Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/a537c0-fd4b-43b6-8891-d57373bf5162/1/zNk1AsMq0OpwJPuzJBmc38J88gg.roa
File: zNk1AsMq0OpwJPuzJBmc38J88gg.roa (raw, json)
Hash identifier: FSPeeafwHLRH8ZNF+hfBuEcdDjN0kOK9Nk3pmEjDFWU=
Subject key identifier: CC:D9:35:02:C3:2A:D0:EA:70:24:FB:B3:24:19:9C:DF:C2:7C:F2:08
Certificate issuer: /CN=96351c473a16ba38fab4d517059225e0f133c8bf
Certificate serial: 01930BF3199A9BF58D449663355B24EF4383
Authority key identifier: 96:35:1C:47:3A:16:BA:38:FA:B4:D5:17:05:92:25:E0:F1:33:C8:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ljUcRzoWujj6tNUXBZIl4PEzyL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/a537c0-fd4b-43b6-8891-d57373bf5162/1/zNk1AsMq0OpwJPuzJBmc38J88gg.roa
Signing time: Fri 08 Nov 2024 13:25:01 +0000
ROA not before: Fri 08 Nov 2024 13:25:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3302
IP address blocks: 91.225.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/a537c0-fd4b-43b6-8891-d57373bf5162/1/ljUcRzoWujj6tNUXBZIl4PEzyL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/a537c0-fd4b-43b6-8891-d57373bf5162/1/ljUcRzoWujj6tNUXBZIl4PEzyL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ljUcRzoWujj6tNUXBZIl4PEzyL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:f3:19:9a:9b:f5:8d:44:96:63:35:5b:24:ef:43:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96351c473a16ba38fab4d517059225e0f133c8bf
Validity
Not Before: Nov 8 13:25:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccd93502c32ad0ea7024fbb324199cdfc27cf208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:54:c9:41:b9:b4:6e:96:f4:26:32:40:26:77:
6d:13:bb:ee:58:b1:64:f1:31:84:9d:d6:5d:3a:0c:
54:3e:10:88:b4:a1:72:3c:d1:18:48:45:b5:6f:0e:
6c:b1:75:2f:c7:7f:f1:d8:bb:87:00:46:7a:a4:90:
9c:ca:7f:c3:83:e8:e9:3c:30:a8:67:01:74:59:ed:
e8:10:61:6e:54:d1:60:5f:82:ec:3e:65:3a:b5:c0:
9a:bd:df:f8:67:ff:3c:f3:32:22:03:50:47:4a:76:
af:13:d9:7e:2b:13:d5:5f:f3:24:67:ae:7d:a8:bb:
e3:61:cd:25:54:15:56:94:e2:1b:75:12:12:75:76:
b5:51:0b:47:36:4b:32:27:63:c8:7c:78:cc:1e:e8:
39:3b:bc:89:b0:bd:77:f8:8e:0a:60:66:94:c7:bb:
54:f2:c5:69:a9:7f:e5:be:5b:90:2e:53:40:f3:a6:
2e:5b:af:38:a2:56:aa:e9:2b:7f:44:02:4c:4d:e2:
8c:a3:fb:da:dd:2d:b1:39:fb:29:21:f6:e2:92:cb:
c9:27:1a:a6:cb:99:20:d7:b4:a8:52:e1:99:e2:34:
3a:8a:45:68:c2:45:af:28:e8:d2:6e:2e:2a:6d:a1:
7c:52:7d:cb:b4:08:d8:44:4a:fe:22:5e:12:b1:c0:
42:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D9:35:02:C3:2A:D0:EA:70:24:FB:B3:24:19:9C:DF:C2:7C:F2:08
X509v3 Authority Key Identifier:
keyid:96:35:1C:47:3A:16:BA:38:FA:B4:D5:17:05:92:25:E0:F1:33:C8:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ljUcRzoWujj6tNUXBZIl4PEzyL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a537c0-fd4b-43b6-8891-d57373bf5162/1/zNk1AsMq0OpwJPuzJBmc38J88gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a537c0-fd4b-43b6-8891-d57373bf5162/1/ljUcRzoWujj6tNUXBZIl4PEzyL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.180.0/22
Signature Algorithm: sha256WithRSAEncryption
55:87:5f:14:66:42:3a:0a:fa:16:42:5b:db:e8:86:10:ee:3f:
18:98:d8:df:05:47:3e:82:4a:01:3f:9e:cd:82:44:13:73:dd:
fe:ef:c2:2f:1a:df:aa:fa:ff:e2:f3:3d:dc:f5:3f:53:fa:5f:
be:74:98:bf:a5:de:39:70:3e:69:2c:65:66:4f:8d:78:6a:07:
f5:5a:6a:8b:ca:6f:25:95:7b:c4:52:99:68:8d:4e:f2:27:52:
40:70:5d:15:c3:d5:0c:c8:c8:3d:98:13:a0:71:68:ca:35:63:
0f:f8:4d:5b:92:28:3a:b4:21:af:22:86:6c:77:03:af:a9:9a:
2a:be:24:bd:d1:f7:7a:c0:02:1b:48:e5:3e:dd:b9:8e:64:f4:
31:1e:ed:4c:54:fa:3b:4a:ca:0c:2f:dc:0f:e3:14:ce:32:39:
80:25:1c:41:67:5f:08:2c:35:cb:5b:0a:6d:3b:6a:30:c2:8a:
43:e3:a3:78:70:c8:56:bb:99:36:ae:bc:2c:90:9b:f2:7e:1c:
20:69:0b:64:21:c2:c5:e6:81:92:b4:17:30:36:e0:d6:55:0b:
e1:e9:02:a9:35:66:c6:7e:d1:b2:b3:d7:56:2e:90:6b:20:a0:
37:d0:ca:97:5d:c2:94:79:65:4e:96:54:96:9f:58:7b:ac:8b:
89:ac:06:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZML8xmam/WNRJZjNVsk70ODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MzUxYzQ3M2ExNmJhMzhmYWI0ZDUxNzA1OTIyNWUwZjEz
M2M4YmYwHhcNMjQxMTA4MTMyNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2Q5MzUwMmMzMmFkMGVhNzAyNGZiYjMyNDE5OWNkZmMyN2NmMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulTJQbm0bpb0JjJAJndtE7vuWLFk
8TGEndZdOgxUPhCItKFyPNEYSEW1bw5ssXUvx3/x2LuHAEZ6pJCcyn/Dg+jpPDCo
ZwF0We3oEGFuVNFgX4LsPmU6tcCavd/4Z/888zIiA1BHSnavE9l+KxPVX/MkZ659
qLvjYc0lVBVWlOIbdRISdXa1UQtHNksyJ2PIfHjMHug5O7yJsL13+I4KYGaUx7tU
8sVpqX/lvluQLlNA86YuW684olaq6St/RAJMTeKMo/va3S2xOfspIfbiksvJJxqm
y5kg17SoUuGZ4jQ6ikVowkWvKOjSbi4qbaF8Un3LtAjYREr+Il4SscBC/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMzZNQLDKtDqcCT7syQZnN/CfPIIMB8GA1UdIwQY
MBaAFJY1HEc6Fro4+rTVFwWSJeDxM8i/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGpVY1J6b1d1amo2dE5VWEJaSWw0UEV6eUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9hNTM3YzAtZmQ0Yi00M2I2LTg4OTEt
ZDU3MzczYmY1MTYyLzEvek5rMUFzTXEwT3B3SlB1ekpCbWMzOEo4OGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9hNTM3YzAtZmQ0Yi00M2I2LTg4OTEtZDU3MzczYmY1MTYy
LzEvbGpVY1J6b1d1amo2dE5VWEJaSWw0UEV6eUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+G0MA0G
CSqGSIb3DQEBCwUAA4IBAQBVh18UZkI6CvoWQlvb6IYQ7j8YmNjfBUc+gkoBP57N
gkQTc93+78IvGt+q+v/i8z3c9T9T+l++dJi/pd45cD5pLGVmT414agf1WmqLym8l
lXvEUplojU7yJ1JAcF0Vw9UMyMg9mBOgcWjKNWMP+E1bkig6tCGvIoZsdwOvqZoq
viS90fd6wAIbSOU+3bmOZPQxHu1MVPo7SsoML9wP4xTOMjmAJRxBZ18ILDXLWwpt
O2owwopD46N4cMhWu5k2rrwskJvyfhwgaQtkIcLF5oGStBcwNuDWVQvh6QKpNWbG
ftGys9dWLpBrIKA30MqXXcKUeWVOllSWn1h7rIuJrAa8
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:23:35 2024 by rpki-client on console-ams.rpki-client.org