Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZTow9Q2QDm50HI6UqwjUakhxcuE.roa
File: ZTow9Q2QDm50HI6UqwjUakhxcuE.roa (raw, json)
Hash identifier: gbfVOQH5TpBSHlOcJjEyRF1+crH/NLpR1RYGJ2lBo+U=
Subject key identifier: 65:3A:30:F5:0D:90:0E:6E:74:1C:8E:94:AB:08:D4:6A:48:71:72:E1
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FB4FF2D65A8FC2BE24939A2AC19FF
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZTow9Q2QDm50HI6UqwjUakhxcuE.roa
Signing time: Tue 02 Jan 2024 04:30:13 +0000
ROA not before: Tue 02 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210558
IP address blocks: 45.94.31.0/24 maxlen: 24
91.206.169.0/24 maxlen: 24
45.138.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:b4:ff:2d:65:a8:fc:2b:e2:49:39:a2:ac:19:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=653a30f50d900e6e741c8e94ab08d46a487172e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9b:7d:ed:bf:a1:f9:36:72:1b:af:94:15:7d:
b3:e7:c0:d5:27:8e:0e:bb:f9:97:02:12:d4:eb:21:
b4:2f:7a:c1:44:2e:27:c0:97:44:95:6f:15:e1:6e:
e2:58:be:4e:f2:c7:39:a5:2a:27:f9:db:76:96:9b:
5b:b7:7e:7c:1c:02:6e:57:e6:d2:af:94:a4:30:65:
af:3f:9d:2d:7c:e8:c8:6d:d2:24:1b:95:f1:35:7a:
9a:ca:62:c8:93:91:a5:a6:8f:86:82:52:a9:95:5f:
30:e9:83:88:8e:01:53:8c:b1:f0:2a:45:da:91:d0:
ce:dd:b6:14:39:01:6d:bc:8b:fc:80:07:24:24:e9:
55:2f:54:65:aa:02:38:c8:dc:43:85:43:a8:31:9e:
d0:09:c5:95:7e:37:25:ea:9b:27:a1:d7:22:01:a9:
3f:19:e8:0c:8a:eb:b4:d5:9e:e3:19:8f:d3:5f:d7:
d6:47:4b:f3:88:16:20:a3:4c:37:96:d5:f8:11:9f:
75:1e:3d:d3:74:ca:75:a4:27:59:ab:84:08:97:e6:
c0:43:e8:09:4e:e3:55:eb:31:73:a1:85:3b:4a:41:
b0:ce:04:9c:f9:92:76:64:9e:90:51:f3:75:85:d8:
f7:38:60:d6:93:17:04:6a:bd:50:5c:4f:26:e5:79:
03:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3A:30:F5:0D:90:0E:6E:74:1C:8E:94:AB:08:D4:6A:48:71:72:E1
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZTow9Q2QDm50HI6UqwjUakhxcuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.31.0/24
45.138.16.0/24
91.206.169.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:d4:4a:92:04:0b:9a:8c:46:78:8a:e3:de:f6:70:c5:31:3d:
77:6f:f2:9a:53:91:53:5d:1f:3c:7e:08:b1:ef:c4:a4:49:5c:
64:08:48:43:7e:a7:da:90:0a:1c:e4:ab:49:11:bf:a8:cf:9d:
f1:dc:5c:26:62:91:76:8f:4f:c5:92:bf:b5:16:d4:7c:13:82:
43:55:77:71:34:95:0c:5f:12:4f:b0:36:4f:e4:c7:47:13:d8:
07:90:60:d1:1c:89:56:0e:d4:cd:5e:d3:8f:42:81:97:fd:96:
4c:4d:75:67:74:38:63:c6:38:dc:b9:72:8b:b8:7b:89:22:f0:
cf:a3:9e:62:0d:1f:f2:00:d5:2e:a8:91:d7:0b:f3:0e:48:89:
91:60:fb:64:6a:09:0e:c0:87:56:9d:15:d6:5a:fc:c7:1f:43:
35:3c:f3:95:e4:dd:63:88:9a:8a:da:36:2e:e0:a1:04:28:7d:
0b:fc:af:d7:f8:9a:0d:d8:3a:95:fb:57:fd:0b:af:88:be:b0:
c6:c2:e7:ac:c6:70:33:c5:59:80:34:45:d3:d9:8d:78:fe:b6:
bf:ca:13:31:46:92:36:85:ce:37:ab:ff:08:d2:a3:ff:40:35:
f9:ef:bf:ea:4f:b4:f3:4b:ff:8a:76:82:35:1c:58:34:46:02:
1f:c3:ef:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIb7T/LWWo/CviSTmirBn/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNhMzBmNTBkOTAwZTZlNzQxYzhlOTRhYjA4ZDQ2YTQ4NzE3MmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpt97b+h+TZyG6+UFX2z58DVJ44O
u/mXAhLU6yG0L3rBRC4nwJdElW8V4W7iWL5O8sc5pSon+dt2lptbt358HAJuV+bS
r5SkMGWvP50tfOjIbdIkG5XxNXqaymLIk5Glpo+GglKplV8w6YOIjgFTjLHwKkXa
kdDO3bYUOQFtvIv8gAckJOlVL1RlqgI4yNxDhUOoMZ7QCcWVfjcl6psnodciAak/
GegMiuu01Z7jGY/TX9fWR0vziBYgo0w3ltX4EZ91Hj3TdMp1pCdZq4QIl+bAQ+gJ
TuNV6zFzoYU7SkGwzgSc+ZJ2ZJ6QUfN1hdj3OGDWkxcEar1QXE8m5XkDnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGU6MPUNkA5udByOlKsI1GpIcXLhMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWlRvdzlRMlFEbTUwSEk2VXF3alVha2h4Y3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV4fAwQA
LYoQAwQAW86pMA0GCSqGSIb3DQEBCwUAA4IBAQA/1EqSBAuajEZ4iuPe9nDFMT13
b/KaU5FTXR88fgix78SkSVxkCEhDfqfakAoc5KtJEb+oz53x3FwmYpF2j0/Fkr+1
FtR8E4JDVXdxNJUMXxJPsDZP5MdHE9gHkGDRHIlWDtTNXtOPQoGX/ZZMTXVndDhj
xjjcuXKLuHuJIvDPo55iDR/yANUuqJHXC/MOSImRYPtkagkOwIdWnRXWWvzHH0M1
PPOV5N1jiJqK2jYu4KEEKH0L/K/X+JoN2DqV+1f9C6+IvrDGwuesxnAzxVmANEXT
2Y14/ra/yhMxRpI2hc43q/8I0qP/QDX577/qT7TzS/+KdoI1HFg0RgIfw+9r
-----END CERTIFICATE-----
Generated at Sat May 18 07:26:35 2024 by rpki-client on console-fra.rpki-client.org