Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/zxZmG07OYeIAva4LasDfRznBOTQ.roa
File: zxZmG07OYeIAva4LasDfRznBOTQ.roa (raw, json)
Hash identifier: d6vsb2fVacIRGV5MAZPU4A+2Nh3KdJt/JGNCgm/ISP8=
Subject key identifier: CF:16:66:1B:4E:CE:61:E2:00:BD:AE:0B:6A:C0:DF:47:39:C1:39:34
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 018CC4254AB7695F7C1708729EAE3B4649FD
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/zxZmG07OYeIAva4LasDfRznBOTQ.roa
Signing time: Mon 01 Jan 2024 08:30:27 +0000
ROA not before: Mon 01 Jan 2024 08:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216012
IP address blocks: 31.202.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4a:b7:69:5f:7c:17:08:72:9e:ae:3b:46:49:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Jan 1 08:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf16661b4ece61e200bdae0b6ac0df4739c13934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e0:b6:ad:fc:df:4c:ba:8e:d1:44:c3:a9:9c:
aa:ad:d3:e7:53:f2:e0:6a:cb:1f:ef:5b:d9:62:45:
d6:83:fb:67:c3:e3:ba:79:65:c6:18:4e:70:0f:c7:
5d:d7:62:ac:d3:9d:5d:af:6f:4a:e6:24:15:d4:91:
6d:02:ed:22:12:20:02:17:82:e3:b9:f8:59:a4:e0:
19:96:e5:d8:f4:90:70:12:a8:45:4c:b9:a8:98:0e:
a0:ad:38:e8:b9:cc:4e:18:b5:4b:f4:f3:81:75:c1:
8d:ec:61:ba:ea:3b:1f:f8:26:27:2a:a3:71:ff:7c:
5c:18:14:cf:35:cc:05:b2:e3:db:d1:5d:45:b1:b2:
ed:b8:fe:16:7e:55:e7:bb:e7:1a:bf:f9:63:d0:e3:
da:ae:95:26:4c:3e:79:33:58:93:d0:0d:05:10:76:
0e:59:8b:6c:0a:49:d1:0a:4b:59:d9:72:b9:93:7c:
74:7a:17:b2:14:4d:a3:c9:a7:ca:2b:33:09:70:91:
ba:21:cf:4b:dd:44:b0:4f:22:fe:24:6d:6c:1a:33:
a4:34:e9:3d:69:37:2e:c6:cf:a8:39:33:35:96:70:
57:48:f0:29:14:10:1b:40:f8:72:b9:9b:81:0a:79:
b8:f1:94:3e:a0:43:ca:a4:ab:fb:36:40:93:76:b7:
99:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:16:66:1B:4E:CE:61:E2:00:BD:AE:0B:6A:C0:DF:47:39:C1:39:34
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/zxZmG07OYeIAva4LasDfRznBOTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.202.133.0/24
Signature Algorithm: sha256WithRSAEncryption
50:c8:c5:7e:aa:17:bb:be:ee:95:c4:f7:ff:ce:52:57:26:16:
a6:b7:e7:d9:62:a6:d9:aa:f4:7c:4c:70:ce:5f:3e:08:f8:94:
d8:a1:71:69:23:60:13:62:c7:01:98:3f:50:48:f4:e7:5a:8b:
94:a4:4f:56:1c:1f:13:7b:04:56:79:2b:19:d6:0b:0e:83:95:
03:2e:c4:72:f9:0d:05:ad:a1:69:ad:23:1d:88:ec:0e:b7:8a:
4e:69:7e:19:8e:d5:63:09:22:04:cd:2d:4a:de:00:5c:19:58:
3f:08:10:c9:39:8f:c8:5c:5b:66:2b:20:d4:2b:fc:8b:a5:c0:
76:2e:7f:d8:d4:44:af:d6:b2:d5:4b:cb:65:68:de:1b:28:b8:
a7:c1:d4:fa:00:bf:62:8d:3a:52:05:28:2b:a2:10:65:b7:61:
e4:56:93:f7:1f:a5:29:4e:1b:94:9f:8d:6e:82:a1:5b:88:19:
63:71:e0:9b:99:13:52:d5:82:8f:1b:4a:e2:d3:a9:03:87:87:
d3:fe:0f:e0:40:aa:b2:b8:08:71:d9:21:60:37:3e:e2:49:07:
68:d9:ef:e6:0e:ef:8a:72:41:79:02:b2:ff:ba:d2:80:97:8c:
b4:90:c6:45:a9:60:05:14:23:a7:1c:0a:3b:2c:79:69:64:c1:
d9:18:12:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJUq3aV98Fwhynq47Rkn9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjQwMTAxMDgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjE2NjYxYjRlY2U2MWUyMDBiZGFlMGI2YWMwZGY0NzM5YzEzOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuC2rfzfTLqO0UTDqZyqrdPnU/Lg
assf71vZYkXWg/tnw+O6eWXGGE5wD8dd12Ks051dr29K5iQV1JFtAu0iEiACF4Lj
ufhZpOAZluXY9JBwEqhFTLmomA6grTjoucxOGLVL9POBdcGN7GG66jsf+CYnKqNx
/3xcGBTPNcwFsuPb0V1FsbLtuP4WflXnu+cav/lj0OParpUmTD55M1iT0A0FEHYO
WYtsCknRCktZ2XK5k3x0eheyFE2jyafKKzMJcJG6Ic9L3USwTyL+JG1sGjOkNOk9
aTcuxs+oOTM1lnBXSPApFBAbQPhyuZuBCnm48ZQ+oEPKpKv7NkCTdreZAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8WZhtOzmHiAL2uC2rA30c5wTk0MB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvenhabUcwN09ZZUlBdmE0TGFzRGZSem5CT1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH8qFMA0G
CSqGSIb3DQEBCwUAA4IBAQBQyMV+qhe7vu6VxPf/zlJXJhamt+fZYqbZqvR8THDO
Xz4I+JTYoXFpI2ATYscBmD9QSPTnWouUpE9WHB8TewRWeSsZ1gsOg5UDLsRy+Q0F
raFprSMdiOwOt4pOaX4ZjtVjCSIEzS1K3gBcGVg/CBDJOY/IXFtmKyDUK/yLpcB2
Ln/Y1ESv1rLVS8tlaN4bKLinwdT6AL9ijTpSBSgrohBlt2HkVpP3H6UpThuUn41u
gqFbiBljceCbmRNS1YKPG0ri06kDh4fT/g/gQKqyuAhx2SFgNz7iSQdo2e/mDu+K
ckF5ArL/utKAl4y0kMZFqWAFFCOnHAo7LHlpZMHZGBLX
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:46:26 2024 by rpki-client on console-fra.rpki-client.org