Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/ZLb2CaW5Fbwf1pm-CszaEr2Qmiw.roa
File: ZLb2CaW5Fbwf1pm-CszaEr2Qmiw.roa (raw, json)
Hash identifier: 1+mfKV0Vhb33wQnyOZ9Xj1TnRfSjmDDXo8jnHr9CjJc=
Subject key identifier: 64:B6:F6:09:A5:B9:15:BC:1F:D6:99:BE:0A:CC:DA:12:BD:90:9A:2C
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 018CC5DC1DD17C01095CEEF983AC67CD4A6C
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/ZLb2CaW5Fbwf1pm-CszaEr2Qmiw.roa
Signing time: Mon 01 Jan 2024 16:29:46 +0000
ROA not before: Mon 01 Jan 2024 16:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51066
IP address blocks: 193.80.160.0/22 maxlen: 22
193.80.132.0/22 maxlen: 22
193.80.136.0/21 maxlen: 21
193.80.144.0/20 maxlen: 20
193.81.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 02:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1d:d1:7c:01:09:5c:ee:f9:83:ac:67:cd:4a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 1 16:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64b6f609a5b915bc1fd699be0accda12bd909a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:02:98:45:ae:7c:41:d6:15:75:18:0e:fa:a8:
bd:a1:99:1c:1d:dd:ea:32:fe:1b:ee:d4:47:b9:78:
4a:e9:1a:b3:80:be:56:e4:fe:e2:65:72:8d:9b:91:
1b:59:62:08:a0:eb:4a:96:01:30:fe:a3:ee:70:3a:
67:43:f5:6c:f5:0c:cc:1c:fb:a6:0f:51:c4:71:c6:
01:15:f2:ad:fa:da:c9:41:af:0e:81:5e:52:fc:fc:
87:5c:36:cd:fa:1b:19:d3:c6:45:1c:48:04:42:1e:
16:8d:29:55:0e:76:62:90:e4:a8:30:85:6a:a2:09:
e9:1a:19:43:85:67:ed:b4:52:70:48:f2:67:4c:30:
6d:6d:e5:61:48:35:10:b5:20:f0:78:85:8b:71:ea:
90:91:f1:a7:f4:81:7a:f3:da:ae:64:5d:f4:7c:8a:
b9:c4:62:96:83:1f:59:78:7e:e4:08:19:4b:89:c0:
27:a5:6d:5f:be:96:f3:14:3d:85:32:5f:2c:2d:63:
ff:ef:4d:c7:e0:54:7b:88:fd:58:1f:ba:76:d5:40:
fc:8a:c0:a7:ed:b6:2f:73:d1:fb:07:f1:03:26:7f:
7a:20:10:b6:9c:b0:4b:86:8a:ca:44:86:2f:73:6c:
c1:65:1b:94:05:8a:ce:dd:61:72:a0:d0:31:18:67:
11:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B6:F6:09:A5:B9:15:BC:1F:D6:99:BE:0A:CC:DA:12:BD:90:9A:2C
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/ZLb2CaW5Fbwf1pm-CszaEr2Qmiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.80.132.0-193.80.163.255
193.81.1.0/24
Signature Algorithm: sha256WithRSAEncryption
73:5d:29:8f:48:73:31:b0:bb:59:1f:c2:32:ac:47:9e:81:70:
66:3f:39:6d:c7:5a:7c:48:45:17:bf:fc:5a:04:03:19:fb:ed:
84:2f:e1:83:c9:33:a4:f3:ca:49:2d:15:6f:5c:8e:da:e8:ea:
47:17:25:c9:1f:13:d3:5d:55:6f:ca:d6:52:69:2b:13:17:0d:
df:21:e1:42:45:a8:18:83:3c:60:f9:c4:e7:37:d4:1b:6f:1f:
85:e8:50:8f:cd:0e:6b:5c:cd:c2:84:02:30:1d:ee:83:3e:ea:
ad:7e:0d:0f:eb:11:d6:46:37:d0:de:c2:45:6a:1c:05:72:c7:
80:a6:da:bf:cf:ed:16:c2:9e:7d:ef:e7:3f:79:19:3b:73:04:
9a:b4:f8:d8:ea:06:80:d8:61:34:a4:e9:fd:48:1c:44:81:f4:
c7:98:43:96:b7:e4:ba:18:99:46:1c:14:12:ff:55:58:f6:a9:
af:21:83:bb:0c:5e:06:7e:71:e6:27:0f:2a:cc:ed:82:64:c9:
3f:17:66:b9:90:77:33:7d:83:4c:c0:66:de:01:97:cc:eb:82:
e1:96:f0:b5:42:85:2f:a0:8f:f8:4c:0b:df:45:87:6e:b6:3e:
88:c3:5b:cd:23:3b:7b:43:bf:46:c2:df:c2:67:b8:22:e5:59:
18:82:70:69
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzF3B3RfAEJXO75g6xnzUpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjQwMTAxMTYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGI2ZjYwOWE1YjkxNWJjMWZkNjk5YmUwYWNjZGExMmJkOTA5YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgKYRa58QdYVdRgO+qi9oZkcHd3q
Mv4b7tRHuXhK6RqzgL5W5P7iZXKNm5EbWWIIoOtKlgEw/qPucDpnQ/Vs9QzMHPum
D1HEccYBFfKt+trJQa8OgV5S/PyHXDbN+hsZ08ZFHEgEQh4WjSlVDnZikOSoMIVq
ognpGhlDhWfttFJwSPJnTDBtbeVhSDUQtSDweIWLceqQkfGn9IF689quZF30fIq5
xGKWgx9ZeH7kCBlLicAnpW1fvpbzFD2FMl8sLWP/703H4FR7iP1YH7p21UD8isCn
7bYvc9H7B/EDJn96IBC2nLBLhorKRIYvc2zBZRuUBYrO3WFyoNAxGGcRowIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGS29gmluRW8H9aZvgrM2hK9kJosMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvWkxiMkNhVzVGYndmMXBtLUNzemFFcjJRbWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBALBUIQD
BALBUKADBADBUQEwDQYJKoZIhvcNAQELBQADggEBAHNdKY9IczGwu1kfwjKsR56B
cGY/OW3HWnxIRRe//FoEAxn77YQv4YPJM6TzykktFW9cjtro6kcXJckfE9NdVW/K
1lJpKxMXDd8h4UJFqBiDPGD5xOc31BtvH4XoUI/NDmtczcKEAjAd7oM+6q1+DQ/r
EdZGN9DewkVqHAVyx4Cm2r/P7RbCnn3v5z95GTtzBJq0+NjqBoDYYTSk6f1IHESB
9MeYQ5a35LoYmUYcFBL/VVj2qa8hg7sMXgZ+ceYnDyrM7YJkyT8XZrmQdzN9g0zA
Zt4Bl8zrguGW8LVChS+gj/hMC99Fh262PojDW80jO3tDv0bC38JnuCLlWRiCcGk=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:44:01 2024 by rpki-client on console-ams.rpki-client.org