Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/bz7IqW8XbkOOLmLpoji8jFd0EJg.roa
File: bz7IqW8XbkOOLmLpoji8jFd0EJg.roa (raw, json)
Hash identifier: l2Z5Lj4TmC/VP4jQIk+NvM9Wpg+vARzFdFZrKKlKFb0=
Subject key identifier: 6F:3E:C8:A9:6F:17:6E:43:8E:2E:62:E9:A2:38:BC:8C:57:74:10:98
Certificate issuer: /CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Certificate serial: 018CC801955C7E5F55891648FC7064733393
Authority key identifier: 53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/bz7IqW8XbkOOLmLpoji8jFd0EJg.roa
Signing time: Tue 02 Jan 2024 02:29:56 +0000
ROA not before: Tue 02 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60349
IP address blocks: 194.38.38.0/24 maxlen: 24
194.38.36.0/22 maxlen: 23
194.38.37.0/24 maxlen: 24
194.38.36.0/24 maxlen: 24
194.38.39.0/24 maxlen: 24
2a09:6d40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/U_NZCAnRh_ezYfskzUP5P2ZLILM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/U_NZCAnRh_ezYfskzUP5P2ZLILM.mft
rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:95:5c:7e:5f:55:89:16:48:fc:70:64:73:33:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Validity
Not Before: Jan 2 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f3ec8a96f176e438e2e62e9a238bc8c57741098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:24:e7:7d:f9:9d:3d:9d:76:2a:c9:92:17:bf:
6d:9d:da:7b:3c:98:39:30:c5:97:85:80:7b:31:0b:
5c:8e:31:a6:5a:a2:4c:b9:1d:9d:a4:69:4b:a5:16:
f7:18:ce:97:31:3e:97:ca:07:c8:db:32:3a:7a:3a:
3e:f3:1c:99:15:93:e0:41:86:e6:c6:28:a9:39:98:
45:b0:1e:67:a3:e4:98:c8:ff:2c:f1:7b:00:df:e1:
a6:b7:fa:ee:76:30:07:b7:5d:92:89:78:d9:49:79:
0d:1c:a6:86:5f:40:d0:f0:6d:08:05:e4:3f:6d:7a:
04:d0:7a:60:6e:ec:e5:31:e9:f2:54:b1:23:e5:a5:
8f:2b:7c:2e:a6:a9:7d:d4:e5:47:04:13:3c:88:65:
6b:82:23:03:ac:2b:3a:54:f4:6b:f9:83:20:3a:7a:
d7:c0:20:fe:59:42:b5:1d:15:21:9c:22:53:51:c1:
cf:64:e3:ad:ea:e5:b8:de:fb:01:c7:ff:51:da:01:
84:13:28:b0:1f:f6:56:b2:a0:34:b0:5b:22:7f:2c:
f4:2c:16:ef:ff:1c:0b:11:22:ed:ad:d6:23:b9:d7:
20:3a:93:55:7e:4e:52:73:10:0d:38:3e:d8:75:95:
94:51:42:1d:a0:64:35:90:68:84:77:e0:ba:9e:41:
81:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:3E:C8:A9:6F:17:6E:43:8E:2E:62:E9:A2:38:BC:8C:57:74:10:98
X509v3 Authority Key Identifier:
keyid:53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/bz7IqW8XbkOOLmLpoji8jFd0EJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/U_NZCAnRh_ezYfskzUP5P2ZLILM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.36.0/22
IPv6:
2a09:6d40::/32
Signature Algorithm: sha256WithRSAEncryption
5b:89:e1:bb:b1:d7:17:5c:e3:af:e6:17:f8:5b:11:79:9d:8a:
a5:7e:60:e9:8d:b3:3b:ac:7b:2d:af:67:39:3c:4d:ee:0f:a6:
ab:46:e3:5f:ef:45:58:54:40:13:9a:4e:9d:7b:63:54:a9:31:
1e:39:e9:41:26:bf:ba:a1:5d:3e:b2:d5:7d:7b:be:96:7a:69:
f7:51:44:46:97:c4:6f:84:74:fb:98:f8:d1:03:52:1f:35:1f:
cb:db:5e:59:a2:3a:87:d5:3e:69:8b:db:9b:4f:ec:a2:fb:92:
02:24:f5:b4:78:80:4b:bd:bf:4d:4c:44:2d:fa:fb:81:65:04:
2f:a7:81:38:80:d7:c0:d3:60:c4:a6:56:36:64:af:b2:2b:3d:
c1:3c:bb:d0:dc:d5:fb:e8:de:0b:2a:df:51:14:3d:54:48:1c:
2b:e0:00:29:1a:7d:da:e6:25:e4:25:25:06:66:2d:dc:38:1b:
f5:94:d4:6b:0d:af:6d:3d:90:d7:b9:0c:79:67:85:b8:fd:f9:
c0:3c:ef:a8:49:00:e5:07:95:6a:2f:2e:fa:c3:1f:3a:a0:ea:
b0:1f:88:8c:c3:6b:e4:8c:88:69:7c:33:9f:64:95:c2:d8:ea:
51:6e:92:93:56:b1:ce:50:bb:31:dd:cf:d8:ad:70:e6:b3:e9:
31:bb:0e:fb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAZVcfl9ViRZI/HBkczOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjM1OTA4MDlkMTg3ZjdiMzYxZmIyNGNkNDNmOTNmNjY0
YjIwYjMwHhcNMjQwMTAyMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjNlYzhhOTZmMTc2ZTQzOGUyZTYyZTlhMjM4YmM4YzU3NzQxMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSTnffmdPZ12KsmSF79tndp7PJg5
MMWXhYB7MQtcjjGmWqJMuR2dpGlLpRb3GM6XMT6XygfI2zI6ejo+8xyZFZPgQYbm
xiipOZhFsB5no+SYyP8s8XsA3+Gmt/rudjAHt12SiXjZSXkNHKaGX0DQ8G0IBeQ/
bXoE0HpgbuzlMenyVLEj5aWPK3wupql91OVHBBM8iGVrgiMDrCs6VPRr+YMgOnrX
wCD+WUK1HRUhnCJTUcHPZOOt6uW43vsBx/9R2gGEEyiwH/ZWsqA0sFsifyz0LBbv
/xwLESLtrdYjudcgOpNVfk5ScxANOD7YdZWUUUIdoGQ1kGiEd+C6nkGBOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG8+yKlvF25Dji5i6aI4vIxXdBCYMB8GA1UdIwQY
MBaAFFPzWQgJ0Yf3s2H7JM1D+T9mSyCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9OWkNBblJoX2V6WWZza3pVUDVQMlpMSUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9kZTYzODMtNGFkNS00NTdiLTk1M2Mt
YTc3NmZlZGU5OTA1LzEvYno3SXFXOFhia09PTG1McG9qaThqRmQwRUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9kZTYzODMtNGFkNS00NTdiLTk1M2MtYTc3NmZlZGU5OTA1
LzEvVV9OWkNBblJoX2V6WWZza3pVUDVQMlpMSUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwiYkMA0E
AgACMAcDBQAqCW1AMA0GCSqGSIb3DQEBCwUAA4IBAQBbieG7sdcXXOOv5hf4WxF5
nYqlfmDpjbM7rHstr2c5PE3uD6arRuNf70VYVEATmk6de2NUqTEeOelBJr+6oV0+
stV9e76Wemn3UURGl8RvhHT7mPjRA1IfNR/L215ZojqH1T5pi9ubT+yi+5ICJPW0
eIBLvb9NTEQt+vuBZQQvp4E4gNfA02DEplY2ZK+yKz3BPLvQ3NX76N4LKt9RFD1U
SBwr4AApGn3a5iXkJSUGZi3cOBv1lNRrDa9tPZDXuQx5Z4W4/fnAPO+oSQDlB5Vq
Ly76wx86oOqwH4iMw2vkjIhpfDOfZJXC2OpRbpKTVrHOULsx3c/YrXDms+kxuw77
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:12 2024 by rpki-client on console-fra.rpki-client.org