Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Zk_fQegroyfFjyI2DKQrDmUFCtY.roa
File: Zk_fQegroyfFjyI2DKQrDmUFCtY.roa (raw, json)
Hash identifier: Vrm4aN4HCfJCevtqOVhiBD4uQhfYICmQ16QXLRzo/5I=
Subject key identifier: 66:4F:DF:41:E8:2B:A3:27:C5:8F:22:36:0C:A4:2B:0E:65:05:0A:D6
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 018CC86F6FF9D3E7E874E2E47488DE67C0C9
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Zk_fQegroyfFjyI2DKQrDmUFCtY.roa
Signing time: Tue 02 Jan 2024 04:29:55 +0000
ROA not before: Tue 02 Jan 2024 04:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19545
IP address blocks: 57.250.192.0/19 maxlen: 24
57.250.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:6f:f9:d3:e7:e8:74:e2:e4:74:88:de:67:c0:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 2 04:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=664fdf41e82ba327c58f22360ca42b0e65050ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:f8:b8:bc:43:6e:de:15:2d:df:ed:7f:74:65:
5d:8d:a8:8a:5f:94:db:d4:2d:d4:6a:64:40:38:5d:
83:f7:5b:97:f5:47:09:d8:00:80:bf:6f:3b:40:ae:
f0:b0:38:b3:0c:d6:46:6c:26:63:ce:98:9c:d7:7c:
5d:ce:71:fb:3a:4c:fe:4b:bd:0a:f8:71:c2:28:4a:
12:c1:b7:24:73:71:a9:ff:d4:fc:3e:6f:92:d4:30:
e0:b5:4f:c4:c8:6c:eb:09:b8:64:20:cf:a8:29:9e:
8c:dd:24:75:92:91:05:a4:38:14:a3:5c:3c:22:b3:
64:51:1e:90:25:93:86:07:1f:cc:a4:8b:e8:c2:20:
3c:fd:ce:e5:d3:de:fc:fe:b2:b8:3b:f3:f6:78:92:
dc:09:77:2f:d7:50:68:ea:23:18:6f:ba:4a:36:08:
77:bd:89:de:c9:d5:79:ea:21:d9:0a:83:c4:16:b4:
45:16:14:fd:1c:f9:56:33:ea:49:0a:02:ae:8a:4b:
49:ac:f2:10:2f:5e:94:6e:d5:c4:ad:f0:4b:9f:66:
f1:52:b3:82:25:b0:c1:bb:f8:f3:a9:f8:45:ae:41:
74:55:9d:d6:24:c3:68:7a:fe:e0:20:70:f1:16:13:
ce:ae:09:88:d3:32:54:b8:0a:28:c2:40:27:ab:70:
84:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:4F:DF:41:E8:2B:A3:27:C5:8F:22:36:0C:A4:2B:0E:65:05:0A:D6
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Zk_fQegroyfFjyI2DKQrDmUFCtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.250.192.0-57.250.224.255
Signature Algorithm: sha256WithRSAEncryption
70:25:34:38:22:1e:f6:87:96:d4:0e:10:51:f4:5e:8a:d5:7c:
04:2b:42:bb:8d:36:58:7c:53:e2:ed:80:cf:b6:a5:60:f3:94:
15:f5:6c:39:91:c3:26:df:41:ae:f2:43:79:7a:72:e6:0f:3f:
b2:de:e7:43:27:fc:d1:55:7e:ac:03:16:57:26:08:dc:29:d5:
4b:d0:f3:6e:f0:c1:30:40:71:ee:41:c8:e6:17:9f:3b:5c:32:
e3:50:9b:51:8e:6d:ee:42:7e:91:14:49:18:79:60:ce:72:c1:
27:60:f3:af:ed:13:48:44:2c:ec:a7:85:c6:e5:91:b6:af:4f:
4e:3e:1c:5a:63:3a:9c:6b:9e:ae:18:16:65:21:51:52:17:5b:
23:8b:9e:23:7b:82:80:94:e0:29:d8:4e:0a:d4:e6:f9:e1:dc:
74:33:77:dd:ad:c9:95:a8:98:f6:ba:c1:98:a9:e2:0e:28:58:
a6:8d:73:17:66:68:9b:5f:c5:42:59:c2:f6:52:69:ca:53:42:
74:d5:02:09:f4:e7:09:7f:61:1a:89:af:0a:9d:4c:88:19:24:
e2:2c:fc:34:64:42:e8:d7:14:06:f1:90:ec:ce:ce:35:48:f8:
45:da:ac:e6:7f:c8:07:fe:d5:7b:54:19:78:39:ef:b8:1a:00:
48:86:0b:80
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIb2/50+fodOLkdIjeZ8DJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjQwMTAyMDQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjRmZGY0MWU4MmJhMzI3YzU4ZjIyMzYwY2E0MmIwZTY1MDUwYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Pi4vENu3hUt3+1/dGVdjaiKX5Tb
1C3UamRAOF2D91uX9UcJ2ACAv287QK7wsDizDNZGbCZjzpic13xdznH7Okz+S70K
+HHCKEoSwbckc3Gp/9T8Pm+S1DDgtU/EyGzrCbhkIM+oKZ6M3SR1kpEFpDgUo1w8
IrNkUR6QJZOGBx/MpIvowiA8/c7l0978/rK4O/P2eJLcCXcv11Bo6iMYb7pKNgh3
vYneydV56iHZCoPEFrRFFhT9HPlWM+pJCgKuiktJrPIQL16UbtXErfBLn2bxUrOC
JbDBu/jzqfhFrkF0VZ3WJMNoev7gIHDxFhPOrgmI0zJUuAoowkAnq3CEJwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGZP30HoK6MnxY8iNgykKw5lBQrWMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvWmtfZlFlZ3JveWZGanlJMkRLUXJEbVVGQ3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAY5+sAD
BAA5+uAwDQYJKoZIhvcNAQELBQADggEBAHAlNDgiHvaHltQOEFH0XorVfAQrQruN
Nlh8U+LtgM+2pWDzlBX1bDmRwybfQa7yQ3l6cuYPP7Le50Mn/NFVfqwDFlcmCNwp
1UvQ827wwTBAce5ByOYXnztcMuNQm1GObe5CfpEUSRh5YM5ywSdg86/tE0hELOyn
hcblkbavT04+HFpjOpxrnq4YFmUhUVIXWyOLniN7goCU4CnYTgrU5vnh3HQzd92t
yZWomPa6wZip4g4oWKaNcxdmaJtfxUJZwvZSacpTQnTVAgn05wl/YRqJrwqdTIgZ
JOIs/DRkQujXFAbxkOzOzjVI+EXarOZ/yAf+1XtUGXg577gaAEiGC4A=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:00:20 2024 by rpki-client on console-fra.rpki-client.org