Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/1-yGWEDAjD1HPlr-mrAl64S7O8E8.roa
File: 1-yGWEDAjD1HPlr-mrAl64S7O8E8.roa (raw, json)
Hash identifier: +jI8HJEgWxqefshJhgH3L+eKaIC1+3/irxS9pVi7puc=
Subject key identifier: FB:21:96:10:30:23:0F:51:CF:96:BF:A6:AC:09:7A:E1:2E:CE:F0:4F
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018F1679D1AF6C4F285883C2F366F1900CD0
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/1-yGWEDAjD1HPlr-mrAl64S7O8E8.roa
Signing time: Thu 25 Apr 2024 18:17:13 +0000
ROA not before: Thu 25 Apr 2024 18:17:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47959
IP address blocks: 104.239.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:16:79:d1:af:6c:4f:28:58:83:c2:f3:66:f1:90:0c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 25 18:17:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb21961030230f51cf96bfa6ac097ae12ecef04f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:90:e3:d1:90:de:0e:36:c2:82:f3:3e:30:51:
1c:75:8b:39:85:f3:06:e2:97:91:6f:5b:af:af:bc:
b6:79:7a:5b:7a:d4:06:50:a6:d0:b8:a0:f1:22:3a:
5e:87:b2:ee:c6:03:0b:34:e4:dd:47:9b:45:52:a3:
fb:f3:92:92:2b:de:e6:cb:d8:d2:43:92:73:09:f0:
eb:a0:9f:f0:29:33:2e:b5:90:58:86:85:b8:d5:56:
cd:82:2b:46:2f:1d:38:20:67:ec:91:0e:e0:14:e6:
10:83:d6:ac:84:9d:8c:10:11:f9:c3:db:87:4d:93:
7e:c3:36:5c:4f:3b:5d:bf:41:8d:4c:0a:9b:65:cc:
a4:f5:1d:8b:e2:66:34:7d:5b:7c:dc:53:d8:3c:f7:
f3:7b:4f:10:62:58:e3:15:65:3a:3b:bd:78:b3:94:
0e:d2:97:52:e8:54:ec:f5:4f:0c:d6:8b:41:55:74:
5f:38:c8:bd:05:0b:98:0e:ca:82:0a:c2:4f:47:1d:
84:b2:49:43:b4:ff:0c:92:3a:e7:50:8e:89:5e:92:
30:eb:da:fc:67:43:60:a5:68:92:5b:82:40:57:1d:
23:ee:6b:15:cb:50:99:1a:18:ae:b1:09:2b:0c:39:
2f:77:40:db:4a:10:f2:1d:ae:ca:79:da:83:28:e5:
a4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:21:96:10:30:23:0F:51:CF:96:BF:A6:AC:09:7A:E1:2E:CE:F0:4F
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/1-yGWEDAjD1HPlr-mrAl64S7O8E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.239.103.0/24
Signature Algorithm: sha256WithRSAEncryption
24:85:53:fb:5e:af:8f:10:90:b5:0c:de:79:75:94:b7:28:09:
54:a1:a1:5b:f7:a0:9a:5f:14:5b:15:e9:28:73:e6:97:c0:02:
95:03:1b:28:93:39:d2:8b:d5:9c:4b:76:31:89:e9:92:f7:3f:
61:0b:8e:8c:ec:ee:57:b9:48:88:c0:ec:57:b9:d4:3d:b8:fd:
10:70:04:f9:03:db:cd:d4:3b:ef:c6:e5:d8:70:f9:b5:f8:48:
50:65:cf:27:48:59:88:04:86:48:4e:21:c6:55:64:16:7a:a2:
99:c8:d7:04:16:86:95:8d:ee:cc:e9:4d:73:4f:cb:b5:7f:e6:
68:ff:41:64:44:83:b6:5f:e8:b0:c0:62:6d:4c:11:07:ee:20:
90:c7:7e:87:5d:d1:ff:46:f6:df:b1:30:3d:d0:ca:d1:30:7b:
29:92:12:42:b4:a9:6b:e5:3f:30:bf:51:a9:13:42:3e:bd:ca:
a9:b1:48:90:f6:3d:5d:56:98:b4:12:85:0e:2a:c0:8f:94:0e:
91:65:7e:2d:0c:a4:a1:46:4d:fc:e8:b6:86:de:5e:cf:b8:70:
11:37:54:c5:9f:0a:85:c8:24:01:e0:ed:be:fa:2a:82:26:5f:
e9:00:ad:a9:ce:ce:ec:5a:c8:4c:10:8e:89:b3:f6:10:ae:9f:
df:9d:a2:53
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8WedGvbE8oWIPC82bxkAzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNDI1MTgxNzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjIxOTYxMDMwMjMwZjUxY2Y5NmJmYTZhYzA5N2FlMTJlY2VmMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5Dj0ZDeDjbCgvM+MFEcdYs5hfMG
4peRb1uvr7y2eXpbetQGUKbQuKDxIjpeh7LuxgMLNOTdR5tFUqP785KSK97my9jS
Q5JzCfDroJ/wKTMutZBYhoW41VbNgitGLx04IGfskQ7gFOYQg9ashJ2MEBH5w9uH
TZN+wzZcTztdv0GNTAqbZcyk9R2L4mY0fVt83FPYPPfze08QYljjFWU6O714s5QO
0pdS6FTs9U8M1otBVXRfOMi9BQuYDsqCCsJPRx2EsklDtP8MkjrnUI6JXpIw69r8
Z0NgpWiSW4JAVx0j7msVy1CZGhiusQkrDDkvd0DbShDyHa7KedqDKOWk8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPshlhAwIw9Rz5a/pqwJeuEuzvBPMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvMS15R1dFREFqRDFIUGxyLW1yQWw2NFM3TzhFOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWEvZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2Fh
YS8xL1lGZ2VaejJBOTBkSk5ySVROLXI4d2IzRGhlay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGjvZzAN
BgkqhkiG9w0BAQsFAAOCAQEAJIVT+16vjxCQtQzeeXWUtygJVKGhW/egml8UWxXp
KHPml8AClQMbKJM50ovVnEt2MYnpkvc/YQuOjOzuV7lIiMDsV7nUPbj9EHAE+QPb
zdQ778bl2HD5tfhIUGXPJ0hZiASGSE4hxlVkFnqimcjXBBaGlY3uzOlNc0/LtX/m
aP9BZESDtl/osMBibUwRB+4gkMd+h13R/0b237EwPdDK0TB7KZISQrSpa+U/ML9R
qRNCPr3KqbFIkPY9XVaYtBKFDirAj5QOkWV+LQykoUZN/Oi2ht5ez7hwETdUxZ8K
hcgkAeDtvvoqgiZf6QCtqc7O7FrITBCOibP2EK6f352iUw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:55:47 2024 by rpki-client on console-fra.rpki-client.org