Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/rzLhMhqIVMi1H0fNLVQSh-ho6jY.roa
File: rzLhMhqIVMi1H0fNLVQSh-ho6jY.roa (raw, json)
Hash identifier: AZUtASmzk8+HuBxNjvu0Sk4MmxpUnQbWcNweaEO+bpo=
Subject key identifier: AF:32:E1:32:1A:88:54:C8:B5:1F:47:CD:2D:54:12:87:E8:68:EA:36
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018CD01DE1317A016FC0E87B3083087C1380
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/rzLhMhqIVMi1H0fNLVQSh-ho6jY.roa
Signing time: Wed 03 Jan 2024 16:17:48 +0000
ROA not before: Wed 03 Jan 2024 16:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199614
IP address blocks: 87.254.2.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
87.254.12.0/23 maxlen: 24
87.254.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Dec 2024 14:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:1d:e1:31:7a:01:6f:c0:e8:7b:30:83:08:7c:13:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 3 16:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af32e1321a8854c8b51f47cd2d541287e868ea36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:50:ed:58:4f:1a:3d:d4:10:40:83:39:e3:0b:
f8:a2:a2:35:81:d6:6f:e3:31:0a:e9:47:0f:f0:35:
92:a0:a1:c6:c0:87:c7:a1:f9:90:22:4c:d2:71:ab:
81:94:9c:08:b8:68:59:05:ec:63:a5:33:79:8f:21:
6c:ed:ac:d9:9b:bd:ed:0f:94:6b:e4:05:85:f4:dc:
f2:ea:46:89:a6:69:6c:6a:73:10:8b:33:7b:6a:fa:
91:94:ff:60:80:8b:75:37:ca:6e:a8:f5:46:4a:44:
d3:3b:ea:ec:da:a1:a5:b2:f6:ea:d2:ab:0d:11:db:
af:69:61:d1:b6:e5:a8:fb:40:1d:b3:91:af:17:be:
2a:f0:4e:8c:a9:c4:fa:a4:9f:5f:48:78:eb:3c:59:
f5:27:a5:39:22:47:85:d8:ef:e5:e5:f2:cc:69:29:
d1:50:62:26:2c:8d:8b:91:1c:bb:92:4f:ea:fc:53:
43:65:ce:20:bc:0c:b5:e2:11:bd:f2:72:33:8d:b9:
92:aa:9e:3e:eb:23:23:3b:9f:8f:60:6b:ab:fe:2c:
7c:e3:4d:6f:41:2e:65:45:d1:10:67:ee:42:a1:b9:
d7:00:87:1e:e2:a8:2a:79:be:6c:44:53:2d:7f:0c:
a1:1f:cc:81:2b:9a:54:fa:91:a5:f9:c9:4c:90:6c:
2b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:32:E1:32:1A:88:54:C8:B5:1F:47:CD:2D:54:12:87:E8:68:EA:36
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/rzLhMhqIVMi1H0fNLVQSh-ho6jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.2.0/24
87.254.10.0/24
87.254.12.0/23
87.254.22.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:64:26:80:a8:88:56:be:40:7a:e1:69:eb:02:5f:a8:60:ee:
e9:6f:92:e1:a0:23:96:8e:d3:b1:30:6e:ad:82:c0:26:22:2b:
8b:ef:0e:00:e8:ce:90:f9:1b:6f:37:2c:a9:9d:b3:94:33:d5:
86:db:eb:b3:e2:a6:44:1d:70:4c:81:6e:b0:dd:c3:d5:ad:ee:
a7:83:5e:be:d2:a4:0e:d5:5d:f1:8a:95:30:0e:98:c1:a5:27:
3a:cb:bd:40:40:c9:5b:75:1c:d9:96:e5:eb:ba:80:9e:48:d2:
8d:4a:5f:bd:cf:08:ba:d8:c7:76:b9:02:4d:9a:a9:d0:82:87:
cf:ba:76:c5:a2:20:f4:dc:84:f3:2b:20:b7:e4:68:5b:97:23:
19:b4:db:1e:3a:a3:66:1a:24:30:9b:f4:d5:b2:f7:ae:ea:93:
f1:13:f6:f8:e0:20:ef:f1:b8:f9:18:c8:f8:19:e4:37:70:4e:
fb:13:b3:4e:f8:9d:2d:4b:19:44:92:e2:4d:b9:6a:20:8a:6c:
10:74:ca:21:04:a9:8a:ba:ed:0a:fc:d0:02:9a:b3:ae:f2:cb:
84:41:c7:64:3a:8c:f3:79:3d:49:30:18:01:3e:e7:d4:99:81:
8d:7b:d8:6b:07:c9:f5:b0:10:8a:c6:a2:07:4a:25:61:d3:b6:
e1:54:78:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzQHeExegFvwOh7MIMIfBOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjQwMTAzMTYxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjMyZTEzMjFhODg1NGM4YjUxZjQ3Y2QyZDU0MTI4N2U4NjhlYTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1DtWE8aPdQQQIM54wv4oqI1gdZv
4zEK6UcP8DWSoKHGwIfHofmQIkzScauBlJwIuGhZBexjpTN5jyFs7azZm73tD5Rr
5AWF9Nzy6kaJpmlsanMQizN7avqRlP9ggIt1N8puqPVGSkTTO+rs2qGlsvbq0qsN
EduvaWHRtuWo+0Ads5GvF74q8E6MqcT6pJ9fSHjrPFn1J6U5IkeF2O/l5fLMaSnR
UGImLI2LkRy7kk/q/FNDZc4gvAy14hG98nIzjbmSqp4+6yMjO5+PYGur/ix8401v
QS5lRdEQZ+5CobnXAIce4qgqeb5sRFMtfwyhH8yBK5pU+pGl+clMkGwr7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK8y4TIaiFTItR9HzS1UEofoaOo2MB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvcnpMaE1ocUlWTWkxSDBmTkxWUVNoLWhvNmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/4CAwQA
V/4KAwQBV/4MAwQAV/4WMA0GCSqGSIb3DQEBCwUAA4IBAQALZCaAqIhWvkB64Wnr
Al+oYO7pb5LhoCOWjtOxMG6tgsAmIiuL7w4A6M6Q+RtvNyypnbOUM9WG2+uz4qZE
HXBMgW6w3cPVre6ng16+0qQO1V3xipUwDpjBpSc6y71AQMlbdRzZluXruoCeSNKN
Sl+9zwi62Md2uQJNmqnQgofPunbFoiD03ITzKyC35GhblyMZtNseOqNmGiQwm/TV
sveu6pPxE/b44CDv8bj5GMj4GeQ3cE77E7NO+J0tSxlEkuJNuWogimwQdMohBKmK
uu0K/NACmrOu8suEQcdkOozzeT1JMBgBPufUmYGNe9hrB8n1sBCKxqIHSiVh07bh
VHhC
-----END CERTIFICATE-----
Generated at Thu Dec 12 20:25:45 2024 by rpki-client on console-fra.rpki-client.org