Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/CZHhAV2krkEDqW4m67HRTIvcas4.roa
File: CZHhAV2krkEDqW4m67HRTIvcas4.roa (raw, json)
Hash identifier: G7C2GZ1/XSXeEq1uCuRxtCsq4rzVqO7dHsni3cl+9jo=
Subject key identifier: 09:91:E1:01:5D:A4:AE:41:03:A9:6E:26:EB:B1:D1:4C:8B:DC:6A:CE
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 018F31502A40DAFFAF57132420055A262960
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/CZHhAV2krkEDqW4m67HRTIvcas4.roa
Signing time: Tue 30 Apr 2024 23:21:28 +0000
ROA not before: Tue 30 Apr 2024 23:21:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62390
IP address blocks: 217.147.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:31:50:2a:40:da:ff:af:57:13:24:20:05:5a:26:29:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Apr 30 23:21:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0991e1015da4ae4103a96e26ebb1d14c8bdc6ace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ea:04:df:3d:f4:36:46:d5:6a:06:41:0f:2b:
9f:b6:a7:d2:58:40:b9:90:58:b6:b1:24:f5:d2:b7:
27:d2:aa:44:ed:6f:7d:b6:ea:c9:83:fe:31:be:78:
be:d4:78:78:e5:c0:cf:c9:83:65:db:05:b5:69:33:
f4:ad:2c:c4:25:81:85:72:80:b6:77:77:c8:02:98:
b8:33:bc:d6:1a:4e:c5:33:6d:11:37:3e:e3:b4:40:
58:4d:41:29:42:f8:a5:ae:05:35:7d:ed:5f:f1:5e:
1c:64:e3:03:19:62:42:94:41:63:9d:f7:00:29:b5:
cb:24:57:2e:f4:03:00:94:e6:be:b1:79:7c:5f:7d:
e7:40:41:9c:a1:61:a0:c6:39:9a:44:1b:1e:4f:23:
c9:26:95:64:83:37:13:44:f0:96:dc:57:54:87:c0:
df:c3:d4:ff:28:e3:1d:df:5a:55:d3:87:d3:76:89:
25:9d:da:59:78:19:a9:8e:71:9a:b7:e0:8f:cc:ff:
59:e4:d7:65:48:f3:2e:e0:c7:e2:5c:bc:a0:04:60:
5a:6a:90:7f:29:14:fd:2c:c5:d6:b7:40:81:04:5d:
85:20:d2:2a:18:01:71:8b:63:d2:66:9a:68:e1:3d:
46:fe:10:4f:ea:18:0b:52:6d:7c:da:db:6e:d8:30:
7b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:91:E1:01:5D:A4:AE:41:03:A9:6E:26:EB:B1:D1:4C:8B:DC:6A:CE
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/CZHhAV2krkEDqW4m67HRTIvcas4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.167.0/24
Signature Algorithm: sha256WithRSAEncryption
98:37:20:a0:e5:a1:96:5f:6a:c8:d1:0b:d4:bf:18:30:94:bf:
fc:45:ca:c3:5f:20:7f:ce:8b:6c:7e:40:c3:16:89:28:75:38:
62:e7:27:b6:ac:1b:b0:ed:10:a5:84:0f:ce:00:14:a9:95:84:
4c:29:47:12:63:d7:f3:8d:81:86:76:fc:97:40:b6:cb:39:34:
35:b8:6b:cc:56:6f:69:ab:0f:1a:34:0b:ab:80:62:c1:26:09:
0d:b6:bb:a6:4b:8f:19:02:0d:15:a0:cd:87:c3:cb:48:04:25:
d1:b9:87:a7:0d:ab:e8:e2:e7:52:b3:43:45:e5:13:6d:58:e2:
bd:25:32:f5:eb:7e:e0:ca:fd:8b:50:80:25:f4:63:8e:5e:a8:
91:d2:95:92:f1:39:48:64:94:5a:e3:fd:8b:11:55:e7:c9:35:
68:0e:bd:c5:bb:07:4e:db:aa:eb:85:ee:e2:6c:6b:17:a4:b9:
26:1b:33:da:fa:b3:eb:ee:12:af:65:b4:9d:81:cf:7e:cf:c2:
74:4c:1f:3c:03:71:90:ad:d6:47:7c:01:80:ed:3f:d2:c5:74:
2c:fe:7f:31:77:34:47:96:c4:69:44:5e:fa:11:25:56:73:7b:
98:01:2d:ca:aa:70:c2:93:37:21:87:d6:81:72:c3:07:c0:7e:
f5:d2:0b:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8xUCpA2v+vVxMkIAVaJilgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjQwNDMwMjMyMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTkxZTEwMTVkYTRhZTQxMDNhOTZlMjZlYmIxZDE0YzhiZGM2YWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uoE3z30NkbVagZBDyuftqfSWEC5
kFi2sST10rcn0qpE7W99turJg/4xvni+1Hh45cDPyYNl2wW1aTP0rSzEJYGFcoC2
d3fIApi4M7zWGk7FM20RNz7jtEBYTUEpQvilrgU1fe1f8V4cZOMDGWJClEFjnfcA
KbXLJFcu9AMAlOa+sXl8X33nQEGcoWGgxjmaRBseTyPJJpVkgzcTRPCW3FdUh8Df
w9T/KOMd31pV04fTdoklndpZeBmpjnGat+CPzP9Z5NdlSPMu4MfiXLygBGBaapB/
KRT9LMXWt0CBBF2FINIqGAFxi2PSZppo4T1G/hBP6hgLUm182ttu2DB7ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmR4QFdpK5BA6luJuux0UyL3GrOMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvQ1pIaEFWMmtya0VEcVc0bTY3SFJUSXZjYXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZOnMA0G
CSqGSIb3DQEBCwUAA4IBAQCYNyCg5aGWX2rI0QvUvxgwlL/8RcrDXyB/zotsfkDD
FokodThi5ye2rBuw7RClhA/OABSplYRMKUcSY9fzjYGGdvyXQLbLOTQ1uGvMVm9p
qw8aNAurgGLBJgkNtrumS48ZAg0VoM2Hw8tIBCXRuYenDavo4udSs0NF5RNtWOK9
JTL1637gyv2LUIAl9GOOXqiR0pWS8TlIZJRa4/2LEVXnyTVoDr3FuwdO26rrhe7i
bGsXpLkmGzPa+rPr7hKvZbSdgc9+z8J0TB88A3GQrdZHfAGA7T/SxXQs/n8xdzRH
lsRpRF76ESVWc3uYAS3KqnDCkzchh9aBcsMHwH710gty
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:26:48 2024 by rpki-client on console-ams.rpki-client.org