Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/ZUrnh3aVY-lZ7gyUNzpiw8OMWH4.roa
File: ZUrnh3aVY-lZ7gyUNzpiw8OMWH4.roa (raw, json)
Hash identifier: 3lxVNOgYp1GoaCx5JSdSW1QwKd7pacnk0fOw8jB5/cw=
Subject key identifier: 65:4A:E7:87:76:95:63:E9:59:EE:0C:94:37:3A:62:C3:C3:8C:58:7E
Certificate issuer: /CN=a011a02e929c43f0199c8326302e24899c4a4151
Certificate serial: 018CC8DF0C2F11CEBA791EF8C4232F273236
Authority key identifier: A0:11:A0:2E:92:9C:43:F0:19:9C:83:26:30:2E:24:89:9C:4A:41:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/ZUrnh3aVY-lZ7gyUNzpiw8OMWH4.roa
Signing time: Tue 02 Jan 2024 06:31:49 +0000
ROA not before: Tue 02 Jan 2024 06:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51739
IP address blocks: 91.223.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.mft
rsync://rpki.ripe.net/repository/DEFAULT/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:0c:2f:11:ce:ba:79:1e:f8:c4:23:2f:27:32:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a011a02e929c43f0199c8326302e24899c4a4151
Validity
Not Before: Jan 2 06:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=654ae787769563e959ee0c94373a62c3c38c587e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:46:33:65:7e:55:e6:c4:eb:88:46:54:54:1a:
ab:87:ae:c2:76:98:31:e5:11:43:eb:3e:bd:e0:8c:
84:c4:20:09:ef:cd:bb:20:88:f6:87:cf:fc:65:bb:
80:1d:37:4b:22:df:54:a3:77:61:eb:cf:d4:3e:ee:
ce:ce:e2:ad:c8:8a:30:cd:19:cb:d9:e5:78:bb:18:
bc:c5:27:27:1d:4f:9a:6b:20:9e:88:a3:0d:36:e9:
dd:5b:e0:dc:b2:6f:83:d8:82:ee:f8:9b:d0:57:fb:
e6:92:8b:40:26:5f:b2:4f:58:3f:33:19:ce:82:6d:
37:5c:c9:e8:c1:0d:72:75:c6:bf:c1:ca:c3:52:47:
42:9b:5d:9c:2f:73:ee:4e:ec:b5:fd:cd:a1:69:35:
4b:73:18:04:8f:9f:c5:2a:e6:d8:96:ae:50:58:a3:
00:c2:29:49:0e:b1:ee:60:16:2b:dd:93:39:8a:61:
89:b5:50:d6:b2:49:74:8e:69:e4:c0:77:1b:75:f9:
95:ed:84:11:a4:41:67:20:74:fd:f5:63:c6:95:69:
7b:5f:74:29:ae:eb:3e:b4:2e:1c:db:33:27:f8:28:
78:9e:e0:58:52:1c:d8:d2:2a:89:c1:48:82:7d:b1:
2f:b1:72:1a:e1:48:eb:47:1a:7f:c3:fa:61:8b:a0:
ba:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4A:E7:87:76:95:63:E9:59:EE:0C:94:37:3A:62:C3:C3:8C:58:7E
X509v3 Authority Key Identifier:
keyid:A0:11:A0:2E:92:9C:43:F0:19:9C:83:26:30:2E:24:89:9C:4A:41:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/ZUrnh3aVY-lZ7gyUNzpiw8OMWH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.0.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:60:1d:ea:66:ae:10:48:c2:0d:9b:11:4c:b1:a6:af:f7:00:
85:16:96:8e:88:ac:a4:38:e4:4f:81:4c:59:01:42:f5:e3:b8:
e5:b3:d3:19:08:a6:06:5e:39:aa:3c:ae:57:71:60:92:89:59:
3c:28:9d:c7:60:79:e5:06:38:0a:ca:fd:b9:a7:c1:4b:a7:64:
03:d6:05:34:e7:bd:c2:2d:cd:1d:fa:bf:7f:92:1f:ca:14:3f:
6e:30:a3:88:11:47:c2:0c:b4:14:cd:26:e4:e7:b8:a7:db:12:
6f:fa:ba:ff:2d:ed:ee:f4:25:3a:eb:8f:ad:92:72:e9:eb:2a:
a7:74:a9:79:e2:7f:c8:4e:08:57:5b:69:30:95:9c:b5:d7:88:
a8:a6:1c:84:20:d1:35:17:a4:ae:62:d5:f5:7f:48:af:b7:91:
5e:a0:21:b9:7c:72:53:70:01:78:e8:37:e1:a5:b4:a7:59:f0:
ca:e1:8e:31:03:ee:e1:64:f5:50:a7:04:9c:ef:06:ab:c9:16:
3d:55:27:e0:95:3b:fd:d8:cb:bc:a2:83:a9:9d:bc:d8:61:62:
f0:d3:5e:b0:ce:df:52:24:43:e7:ca:e9:a6:66:ed:2d:58:df:
ee:8f:80:a8:d8:2d:3c:fb:7a:03:f2:88:b8:0b:9e:53:fd:9f:
2e:9a:c0:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3wwvEc66eR74xCMvJzI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMTFhMDJlOTI5YzQzZjAxOTljODMyNjMwMmUyNDg5OWM0
YTQxNTEwHhcNMjQwMTAyMDYzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTRhZTc4Nzc2OTU2M2U5NTllZTBjOTQzNzNhNjJjM2MzOGM1ODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0YzZX5V5sTriEZUVBqrh67Cdpgx
5RFD6z694IyExCAJ7827IIj2h8/8ZbuAHTdLIt9Uo3dh68/UPu7OzuKtyIowzRnL
2eV4uxi8xScnHU+aayCeiKMNNundW+Dcsm+D2ILu+JvQV/vmkotAJl+yT1g/MxnO
gm03XMnowQ1ydca/wcrDUkdCm12cL3PuTuy1/c2haTVLcxgEj5/FKubYlq5QWKMA
wilJDrHuYBYr3ZM5imGJtVDWskl0jmnkwHcbdfmV7YQRpEFnIHT99WPGlWl7X3Qp
rus+tC4c2zMn+Ch4nuBYUhzY0iqJwUiCfbEvsXIa4UjrRxp/w/phi6C6XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGVK54d2lWPpWe4MlDc6YsPDjFh+MB8GA1UdIwQY
MBaAFKARoC6SnEPwGZyDJjAuJImcSkFRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0JHZ0xwS2NRX0FabklNbU1DNGtpWnhLUVZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mOTdkN2UtODA3OC00Y2VlLWFmNzYt
OWY2ZDBiZmQyMDU4LzEvWlVybmgzYVZZLWxaN2d5VU56cGl3OE9NV0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9mOTdkN2UtODA3OC00Y2VlLWFmNzYtOWY2ZDBiZmQyMDU4
LzEvb0JHZ0xwS2NRX0FabklNbU1DNGtpWnhLUVZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW98AMA0G
CSqGSIb3DQEBCwUAA4IBAQCjYB3qZq4QSMINmxFMsaav9wCFFpaOiKykOORPgUxZ
AUL147jls9MZCKYGXjmqPK5XcWCSiVk8KJ3HYHnlBjgKyv25p8FLp2QD1gU0573C
Lc0d+r9/kh/KFD9uMKOIEUfCDLQUzSbk57in2xJv+rr/Le3u9CU664+tknLp6yqn
dKl54n/ITghXW2kwlZy114iophyEINE1F6SuYtX1f0ivt5FeoCG5fHJTcAF46Dfh
pbSnWfDK4Y4xA+7hZPVQpwSc7waryRY9VSfglTv92Mu8ooOpnbzYYWLw016wzt9S
JEPnyummZu0tWN/uj4Co2C08+3oD8oi4C55T/Z8umsAQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:55:15 2024 by rpki-client on console-ams.rpki-client.org