Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/zb6-bGxjc7N49amm58gSqR82CSk.roa
File: zb6-bGxjc7N49amm58gSqR82CSk.roa (raw, json)
Hash identifier: lmrju0NovwENUmWVDx82Ow/8jsGEsZyRqYmkMfaIkvw=
Subject key identifier: CD:BE:BE:6C:6C:63:73:B3:78:F5:A9:A6:E7:C8:12:A9:1F:36:09:29
Certificate issuer: /CN=c6c6653e87bb2ef9adbb061960e20500a554f035
Certificate serial: 018D1CC1FDA5814C2D4B0510FBAE07474CC4
Authority key identifier: C6:C6:65:3E:87:BB:2E:F9:AD:BB:06:19:60:E2:05:00:A5:54:F0:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsZlPoe7LvmtuwYZYOIFAKVU8DU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/zb6-bGxjc7N49amm58gSqR82CSk.roa
Signing time: Thu 18 Jan 2024 13:28:11 +0000
ROA not before: Thu 18 Jan 2024 13:28:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51529
IP address blocks: 194.0.238.0/24 maxlen: 24
194.165.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xsZlPoe7LvmtuwYZYOIFAKVU8DU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:c1:fd:a5:81:4c:2d:4b:05:10:fb:ae:07:47:4c:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6c6653e87bb2ef9adbb061960e20500a554f035
Validity
Not Before: Jan 18 13:28:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdbebe6c6c6373b378f5a9a6e7c812a91f360929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:54:c9:10:e7:d1:1a:57:d4:86:07:40:fe:ab:
90:0f:6a:30:4e:c3:66:b5:ad:48:2d:2f:96:c5:67:
ab:b0:29:6f:b2:77:31:d8:30:98:7e:cd:3d:06:01:
9d:c7:89:64:63:07:2a:99:78:3b:87:4d:2c:58:d1:
56:44:2d:dd:a5:02:2a:77:d0:20:de:59:2c:2c:76:
ba:a7:51:17:ca:5b:f1:54:ed:dc:f3:ea:f6:22:0d:
5a:f4:a4:67:3b:af:e9:f3:95:11:2e:bb:46:a0:8e:
4d:b4:9e:07:c6:7c:5c:78:60:ad:05:2f:7c:82:aa:
a8:51:29:fa:be:c2:9e:41:61:39:0d:97:8d:1a:b3:
87:50:05:72:5f:ad:49:c4:50:99:2a:b8:34:f2:c5:
e5:97:e5:24:b8:e9:b9:8c:92:90:d8:7b:20:e1:8f:
9d:3e:b1:e0:57:05:8a:1f:75:70:03:72:c1:ec:37:
c9:03:0d:28:b7:09:a3:9b:9e:b5:79:10:c0:ba:a6:
65:1f:dd:d9:e8:fe:fc:b6:75:68:6d:fc:8f:91:52:
dc:1a:65:1c:9b:bb:6a:20:c0:25:28:9d:4a:06:d0:
a6:6e:03:64:67:87:1b:45:dc:7f:e3:6d:74:08:ec:
a5:24:90:f0:c1:0c:6e:b2:b0:64:69:65:ad:c4:2b:
48:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BE:BE:6C:6C:63:73:B3:78:F5:A9:A6:E7:C8:12:A9:1F:36:09:29
X509v3 Authority Key Identifier:
keyid:C6:C6:65:3E:87:BB:2E:F9:AD:BB:06:19:60:E2:05:00:A5:54:F0:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsZlPoe7LvmtuwYZYOIFAKVU8DU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/zb6-bGxjc7N49amm58gSqR82CSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/961a72-70fd-450f-9fe9-3bba3628324b/1/xsZlPoe7LvmtuwYZYOIFAKVU8DU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.238.0/24
194.165.44.0/24
Signature Algorithm: sha256WithRSAEncryption
07:24:e0:e7:f4:c4:44:16:b7:5e:83:a0:c8:c0:9d:18:65:ac:
3b:51:fe:11:e1:ed:e3:ff:cb:ad:84:0c:62:e8:44:8c:a5:5a:
c4:21:bb:5e:5c:29:12:e4:ef:67:c9:07:78:5e:e3:6c:38:80:
f2:97:10:1c:22:8f:c7:6b:5e:8f:a9:da:a9:27:5a:a3:8a:ad:
c8:46:40:9b:88:8d:99:ac:2f:73:fb:b7:ce:2d:8c:b2:5f:de:
47:f8:66:6d:7a:04:2b:d6:91:e9:46:2b:6b:0f:39:ea:5a:05:
df:e8:4e:b2:84:6a:1b:23:2f:39:4d:b2:5a:90:b0:42:d2:e9:
d6:04:bb:c0:9b:2b:66:fd:6d:2c:8d:af:f7:bc:05:bd:5b:a1:
7e:61:c0:e7:b8:4f:ab:bc:7d:81:be:33:a2:f3:bf:19:37:b7:
b4:8e:75:b7:0b:1b:e0:68:4c:ad:d5:62:8a:f7:32:c7:b2:50:
5d:b4:1d:0f:10:20:b9:d5:e2:f8:f1:1e:5f:f3:8e:1f:87:d2:
84:40:db:ef:98:3b:c2:35:a2:7a:a0:5c:1e:73:ac:5e:1a:ea:
ad:ef:75:02:31:7d:a5:52:10:60:aa:33:73:f7:de:59:b2:10:
e5:17:d8:32:17:04:21:dc:fd:23:a7:14:10:92:46:09:95:f2:
6e:63:83:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0cwf2lgUwtSwUQ+64HR0zEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzY2NTNlODdiYjJlZjlhZGJiMDYxOTYwZTIwNTAwYTU1
NGYwMzUwHhcNMjQwMTE4MTMyODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGJlYmU2YzZjNjM3M2IzNzhmNWE5YTZlN2M4MTJhOTFmMzYwOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlTJEOfRGlfUhgdA/quQD2owTsNm
ta1ILS+WxWersClvsncx2DCYfs09BgGdx4lkYwcqmXg7h00sWNFWRC3dpQIqd9Ag
3lksLHa6p1EXylvxVO3c8+r2Ig1a9KRnO6/p85URLrtGoI5NtJ4HxnxceGCtBS98
gqqoUSn6vsKeQWE5DZeNGrOHUAVyX61JxFCZKrg08sXll+UkuOm5jJKQ2Hsg4Y+d
PrHgVwWKH3VwA3LB7DfJAw0otwmjm561eRDAuqZlH93Z6P78tnVobfyPkVLcGmUc
m7tqIMAlKJ1KBtCmbgNkZ4cbRdx/4210COylJJDwwQxusrBkaWWtxCtIvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM2+vmxsY3OzePWppufIEqkfNgkpMB8GA1UdIwQY
MBaAFMbGZT6Huy75rbsGGWDiBQClVPA1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNabFBvZTdMdm10dXdZWllPSUZBS1ZVOERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85NjFhNzItNzBmZC00NTBmLTlmZTkt
M2JiYTM2MjgzMjRiLzEvemI2LWJHeGpjN040OWFtbTU4Z1NxUjgyQ1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85NjFhNzItNzBmZC00NTBmLTlmZTktM2JiYTM2MjgzMjRi
LzEveHNabFBvZTdMdm10dXdZWllPSUZBS1ZVOERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwgDuAwQA
wqUsMA0GCSqGSIb3DQEBCwUAA4IBAQAHJODn9MREFrdeg6DIwJ0YZaw7Uf4R4e3j
/8uthAxi6ESMpVrEIbteXCkS5O9nyQd4XuNsOIDylxAcIo/Ha16PqdqpJ1qjiq3I
RkCbiI2ZrC9z+7fOLYyyX95H+GZtegQr1pHpRitrDznqWgXf6E6yhGobIy85TbJa
kLBC0unWBLvAmytm/W0sja/3vAW9W6F+YcDnuE+rvH2BvjOi878ZN7e0jnW3Cxvg
aEyt1WKK9zLHslBdtB0PECC51eL48R5f844fh9KEQNvvmDvCNaJ6oFwec6xeGuqt
73UCMX2lUhBgqjNz995ZshDlF9gyFwQh3P0jpxQQkkYJlfJuY4OP
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:02:40 2024 by rpki-client on console-fra.rpki-client.org