Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Z4GNPjJup66jbvj5VF9cNqOd-V4.roa
File: Z4GNPjJup66jbvj5VF9cNqOd-V4.roa (raw, json)
Hash identifier: EzhLcIfcp8Mx7E8wJglg50nRVNnw3eC81Av7mR5vPpY=
Subject key identifier: 67:81:8D:3E:32:6E:A7:AE:A3:6E:F8:F9:54:5F:5C:36:A3:9D:F9:5E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0192F2C79F5C862ACF589DA7AD99509BA760
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Z4GNPjJup66jbvj5VF9cNqOd-V4.roa
Signing time: Sun 03 Nov 2024 16:07:01 +0000
ROA not before: Sun 03 Nov 2024 16:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.128.79.0/24 maxlen: 24
45.141.178.0/24 maxlen: 24
93.190.246.0/24 maxlen: 24
2a0f:7d03::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f2:c7:9f:5c:86:2a:cf:58:9d:a7:ad:99:50:9b:a7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 3 16:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67818d3e326ea7aea36ef8f9545f5c36a39df95e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:35:32:19:80:7e:d8:0f:84:31:8b:1c:ba:f0:
17:8a:58:e3:9f:d6:53:f4:08:95:6e:3a:37:c9:b5:
8a:4a:d8:cd:8d:0e:27:5d:66:b5:38:07:e7:b5:5f:
76:c5:40:7f:ea:a3:68:4a:9a:f5:23:c6:f3:54:49:
e8:af:54:d7:5f:6d:48:e5:8c:bd:23:2d:72:71:1f:
01:e4:08:4e:b7:6c:5f:ec:9e:59:08:d1:6f:bb:a7:
21:19:35:0b:5b:a3:0e:92:81:54:b3:a8:9d:a0:6a:
f8:95:fe:04:04:26:03:d4:7e:b7:52:de:5e:f3:14:
3a:5c:5a:1b:60:61:e3:73:aa:3c:23:8c:d7:3b:84:
e5:4e:40:d0:a0:cb:9d:1e:b6:aa:7b:37:2f:f4:87:
8c:39:90:75:a2:6f:00:ed:ae:37:73:7a:37:27:eb:
89:b6:55:3f:96:49:72:45:d4:ec:43:bd:8a:5a:d3:
4d:69:10:66:70:9d:32:79:1f:9d:7d:a7:ca:1d:32:
8b:ac:49:8f:ba:fa:af:85:1f:32:4f:a6:e5:9c:2f:
a9:54:ea:53:00:77:a7:a6:2d:7f:ae:d2:2e:a4:d2:
6d:f1:18:44:18:17:5b:42:39:da:a6:cd:bb:c5:11:
b4:fd:65:21:1a:31:28:32:97:0c:2c:37:f3:01:44:
4a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:81:8D:3E:32:6E:A7:AE:A3:6E:F8:F9:54:5F:5C:36:A3:9D:F9:5E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Z4GNPjJup66jbvj5VF9cNqOd-V4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.79.0/24
45.141.178.0/24
93.190.246.0/24
IPv6:
2a0f:7d03::/32
Signature Algorithm: sha256WithRSAEncryption
ca:3c:45:76:02:f4:f8:3f:06:2f:20:2f:f3:b7:69:f4:91:bd:
39:1d:0e:67:cd:42:64:f7:20:74:ac:84:3a:42:42:af:2e:6c:
3d:34:17:68:7b:a3:e8:9e:98:4c:b6:f0:15:69:56:40:a3:64:
32:11:b1:2a:fb:62:5f:5d:27:2a:e6:31:29:4e:6b:f3:e2:51:
17:da:97:cd:3e:7f:07:a4:46:1c:2d:84:59:27:4d:df:bb:1e:
0b:b8:9f:99:a8:20:3b:25:59:c2:7b:d7:03:e8:0a:cc:1f:fd:
e9:b3:ac:65:d5:25:3c:bc:7c:45:e2:59:aa:f9:3c:c5:1f:1c:
e3:3f:56:17:a1:82:69:5b:03:5a:39:16:ae:a9:f1:dd:d6:11:
c7:10:e8:d5:93:92:0a:e5:75:55:83:32:48:c5:97:de:27:93:
45:9c:cc:a2:b8:55:a6:1d:1e:9f:c6:e4:fb:5e:91:de:10:29:
dd:4c:72:9f:a0:a4:56:e6:ff:a0:8e:35:dc:29:f7:51:96:f9:
58:1e:64:53:15:5b:ba:a3:31:e1:e5:d9:0b:71:5d:6e:6b:dd:
19:e1:80:6c:62:9c:f8:7a:3e:60:60:4b:15:9c:9f:19:72:00:
94:b3:64:a7:bd:af:76:83:92:60:de:7d:74:ce:8e:ee:50:8e:
f5:38:9a:45
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZLyx59chirPWJ2nrZlQm6dgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTAzMTYwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzgxOGQzZTMyNmVhN2FlYTM2ZWY4Zjk1NDVmNWMzNmEzOWRmOTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTUyGYB+2A+EMYscuvAXiljjn9ZT
9AiVbjo3ybWKStjNjQ4nXWa1OAfntV92xUB/6qNoSpr1I8bzVEnor1TXX21I5Yy9
Iy1ycR8B5AhOt2xf7J5ZCNFvu6chGTULW6MOkoFUs6idoGr4lf4EBCYD1H63Ut5e
8xQ6XFobYGHjc6o8I4zXO4TlTkDQoMudHraqezcv9IeMOZB1om8A7a43c3o3J+uJ
tlU/lklyRdTsQ72KWtNNaRBmcJ0yeR+dfafKHTKLrEmPuvqvhR8yT6blnC+pVOpT
AHenpi1/rtIupNJt8RhEGBdbQjnaps27xRG0/WUhGjEoMpcMLDfzAURKawIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGeBjT4ybqeuo274+VRfXDajnfleMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWjRHTlBqSnVwNjZqYnZqNVZGOWNOcU9kLVY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALYBPAwQA
LY2yAwQAXb72MA0EAgACMAcDBQAqD30DMA0GCSqGSIb3DQEBCwUAA4IBAQDKPEV2
AvT4PwYvIC/zt2n0kb05HQ5nzUJk9yB0rIQ6QkKvLmw9NBdoe6PonphMtvAVaVZA
o2QyEbEq+2JfXScq5jEpTmvz4lEX2pfNPn8HpEYcLYRZJ03fux4LuJ+ZqCA7JVnC
e9cD6ArMH/3ps6xl1SU8vHxF4lmq+TzFHxzjP1YXoYJpWwNaORauqfHd1hHHEOjV
k5IK5XVVgzJIxZfeJ5NFnMyiuFWmHR6fxuT7XpHeECndTHKfoKRW5v+gjjXcKfdR
lvlYHmRTFVu6ozHh5dkLcV1ua90Z4YBsYpz4ej5gYEsVnJ8ZcgCUs2Snva92g5Jg
3n10zo7uUI71OJpF
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:43:24 2024 by rpki-client on console-fra.rpki-client.org