Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/sz10zprmT1PxxFUOHfyLxy5Ug7I.roa
File: sz10zprmT1PxxFUOHfyLxy5Ug7I.roa (raw, json)
Hash identifier: zmxSLXuNKYBsOJ9sIl0sGrc7j1vOCe2A8JikhdxlK3Q=
Subject key identifier: B3:3D:74:CE:9A:E6:4F:53:F1:C4:55:0E:1D:FC:8B:C7:2E:54:83:B2
Certificate issuer: /CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Certificate serial: 018CC6B7BDCD4EE4A973F43379FA2EA51CBD
Authority key identifier: 2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/sz10zprmT1PxxFUOHfyLxy5Ug7I.roa
Signing time: Mon 01 Jan 2024 20:29:39 +0000
ROA not before: Mon 01 Jan 2024 20:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61353
IP address blocks: 89.34.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:bd:cd:4e:e4:a9:73:f4:33:79:fa:2e:a5:1c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Validity
Not Before: Jan 1 20:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b33d74ce9ae64f53f1c4550e1dfc8bc72e5483b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2d:f9:53:f8:e4:7f:2e:fc:04:d8:b5:dd:51:
be:f8:1d:d6:c4:2c:95:43:95:f7:02:cc:e0:99:e1:
50:df:be:c4:36:8e:e7:f7:7e:46:5f:58:85:93:78:
94:4b:26:f9:c4:33:48:36:70:5f:c3:e7:c0:cc:9b:
38:eb:0c:94:1d:91:b7:b6:6c:66:e2:3e:cc:5a:34:
76:b9:d7:de:71:8a:2c:83:8e:78:73:82:bc:cc:c9:
58:75:1d:f0:f0:48:2c:ab:bc:15:4f:b6:8f:b3:d0:
c1:01:e0:de:34:f5:0a:ba:9c:69:68:93:47:84:aa:
68:bf:8f:05:24:f8:c8:c5:18:82:fa:09:94:43:0a:
03:4c:26:13:5b:d1:80:70:dd:56:91:c8:db:ce:4f:
b2:cc:dc:25:47:e1:66:63:69:34:9e:d3:55:36:ec:
54:1f:64:9b:cf:a2:3d:a8:f8:91:bc:eb:a0:6a:fb:
50:9a:49:69:48:41:32:47:ae:0b:7b:1a:a1:70:fe:
cb:ed:60:a1:f4:2c:2d:52:29:0b:00:a1:29:5c:07:
68:6b:93:b3:b7:59:7e:0d:07:93:70:9b:20:b2:20:
77:64:0b:1f:1f:fa:65:48:04:66:13:8d:9f:b1:a0:
80:4b:6d:93:dc:f1:c6:11:61:63:78:70:69:5a:93:
0b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3D:74:CE:9A:E6:4F:53:F1:C4:55:0E:1D:FC:8B:C7:2E:54:83:B2
X509v3 Authority Key Identifier:
keyid:2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/sz10zprmT1PxxFUOHfyLxy5Ug7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.160.0/24
Signature Algorithm: sha256WithRSAEncryption
24:71:65:40:7f:86:55:7c:40:69:e5:a4:db:f7:2d:5c:c6:ed:
2d:15:81:74:73:b7:62:8a:ab:d9:39:e9:4f:27:45:ed:e3:f2:
73:e7:66:06:15:03:33:a9:7f:19:4e:19:15:1d:7c:45:86:ed:
b3:9c:a5:55:18:0e:77:e5:e7:a1:e4:23:ae:86:eb:d0:70:7c:
53:16:01:31:c4:61:7b:30:47:df:bd:f2:f9:c1:21:6a:74:91:
8b:37:e0:4f:6e:a7:7f:32:49:45:87:3a:68:c8:02:ea:96:25:
a1:7d:59:c8:50:2f:67:25:7b:12:9e:27:42:42:ba:31:f5:a1:
85:04:85:f9:71:cc:29:9c:05:d1:50:16:e1:ca:d2:3a:29:73:
67:1f:ee:ec:5e:f7:c9:3a:ee:21:34:35:db:d2:bf:a9:3a:cc:
a4:3e:b3:08:27:ef:de:ad:88:6d:be:ff:d3:5c:62:2f:36:f4:
8f:73:af:e7:90:ad:a8:cc:98:a1:e2:78:08:e3:0a:04:c5:40:
ca:72:6e:42:69:d6:15:e7:3c:dd:c6:5a:58:ec:61:b8:6a:35:
7a:99:8b:f7:e0:62:b4:e0:77:c9:48:8a:9c:3f:90:44:cf:b2:
7f:96:c7:f4:fa:30:94:7f:99:7a:91:a8:8d:cc:1e:b8:49:d3:
d4:ad:9c:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt73NTuSpc/QzefoupRy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmIzMzQxM2ZhYTVlNWUxZDI3OWEyYTI1ZmY4MWQ4ZDE1
MzI1ZGYwHhcNMjQwMTAxMjAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNkNzRjZTlhZTY0ZjUzZjFjNDU1MGUxZGZjOGJjNzJlNTQ4M2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC35U/jkfy78BNi13VG++B3WxCyV
Q5X3AszgmeFQ377ENo7n935GX1iFk3iUSyb5xDNINnBfw+fAzJs46wyUHZG3tmxm
4j7MWjR2udfecYosg454c4K8zMlYdR3w8Egsq7wVT7aPs9DBAeDeNPUKupxpaJNH
hKpov48FJPjIxRiC+gmUQwoDTCYTW9GAcN1Wkcjbzk+yzNwlR+FmY2k0ntNVNuxU
H2Sbz6I9qPiRvOugavtQmklpSEEyR64LexqhcP7L7WCh9CwtUikLAKEpXAdoa5Oz
t1l+DQeTcJsgsiB3ZAsfH/plSARmE42fsaCAS22T3PHGEWFjeHBpWpMLjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLM9dM6a5k9T8cRVDh38i8cuVIOyMB8GA1UdIwQY
MBaAFC5rM0E/ql5eHSeaKiX/gdjRUyXfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYt
OGRkODFlNGIzZTMzLzEvc3oxMHpwcm1UMVB4eEZVT0hmeUx4eTVVZzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYtOGRkODFlNGIzZTMz
LzEvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSKgMA0G
CSqGSIb3DQEBCwUAA4IBAQAkcWVAf4ZVfEBp5aTb9y1cxu0tFYF0c7diiqvZOelP
J0Xt4/Jz52YGFQMzqX8ZThkVHXxFhu2znKVVGA535eeh5COuhuvQcHxTFgExxGF7
MEffvfL5wSFqdJGLN+BPbqd/MklFhzpoyALqliWhfVnIUC9nJXsSnidCQrox9aGF
BIX5ccwpnAXRUBbhytI6KXNnH+7sXvfJOu4hNDXb0r+pOsykPrMIJ+/erYhtvv/T
XGIvNvSPc6/nkK2ozJih4ngI4woExUDKcm5CadYV5zzdxlpY7GG4ajV6mYv34GK0
4HfJSIqcP5BEz7J/lsf0+jCUf5l6kaiNzB64SdPUrZyL
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:19:45 2024 by rpki-client on console-ams.rpki-client.org