Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/zk2XEPlE2kCvAT3nlw_0e6_uVI0.roa
File: zk2XEPlE2kCvAT3nlw_0e6_uVI0.roa (raw, json)
Hash identifier: Uv+z0PwQexJ64IhUw8YtdOMUSDtkQoKqM3r/kA2uplU=
Subject key identifier: CE:4D:97:10:F9:44:DA:40:AF:01:3D:E7:97:0F:F4:7B:AF:EE:54:8D
Certificate issuer: /CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Certificate serial: 018CC801EEF593FA738B6CA6B02308A61355
Authority key identifier: 31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/zk2XEPlE2kCvAT3nlw_0e6_uVI0.roa
Signing time: Tue 02 Jan 2024 02:30:19 +0000
ROA not before: Tue 02 Jan 2024 02:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41898
IP address blocks: 91.135.16.0/20 maxlen: 20
95.130.32.0/21 maxlen: 21
158.255.56.0/21 maxlen: 21
158.255.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/MYKMmdNcuS4tU9rxKOSX6EG2OrA.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/MYKMmdNcuS4tU9rxKOSX6EG2OrA.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:ee:f5:93:fa:73:8b:6c:a6:b0:23:08:a6:13:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Validity
Not Before: Jan 2 02:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce4d9710f944da40af013de7970ff47bafee548d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:69:99:74:1f:00:a4:f0:a8:6d:28:78:55:7f:
7b:fc:56:ed:5f:66:f5:74:21:7c:26:ea:91:18:f5:
ea:43:28:db:9b:98:cc:be:fb:3c:74:87:bb:06:b5:
dd:52:85:a6:db:10:5e:b8:74:f1:3d:99:04:13:e7:
82:8c:71:7a:84:ba:a7:86:21:75:fa:bc:49:1f:e1:
92:45:ae:d9:a8:77:7b:fb:6d:a0:51:51:7e:4b:cd:
d0:03:f7:89:89:80:0c:3d:31:b0:2f:07:3a:25:b2:
90:cf:94:78:ee:70:2c:9f:1c:d9:01:ab:2f:88:0f:
6a:7b:ef:b4:a2:da:38:f3:62:3b:71:4d:8b:b5:3c:
a2:44:94:2c:02:b6:3a:83:70:83:12:1e:ea:ed:f4:
e4:1d:45:a5:83:d2:8b:7e:e8:e7:d1:f8:56:0c:20:
1f:07:e3:7e:80:51:c8:b7:e0:eb:f9:46:3b:92:6e:
17:f3:c3:a0:ea:88:c5:5d:6a:da:17:98:30:25:67:
02:f4:72:94:75:d2:f3:45:9b:df:0b:20:10:38:ef:
7b:da:54:46:d7:d3:d5:23:e3:f6:c7:39:cd:ad:a7:
83:c7:e1:99:4c:38:5e:04:8d:d7:55:cb:67:a0:8d:
f7:a3:05:83:c4:36:0f:a6:99:42:f9:37:a5:c9:b3:
5f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4D:97:10:F9:44:DA:40:AF:01:3D:E7:97:0F:F4:7B:AF:EE:54:8D
X509v3 Authority Key Identifier:
keyid:31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/zk2XEPlE2kCvAT3nlw_0e6_uVI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/MYKMmdNcuS4tU9rxKOSX6EG2OrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.135.16.0/20
95.130.32.0/21
158.255.56.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:95:74:d5:98:4c:2a:98:bc:18:35:35:d5:c4:c1:e6:15:bd:
72:d9:b0:4f:ad:b4:33:1e:e6:fa:a1:8d:c1:8e:e4:10:7b:56:
1c:68:be:96:85:4f:a1:6c:4b:03:4c:05:09:b3:6e:46:b4:30:
53:33:aa:b1:64:1c:ba:08:b0:36:05:10:fd:f5:86:08:90:04:
5d:7f:0b:e6:1a:b4:83:86:cd:fc:92:ec:3c:ec:5e:15:a5:58:
0c:ca:c0:35:38:0c:ba:08:ec:7f:9c:0f:5b:14:19:fb:cb:44:
a2:07:24:c2:73:bf:b6:94:8d:b6:b4:ee:91:a7:bd:80:62:7e:
39:cf:ae:7d:d7:45:f9:25:51:11:bf:0d:37:8e:e4:7d:7a:c1:
80:bc:3e:38:59:94:40:cf:8d:70:f2:9e:3f:06:58:cb:d3:58:
8d:71:18:64:b3:b8:0b:73:ed:c2:0c:20:f1:30:6e:5f:e0:06:
33:ac:f8:55:d2:73:19:59:7a:5b:b2:4d:f4:5f:d0:41:19:90:
d5:e0:62:75:15:a5:59:1e:4f:2e:50:7c:4a:42:8d:21:2a:30:
17:83:ff:4c:7c:90:ba:bd:cb:2c:d5:3c:b7:6e:13:d1:ad:16:
95:6a:a5:56:36:20:0c:fd:07:10:d3:3a:bb:ff:e7:35:d8:b3:
f4:bf:52:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAe71k/pzi2ymsCMIphNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODI4Yzk5ZDM1Y2I5MmUyZDUzZGFmMTI4ZTQ5N2U4NDFi
NjNhYjAwHhcNMjQwMTAyMDIzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTRkOTcxMGY5NDRkYTQwYWYwMTNkZTc5NzBmZjQ3YmFmZWU1NDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWmZdB8ApPCobSh4VX97/FbtX2b1
dCF8JuqRGPXqQyjbm5jMvvs8dIe7BrXdUoWm2xBeuHTxPZkEE+eCjHF6hLqnhiF1
+rxJH+GSRa7ZqHd7+22gUVF+S83QA/eJiYAMPTGwLwc6JbKQz5R47nAsnxzZAasv
iA9qe++0oto482I7cU2LtTyiRJQsArY6g3CDEh7q7fTkHUWlg9KLfujn0fhWDCAf
B+N+gFHIt+Dr+UY7km4X88Og6ojFXWraF5gwJWcC9HKUddLzRZvfCyAQOO972lRG
19PVI+P2xznNraeDx+GZTDheBI3XVctnoI33owWDxDYPpplC+TelybNfpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM5NlxD5RNpArwE955cP9Huv7lSNMB8GA1UdIwQY
MBaAFDGCjJnTXLkuLVPa8Sjkl+hBtjqwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlLTW1kTmN1UzR0VTlyeEtPU1g2RUcyT3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Y2JhMWEtNWY0ZC00MzA4LWJmNDYt
ZWIzN2E4NWE4MmM1LzEvemsyWEVQbEUya0N2QVQzbmx3XzBlNl91VkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Y2JhMWEtNWY0ZC00MzA4LWJmNDYtZWIzN2E4NWE4MmM1
LzEvTVlLTW1kTmN1UzR0VTlyeEtPU1g2RUcyT3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEW4cQAwQD
X4IgAwQDnv84MA0GCSqGSIb3DQEBCwUAA4IBAQCclXTVmEwqmLwYNTXVxMHmFb1y
2bBPrbQzHub6oY3BjuQQe1YcaL6WhU+hbEsDTAUJs25GtDBTM6qxZBy6CLA2BRD9
9YYIkARdfwvmGrSDhs38kuw87F4VpVgMysA1OAy6COx/nA9bFBn7y0SiByTCc7+2
lI22tO6Rp72AYn45z65910X5JVERvw03juR9esGAvD44WZRAz41w8p4/BljL01iN
cRhks7gLc+3CDCDxMG5f4AYzrPhV0nMZWXpbsk30X9BBGZDV4GJ1FaVZHk8uUHxK
Qo0hKjAXg/9MfJC6vcss1Ty3bhPRrRaVaqVWNiAM/QcQ0zq7/+c12LP0v1IR
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:20:33 2024 by rpki-client on console-ams.rpki-client.org