Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/ZNZKnx_i6rBAJDd9L6kBejCFWE0.roa
File: ZNZKnx_i6rBAJDd9L6kBejCFWE0.roa (raw, json)
Hash identifier: MhjJFWZjv9KQBqPQmA8wCbIzxFRm/qm1jGY1Govvs58=
Subject key identifier: 64:D6:4A:9F:1F:E2:EA:B0:40:24:37:7D:2F:A9:01:7A:30:85:58:4D
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 018CC86F6F99F4EBB84F9AC8A38F22FA9780
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/ZNZKnx_i6rBAJDd9L6kBejCFWE0.roa
Signing time: Tue 02 Jan 2024 04:29:55 +0000
ROA not before: Tue 02 Jan 2024 04:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17819
IP address blocks: 57.250.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:6f:99:f4:eb:b8:4f:9a:c8:a3:8f:22:fa:97:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 2 04:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64d64a9f1fe2eab04024377d2fa9017a3085584d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:56:0a:c8:d2:a5:89:c9:9d:c4:d1:5f:1e:83:
06:e2:2e:5a:26:b7:dc:9b:22:05:b5:5e:36:c2:9e:
32:15:d5:84:29:e8:ca:5a:98:dd:50:17:9f:db:6c:
dc:f7:4a:83:78:9d:75:9c:ac:ae:5d:15:6e:ca:43:
70:36:9b:81:8a:bb:b3:22:e0:24:cf:75:4a:c5:ad:
e6:3c:42:e2:f9:35:ee:9a:ae:ba:97:99:1f:bd:f9:
d6:ad:f6:37:62:98:c4:79:8b:1c:e4:10:c1:7f:37:
c8:c1:35:4b:e1:ae:93:28:32:f3:fe:7f:f2:2b:64:
8a:fb:40:36:fd:06:7a:03:a1:6b:e7:86:ec:26:3d:
cb:04:5a:0f:a5:f3:3c:5a:5a:c4:bc:26:90:9d:1b:
8f:c1:06:e3:77:cd:73:87:23:40:c8:25:50:d5:cd:
2a:40:84:9b:b5:2f:43:e9:85:04:1d:69:53:80:8d:
73:5f:7d:dc:35:19:bc:fa:58:bb:ec:5e:55:2b:76:
8d:e5:ab:a0:ef:db:75:b8:27:5a:7d:b8:ed:32:f1:
59:89:76:58:56:0c:0a:59:1f:e1:94:ef:79:34:82:
23:d4:98:bc:dd:8f:90:f3:d6:30:2a:e6:15:d8:ea:
30:56:a6:a8:79:a7:b8:44:99:31:bc:10:7a:49:ba:
2d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D6:4A:9F:1F:E2:EA:B0:40:24:37:7D:2F:A9:01:7A:30:85:58:4D
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/ZNZKnx_i6rBAJDd9L6kBejCFWE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.250.50.0/24
Signature Algorithm: sha256WithRSAEncryption
05:eb:26:ec:57:3e:85:28:b3:69:30:fc:a3:0a:e2:25:b4:d6:
5f:ef:9c:cd:6e:c5:65:c6:a0:44:5c:57:fd:32:a9:d1:73:b0:
38:3f:a7:a3:8d:5f:e7:19:7e:0e:d2:2f:ee:ea:f0:79:db:7c:
2e:54:55:7d:7e:5c:90:ac:47:4b:30:af:ef:dd:45:a6:df:f3:
21:97:2d:72:1a:67:2e:32:74:52:f0:96:99:65:cf:3f:04:48:
b3:0c:13:bb:a3:e1:97:6c:79:ce:3a:bd:d5:7d:50:6b:62:ca:
30:a0:54:1f:5c:bd:5f:a9:e2:5f:04:3a:16:cc:23:2c:54:ba:
f2:5f:61:d5:0b:bd:f1:6f:17:20:d7:78:1f:77:79:0a:58:81:
0d:ad:9d:02:97:16:0b:a4:26:ba:ab:b3:60:d9:b1:2a:e7:d0:
b7:e1:ad:53:99:d1:3f:1f:19:f6:76:d6:e0:75:c7:cd:ef:81:
38:e9:e3:d7:f2:a7:4a:df:6e:c3:25:e2:a5:f4:04:ac:9e:25:
c5:d1:e2:d3:1e:59:8d:88:33:f3:7a:48:22:d6:da:de:2a:23:
26:93:7d:f6:51:52:d6:47:61:79:b8:02:26:32:61:a8:d4:a4:
06:33:41:58:34:8d:91:d3:21:d9:e0:f6:5a:57:3e:2a:03:1d:
4c:17:bc:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb2+Z9Ou4T5rIo48i+peAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjQwMTAyMDQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGQ2NGE5ZjFmZTJlYWIwNDAyNDM3N2QyZmE5MDE3YTMwODU1ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVYKyNKlicmdxNFfHoMG4i5aJrfc
myIFtV42wp4yFdWEKejKWpjdUBef22zc90qDeJ11nKyuXRVuykNwNpuBiruzIuAk
z3VKxa3mPELi+TXumq66l5kfvfnWrfY3YpjEeYsc5BDBfzfIwTVL4a6TKDLz/n/y
K2SK+0A2/QZ6A6Fr54bsJj3LBFoPpfM8WlrEvCaQnRuPwQbjd81zhyNAyCVQ1c0q
QISbtS9D6YUEHWlTgI1zX33cNRm8+li77F5VK3aN5aug79t1uCdafbjtMvFZiXZY
VgwKWR/hlO95NIIj1Ji83Y+Q89YwKuYV2OowVqaoeae4RJkxvBB6SbotQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTWSp8f4uqwQCQ3fS+pAXowhVhNMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvWk5aS254X2k2ckJBSkRkOUw2a0JlakNGV0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAOfoyMA0G
CSqGSIb3DQEBCwUAA4IBAQAF6ybsVz6FKLNpMPyjCuIltNZf75zNbsVlxqBEXFf9
MqnRc7A4P6ejjV/nGX4O0i/u6vB523wuVFV9flyQrEdLMK/v3UWm3/Mhly1yGmcu
MnRS8JaZZc8/BEizDBO7o+GXbHnOOr3VfVBrYsowoFQfXL1fqeJfBDoWzCMsVLry
X2HVC73xbxcg13gfd3kKWIENrZ0ClxYLpCa6q7Ng2bEq59C34a1TmdE/Hxn2dtbg
dcfN74E46ePX8qdK327DJeKl9ASsniXF0eLTHlmNiDPzekgi1treKiMmk332UVLW
R2F5uAImMmGo1KQGM0FYNI2R0yHZ4PZaVz4qAx1MF7xO
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:00:20 2024 by rpki-client on console-fra.rpki-client.org