Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/z6HWpmdB5L7_Y4nzzhXhgIPWtWc.roa
File: z6HWpmdB5L7_Y4nzzhXhgIPWtWc.roa (raw, json)
Hash identifier: v9xlGzwYW8uSywfGAz7LX4F6ctklPZ+bSlReFoVOeGM=
Subject key identifier: CF:A1:D6:A6:67:41:E4:BE:FF:63:89:F3:CE:15:E1:80:83:D6:B5:67
Certificate issuer: /CN=651bad95276947c7be536af4c870a3721f0b7761
Certificate serial: 019351DDCA3617B6E2A3ED8F4A78ABD9300B
Authority key identifier: 65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/z6HWpmdB5L7_Y4nzzhXhgIPWtWc.roa
Signing time: Fri 22 Nov 2024 03:15:09 +0000
ROA not before: Fri 22 Nov 2024 03:15:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59795
IP address blocks: 213.184.84.0/24 maxlen: 24
213.184.86.0/24 maxlen: 24
2a09:3a00:3a00::/40 maxlen: 48
2a09:3a00:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:51:dd:ca:36:17:b6:e2:a3:ed:8f:4a:78:ab:d9:30:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=651bad95276947c7be536af4c870a3721f0b7761
Validity
Not Before: Nov 22 03:15:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfa1d6a66741e4beff6389f3ce15e18083d6b567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7b:31:04:d1:c5:20:4a:1b:ab:98:4a:82:ae:
05:ab:99:d2:0d:13:47:44:02:c2:c4:e7:f7:bc:fd:
8e:3e:0d:54:af:53:62:a8:bb:54:7c:ff:84:15:ac:
00:2b:59:a0:24:62:10:ad:9c:d4:e1:43:65:1f:92:
42:08:91:65:7b:6c:43:23:21:70:a0:6e:ed:ec:01:
24:d0:4d:9a:0d:94:62:c1:3b:4e:95:4e:43:43:ac:
c1:0c:51:6f:af:10:71:bb:72:cd:5b:d1:5a:ca:68:
c6:81:88:f5:35:69:fa:84:3e:32:be:35:41:c7:30:
05:36:04:d0:a8:a6:70:56:4b:2c:20:72:d2:00:b0:
6a:62:fc:3c:b4:4a:f8:e0:b6:e4:ab:41:f3:68:c8:
9c:85:87:a5:27:49:81:97:ba:2b:fb:20:33:91:50:
1f:c1:7a:30:4f:10:5a:77:12:fd:dc:12:aa:58:a0:
1d:ed:b3:6d:6b:c6:cb:58:81:14:b9:1b:ab:a0:52:
07:99:6f:3e:c9:8e:79:25:c0:d7:aa:6b:d1:95:d5:
d8:03:d1:9a:84:86:5a:21:85:7d:e3:fd:cf:64:8d:
11:13:5d:2a:72:3c:c4:b6:04:01:40:e8:00:ad:e8:
ef:e0:24:6c:00:13:65:61:af:de:89:97:a7:8c:17:
bf:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A1:D6:A6:67:41:E4:BE:FF:63:89:F3:CE:15:E1:80:83:D6:B5:67
X509v3 Authority Key Identifier:
keyid:65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/z6HWpmdB5L7_Y4nzzhXhgIPWtWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.184.84.0/24
213.184.86.0/24
IPv6:
2a09:3a00:3a00::/40
2a09:3a00:4000::/40
Signature Algorithm: sha256WithRSAEncryption
4b:f6:60:36:9f:fe:d8:16:03:91:ce:7e:0d:08:d6:03:56:57:
60:15:30:21:58:d2:a4:a4:0a:45:07:97:be:90:fb:18:3d:d9:
70:4c:f5:f6:54:cc:3e:c8:70:e9:b2:0c:44:16:56:fd:98:05:
4e:6e:b9:1a:17:c9:15:ef:f4:28:ff:e5:8a:8c:1c:07:3d:d6:
eb:21:ba:be:bb:ae:29:7e:35:f8:66:7c:b5:78:07:c8:b6:fd:
82:70:58:a7:2a:69:2b:a7:0c:6f:9f:d2:90:e1:43:69:ba:42:
6b:ce:c9:a7:e7:0b:a7:47:a2:c1:21:9f:84:d2:fc:21:f4:92:
98:ce:81:11:3e:ee:a0:b4:da:9c:26:af:3e:8d:55:a7:67:cb:
bd:eb:af:5e:75:97:12:82:7d:7b:00:32:18:36:bd:43:ef:81:
ac:10:ee:70:58:a7:54:82:8d:c8:32:93:6d:d0:cc:dc:9f:d8:
39:52:4c:fc:42:23:c6:a5:99:46:01:02:cb:fc:0c:d2:21:5b:
c3:80:5c:47:6a:7a:33:1d:2e:c5:3b:b2:e5:0d:59:27:cd:4b:
19:5d:8e:7f:f4:d2:ec:77:bd:50:6f:71:3c:27:b2:5c:ff:eb:
97:d5:25:cb:f9:f6:55:2f:29:d1:54:fb:47:85:87:98:7d:6b:
7e:87:dc:7c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZNR3co2F7bio+2PSnir2TALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MWJhZDk1Mjc2OTQ3YzdiZTUzNmFmNGM4NzBhMzcyMWYw
Yjc3NjEwHhcNMjQxMTIyMDMxNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmExZDZhNjY3NDFlNGJlZmY2Mzg5ZjNjZTE1ZTE4MDgzZDZiNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3sxBNHFIEobq5hKgq4Fq5nSDRNH
RALCxOf3vP2OPg1Ur1NiqLtUfP+EFawAK1mgJGIQrZzU4UNlH5JCCJFle2xDIyFw
oG7t7AEk0E2aDZRiwTtOlU5DQ6zBDFFvrxBxu3LNW9FaymjGgYj1NWn6hD4yvjVB
xzAFNgTQqKZwVkssIHLSALBqYvw8tEr44Lbkq0HzaMichYelJ0mBl7or+yAzkVAf
wXowTxBadxL93BKqWKAd7bNta8bLWIEUuRuroFIHmW8+yY55JcDXqmvRldXYA9Ga
hIZaIYV94/3PZI0RE10qcjzEtgQBQOgArejv4CRsABNlYa/eiZenjBe/DQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFM+h1qZnQeS+/2OJ884V4YCD1rVnMB8GA1UdIwQY
MBaAFGUbrZUnaUfHvlNq9Mhwo3IfC3dhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUt
MTk4YjZhNjFjZTg1LzEvejZIV3BtZEI1TDdfWTRuenpoWGhnSVBXdFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUtMTk4YjZhNjFjZTg1
LzEvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQA1bhUAwQA
1bhWMBYEAgACMBADBgAqCToAOgMGACoJOgBAMA0GCSqGSIb3DQEBCwUAA4IBAQBL
9mA2n/7YFgORzn4NCNYDVldgFTAhWNKkpApFB5e+kPsYPdlwTPX2VMw+yHDpsgxE
Flb9mAVObrkaF8kV7/Qo/+WKjBwHPdbrIbq+u64pfjX4Zny1eAfItv2CcFinKmkr
pwxvn9KQ4UNpukJrzsmn5wunR6LBIZ+E0vwh9JKYzoERPu6gtNqcJq8+jVWnZ8u9
669edZcSgn17ADIYNr1D74GsEO5wWKdUgo3IMpNt0Mzcn9g5Ukz8QiPGpZlGAQLL
/AzSIVvDgFxHanozHS7FO7LlDVknzUsZXY5/9NLsd71Qb3E8J7Jc/+uX1SXL+fZV
LynRVPtHhYeYfWt+h9x8
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:50:51 2024 by rpki-client on console-ams.rpki-client.org