key identifier: D7:3C:39:C9:ED:33:4A:DC:3E:41:6B:D6:1B:81:F6:4F:39:BB:EE:7D
Certificate issuer: /CN=c7b623bbc54e9846748cd77b2b8b343827e5aeaa
Certificate serial: 0191EA2611AA6E36BFFEE85AF56E0B45795F
Authority key identifier: C7:B6:23:BB:C5:4E:98:46:74:8C:D7:7B:2B:8B:34:38:27:E5:AE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x7Yju8VOmEZ0jNd7K4s0OCflrqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/ed879b-e3c4-4b7a-bd0c-34e4e0679333/1/1zw5ye0zStw-QWvWG4H2Tzm77n0.roa
Signing time: Fri 13 Sep 2024 06:50:49 +0000
ROA not before: Fri 13 Sep 2024 06:50:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48678
IP address blocks: 185.233.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/ed879b-e3c4-4b7a-bd0c-34e4e0679333/1/x7Yju8VOmEZ0jNd7K4s0OCflrqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/ed879b-e3c4-4b7a-bd0c-34e4e0679333/1/x7Yju8VOmEZ0jNd7K4s0OCflrqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/x7Yju8VOmEZ0jNd7K4s0OCflrqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ea:26:11:aa:6e:36:bf:fe:e8:5a:f5:6e:0b:45:79:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7b623bbc54e9846748cd77b2b8b343827e5aeaa
Validity
Not Before: Sep 13 06:50:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d73c39c9ed334adc3e416bd61b81f64f39bbee7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:dd:c9:4a:ed:02:ce:63:91:34:8b:32:32:18:
f9:54:c6:7c:80:b9:0f:ac:33:eb:fb:3a:1e:08:f9:
e4:ea:9a:17:b8:ff:92:38:fb:04:8f:84:d0:89:78:
b4:86:ca:f8:be:1c:01:f0:84:8b:38:c4:8b:17:9d:
27:0b:26:eb:18:dc:5e:98:26:a5:e8:23:5d:87:32:
fc:c9:6e:9c:a2:ec:e1:18:59:a4:2a:44:22:44:c9:
c0:7c:88:eb:db:05:35:59:6b:59:bc:45:75:02:78:
c1:8d:02:c3:3d:c6:e2:c3:cc:67:27:fc:25:47:78:
ff:68:6a:67:de:03:8f:9a:48:71:7b:9b:53:d4:e7:
0d:72:9b:12:32:72:ac:b1:b2:f2:29:3b:28:54:ab:
f2:fb:de:d0:9c:e4:56:30:d2:5e:3f:1f:39:04:29:
16:04:2f:34:49:53:d1:f5:a5:fa:bf:ad:9c:55:83:
bc:83:dd:aa:e2:c2:18:c8:2f:00:df:f1:f1:ab:6c:
85:1e:e0:47:76:eb:28:3b:1d:88:c6:65:97:29:32:
84:bd:25:22:dd:22:7d:51:bf:ea:25:2c:74:53:5c:
66:25:70:0d:c0:c9:c2:ec:6d:6a:43:3e:97:b0:fb:
22:a6:c2:88:55:51:8e:91:08:7f:0d:65:88:bb:17:
91:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3C:39:C9:ED:33:4A:DC:3E:41:6B:D6:1B:81:F6:4F:39:BB:EE:7D
X509v3 Authority Key Identifier:
keyid:C7:B6:23:BB:C5:4E:98:46:74:8C:D7:7B:2B:8B:34:38:27:E5:AE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x7Yju8VOmEZ0jNd7K4s0OCflrqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/ed879b-e3c4-4b7a-bd0c-34e4e0679333/1/1zw5ye0zStw-QWvWG4H2Tzm77n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/ed879b-e3c4-4b7a-bd0c-34e4e0679333/1/x7Yju8VOmEZ0jNd7K4s0OCflrqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.164.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ad:49:c8:c8:d3:e3:70:87:54:af:b0:5a:57:97:4c:eb:7d:
d5:0c:29:5e:96:b4:09:f2:7a:4c:dd:bd:58:50:93:69:00:21:
5e:b4:ec:3a:48:e9:01:e7:1d:a0:c5:34:29:11:d0:4a:8a:b8:
27:dd:72:09:af:83:3a:40:a4:c1:e0:3d:98:db:8f:8a:30:fc:
ef:e6:21:9d:97:cb:c8:7f:77:cc:4e:87:3c:18:32:ef:13:6a:
a8:a6:0f:d1:75:32:ec:64:c3:8c:af:87:ee:f9:bf:1c:71:ff:
fc:12:3d:af:a9:7e:3e:7d:6e:3b:dd:99:89:5f:9c:2a:1f:e8:
38:d8:7f:53:20:57:17:69:ed:70:6d:49:5d:b1:ea:bd:be:a1:
18:73:0e:91:96:a3:90:d5:73:23:f7:dc:f4:03:6d:ae:b0:e0:
a2:15:bc:57:4f:a4:35:22:af:3c:b4:6f:1e:b4:5e:52:a6:f3:
9c:30:49:6a:3f:5f:5b:89:87:46:bd:7c:84:d3:4d:c7:a5:27:
e5:ac:9d:2d:b7:3c:d0:a2:3a:08:69:24:9c:16:c5:82:85:01:
1d:fa:89:93:4d:f1:20:3e:db:b5:71:22:f6:9d:5c:bb:bb:f5:
f6:4c:b4:14:e5:1a:ab:c9:bc:91:af:1b:d3:99:b3:b6:5b:74:
53:fc:e0:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHqJhGqbja//uha9W4LRXlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YjYyM2JiYzU0ZTk4NDY3NDhjZDc3YjJiOGIzNDM4Mjdl
NWFlYWEwHhcNMjQwOTEzMDY1MDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzNjMzljOWVkMzM0YWRjM2U0MTZiZDYxYjgxZjY0ZjM5YmJlZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8t3JSu0CzmORNIsyMhj5VMZ8gLkP
rDPr+zoeCPnk6poXuP+SOPsEj4TQiXi0hsr4vhwB8ISLOMSLF50nCybrGNxemCal
6CNdhzL8yW6couzhGFmkKkQiRMnAfIjr2wU1WWtZvEV1AnjBjQLDPcbiw8xnJ/wl
R3j/aGpn3gOPmkhxe5tT1OcNcpsSMnKssbLyKTsoVKvy+97QnORWMNJePx85BCkW
BC80SVPR9aX6v62cVYO8g92q4sIYyC8A3/Hxq2yFHuBHdusoOx2IxmWXKTKEvSUi
3SJ9Ub/qJSx0U1xmJXANwMnC7G1qQz6XsPsipsKIVVGOkQh/DWWIuxeR4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNc8OcntM0rcPkFr1huB9k85u+59MB8GA1UdIwQY
MBaAFMe2I7vFTphGdIzXeyuLNDgn5a6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDdZanU4Vk9tRVowak5kN0s0czBPQ2ZscnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9lZDg3OWItZTNjNC00YjdhLWJkMGMt
MzRlNGUwNjc5MzMzLzEvMXp3NXllMHpTdHctUVd2V0c0SDJUem03N24wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9lZDg3OWItZTNjNC00YjdhLWJkMGMtMzRlNGUwNjc5MzMz
LzEveDdZanU4Vk9tRVowak5kN0s0czBPQ2ZscnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuemkMA0G
CSqGSIb3DQEBCwUAA4IBAQB5rUnIyNPjcIdUr7BaV5dM633VDClelrQJ8npM3b1Y
UJNpACFetOw6SOkB5x2gxTQpEdBKirgn3XIJr4M6QKTB4D2Y24+KMPzv5iGdl8vI
f3fMToc8GDLvE2qopg/RdTLsZMOMr4fu+b8ccf/8Ej2vqX4+fW473ZmJX5wqH+g4
2H9TIFcXae1wbUldseq9vqEYcw6RlqOQ1XMj99z0A22usOCiFbxXT6Q1Iq88tG8e
tF5SpvOcMElqP19biYdGvXyE003HpSflrJ0ttzzQojoIaSScFsWChQEd+omTTfEg
Ptu1cSL2nVy7u/X2TLQU5RqrybyRrxvTmbO2W3RT/ODe
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:18:20 2024 by rpki-client on console-ams.rpki-client.org