Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/zwngkprKv9dWhJJtPwhumKEnFlI.roa
File: zwngkprKv9dWhJJtPwhumKEnFlI.roa (raw, json)
Hash identifier: IDNDPK/ym9YiJyYsBdhkd9KNjhkPgqOXskuzDxjjZUo=
Subject key identifier: CF:09:E0:92:9A:CA:BF:D7:56:84:92:6D:3F:08:6E:98:A1:27:16:52
Certificate issuer: /CN=fdad61d8e8c1abda8596930e21f18211a517681f
Certificate serial: 018CC80142939F680C4627917F4E2B57EAA3
Authority key identifier: FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/zwngkprKv9dWhJJtPwhumKEnFlI.roa
Signing time: Tue 02 Jan 2024 02:29:34 +0000
ROA not before: Tue 02 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49764
IP address blocks: 185.218.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/_a1h2OjBq9qFlpMOIfGCEaUXaB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/_a1h2OjBq9qFlpMOIfGCEaUXaB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:42:93:9f:68:0c:46:27:91:7f:4e:2b:57:ea:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdad61d8e8c1abda8596930e21f18211a517681f
Validity
Not Before: Jan 2 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf09e0929acabfd75684926d3f086e98a1271652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:41:e3:61:5a:0b:d7:25:4f:b2:69:25:f4:50:
31:b6:fa:a4:3b:61:1c:af:2a:a8:1a:b8:72:66:60:
38:54:a5:3e:64:81:42:f7:53:07:b1:a3:fc:4c:85:
da:b0:fb:4c:d0:54:3a:3e:6d:77:07:d1:95:bd:87:
91:6a:41:ba:1d:67:0e:1e:2f:ca:3d:09:54:f5:1c:
43:67:37:aa:db:dc:82:76:0f:48:09:82:bd:77:d2:
69:e8:43:fb:b8:61:84:5c:6a:90:a8:e8:7c:bd:f1:
60:31:e2:8b:23:e9:5e:22:7b:77:15:4a:af:0a:34:
c1:c1:41:cf:c1:b5:55:46:60:5c:31:9d:da:00:ad:
24:79:46:90:75:da:41:87:10:59:3d:57:0d:b0:65:
20:b7:e2:29:fc:2b:09:20:e0:74:6e:a4:45:68:dc:
80:17:fc:00:2a:02:c3:d3:ce:d4:da:93:a5:35:35:
b0:aa:c3:f4:70:44:7d:d4:55:f4:f8:e8:fe:26:64:
1d:70:dd:fd:0d:fb:48:ac:48:f5:c0:79:7c:05:84:
e2:32:aa:ce:82:c9:e5:b4:ff:ef:19:98:9e:19:4e:
ed:02:98:c8:2c:6a:d1:86:29:2f:41:d8:07:ca:1a:
f8:23:07:d5:5e:11:81:da:dd:3f:c6:9d:14:03:8e:
72:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:09:E0:92:9A:CA:BF:D7:56:84:92:6D:3F:08:6E:98:A1:27:16:52
X509v3 Authority Key Identifier:
keyid:FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/zwngkprKv9dWhJJtPwhumKEnFlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/_a1h2OjBq9qFlpMOIfGCEaUXaB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.71.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:a3:b2:24:57:3c:34:63:1a:06:8f:f3:91:39:9f:26:3e:d6:
21:12:a5:e1:c4:a1:f5:e2:4e:69:14:f3:b1:a8:92:ca:80:ad:
e0:21:68:ae:bf:71:64:26:03:7f:d3:f8:56:0c:a8:81:2c:20:
09:08:f5:56:33:5b:4b:0b:df:a0:7b:2b:c0:40:51:84:0d:7b:
01:36:8f:40:ae:f6:08:05:57:b6:63:dd:9e:be:b5:39:c9:18:
1b:e4:97:e4:b4:2f:0e:4b:8a:87:e5:87:f9:eb:13:94:9a:a4:
7e:1d:bf:bb:75:f1:72:26:57:02:48:e5:23:03:58:fd:64:f0:
ba:b0:c8:df:1f:fb:0c:30:77:52:56:56:20:f7:43:9b:82:12:
b6:1b:32:e6:c3:e3:2f:73:42:71:e3:93:2a:7b:20:72:e9:30:
62:d6:7b:d5:d1:8f:84:c5:8c:07:31:b9:e3:35:f3:15:b7:c6:
6c:03:bb:9d:bc:0c:8d:80:ca:7d:d0:b0:81:28:10:ce:a9:8c:
fa:73:1d:c2:d7:e6:30:2b:4c:17:36:73:49:c4:56:01:33:62:
3e:6e:f0:08:8d:03:06:b1:08:14:51:c3:61:ce:c2:c6:94:15:
4a:fc:7d:7e:6c:6a:67:43:3c:0a:aa:51:8e:f3:69:0b:3f:df:
b9:3f:50:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAUKTn2gMRieRf04rV+qjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYWQ2MWQ4ZThjMWFiZGE4NTk2OTMwZTIxZjE4MjExYTUx
NzY4MWYwHhcNMjQwMTAyMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjA5ZTA5MjlhY2FiZmQ3NTY4NDkyNmQzZjA4NmU5OGExMjcxNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEHjYVoL1yVPsmkl9FAxtvqkO2Ec
ryqoGrhyZmA4VKU+ZIFC91MHsaP8TIXasPtM0FQ6Pm13B9GVvYeRakG6HWcOHi/K
PQlU9RxDZzeq29yCdg9ICYK9d9Jp6EP7uGGEXGqQqOh8vfFgMeKLI+leInt3FUqv
CjTBwUHPwbVVRmBcMZ3aAK0keUaQddpBhxBZPVcNsGUgt+Ip/CsJIOB0bqRFaNyA
F/wAKgLD087U2pOlNTWwqsP0cER91FX0+Oj+JmQdcN39DftIrEj1wHl8BYTiMqrO
gsnltP/vGZieGU7tApjILGrRhikvQdgHyhr4IwfVXhGB2t0/xp0UA45yiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8J4JKayr/XVoSSbT8IbpihJxZSMB8GA1UdIwQY
MBaAFP2tYdjowavahZaTDiHxghGlF2gfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2Et
ODRlZTIyYTNlZTViLzEvenduZ2twckt2OWRXaEpKdFB3aHVtS0VuRmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2EtODRlZTIyYTNlZTVi
LzEvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudpHMA0G
CSqGSIb3DQEBCwUAA4IBAQA+o7IkVzw0YxoGj/OROZ8mPtYhEqXhxKH14k5pFPOx
qJLKgK3gIWiuv3FkJgN/0/hWDKiBLCAJCPVWM1tLC9+geyvAQFGEDXsBNo9ArvYI
BVe2Y92evrU5yRgb5JfktC8OS4qH5Yf56xOUmqR+Hb+7dfFyJlcCSOUjA1j9ZPC6
sMjfH/sMMHdSVlYg90ObghK2GzLmw+Mvc0Jx45MqeyBy6TBi1nvV0Y+ExYwHMbnj
NfMVt8ZsA7udvAyNgMp90LCBKBDOqYz6cx3C1+YwK0wXNnNJxFYBM2I+bvAIjQMG
sQgUUcNhzsLGlBVK/H1+bGpnQzwKqlGO82kLP9+5P1DI
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:12:12 2024 by rpki-client on console-ams.rpki-client.org