Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/IWZopWJZAvEzrNRoLzepcyt15nM.roa
File: IWZopWJZAvEzrNRoLzepcyt15nM.roa (raw, json)
Hash identifier: zOPVO5jzH6DbGScVheIVXghs2bfXXb0nDGj2eWQjUSQ=
Subject key identifier: 21:66:68:A5:62:59:02:F1:33:AC:D4:68:2F:37:A9:73:2B:75:E6:73
Certificate issuer: /CN=c4402c55758faee473938f8067a889ad5e271261
Certificate serial: 018CC424AAEF0F5EE87C3DA7A3691951646D
Authority key identifier: C4:40:2C:55:75:8F:AE:E4:73:93:8F:80:67:A8:89:AD:5E:27:12:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xEAsVXWPruRzk4-AZ6iJrV4nEmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/IWZopWJZAvEzrNRoLzepcyt15nM.roa
Signing time: Mon 01 Jan 2024 08:29:46 +0000
ROA not before: Mon 01 Jan 2024 08:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207995
IP address blocks: 194.24.162.0/23 maxlen: 24
194.24.176.0/23 maxlen: 24
212.221.128.0/17 maxlen: 24
2a10:340::/30 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/xEAsVXWPruRzk4-AZ6iJrV4nEmE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/xEAsVXWPruRzk4-AZ6iJrV4nEmE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xEAsVXWPruRzk4-AZ6iJrV4nEmE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:aa:ef:0f:5e:e8:7c:3d:a7:a3:69:19:51:64:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4402c55758faee473938f8067a889ad5e271261
Validity
Not Before: Jan 1 08:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=216668a5625902f133acd4682f37a9732b75e673
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:96:13:d7:09:e3:b2:42:4b:fc:d7:7e:a1:ae:
4e:76:c8:8f:98:92:fa:d8:38:ec:2b:cf:0e:c1:d7:
34:6c:29:68:55:67:5e:dd:48:5c:f1:98:3f:f7:b3:
5a:5c:d7:7a:32:01:2a:17:20:cb:66:39:89:7b:46:
8e:1d:07:65:38:f8:fd:b1:64:8b:2e:48:26:f0:69:
39:7d:9c:2b:f9:7f:58:40:1f:e4:49:0c:ab:c5:54:
b4:d1:4d:a0:57:c8:86:a9:e2:45:ea:dd:ca:08:84:
1e:09:6b:94:b3:24:90:2d:2d:16:35:85:b7:73:1e:
22:07:fa:60:cb:a0:14:c3:c0:89:87:46:13:a4:92:
3c:a2:61:05:5a:42:21:89:20:20:60:d0:4e:5a:d5:
8b:31:bc:14:ce:c3:86:8b:ac:cd:bf:3a:c6:3d:d2:
ff:e7:aa:72:82:6a:f5:11:ee:f0:bd:1a:bc:ce:fc:
1c:33:d1:9f:84:ee:78:d5:b8:2c:51:24:c6:ea:6a:
45:e8:ea:e3:19:d7:ee:91:43:d7:43:e0:51:db:8b:
22:55:b4:76:5e:0c:fd:81:30:bf:d9:f4:25:ca:f9:
af:de:e4:01:94:cd:2b:25:f5:b2:0a:f2:d3:5f:6c:
c5:74:7b:f0:6f:2b:93:98:5c:0d:2a:f9:9b:1a:fa:
56:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:66:68:A5:62:59:02:F1:33:AC:D4:68:2F:37:A9:73:2B:75:E6:73
X509v3 Authority Key Identifier:
keyid:C4:40:2C:55:75:8F:AE:E4:73:93:8F:80:67:A8:89:AD:5E:27:12:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEAsVXWPruRzk4-AZ6iJrV4nEmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/IWZopWJZAvEzrNRoLzepcyt15nM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/964c3c-b570-4113-b4aa-cfdf0311ad8c/1/xEAsVXWPruRzk4-AZ6iJrV4nEmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.162.0/23
194.24.176.0/23
212.221.128.0/17
IPv6:
2a10:340::/30
Signature Algorithm: sha256WithRSAEncryption
6f:19:c8:42:0d:50:60:a0:74:b6:d8:01:04:07:cd:56:f4:36:
80:9a:30:f2:0c:0e:78:fc:84:7b:ef:ea:24:d3:77:3b:df:64:
9b:0e:b0:36:cb:a2:27:c4:5b:45:78:8e:34:54:21:a3:3e:28:
ae:f5:6a:ca:c9:53:af:85:26:54:80:d4:fd:50:3e:58:1c:af:
35:3a:7a:30:89:1e:41:a8:08:13:50:53:f0:9e:87:c5:52:11:
10:5b:86:90:b9:ff:54:cd:94:65:d9:46:00:7d:1a:16:e6:eb:
34:f2:dd:3c:d7:fb:17:08:f7:c9:a6:00:0e:e6:b4:72:1b:89:
42:d8:b5:d2:9e:ba:a3:7c:8c:f7:3f:2a:e6:78:87:dd:ff:3c:
3a:15:3e:e4:bc:bf:9f:5c:3a:17:80:4c:bb:ed:5c:a0:bb:1f:
52:42:d4:df:33:95:aa:6f:28:cc:26:d9:01:ff:98:4c:44:02:
31:f8:54:c0:6b:76:e9:93:66:3c:65:a0:3f:d2:7f:e7:e9:63:
14:6c:de:3f:f5:e4:e9:0d:d6:e3:19:c9:8b:27:fd:46:f7:97:
82:01:71:52:92:df:58:ea:64:65:8c:14:be:98:37:6c:6e:bd:
d4:0e:7b:b5:71:55:90:39:9e:18:a3:39:86:1e:c5:dc:4d:3d:
0a:98:30:53
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEJKrvD17ofD2no2kZUWRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NDAyYzU1NzU4ZmFlZTQ3MzkzOGY4MDY3YTg4OWFkNWUy
NzEyNjEwHhcNMjQwMTAxMDgyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTY2NjhhNTYyNTkwMmYxMzNhY2Q0NjgyZjM3YTk3MzJiNzVlNjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZYT1wnjskJL/Nd+oa5OdsiPmJL6
2DjsK88Owdc0bCloVWde3Uhc8Zg/97NaXNd6MgEqFyDLZjmJe0aOHQdlOPj9sWSL
Lkgm8Gk5fZwr+X9YQB/kSQyrxVS00U2gV8iGqeJF6t3KCIQeCWuUsySQLS0WNYW3
cx4iB/pgy6AUw8CJh0YTpJI8omEFWkIhiSAgYNBOWtWLMbwUzsOGi6zNvzrGPdL/
56pygmr1Ee7wvRq8zvwcM9GfhO541bgsUSTG6mpF6OrjGdfukUPXQ+BR24siVbR2
Xgz9gTC/2fQlyvmv3uQBlM0rJfWyCvLTX2zFdHvwbyuTmFwNKvmbGvpWlQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCFmaKViWQLxM6zUaC83qXMrdeZzMB8GA1UdIwQY
MBaAFMRALFV1j67kc5OPgGeoia1eJxJhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEVBc1ZYV1BydVJ6azQtQVo2aUpyVjRuRW1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NjRjM2MtYjU3MC00MTEzLWI0YWEt
Y2ZkZjAzMTFhZDhjLzEvSVdab3BXSlpBdkV6ck5Sb0x6ZXBjeXQxNW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NjRjM2MtYjU3MC00MTEzLWI0YWEtY2ZkZjAzMTFhZDhj
LzEveEVBc1ZYV1BydVJ6azQtQVo2aUpyVjRuRW1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwhiiAwQB
whiwAwQH1N2AMA0EAgACMAcDBQIqEANAMA0GCSqGSIb3DQEBCwUAA4IBAQBvGchC
DVBgoHS22AEEB81W9DaAmjDyDA54/IR77+ok03c732SbDrA2y6InxFtFeI40VCGj
Piiu9WrKyVOvhSZUgNT9UD5YHK81OnowiR5BqAgTUFPwnofFUhEQW4aQuf9UzZRl
2UYAfRoW5us08t081/sXCPfJpgAO5rRyG4lC2LXSnrqjfIz3PyrmeIfd/zw6FT7k
vL+fXDoXgEy77Vygux9SQtTfM5WqbyjMJtkB/5hMRAIx+FTAa3bpk2Y8ZaA/0n/n
6WMUbN4/9eTpDdbjGcmLJ/1G95eCAXFSkt9Y6mRljBS+mDdsbr3UDnu1cVWQOZ4Y
ozmGHsXcTT0KmDBT
-----END CERTIFICATE-----
Generated at Sun Jun 2 11:13:13 2024 by rpki-client on console-fra.rpki-client.org