Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ZGBSnZxA4fFcUaEtN0TUBKVqLAQ.roa
File: ZGBSnZxA4fFcUaEtN0TUBKVqLAQ.roa (raw, json)
Hash identifier: c45BknisxSFH655MQtd+R+oVFYpYNIbLQHLlyOXbFmk=
Subject key identifier: 64:60:52:9D:9C:40:E1:F1:5C:51:A1:2D:37:44:D4:04:A5:6A:2C:04
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 018E12DBD7837BC1E49E689B82167CB0E456
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ZGBSnZxA4fFcUaEtN0TUBKVqLAQ.roa
Signing time: Wed 06 Mar 2024 08:23:01 +0000
ROA not before: Wed 06 Mar 2024 08:23:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209066
IP address blocks: 185.60.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:db:d7:83:7b:c1:e4:9e:68:9b:82:16:7c:b0:e4:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Mar 6 08:23:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6460529d9c40e1f15c51a12d3744d404a56a2c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3c:07:4f:85:b4:eb:cb:69:16:1d:27:42:cf:
19:93:a2:da:38:12:1e:aa:ad:67:52:69:e1:e7:65:
91:05:3e:f3:f1:b4:37:9d:ac:cc:e6:12:8d:0e:c8:
6b:ab:48:2f:68:f3:a3:5f:1d:59:36:eb:1f:67:cd:
08:e6:e7:49:f7:80:f2:12:46:62:95:56:8c:79:0d:
16:a1:76:48:8c:54:57:3a:62:a9:3f:32:5d:2b:23:
e3:6e:fa:42:bc:00:85:32:e6:10:8a:70:a9:95:a1:
ba:4e:b0:1c:17:ae:a5:a6:8f:76:eb:49:b4:7c:3a:
e2:bc:e7:40:c5:77:44:12:42:9f:56:34:ec:7c:fc:
42:d5:cb:20:fb:58:06:81:0e:88:cd:34:05:c2:fa:
56:5d:ca:e6:94:70:d0:09:3c:62:bc:e2:f7:42:8b:
b2:07:c7:ef:ef:96:0b:94:43:a3:3b:bd:eb:d7:69:
f8:1c:f6:de:4b:d6:c0:0f:4b:da:51:fa:4b:52:7b:
39:4e:c7:f6:50:3d:1e:d7:7b:f1:68:35:e4:ca:82:
fd:5a:85:a1:de:2f:ba:44:b4:cc:18:52:3a:49:27:
1a:64:fa:4f:9a:19:b0:5c:fc:66:f1:39:be:7c:9e:
09:20:ba:4d:8a:64:8a:09:16:9e:6c:f2:0b:6c:ba:
de:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:60:52:9D:9C:40:E1:F1:5C:51:A1:2D:37:44:D4:04:A5:6A:2C:04
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ZGBSnZxA4fFcUaEtN0TUBKVqLAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.228.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:ea:48:ed:03:49:c1:63:42:7a:d4:6e:a0:03:66:f2:a0:c0:
42:46:45:1e:8b:be:28:ea:48:a3:bf:c1:31:c2:07:dd:e6:6e:
9d:33:20:1e:60:d9:07:f0:14:61:b1:f2:89:bb:84:c7:29:6f:
9c:d7:a5:f6:78:3a:b1:36:67:8f:8f:28:56:38:59:d5:c3:ce:
2a:4c:00:4e:44:76:92:68:24:0f:9b:c0:a2:c8:2c:b8:17:61:
f1:b5:b7:5b:0b:33:5d:83:7d:1d:78:8a:b6:e7:e1:07:25:be:
07:c7:b4:3a:3a:57:f0:d6:aa:52:7f:41:b5:e0:e4:64:24:46:
98:48:13:e6:32:f1:33:7f:04:32:35:1e:a8:8d:5f:36:f3:e8:
22:c6:86:14:c4:61:43:25:fa:ce:da:d9:54:cd:d9:83:28:26:
b8:38:37:20:b9:f1:7e:7c:6f:cd:bd:fb:2f:30:f0:75:5a:c7:
45:c1:44:c3:83:a9:7f:eb:ff:df:38:72:ed:81:c2:42:13:08:
28:91:57:f3:57:68:24:b9:1b:c4:61:62:e6:49:76:f8:3c:60:
64:7e:33:4b:08:b8:95:13:39:5b:4f:ce:13:28:4e:30:bc:87:
79:27:df:22:92:a0:23:09:2e:f8:ae:04:df:2f:0f:23:3d:7a:
15:6e:c9:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4S29eDe8HknmibghZ8sORWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjQwMzA2MDgyMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDYwNTI5ZDljNDBlMWYxNWM1MWExMmQzNzQ0ZDQwNGE1NmEyYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTwHT4W068tpFh0nQs8Zk6LaOBIe
qq1nUmnh52WRBT7z8bQ3nazM5hKNDshrq0gvaPOjXx1ZNusfZ80I5udJ94DyEkZi
lVaMeQ0WoXZIjFRXOmKpPzJdKyPjbvpCvACFMuYQinCplaG6TrAcF66lpo9260m0
fDrivOdAxXdEEkKfVjTsfPxC1csg+1gGgQ6IzTQFwvpWXcrmlHDQCTxivOL3Qouy
B8fv75YLlEOjO73r12n4HPbeS9bAD0vaUfpLUns5Tsf2UD0e13vxaDXkyoL9WoWh
3i+6RLTMGFI6SScaZPpPmhmwXPxm8Tm+fJ4JILpNimSKCRaebPILbLresQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRgUp2cQOHxXFGhLTdE1ASlaiwEMB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvWkdCU25aeEE0ZkZjVWFFdE4wVFVCS1ZxTEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTzkMA0G
CSqGSIb3DQEBCwUAA4IBAQBO6kjtA0nBY0J61G6gA2byoMBCRkUei74o6kijv8Ex
wgfd5m6dMyAeYNkH8BRhsfKJu4THKW+c16X2eDqxNmePjyhWOFnVw84qTABORHaS
aCQPm8CiyCy4F2HxtbdbCzNdg30deIq25+EHJb4Hx7Q6Olfw1qpSf0G14ORkJEaY
SBPmMvEzfwQyNR6ojV828+gixoYUxGFDJfrO2tlUzdmDKCa4ODcgufF+fG/Nvfsv
MPB1WsdFwUTDg6l/6//fOHLtgcJCEwgokVfzV2gkuRvEYWLmSXb4PGBkfjNLCLiV
EzlbT84TKE4wvId5J98ikqAjCS74rgTfLw8jPXoVbslx
-----END CERTIFICATE-----
Generated at Fri May 17 16:42:55 2024 by rpki-client on console-ams.rpki-client.org