Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zYviYAQAKY6zYBBK1-7Pi1epy-c.roa
File: zYviYAQAKY6zYBBK1-7Pi1epy-c.roa (raw, json)
Hash identifier: yC64poCKBFm7r9sInBSvboff+OtOssgc+ls5UO7urLE=
Subject key identifier: CD:8B:E2:60:04:00:29:8E:B3:60:10:4A:D7:EE:CF:8B:57:A9:CB:E7
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5011632F0D9AAEFFE15EAA4A57CA961
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zYviYAQAKY6zYBBK1-7Pi1epy-c.roa
Signing time: Mon 01 Jan 2024 12:30:31 +0000
ROA not before: Mon 01 Jan 2024 12:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56309
IP address blocks: 203.159.92.0/22 maxlen: 22
141.98.16.0/22 maxlen: 24
45.154.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:03:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:16:32:f0:d9:aa:ef:fe:15:ea:a4:a5:7c:a9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd8be2600400298eb360104ad7eecf8b57a9cbe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:41:2e:11:75:9e:51:d9:19:28:bb:5c:0c:81:
6e:18:2a:0c:ae:9a:3d:eb:1e:db:ed:bb:11:d1:68:
6b:fe:d8:3c:a5:95:72:8b:49:54:92:f7:67:ba:61:
e7:41:a0:ed:fd:d7:89:42:bc:04:04:e4:da:ac:b9:
44:56:a2:af:eb:27:48:a3:ba:4b:0b:81:9a:6c:33:
2f:6f:14:82:3b:d3:0d:5f:ea:fa:2b:22:f7:ba:21:
a9:b0:65:bc:49:eb:03:7a:64:7a:20:ae:1b:c3:56:
ff:8a:d6:d3:71:50:6d:c6:6e:45:b8:a7:98:fb:be:
26:2f:15:fe:b3:dc:b4:62:02:4f:92:22:21:40:7b:
3c:88:fa:eb:d0:52:d9:a1:fd:ee:5d:14:18:66:6d:
9e:cf:c4:6d:01:f8:a5:ae:1d:5f:be:a7:da:34:d8:
f8:10:8a:75:37:e7:ad:f4:10:13:1f:13:de:e8:4c:
52:27:86:09:c0:f5:81:08:83:8c:76:a8:3d:bb:b2:
b0:95:3a:b5:2f:9c:69:81:65:11:0e:3d:fa:cb:39:
42:74:81:50:4a:89:fa:95:78:3f:9e:4a:60:27:ad:
0c:01:36:b3:7f:2b:3b:1d:e0:42:e8:01:45:e4:ac:
12:0d:16:38:c8:9e:e7:0b:01:e2:01:3c:3b:b8:4e:
a6:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:8B:E2:60:04:00:29:8E:B3:60:10:4A:D7:EE:CF:8B:57:A9:CB:E7
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zYviYAQAKY6zYBBK1-7Pi1epy-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.24.0/22
141.98.16.0/22
203.159.92.0/22
Signature Algorithm: sha256WithRSAEncryption
52:17:0a:5b:6d:5a:5b:6e:b0:84:ab:f7:01:fb:e3:73:d5:37:
8c:30:4e:64:29:f0:17:66:1a:b3:06:9f:e6:05:0d:ae:6d:9d:
04:41:05:0c:6a:ac:45:8f:c5:b0:f3:88:8b:63:37:81:07:4a:
0d:b3:5a:13:bb:b0:72:3f:fd:6f:8b:5e:93:a3:e1:2e:2e:cb:
48:67:af:96:b9:cb:82:e5:a0:a1:7b:91:39:e4:7f:fe:01:43:
c9:44:d5:51:5a:79:2c:2b:b2:24:26:c4:17:c8:c1:0b:15:cf:
d7:17:ff:5f:a0:1e:6f:20:d1:7f:7d:44:cc:a3:ee:85:38:75:
d8:1a:17:db:f6:a6:e2:57:d0:00:f8:5d:41:2f:a4:80:71:b8:
cd:26:03:97:66:fc:2d:b6:c0:d5:ea:ca:85:14:10:bb:a1:04:
d3:be:09:e3:74:4e:ce:b5:0e:ce:0e:f5:74:39:3d:e0:9f:32:
9a:c6:18:48:15:e7:ac:96:ba:20:37:a3:1d:13:27:a9:a2:f4:
c0:1c:0d:12:b4:4c:18:d3:b4:49:c2:b2:65:88:41:33:af:ff:
90:29:55:0d:9f:97:eb:64:f4:2c:a6:66:d8:b0:cf:2e:eb:c9:
46:6e:76:84:1f:4f:a1:5b:a6:04:54:f6:97:da:af:8d:c2:cf:
45:3d:13:7d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFARYy8Nmq7/4V6qSlfKlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDhiZTI2MDA0MDAyOThlYjM2MDEwNGFkN2VlY2Y4YjU3YTljYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0EuEXWeUdkZKLtcDIFuGCoMrpo9
6x7b7bsR0Whr/tg8pZVyi0lUkvdnumHnQaDt/deJQrwEBOTarLlEVqKv6ydIo7pL
C4GabDMvbxSCO9MNX+r6KyL3uiGpsGW8SesDemR6IK4bw1b/itbTcVBtxm5FuKeY
+74mLxX+s9y0YgJPkiIhQHs8iPrr0FLZof3uXRQYZm2ez8RtAfilrh1fvqfaNNj4
EIp1N+et9BATHxPe6ExSJ4YJwPWBCIOMdqg9u7KwlTq1L5xpgWURDj36yzlCdIFQ
Son6lXg/nkpgJ60MATazfys7HeBC6AFF5KwSDRY4yJ7nCwHiATw7uE6moQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM2L4mAEACmOs2AQStfuz4tXqcvnMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvell2aVlBUUFLWTZ6WUJCSzEtN1BpMWVweS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZoYAwQC
jWIQAwQCy59cMA0GCSqGSIb3DQEBCwUAA4IBAQBSFwpbbVpbbrCEq/cB++Nz1TeM
ME5kKfAXZhqzBp/mBQ2ubZ0EQQUMaqxFj8Ww84iLYzeBB0oNs1oTu7ByP/1vi16T
o+EuLstIZ6+WucuC5aChe5E55H/+AUPJRNVRWnksK7IkJsQXyMELFc/XF/9foB5v
INF/fUTMo+6FOHXYGhfb9qbiV9AA+F1BL6SAcbjNJgOXZvwttsDV6sqFFBC7oQTT
vgnjdE7OtQ7ODvV0OT3gnzKaxhhIFeeslrogN6MdEyepovTAHA0StEwY07RJwrJl
iEEzr/+QKVUNn5frZPQspmbYsM8u68lGbnaEH0+hW6YEVPaX2q+Nws9FPRN9
-----END CERTIFICATE-----
Generated at Mon May 6 05:08:55 2024 by rpki-client on console-fra.rpki-client.org