Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/Zs3JuiMFYY1_h3vmciveq4BYfGs.roa
File: Zs3JuiMFYY1_h3vmciveq4BYfGs.roa (raw, json)
Hash identifier: xpsBn0WmhC7zTymJgsyKHoxfV1FGZMpYJbH3N1HKlTE=
Subject key identifier: 66:CD:C9:BA:23:05:61:8D:7F:87:7B:E6:72:2B:DE:AB:80:58:7C:6B
Certificate issuer: /CN=af0f5a9bd2ad1e96865f00d08522b9aad3e91a4d
Certificate serial: 018CC5DBFC2B90FB94EDA721F954F73414E7
Authority key identifier: AF:0F:5A:9B:D2:AD:1E:96:86:5F:00:D0:85:22:B9:AA:D3:E9:1A:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rw9am9KtHpaGXwDQhSK5qtPpGk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/Zs3JuiMFYY1_h3vmciveq4BYfGs.roa
Signing time: Mon 01 Jan 2024 16:29:37 +0000
ROA not before: Mon 01 Jan 2024 16:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24940
IP address blocks: 195.60.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/rw9am9KtHpaGXwDQhSK5qtPpGk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/rw9am9KtHpaGXwDQhSK5qtPpGk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/rw9am9KtHpaGXwDQhSK5qtPpGk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:fc:2b:90:fb:94:ed:a7:21:f9:54:f7:34:14:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af0f5a9bd2ad1e96865f00d08522b9aad3e91a4d
Validity
Not Before: Jan 1 16:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66cdc9ba2305618d7f877be6722bdeab80587c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:61:34:a4:fe:b8:4d:76:93:ce:0b:4a:57:72:
f0:a5:63:75:62:98:5c:60:58:a7:8f:ed:3f:b3:88:
b1:a7:d4:42:d8:31:89:12:9b:4e:75:69:28:cb:63:
70:cd:ff:3d:5b:a4:e0:e7:02:53:16:60:cd:70:cf:
61:6a:a6:dc:b3:8f:65:77:00:58:6b:39:59:01:ae:
c1:9e:89:b9:12:94:88:4d:bc:52:4b:0b:8a:e7:12:
52:2c:ca:d5:23:9d:fe:41:c3:39:fe:d0:57:55:e8:
14:af:7d:42:8f:1c:de:46:92:35:95:4a:2e:80:f7:
78:80:d4:e0:aa:bf:71:eb:f5:ec:b4:9a:1f:1b:ba:
84:9d:ac:cb:3d:79:4a:87:06:79:0c:da:0a:39:3e:
9c:a4:00:6c:4f:e3:94:cb:29:d0:91:8a:67:bf:a8:
77:98:91:81:fc:a5:14:2c:9a:51:dc:68:a1:80:46:
86:34:f8:37:d4:7f:aa:ef:62:57:9f:5a:43:2c:0b:
e5:f8:e8:9e:cb:4b:3f:b6:03:4a:ad:c7:2c:d5:69:
5c:4d:71:c8:60:1c:4c:f7:5b:33:be:4c:14:30:33:
4f:cf:14:6a:d7:f2:66:66:e0:c9:f9:40:e7:51:53:
b3:70:72:c5:5e:69:c5:4a:08:f4:73:8b:7d:fa:9c:
40:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:CD:C9:BA:23:05:61:8D:7F:87:7B:E6:72:2B:DE:AB:80:58:7C:6B
X509v3 Authority Key Identifier:
keyid:AF:0F:5A:9B:D2:AD:1E:96:86:5F:00:D0:85:22:B9:AA:D3:E9:1A:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rw9am9KtHpaGXwDQhSK5qtPpGk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/Zs3JuiMFYY1_h3vmciveq4BYfGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/rw9am9KtHpaGXwDQhSK5qtPpGk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.226.0/24
Signature Algorithm: sha256WithRSAEncryption
91:b1:ad:d6:0a:f4:c4:15:e6:e4:74:12:89:ba:4c:b8:d8:d1:
eb:16:97:9b:79:26:ab:75:c9:55:61:9a:4a:94:99:15:c4:81:
3b:5d:20:45:78:22:2c:8f:dd:45:b9:6a:38:90:51:fc:22:6b:
36:51:5c:50:a5:ef:39:a6:91:1c:16:12:d1:e4:38:8e:59:40:
b4:81:a7:a3:05:33:f7:20:fb:e1:50:d0:f9:f1:9a:d6:53:f8:
af:f7:1f:95:66:3d:10:9f:31:e9:20:1b:4f:ef:b6:d8:15:81:
8d:bd:06:c0:1f:c1:95:63:a0:53:5e:d4:44:cb:d4:e5:d8:ba:
6c:cc:f7:7d:11:ce:a6:66:40:32:18:7d:f1:dd:bb:28:03:28:
15:ee:2e:4c:5c:3e:ad:b8:4b:4e:45:d0:74:9f:32:b8:04:03:
53:d7:28:96:a0:39:25:7c:c2:57:25:28:e8:ae:dc:0a:5d:31:
97:0c:47:93:9b:0c:bb:7a:00:7a:2c:42:d4:96:ab:8f:1c:ae:
4e:f2:26:cc:e8:fa:a7:6b:ea:cc:83:1b:38:f2:65:d8:0c:5d:
f5:5b:15:3c:c5:07:19:46:4d:fa:26:76:bf:17:28:fe:7c:c1:
8b:59:cb:a2:8c:6a:0a:7d:d3:4b:e0:49:79:c9:21:99:61:c2:
08:26:1a:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2/wrkPuU7ach+VT3NBTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMGY1YTliZDJhZDFlOTY4NjVmMDBkMDg1MjJiOWFhZDNl
OTFhNGQwHhcNMjQwMTAxMTYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmNkYzliYTIzMDU2MThkN2Y4NzdiZTY3MjJiZGVhYjgwNTg3YzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GE0pP64TXaTzgtKV3LwpWN1Yphc
YFinj+0/s4ixp9RC2DGJEptOdWkoy2Nwzf89W6Tg5wJTFmDNcM9haqbcs49ldwBY
azlZAa7Bnom5EpSITbxSSwuK5xJSLMrVI53+QcM5/tBXVegUr31CjxzeRpI1lUou
gPd4gNTgqr9x6/XstJofG7qEnazLPXlKhwZ5DNoKOT6cpABsT+OUyynQkYpnv6h3
mJGB/KUULJpR3GihgEaGNPg31H+q72JXn1pDLAvl+Oiey0s/tgNKrccs1WlcTXHI
YBxM91szvkwUMDNPzxRq1/JmZuDJ+UDnUVOzcHLFXmnFSgj0c4t9+pxABwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGbNybojBWGNf4d75nIr3quAWHxrMB8GA1UdIwQY
MBaAFK8PWpvSrR6Whl8A0IUiuarT6RpNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnc5YW05S3RIcGFHWHdEUWhTSzVxdFBwR2swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS82YWQ5YjgtOWYwZS00YWQwLWEyMjAt
M2FjM2I2NzM3MDQyLzEvWnMzSnVpTUZZWTFfaDN2bWNpdmVxNEJZZkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS82YWQ5YjgtOWYwZS00YWQwLWEyMjAtM2FjM2I2NzM3MDQy
LzEvcnc5YW05S3RIcGFHWHdEUWhTSzVxdFBwR2swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzziMA0G
CSqGSIb3DQEBCwUAA4IBAQCRsa3WCvTEFebkdBKJuky42NHrFpebeSardclVYZpK
lJkVxIE7XSBFeCIsj91FuWo4kFH8Ims2UVxQpe85ppEcFhLR5DiOWUC0gaejBTP3
IPvhUND58ZrWU/iv9x+VZj0QnzHpIBtP77bYFYGNvQbAH8GVY6BTXtREy9Tl2Lps
zPd9Ec6mZkAyGH3x3bsoAygV7i5MXD6tuEtORdB0nzK4BANT1yiWoDklfMJXJSjo
rtwKXTGXDEeTmwy7egB6LELUlquPHK5O8ibM6Pqna+rMgxs48mXYDF31WxU8xQcZ
Rk36Jna/Fyj+fMGLWcuijGoKfdNL4El5ySGZYcIIJhr7
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:01:55 2024 by rpki-client on console-ams.rpki-client.org