Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/ZwT8rF973W0eMJ_88GVxs5m40DM.roa
File: ZwT8rF973W0eMJ_88GVxs5m40DM.roa (raw, json)
Hash identifier: nwJyJofI1rerYEyyIWsYRIgEiSBO21tZdBTLsFwJjds=
Subject key identifier: 67:04:FC:AC:5F:7B:DD:6D:1E:30:9F:FC:F0:65:71:B3:99:B8:D0:33
Certificate issuer: /CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Certificate serial: 018CC94D905649EAAA49A436A763FB70FA94
Authority key identifier: 4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/ZwT8rF973W0eMJ_88GVxs5m40DM.roa
Signing time: Tue 02 Jan 2024 08:32:32 +0000
ROA not before: Tue 02 Jan 2024 08:32:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32181
IP address blocks: 91.238.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.mft
rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:90:56:49:ea:aa:49:a4:36:a7:63:fb:70:fa:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fb2bb7bad50f1921810a028e78edd65f81f6a7d
Validity
Not Before: Jan 2 08:32:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6704fcac5f7bdd6d1e309ffcf06571b399b8d033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c6:28:c9:5d:04:c1:91:29:73:a5:3c:2e:5f:
d0:47:83:4b:8e:72:26:c3:22:ed:be:60:54:b9:5b:
f9:09:c1:9c:82:f9:0d:05:5a:8c:5c:cd:86:ec:fa:
e1:81:1a:2b:af:c3:a6:c7:7d:42:67:2f:df:8c:56:
a2:67:84:21:3b:16:af:22:7f:5d:1c:72:54:1f:42:
7d:4b:88:e1:50:00:5e:51:f1:bc:ce:49:d5:2b:29:
06:61:79:be:af:b7:5e:20:59:3e:7c:ef:51:12:e4:
eb:10:a3:ac:79:a1:6e:ca:f2:8b:8c:de:1f:51:03:
64:c2:14:00:18:2c:eb:a7:9a:0c:50:69:6f:b2:76:
43:0d:3b:75:2c:08:38:9e:19:4d:6b:67:97:70:13:
40:38:2d:cd:39:ac:65:17:f7:0a:ef:de:6e:61:0b:
a2:a6:d9:00:02:53:32:9c:18:a1:92:98:46:e8:1c:
7d:9e:86:33:31:c2:e2:75:1a:f4:8f:47:59:40:05:
d2:f6:1b:aa:0e:38:bb:f0:2a:c3:0c:9b:5a:0c:57:
1a:2c:c2:e7:1e:78:1d:1e:56:63:74:e6:51:82:81:
eb:87:25:61:68:cd:08:14:84:2d:e8:0e:5a:7c:dd:
8d:d3:5d:84:ac:91:1a:c6:a6:f7:a9:23:9f:bf:b9:
9e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:04:FC:AC:5F:7B:DD:6D:1E:30:9F:FC:F0:65:71:B3:99:B8:D0:33
X509v3 Authority Key Identifier:
keyid:4F:B2:BB:7B:AD:50:F1:92:18:10:A0:28:E7:8E:DD:65:F8:1F:6A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7K7e61Q8ZIYEKAo547dZfgfan0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/ZwT8rF973W0eMJ_88GVxs5m40DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/fda382-4257-41c3-8ec6-27fbc99ea3c6/1/T7K7e61Q8ZIYEKAo547dZfgfan0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.71.0/24
Signature Algorithm: sha256WithRSAEncryption
76:4d:49:d4:74:ee:78:72:45:c2:a8:ba:f0:31:01:d5:c0:f7:
1b:c9:0f:af:96:d9:3a:d2:3a:88:95:1b:51:4d:0f:aa:32:69:
5b:a3:3e:e7:e6:b5:83:8c:a0:a4:0a:69:40:43:f5:c1:02:44:
05:8d:be:26:35:45:aa:5e:e1:e5:43:e0:97:a3:d7:30:1c:7d:
7a:95:8d:38:8d:6a:1a:ba:0a:8a:f9:7d:ef:24:68:ae:0e:d9:
50:43:a5:62:bc:83:64:84:35:a1:9c:7b:25:b3:ee:8b:b0:3a:
a4:cf:77:76:da:2a:4e:e2:c4:ef:12:a8:f8:61:f6:2d:12:9a:
54:83:6a:1c:8a:a9:0b:8a:ad:5c:3e:44:c1:bb:53:b4:a8:a4:
6a:c1:71:a4:b0:8f:b0:c8:dd:a9:72:fd:c0:0b:1d:b6:df:fa:
53:a1:83:fa:cd:99:99:96:4d:b7:a9:40:07:a3:63:11:7e:6c:
aa:9b:2c:ab:3b:eb:7e:40:03:e9:9e:32:f0:ca:a5:c6:ed:f4:
25:88:97:c4:9e:d9:e0:33:46:de:2f:15:56:47:1e:06:98:23:
17:76:77:65:88:96:4c:4a:bb:d0:18:3c:c6:27:74:8d:56:d8:
ba:a2:0b:a4:37:72:25:63:45:72:85:4c:38:07:ea:29:fc:6d:
d7:a2:8f:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTZBWSeqqSaQ2p2P7cPqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYjJiYjdiYWQ1MGYxOTIxODEwYTAyOGU3OGVkZDY1Zjgx
ZjZhN2QwHhcNMjQwMTAyMDgzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA0ZmNhYzVmN2JkZDZkMWUzMDlmZmNmMDY1NzFiMzk5YjhkMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcYoyV0EwZEpc6U8Ll/QR4NLjnIm
wyLtvmBUuVv5CcGcgvkNBVqMXM2G7PrhgRorr8Omx31CZy/fjFaiZ4QhOxavIn9d
HHJUH0J9S4jhUABeUfG8zknVKykGYXm+r7deIFk+fO9REuTrEKOseaFuyvKLjN4f
UQNkwhQAGCzrp5oMUGlvsnZDDTt1LAg4nhlNa2eXcBNAOC3NOaxlF/cK795uYQui
ptkAAlMynBihkphG6Bx9noYzMcLidRr0j0dZQAXS9huqDji78CrDDJtaDFcaLMLn
HngdHlZjdOZRgoHrhyVhaM0IFIQt6A5afN2N012ErJEaxqb3qSOfv7mehQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcE/Kxfe91tHjCf/PBlcbOZuNAzMB8GA1UdIwQY
MBaAFE+yu3utUPGSGBCgKOeO3WX4H2p9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDdLN2U2MVE4WklZRUtBbzU0N2RaZmdmYW4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9mZGEzODItNDI1Ny00MWMzLThlYzYt
MjdmYmM5OWVhM2M2LzEvWndUOHJGOTczVzBlTUpfODhHVnhzNW00MERNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9mZGEzODItNDI1Ny00MWMzLThlYzYtMjdmYmM5OWVhM2M2
LzEvVDdLN2U2MVE4WklZRUtBbzU0N2RaZmdmYW4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+5HMA0G
CSqGSIb3DQEBCwUAA4IBAQB2TUnUdO54ckXCqLrwMQHVwPcbyQ+vltk60jqIlRtR
TQ+qMmlboz7n5rWDjKCkCmlAQ/XBAkQFjb4mNUWqXuHlQ+CXo9cwHH16lY04jWoa
ugqK+X3vJGiuDtlQQ6VivINkhDWhnHsls+6LsDqkz3d22ipO4sTvEqj4YfYtEppU
g2ociqkLiq1cPkTBu1O0qKRqwXGksI+wyN2pcv3ACx223/pToYP6zZmZlk23qUAH
o2MRfmyqmyyrO+t+QAPpnjLwyqXG7fQliJfEntngM0beLxVWRx4GmCMXdndliJZM
SrvQGDzGJ3SNVti6ogukN3IlY0VyhUw4B+op/G3Xoo84
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:11:55 2024 by rpki-client on console-ams.rpki-client.org