Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/ZYEzyPyy-T0c1j8oKf-wp2MwF0g.roa
File: ZYEzyPyy-T0c1j8oKf-wp2MwF0g.roa (raw, json)
Hash identifier: mlPOJJ2D65ZPidPW4lS5GN8fHIj6aKE/sIQ1Kkrjzqs=
Subject key identifier: 65:81:33:C8:FC:B2:F9:3D:1C:D6:3F:28:29:FF:B0:A7:63:30:17:48
Certificate issuer: /CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Certificate serial: 018CC9BCECCB7FD31A58B13253AE1B7353A8
Authority key identifier: 01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/ZYEzyPyy-T0c1j8oKf-wp2MwF0g.roa
Signing time: Tue 02 Jan 2024 10:34:10 +0000
ROA not before: Tue 02 Jan 2024 10:34:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201942
IP address blocks: 91.126.152.0/21 maxlen: 21
91.126.160.0/20 maxlen: 20
91.126.64.0/22 maxlen: 22
91.126.80.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ec:cb:7f:d3:1a:58:b1:32:53:ae:1b:73:53:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0170a169b6cd411022279e9ff997f134ff54ab1c
Validity
Not Before: Jan 2 10:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=658133c8fcb2f93d1cd63f2829ffb0a763301748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:26:18:d7:a1:f7:75:21:7d:97:73:1a:62:ac:
86:bc:8a:de:90:ca:d9:9d:23:89:e2:7d:e2:00:2c:
0f:0e:6e:bc:41:4e:9f:2d:b4:08:30:35:d7:ac:3b:
5e:97:de:a4:f3:e5:a5:aa:f4:3c:4d:c6:cd:98:49:
f7:b7:d0:19:4b:ff:be:50:57:ab:5f:d1:b2:c4:95:
c7:d9:77:98:6b:b3:f7:72:24:46:c0:4c:64:93:04:
22:6c:ca:f8:e2:43:cf:fc:d8:4a:aa:6e:64:98:39:
b5:47:77:9e:d8:04:5c:5a:bb:df:e0:d1:5c:8f:be:
42:23:f0:0e:1c:fd:9a:6a:9e:4f:cb:a2:11:91:99:
e4:07:44:e0:f3:8a:c3:18:12:63:de:a2:4c:14:32:
e8:1c:a5:70:a6:92:eb:1a:46:d1:1f:d9:2b:9c:2c:
79:a3:de:a1:e7:df:f3:85:e8:b6:57:bf:c1:90:07:
2e:37:8b:27:18:c0:c4:a4:b2:34:b8:e2:36:4d:89:
a5:ae:c8:68:06:a2:9b:84:1b:30:f9:98:45:b4:d3:
5c:cc:a8:93:85:6a:0a:9f:b8:c4:da:ad:49:24:ab:
65:62:ec:30:f2:06:11:95:b1:6e:0e:c0:2a:6b:4e:
b9:d1:a5:aa:39:b9:42:89:27:ce:16:e4:40:37:f8:
6b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:81:33:C8:FC:B2:F9:3D:1C:D6:3F:28:29:FF:B0:A7:63:30:17:48
X509v3 Authority Key Identifier:
keyid:01:70:A1:69:B6:CD:41:10:22:27:9E:9F:F9:97:F1:34:FF:54:AB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AXChabbNQRAiJ56f-ZfxNP9Uqxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/ZYEzyPyy-T0c1j8oKf-wp2MwF0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1e777f-986b-4e34-8d81-7d4bb2380487/1/AXChabbNQRAiJ56f-ZfxNP9Uqxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.126.64.0/22
91.126.80.0/21
91.126.152.0-91.126.175.255
Signature Algorithm: sha256WithRSAEncryption
2a:22:d5:8d:55:7e:c0:8b:12:63:3a:ea:1e:76:f5:25:03:cd:
b2:b8:d3:83:72:82:57:8a:4a:c4:e7:9b:49:cb:e2:d7:d8:7c:
94:9b:20:e8:0f:43:02:bf:5a:6e:06:f4:ba:29:f2:83:ef:f4:
92:a0:7a:4c:e3:22:a2:09:91:5b:8b:bb:23:1e:2d:46:6d:0a:
2e:a9:47:46:80:ba:7a:70:66:c6:f2:69:f7:14:32:8d:8e:11:
0a:9c:f2:70:b0:78:38:23:ef:ab:44:e9:f9:e6:8e:8e:48:16:
bc:8e:5a:64:3c:23:2e:cc:a2:68:79:a9:3d:c9:48:1f:38:aa:
38:b4:4e:a4:8a:57:73:d8:e0:02:af:95:ea:c2:81:b3:7b:8b:
83:60:00:30:a1:06:2a:83:23:ec:e2:4b:50:4f:a1:8e:96:2d:
c6:a2:9b:55:b5:d5:d8:07:0f:88:3b:6b:bb:d8:3f:1e:c8:03:
5c:ec:9d:ad:34:d4:cd:38:45:f5:08:2d:79:a5:0f:6a:f2:6f:
f3:ff:58:cd:6a:9e:7d:e3:4b:c7:fe:a0:fb:b8:58:21:45:b4:
5c:fd:e8:c5:ac:5a:dd:6b:f7:dc:e9:c7:ed:28:ab:a2:56:c9:
1e:af:8f:c8:21:1d:c3:52:a8:e0:d3:30:7f:ee:16:c5:5e:21:
30:d7:00:5c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzJvOzLf9MaWLEyU64bc1OoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNzBhMTY5YjZjZDQxMTAyMjI3OWU5ZmY5OTdmMTM0ZmY1
NGFiMWMwHhcNMjQwMTAyMTAzNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTgxMzNjOGZjYjJmOTNkMWNkNjNmMjgyOWZmYjBhNzYzMzAxNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCYY16H3dSF9l3MaYqyGvIrekMrZ
nSOJ4n3iACwPDm68QU6fLbQIMDXXrDtel96k8+WlqvQ8TcbNmEn3t9AZS/++UFer
X9GyxJXH2XeYa7P3ciRGwExkkwQibMr44kPP/NhKqm5kmDm1R3ee2ARcWrvf4NFc
j75CI/AOHP2aap5Py6IRkZnkB0Tg84rDGBJj3qJMFDLoHKVwppLrGkbRH9krnCx5
o96h59/zhei2V7/BkAcuN4snGMDEpLI0uOI2TYmlrshoBqKbhBsw+ZhFtNNczKiT
hWoKn7jE2q1JJKtlYuww8gYRlbFuDsAqa0650aWqOblCiSfOFuRAN/hrJwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGWBM8j8svk9HNY/KCn/sKdjMBdIMB8GA1UdIwQY
MBaAFAFwoWm2zUEQIieen/mX8TT/VKscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEt
N2Q0YmIyMzgwNDg3LzEvWllFenlQeXktVDBjMWo4b0tmLXdwMk13RjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xZTc3N2YtOTg2Yi00ZTM0LThkODEtN2Q0YmIyMzgwNDg3
LzEvQVhDaGFiYk5RUkFpSjU2Zi1aZnhOUDlVcXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW35AAwQD
W35QMAwDBANbfpgDBARbfqAwDQYJKoZIhvcNAQELBQADggEBACoi1Y1VfsCLEmM6
6h529SUDzbK404NygleKSsTnm0nL4tfYfJSbIOgPQwK/Wm4G9Lop8oPv9JKgekzj
IqIJkVuLuyMeLUZtCi6pR0aAunpwZsbyafcUMo2OEQqc8nCweDgj76tE6fnmjo5I
FryOWmQ8Iy7Momh5qT3JSB84qji0TqSKV3PY4AKvlerCgbN7i4NgADChBiqDI+zi
S1BPoY6WLcaim1W11dgHD4g7a7vYPx7IA1zsna001M04RfUILXmlD2ryb/P/WM1q
nn3jS8f+oPu4WCFFtFz96MWsWt1r99zpx+0oq6JWyR6vj8ghHcNSqODTMH/uFsVe
ITDXAFw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:56 2024 by rpki-client on console-fra.rpki-client.org