Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/888208-c77f-45d4-baee-717a4e00f859/1/Zgja7FrKgu0kcg8xx1mDcSFePI8.roa
File: Zgja7FrKgu0kcg8xx1mDcSFePI8.roa (raw, json)
Hash identifier: Iyya5REQVgs2HbJBf2ezyby/rsaLnBalqBOLiOu9Je8=
Subject key identifier: 66:08:DA:EC:5A:CA:82:ED:24:72:0F:31:C7:59:83:71:21:5E:3C:8F
Certificate issuer: /CN=2b5dcecf19dba752092bbc3d279ac1cc4f1e3637
Certificate serial: 018CC94E5E3056D59683ECCAEECACD87A500
Authority key identifier: 2B:5D:CE:CF:19:DB:A7:52:09:2B:BC:3D:27:9A:C1:CC:4F:1E:36:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K13Ozxnbp1IJK7w9J5rBzE8eNjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/888208-c77f-45d4-baee-717a4e00f859/1/Zgja7FrKgu0kcg8xx1mDcSFePI8.roa
Signing time: Tue 02 Jan 2024 08:33:25 +0000
ROA not before: Tue 02 Jan 2024 08:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50407
IP address blocks: 193.105.17.0/24 maxlen: 24
195.191.68.0/23 maxlen: 23
2001:67c:2e18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/888208-c77f-45d4-baee-717a4e00f859/1/K13Ozxnbp1IJK7w9J5rBzE8eNjc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/888208-c77f-45d4-baee-717a4e00f859/1/K13Ozxnbp1IJK7w9J5rBzE8eNjc.mft
rsync://rpki.ripe.net/repository/DEFAULT/K13Ozxnbp1IJK7w9J5rBzE8eNjc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:5e:30:56:d5:96:83:ec:ca:ee:ca:cd:87:a5:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b5dcecf19dba752092bbc3d279ac1cc4f1e3637
Validity
Not Before: Jan 2 08:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6608daec5aca82ed24720f31c7598371215e3c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:01:ea:bc:26:ef:ef:9b:f0:b8:ef:5c:8a:6d:
fd:a4:ea:e4:ae:d4:0f:c2:b9:53:d5:3e:75:d7:3d:
44:85:87:89:fa:14:64:e7:bd:25:aa:fc:73:5d:79:
b7:f0:7e:fc:43:76:ce:be:ff:4d:1a:36:43:9a:23:
64:0d:0b:78:0c:85:c1:6d:a9:42:1a:33:12:dc:2f:
75:a8:34:94:96:7f:08:1f:de:dc:8e:84:c2:d1:ee:
f9:41:0b:22:fa:4d:f0:77:4c:fd:f6:a0:e9:28:09:
08:1c:dc:14:ba:c9:72:2b:f5:c8:5e:45:6c:0d:fd:
e6:1e:4f:8b:39:47:9a:74:c5:0d:cd:35:db:b2:ba:
28:5b:39:d9:b1:80:bf:ab:b5:3b:84:3c:e4:ea:f5:
b1:ac:17:57:c5:78:dc:2f:91:ac:fb:60:80:fb:fd:
5f:c4:6a:b6:00:55:7b:14:3b:21:2e:a4:1a:69:b5:
b0:84:d3:8a:c6:dd:ca:99:fc:e6:11:0c:ed:a7:d4:
97:8d:5d:4b:e7:97:cf:19:96:ad:85:df:1f:50:f8:
45:f9:4d:15:09:fe:64:e3:24:19:4f:53:55:23:d3:
4d:d9:8f:0f:4f:bd:15:45:b7:5e:52:2e:09:30:dd:
e8:14:92:70:ad:cb:f6:3c:0c:f6:cd:90:a8:aa:27:
00:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:08:DA:EC:5A:CA:82:ED:24:72:0F:31:C7:59:83:71:21:5E:3C:8F
X509v3 Authority Key Identifier:
keyid:2B:5D:CE:CF:19:DB:A7:52:09:2B:BC:3D:27:9A:C1:CC:4F:1E:36:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K13Ozxnbp1IJK7w9J5rBzE8eNjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/888208-c77f-45d4-baee-717a4e00f859/1/Zgja7FrKgu0kcg8xx1mDcSFePI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/888208-c77f-45d4-baee-717a4e00f859/1/K13Ozxnbp1IJK7w9J5rBzE8eNjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.17.0/24
195.191.68.0/23
IPv6:
2001:67c:2e18::/48
Signature Algorithm: sha256WithRSAEncryption
7b:b4:c4:70:6a:1f:03:7c:09:09:57:44:c8:8c:fb:43:fb:bb:
30:0c:a0:20:54:ba:ea:6b:06:4c:a1:a6:f2:ee:1a:bc:1f:d7:
5d:be:fe:ca:21:59:bc:09:09:b1:f4:16:24:06:67:4a:07:fc:
e4:b4:8a:6f:b0:de:fb:15:7c:82:ca:5d:70:5e:89:b0:28:db:
95:e0:e3:0c:cd:fe:e3:ea:a7:9b:67:0b:9c:9d:84:1f:1f:18:
dc:cd:50:26:21:b8:46:62:e7:a6:e3:ed:fe:6d:43:a4:82:ca:
b5:bc:4d:f5:f7:87:06:a1:25:d4:2c:94:ea:eb:2b:6c:27:44:
cc:46:68:99:ff:6c:33:8a:dd:50:31:85:ae:00:d3:ae:f6:fc:
b1:31:b4:c9:6d:2e:81:cb:dc:d4:05:e2:bf:0b:4f:7b:4f:47:
97:de:53:c9:26:70:01:fb:77:ac:d2:fe:78:7b:57:2a:d8:97:
69:2b:fe:af:c7:cd:ca:49:c7:23:91:9c:0d:69:be:e7:ce:54:
c9:60:e0:86:9e:73:45:53:1f:b1:71:e0:d6:34:0e:7c:c2:19:
70:f0:1e:e5:97:86:eb:fa:69:25:07:fa:39:56:85:8a:73:25:
10:eb:b2:be:73:a5:a0:f2:e3:b7:f0:4b:c2:81:31:e1:3c:3d:
18:a5:30:0c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJTl4wVtWWg+zK7srNh6UAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNWRjZWNmMTlkYmE3NTIwOTJiYmMzZDI3OWFjMWNjNGYx
ZTM2MzcwHhcNMjQwMTAyMDgzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjA4ZGFlYzVhY2E4MmVkMjQ3MjBmMzFjNzU5ODM3MTIxNWUzYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAHqvCbv75vwuO9cim39pOrkrtQP
wrlT1T511z1EhYeJ+hRk570lqvxzXXm38H78Q3bOvv9NGjZDmiNkDQt4DIXBbalC
GjMS3C91qDSUln8IH97cjoTC0e75QQsi+k3wd0z99qDpKAkIHNwUuslyK/XIXkVs
Df3mHk+LOUeadMUNzTXbsrooWznZsYC/q7U7hDzk6vWxrBdXxXjcL5Gs+2CA+/1f
xGq2AFV7FDshLqQaabWwhNOKxt3KmfzmEQztp9SXjV1L55fPGZathd8fUPhF+U0V
Cf5k4yQZT1NVI9NN2Y8PT70VRbdeUi4JMN3oFJJwrcv2PAz2zZCoqicAmQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGYI2uxayoLtJHIPMcdZg3EhXjyPMB8GA1UdIwQY
MBaAFCtdzs8Z26dSCSu8PSeawcxPHjY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzEzT3p4bmJwMUlKSzd3OUo1ckJ6RThlTmpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy84ODgyMDgtYzc3Zi00NWQ0LWJhZWUt
NzE3YTRlMDBmODU5LzEvWmdqYTdGcktndTBrY2c4eHgxbURjU0ZlUEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy84ODgyMDgtYzc3Zi00NWQ0LWJhZWUtNzE3YTRlMDBmODU5
LzEvSzEzT3p4bmJwMUlKSzd3OUo1ckJ6RThlTmpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwWkRAwQB
w79EMA8EAgACMAkDBwAgAQZ8LhgwDQYJKoZIhvcNAQELBQADggEBAHu0xHBqHwN8
CQlXRMiM+0P7uzAMoCBUuuprBkyhpvLuGrwf112+/sohWbwJCbH0FiQGZ0oH/OS0
im+w3vsVfILKXXBeibAo25Xg4wzN/uPqp5tnC5ydhB8fGNzNUCYhuEZi56bj7f5t
Q6SCyrW8TfX3hwahJdQslOrrK2wnRMxGaJn/bDOK3VAxha4A0672/LExtMltLoHL
3NQF4r8LT3tPR5feU8kmcAH7d6zS/nh7VyrYl2kr/q/HzcpJxyORnA1pvufOVMlg
4Iaec0VTH7Fx4NY0DnzCGXDwHuWXhuv6aSUH+jlWhYpzJRDrsr5zpaDy47fwS8KB
MeE8PRilMAw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:26 2024 by rpki-client on console-ams.rpki-client.org