Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/ZwkyChbsSJk1g6Ao-Hw5oMvDT8E.roa
File: ZwkyChbsSJk1g6Ao-Hw5oMvDT8E.roa (raw, json)
Hash identifier: 86lwT6T3LJpC1lcuBkxP5xpAKi98U70K0aUiQUMk0FA=
Subject key identifier: 67:09:32:0A:16:EC:48:99:35:83:A0:28:F8:7C:39:A0:CB:C3:4F:C1
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 018CC348E0AB66C2036E37DB52F1FC4D83F1
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/ZwkyChbsSJk1g6Ao-Hw5oMvDT8E.roa
Signing time: Mon 01 Jan 2024 04:29:42 +0000
ROA not before: Mon 01 Jan 2024 04:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 92.51.40.0/22 maxlen: 24
92.51.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e0:ab:66:c2:03:6e:37:db:52:f1:fc:4d:83:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jan 1 04:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6709320a16ec48993583a028f87c39a0cbc34fc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:29:41:37:9d:78:49:e5:54:88:54:fc:37:5b:
11:eb:43:96:6f:1a:1a:4d:6f:bb:67:19:29:cc:87:
89:1a:de:c5:9e:57:b5:a4:2a:cd:39:88:5d:01:3d:
14:4e:ae:f3:74:1e:55:13:f2:2a:56:3d:bc:1b:9e:
e9:1e:ab:6f:99:f2:ea:5e:c4:49:e6:01:7e:9c:71:
76:48:b4:fd:d8:ec:1b:bd:ab:91:a9:46:c9:82:f0:
13:d5:80:33:2f:4c:3b:f9:ae:56:8a:44:69:62:07:
67:c3:9c:a5:e8:de:b8:a0:b4:d2:7e:4d:a5:fb:30:
a3:d7:a0:d2:71:44:2c:33:1a:7e:cd:27:d4:e3:6e:
ae:de:63:96:2b:25:64:c1:4c:89:db:a6:64:e8:9a:
aa:47:2c:f0:f3:19:3d:07:6a:2d:00:e6:0a:3a:0b:
33:b0:4e:6c:fe:2c:80:de:53:e2:6d:62:f0:94:21:
5d:2d:4e:39:e7:f5:c7:fe:a3:61:92:a4:3f:41:df:
19:7c:8f:6a:e6:be:65:26:0b:fc:36:4e:ff:2c:3d:
46:65:4b:aa:5b:97:9d:6c:ba:4c:8c:d5:b3:b8:65:
ef:00:ef:89:ca:ce:57:be:c5:46:e3:1b:93:a6:88:
bb:f4:6c:de:65:be:fc:4e:02:7b:f4:34:46:62:a8:
29:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:09:32:0A:16:EC:48:99:35:83:A0:28:F8:7C:39:A0:CB:C3:4F:C1
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/ZwkyChbsSJk1g6Ao-Hw5oMvDT8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.32.0/22
92.51.40.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:9f:ca:e6:b4:48:b0:9d:64:31:e6:29:8a:92:2e:53:5f:bc:
7b:e0:8f:d7:59:2c:ae:d1:4b:8c:33:ab:39:82:b6:85:30:5a:
54:c4:cb:02:4a:66:b2:f3:57:ef:f4:a0:96:a6:53:ce:44:9d:
af:ff:07:13:60:7e:6c:e0:6b:fd:66:c6:9e:ec:54:3f:10:73:
11:19:18:a0:4d:31:03:a1:d2:e3:93:f0:26:57:37:10:82:44:
e8:2f:30:fc:33:90:d6:85:ab:68:3f:ff:21:3e:28:33:28:22:
b8:ad:5f:43:3b:38:ba:2b:30:8d:e8:82:a0:b7:8f:b8:bc:e3:
80:0f:26:55:65:28:b5:3f:b0:ba:e9:42:1e:ce:36:b1:05:aa:
a1:b5:69:af:8f:33:45:8f:9c:eb:a7:9d:c5:be:97:68:f5:d3:
2d:95:35:7e:a8:f4:fa:82:12:43:52:d5:aa:03:25:1d:36:aa:
9a:e5:31:7f:fc:4b:76:10:44:fd:91:36:9a:4a:b5:68:c5:27:
bc:51:0a:b8:a0:e3:9c:97:26:e3:df:b8:8f:4a:ad:ee:83:da:
52:f2:1a:82:6e:ad:2a:0f:6d:80:fa:7b:8a:3d:0a:b2:96:76:
77:74:e1:8a:f3:b1:af:24:f3:ba:f2:76:d9:87:ce:69:33:3d:
d9:32:f0:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSOCrZsIDbjfbUvH8TYPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjQwMTAxMDQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA5MzIwYTE2ZWM0ODk5MzU4M2EwMjhmODdjMzlhMGNiYzM0ZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjClBN514SeVUiFT8N1sR60OWbxoa
TW+7ZxkpzIeJGt7Fnle1pCrNOYhdAT0UTq7zdB5VE/IqVj28G57pHqtvmfLqXsRJ
5gF+nHF2SLT92OwbvauRqUbJgvAT1YAzL0w7+a5WikRpYgdnw5yl6N64oLTSfk2l
+zCj16DScUQsMxp+zSfU426u3mOWKyVkwUyJ26Zk6JqqRyzw8xk9B2otAOYKOgsz
sE5s/iyA3lPibWLwlCFdLU455/XH/qNhkqQ/Qd8ZfI9q5r5lJgv8Nk7/LD1GZUuq
W5edbLpMjNWzuGXvAO+Jys5XvsVG4xuTpoi79GzeZb78TgJ79DRGYqgpeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGcJMgoW7EiZNYOgKPh8OaDLw0/BMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvWndreUNoYnNTSmsxZzZBby1IdzVvTXZEVDhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXDMgAwQC
XDMoMA0GCSqGSIb3DQEBCwUAA4IBAQAqn8rmtEiwnWQx5imKki5TX7x74I/XWSyu
0UuMM6s5graFMFpUxMsCSmay81fv9KCWplPORJ2v/wcTYH5s4Gv9Zsae7FQ/EHMR
GRigTTEDodLjk/AmVzcQgkToLzD8M5DWhatoP/8hPigzKCK4rV9DOzi6KzCN6IKg
t4+4vOOADyZVZSi1P7C66UIezjaxBaqhtWmvjzNFj5zrp53Fvpdo9dMtlTV+qPT6
ghJDUtWqAyUdNqqa5TF//Et2EET9kTaaSrVoxSe8UQq4oOOclybj37iPSq3ug9pS
8hqCbq0qD22A+nuKPQqylnZ3dOGK87GvJPO68nbZh85pMz3ZMvBR
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:43:43 2024 by rpki-client on console-fra.rpki-client.org