Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/z_T-XN8aj7_I6nZ4x-j-oqjU-Ew.roa
File: z_T-XN8aj7_I6nZ4x-j-oqjU-Ew.roa (raw, json)
Hash identifier: IKQ4K2hrCr5HFcMCVqSjlQWFaZ04rnnFXgho/rHLDcI=
Subject key identifier: CF:F4:FE:5C:DF:1A:8F:BF:C8:EA:76:78:C7:E8:FE:A2:A8:D4:F8:4C
Certificate issuer: /CN=c1bf34b190a51ce5300257911af30404f4951fb6
Certificate serial: 018CC6499B295792D119958B9D1BDD7F92CC
Authority key identifier: C1:BF:34:B1:90:A5:1C:E5:30:02:57:91:1A:F3:04:04:F4:95:1F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb80sZClHOUwAleRGvMEBPSVH7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/z_T-XN8aj7_I6nZ4x-j-oqjU-Ew.roa
Signing time: Mon 01 Jan 2024 18:29:21 +0000
ROA not before: Mon 01 Jan 2024 18:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42433
IP address blocks: 81.23.242.0/23 maxlen: 23
81.23.242.0/24 maxlen: 24
81.23.243.0/24 maxlen: 24
92.118.110.0/24 maxlen: 24
2a0f:ec40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/wb80sZClHOUwAleRGvMEBPSVH7Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/wb80sZClHOUwAleRGvMEBPSVH7Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/wb80sZClHOUwAleRGvMEBPSVH7Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:9b:29:57:92:d1:19:95:8b:9d:1b:dd:7f:92:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf34b190a51ce5300257911af30404f4951fb6
Validity
Not Before: Jan 1 18:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cff4fe5cdf1a8fbfc8ea7678c7e8fea2a8d4f84c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9c:a4:e9:e1:e8:b7:f0:fc:5a:0b:91:8d:cb:
de:16:77:fa:d1:32:2c:de:2a:6a:76:21:c0:03:40:
2a:6c:fc:82:53:5f:e6:40:ed:b1:ef:90:65:51:12:
0f:2c:41:1e:d1:72:45:7f:f6:8c:87:82:fc:25:d8:
d9:49:08:79:86:41:ad:2d:26:55:b6:ff:15:87:df:
1b:55:47:77:4f:6f:2a:5a:16:96:1f:4a:85:12:a5:
bd:1a:4d:e1:4d:6a:b2:ce:93:90:1d:29:b6:b4:41:
12:e3:b5:91:71:27:39:a7:98:ac:93:98:14:d8:6b:
ea:e0:96:07:6f:a5:57:ac:56:57:4e:6c:f0:74:ca:
d7:68:71:2a:a0:14:61:41:1e:45:78:51:57:7a:a2:
91:b3:fa:6b:81:e9:3b:40:a1:35:5f:66:56:8b:e1:
51:f7:7b:db:82:0d:87:70:5a:80:b6:1b:80:e5:5d:
a1:71:63:f9:d4:f6:51:25:70:0d:d8:b1:0f:5e:47:
5f:85:d1:d0:e1:30:9c:05:13:f6:e0:e2:51:9b:07:
e3:a5:25:8c:e3:27:42:55:3d:23:6e:3b:39:f3:33:
34:1b:f2:7a:4b:37:ad:6f:e9:3a:b2:61:44:ae:ad:
8c:a7:21:47:63:f4:8f:0b:ca:5a:bd:df:f0:5e:77:
2d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F4:FE:5C:DF:1A:8F:BF:C8:EA:76:78:C7:E8:FE:A2:A8:D4:F8:4C
X509v3 Authority Key Identifier:
keyid:C1:BF:34:B1:90:A5:1C:E5:30:02:57:91:1A:F3:04:04:F4:95:1F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb80sZClHOUwAleRGvMEBPSVH7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/z_T-XN8aj7_I6nZ4x-j-oqjU-Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/153d53-6e69-4301-abd3-f311bac2a37f/1/wb80sZClHOUwAleRGvMEBPSVH7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.242.0/23
92.118.110.0/24
IPv6:
2a0f:ec40::/32
Signature Algorithm: sha256WithRSAEncryption
31:0e:87:07:00:61:50:8d:84:39:6c:7b:03:72:35:d2:51:95:
44:bd:4d:81:06:d7:5b:34:16:33:c3:c0:18:3c:fe:78:5e:af:
84:a4:24:8f:3b:db:a5:da:6d:02:ec:8b:bb:98:dc:b9:8b:ec:
a7:db:01:e6:9f:07:44:e5:f3:25:e8:27:af:7f:5b:6e:08:52:
03:39:f5:7b:4b:62:8f:78:b7:df:0f:da:8c:8c:9f:4b:ef:d6:
0b:51:54:4e:da:71:e5:1d:8e:6e:79:81:61:73:70:81:35:70:
ac:ea:76:bc:07:d0:7b:3d:a2:c1:7d:f9:15:89:f2:41:31:c8:
f7:b9:75:91:d1:96:52:cd:29:8a:6d:4f:54:9b:ea:a0:eb:f9:
5d:9e:aa:62:a7:99:89:f7:f0:fa:a5:6c:3b:2b:54:37:9a:57:
bf:fa:23:43:53:06:09:67:1d:81:be:38:8f:c9:82:d8:85:6e:
6f:72:37:88:bd:dc:1f:d1:09:bf:ec:8a:15:a7:fb:90:32:d2:
52:43:8a:03:bf:1a:a2:8e:c4:bd:49:63:69:82:6d:91:58:7d:
ba:4b:94:14:f6:d2:6f:f9:99:c4:7e:da:9c:de:e0:5c:17:de:
ab:a1:bb:41:c0:e4:4b:10:2d:bb:54:7b:7a:6b:49:f8:bb:de:
fa:12:87:a0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSZspV5LRGZWLnRvdf5LMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmYzNGIxOTBhNTFjZTUzMDAyNTc5MTFhZjMwNDA0ZjQ5
NTFmYjYwHhcNMjQwMTAxMTgyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmY0ZmU1Y2RmMWE4ZmJmYzhlYTc2NzhjN2U4ZmVhMmE4ZDRmODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpyk6eHot/D8WguRjcveFnf60TIs
3ipqdiHAA0AqbPyCU1/mQO2x75BlURIPLEEe0XJFf/aMh4L8JdjZSQh5hkGtLSZV
tv8Vh98bVUd3T28qWhaWH0qFEqW9Gk3hTWqyzpOQHSm2tEES47WRcSc5p5isk5gU
2Gvq4JYHb6VXrFZXTmzwdMrXaHEqoBRhQR5FeFFXeqKRs/prgek7QKE1X2ZWi+FR
93vbgg2HcFqAthuA5V2hcWP51PZRJXAN2LEPXkdfhdHQ4TCcBRP24OJRmwfjpSWM
4ydCVT0jbjs58zM0G/J6Szetb+k6smFErq2MpyFHY/SPC8pavd/wXnctlQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM/0/lzfGo+/yOp2eMfo/qKo1PhMMB8GA1UdIwQY
MBaAFMG/NLGQpRzlMAJXkRrzBAT0lR+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2I4MHNaQ2xIT1V3QWxlUkd2TUVCUFNWSDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8xNTNkNTMtNmU2OS00MzAxLWFiZDMt
ZjMxMWJhYzJhMzdmLzEvel9ULVhOOGFqN19JNm5aNHgtai1vcWpVLUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8xNTNkNTMtNmU2OS00MzAxLWFiZDMtZjMxMWJhYzJhMzdm
LzEvd2I4MHNaQ2xIT1V3QWxlUkd2TUVCUFNWSDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBURfyAwQA
XHZuMA0EAgACMAcDBQAqD+xAMA0GCSqGSIb3DQEBCwUAA4IBAQAxDocHAGFQjYQ5
bHsDcjXSUZVEvU2BBtdbNBYzw8AYPP54Xq+EpCSPO9ul2m0C7Iu7mNy5i+yn2wHm
nwdE5fMl6Cevf1tuCFIDOfV7S2KPeLffD9qMjJ9L79YLUVRO2nHlHY5ueYFhc3CB
NXCs6na8B9B7PaLBffkVifJBMcj3uXWR0ZZSzSmKbU9Um+qg6/ldnqpip5mJ9/D6
pWw7K1Q3mle/+iNDUwYJZx2BvjiPyYLYhW5vcjeIvdwf0Qm/7IoVp/uQMtJSQ4oD
vxqijsS9SWNpgm2RWH26S5QU9tJv+ZnEftqc3uBcF96robtBwORLEC27VHt6a0n4
u976Eoeg
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:32:06 2024 by rpki-client on console-ams.rpki-client.org