Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/ZLz6__QlKMdncMa4ndy2-LUwBXs.roa
File: ZLz6__QlKMdncMa4ndy2-LUwBXs.roa (raw, json)
Hash identifier: TZiHYU04uhqhSrwmyCPnJUs0wDmhAO8yZJxyzVu9yiM=
Subject key identifier: 64:BC:FA:FF:F4:25:28:C7:67:70:C6:B8:9D:DC:B6:F8:B5:30:05:7B
Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Certificate serial: 0192D1A83DE259A01BEBA33C31AA6FCF2969
Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/ZLz6__QlKMdncMa4ndy2-LUwBXs.roa
Signing time: Mon 28 Oct 2024 05:45:16 +0000
ROA not before: Mon 28 Oct 2024 05:45:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51468
IP address blocks: 141.138.172.0/22 maxlen: 22
2a03:3c00:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.mft
rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d1:a8:3d:e2:59:a0:1b:eb:a3:3c:31:aa:6f:cf:29:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Validity
Not Before: Oct 28 05:45:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64bcfafff42528c76770c6b89ddcb6f8b530057b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7e:2f:87:e2:f1:3b:fa:de:ff:e1:91:4f:aa:
5e:e9:77:8b:2c:b3:cb:c2:9e:4e:94:21:a9:ef:db:
33:4a:c2:17:f9:3e:f4:24:c0:c6:ff:45:3b:e7:dd:
53:4b:2e:b2:f4:00:56:1e:4c:16:74:95:2f:e0:36:
2f:e2:88:6b:cf:a4:1b:3a:29:84:16:a3:13:0c:44:
87:3f:25:ca:31:a3:aa:87:c5:e3:8d:ca:a1:9e:3a:
dc:3c:6f:7f:ba:63:c5:1a:e1:bb:12:23:5e:f4:f5:
86:cf:1f:7e:9d:d1:f0:48:0b:e9:1a:45:9a:f8:5d:
9b:19:05:cd:aa:64:cd:36:31:0c:8b:cc:61:33:97:
84:68:af:ec:b5:93:7b:77:1c:84:8f:8a:0d:16:d3:
b1:bc:a7:36:7a:98:d5:29:3d:60:83:ca:f3:53:4b:
f3:85:09:e7:4d:1f:73:3b:70:c6:9f:fc:a7:b2:f1:
da:cc:81:ed:29:6b:67:67:c6:02:18:ef:be:29:98:
bc:42:2c:36:97:03:09:10:ed:3e:07:55:c6:cc:64:
2c:e1:9c:d2:a5:68:55:ed:18:f6:f9:d0:3f:6d:ae:
d6:81:83:2b:85:1a:f5:25:93:28:57:02:12:25:06:
4c:80:d6:ac:d3:a3:5d:a7:33:1c:13:78:a3:4a:3f:
8c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:BC:FA:FF:F4:25:28:C7:67:70:C6:B8:9D:DC:B6:F8:B5:30:05:7B
X509v3 Authority Key Identifier:
keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/ZLz6__QlKMdncMa4ndy2-LUwBXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.172.0/22
IPv6:
2a03:3c00:c000::/34
Signature Algorithm: sha256WithRSAEncryption
c6:83:be:88:4b:98:0d:3b:ac:d6:19:75:48:1f:22:0f:83:ee:
3a:0f:b7:bf:be:a0:af:42:41:8a:3f:81:f8:48:46:ee:a0:62:
bd:5b:30:4e:1c:c7:5b:22:50:ad:0c:92:46:2b:ec:01:9f:f1:
13:79:9d:3a:b9:7f:09:56:87:4a:fb:44:4b:55:2e:a0:e4:6c:
3e:4e:4a:2a:4f:af:7d:36:14:bb:fd:3f:15:ab:ec:06:56:9f:
17:d8:ca:f5:12:b8:28:d6:f3:dd:03:ad:ee:ef:67:6a:00:b5:
8d:91:7e:be:6a:85:2a:db:67:c7:e4:87:ef:20:4b:b3:c7:d8:
22:fe:64:d7:e2:08:02:0e:40:a6:c2:ee:0b:00:f3:f5:85:70:
03:89:49:7d:37:32:24:77:a7:ff:35:77:5e:3c:fe:6e:54:2f:
94:4a:dd:ff:23:fa:20:02:c9:cf:7f:0a:69:dc:38:cd:56:42:
d5:ff:92:c0:82:9f:bf:88:40:a4:34:c3:a6:3c:b2:80:49:a7:
3a:09:d3:08:47:1b:ee:ee:2f:d8:09:8b:f7:fe:88:bf:54:fe:
3a:87:cc:9a:48:8c:80:09:31:2f:21:b4:e5:31:29:e0:e7:e3:
01:52:fc:9d:51:51:34:b8:e6:92:01:a5:2e:6b:18:26:7d:00:
7b:f3:80:9e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZLRqD3iWaAb66M8MapvzylpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi
MGQ3NmMwHhcNMjQxMDI4MDU0NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGJjZmFmZmY0MjUyOGM3Njc3MGM2Yjg5ZGRjYjZmOGI1MzAwNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwH4vh+LxO/re/+GRT6pe6XeLLLPL
wp5OlCGp79szSsIX+T70JMDG/0U7591TSy6y9ABWHkwWdJUv4DYv4ohrz6QbOimE
FqMTDESHPyXKMaOqh8XjjcqhnjrcPG9/umPFGuG7EiNe9PWGzx9+ndHwSAvpGkWa
+F2bGQXNqmTNNjEMi8xhM5eEaK/stZN7dxyEj4oNFtOxvKc2epjVKT1gg8rzU0vz
hQnnTR9zO3DGn/ynsvHazIHtKWtnZ8YCGO++KZi8Qiw2lwMJEO0+B1XGzGQs4ZzS
pWhV7Rj2+dA/ba7WgYMrhRr1JZMoVwISJQZMgNas06NdpzMcE3ijSj+M7wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFGS8+v/0JSjHZ3DGuJ3ctvi1MAV7MB8GA1UdIwQY
MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt
MWUxZGU5MWE5ODdjLzEvWkx6Nl9fUWxLTWRuY01hNG5keTItTFV3QlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj
LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCjYqsMA4E
AgACMAgDBgYqAzwAwDANBgkqhkiG9w0BAQsFAAOCAQEAxoO+iEuYDTus1hl1SB8i
D4PuOg+3v76gr0JBij+B+EhG7qBivVswThzHWyJQrQySRivsAZ/xE3mdOrl/CVaH
SvtES1UuoORsPk5KKk+vfTYUu/0/FavsBlafF9jK9RK4KNbz3QOt7u9nagC1jZF+
vmqFKttnx+SH7yBLs8fYIv5k1+IIAg5ApsLuCwDz9YVwA4lJfTcyJHen/zV3Xjz+
blQvlErd/yP6IALJz38Kadw4zVZC1f+SwIKfv4hApDTDpjyygEmnOgnTCEcb7u4v
2AmL9/6Iv1T+OofMmkiMgAkxLyG05TEp4OfjAVL8nVFRNLjmkgGlLmsYJn0Ae/OA
ng==
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:14:35 2024 by rpki-client on console-ams.rpki-client.org