Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/zj8ix-9wNIiIl1G99PjmHJBfx50.roa
File: zj8ix-9wNIiIl1G99PjmHJBfx50.roa (raw, json)
Hash identifier: I5GVyjdZbps16VY4UCizUYfKV+pmqkjFbyIgL1mY2ls=
Subject key identifier: CE:3F:22:C7:EF:70:34:88:88:97:51:BD:F4:F8:E6:1C:90:5F:C7:9D
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 018CC4930E5CBF182357487B3F798D71C4A1
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/zj8ix-9wNIiIl1G99PjmHJBfx50.roa
Signing time: Mon 01 Jan 2024 10:30:20 +0000
ROA not before: Mon 01 Jan 2024 10:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212379
IP address blocks: 2a01:190:1802::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:0e:5c:bf:18:23:57:48:7b:3f:79:8d:71:c4:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 10:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce3f22c7ef703488889751bdf4f8e61c905fc79d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e3:71:b4:fc:83:d5:f8:1f:56:0b:e9:9a:d0:
08:0a:a5:90:b9:ce:1e:c9:0b:b1:7f:59:30:9c:83:
96:72:35:5e:c6:07:a9:38:c6:6c:0f:22:c2:1d:18:
95:dd:a4:0e:61:6c:4d:e1:d2:3f:d6:3c:79:38:1d:
b4:68:4e:9e:71:0f:ff:82:2b:3c:c7:f5:81:b9:d3:
42:a4:99:68:0d:47:10:cb:69:7b:36:cf:87:82:ea:
24:6c:86:93:05:26:e6:cd:45:b1:e6:7b:e5:35:82:
89:ee:a5:0e:94:99:07:c4:35:f5:bf:8b:15:cf:69:
9e:85:78:a4:fc:a5:64:79:9e:d5:ee:a6:2a:25:c9:
9c:c4:12:5f:f3:53:ca:a0:8d:02:af:18:20:62:26:
4c:c5:02:87:87:e0:e0:81:a3:04:d6:e1:5a:4d:b8:
3e:23:bc:af:f9:4b:0f:8c:2c:e1:60:fb:32:a4:b8:
80:fd:8d:5d:5e:f5:96:92:6f:91:a2:de:6b:c3:ed:
da:37:be:c5:b2:bf:7b:a3:c7:e8:10:61:1d:75:5e:
40:b4:15:ac:96:e7:10:96:0b:33:76:6c:4b:9d:e9:
31:09:16:85:9d:bd:3a:5f:01:9e:24:70:b2:c0:76:
f9:6e:d0:a7:65:99:2b:68:af:05:20:fc:03:d3:69:
51:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:3F:22:C7:EF:70:34:88:88:97:51:BD:F4:F8:E6:1C:90:5F:C7:9D
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/zj8ix-9wNIiIl1G99PjmHJBfx50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:190:1802::/48
Signature Algorithm: sha256WithRSAEncryption
57:71:fc:fd:5f:c0:02:3d:75:f8:27:1b:15:28:ed:75:d1:f7:
e2:b7:6d:18:97:8f:15:0e:12:36:ff:c9:ad:74:48:04:07:41:
a9:fd:02:5b:96:e9:7b:7b:e9:e9:34:57:08:39:f8:0f:9e:6e:
d4:ec:d6:68:2d:b4:29:07:14:d0:8a:57:cf:fb:c3:54:45:58:
53:45:cf:d5:4b:b9:37:62:e0:d8:c1:9e:d6:72:90:d0:bb:ec:
a6:47:a6:68:5b:75:21:e9:a4:29:7f:b5:b7:39:2f:ab:5f:4c:
30:a6:dc:d7:f0:e9:1d:cf:f7:de:24:66:2a:eb:77:b6:6f:a4:
78:17:34:66:41:85:d4:03:d5:34:1e:2b:06:ec:0e:f1:7c:6f:
dd:3b:c1:58:f5:23:5b:c2:d1:55:24:c1:7e:9b:1b:62:50:9b:
d0:8f:98:d7:31:2d:5a:e9:08:a9:05:d0:d8:d0:f4:de:21:92:
9e:02:cc:d1:fb:74:c1:fe:f1:8f:90:de:e9:59:89:8c:bb:e7:
63:dc:01:68:b6:68:ba:1e:83:60:17:ed:27:37:61:00:8d:4e:
eb:fc:89:bd:99:52:20:2a:b2:fb:1d:44:eb:e1:63:8f:c5:74:
3e:51:48:90:e5:21:91:7d:34:d5:de:da:53:ee:b6:e0:86:eb:
27:00:01:b2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEkw5cvxgjV0h7P3mNccShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw
YjQ1MDYwHhcNMjQwMTAxMTAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTNmMjJjN2VmNzAzNDg4ODg5NzUxYmRmNGY4ZTYxYzkwNWZjNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+NxtPyD1fgfVgvpmtAICqWQuc4e
yQuxf1kwnIOWcjVexgepOMZsDyLCHRiV3aQOYWxN4dI/1jx5OB20aE6ecQ//gis8
x/WBudNCpJloDUcQy2l7Ns+HguokbIaTBSbmzUWx5nvlNYKJ7qUOlJkHxDX1v4sV
z2mehXik/KVkeZ7V7qYqJcmcxBJf81PKoI0CrxggYiZMxQKHh+DggaME1uFaTbg+
I7yv+UsPjCzhYPsypLiA/Y1dXvWWkm+Rot5rw+3aN77Fsr97o8foEGEddV5AtBWs
lucQlgszdmxLnekxCRaFnb06XwGeJHCywHb5btCnZZkraK8FIPwD02lR3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM4/IsfvcDSIiJdRvfT45hyQX8edMB8GA1UdIwQY
MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt
OGVlYjc1N2NmNTQ1LzEvemo4aXgtOXdOSWlJbDFHOTlQam1ISkJmeDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1
LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEBkBgC
MA0GCSqGSIb3DQEBCwUAA4IBAQBXcfz9X8ACPXX4JxsVKO110ffit20Yl48VDhI2
/8mtdEgEB0Gp/QJblul7e+npNFcIOfgPnm7U7NZoLbQpBxTQilfP+8NURVhTRc/V
S7k3YuDYwZ7WcpDQu+ymR6ZoW3Uh6aQpf7W3OS+rX0wwptzX8Okdz/feJGYq63e2
b6R4FzRmQYXUA9U0HisG7A7xfG/dO8FY9SNbwtFVJMF+mxtiUJvQj5jXMS1a6Qip
BdDY0PTeIZKeAszR+3TB/vGPkN7pWYmMu+dj3AFotmi6HoNgF+0nN2EAjU7r/Im9
mVIgKrL7HUTr4WOPxXQ+UUiQ5SGRfTTV3tpT7rbghusnAAGy
-----END CERTIFICATE-----
Generated at Sat May 25 20:46:38 2024 by rpki-client on console-fra.rpki-client.org