Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5c46d2-9818-4afc-880e-1cc5fd2544e9/1/1-sKsD8HRA-2vHfC8UsINmoel4MM.roa
File: 1-sKsD8HRA-2vHfC8UsINmoel4MM.roa (raw, json)
Hash identifier: GVXbjPHW/liXQweTGGOqxEOnXT3H/nIPX4EWePSQkB4=
Subject key identifier: FA:C2:AC:0F:C1:D1:03:ED:AF:1D:F0:BC:52:C2:0D:9A:87:A5:E0:C3
Certificate issuer: /CN=11d19fdae9c53d8d28b1e41ca9139c33556ba625
Certificate serial: 018CC2DB35D2CD50721BA2F7F47CCB739817
Authority key identifier: 11:D1:9F:DA:E9:C5:3D:8D:28:B1:E4:1C:A9:13:9C:33:55:6B:A6:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EdGf2unFPY0oseQcqROcM1VrpiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5c46d2-9818-4afc-880e-1cc5fd2544e9/1/1-sKsD8HRA-2vHfC8UsINmoel4MM.roa
Signing time: Mon 01 Jan 2024 02:29:55 +0000
ROA not before: Mon 01 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210465
IP address blocks: 146.19.99.0/24 maxlen: 24
80.88.144.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5c46d2-9818-4afc-880e-1cc5fd2544e9/1/EdGf2unFPY0oseQcqROcM1VrpiU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/5c46d2-9818-4afc-880e-1cc5fd2544e9/1/EdGf2unFPY0oseQcqROcM1VrpiU.mft
rsync://rpki.ripe.net/repository/DEFAULT/EdGf2unFPY0oseQcqROcM1VrpiU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:35:d2:cd:50:72:1b:a2:f7:f4:7c:cb:73:98:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11d19fdae9c53d8d28b1e41ca9139c33556ba625
Validity
Not Before: Jan 1 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fac2ac0fc1d103edaf1df0bc52c20d9a87a5e0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:59:77:4d:1c:e3:5e:0e:8a:3d:0a:4b:df:87:
22:50:a8:a5:a1:64:c7:f2:8a:78:a6:2b:9d:99:e5:
fa:f3:bf:2a:40:a7:04:16:aa:c6:f4:1e:a2:cf:24:
b1:9c:7e:2e:8d:d6:f9:1c:af:dd:96:96:cb:1d:40:
ab:e6:8a:ab:8b:75:54:98:fd:fa:ff:8f:e5:48:f8:
a7:9d:b8:c6:09:54:4b:b8:ba:53:cc:1a:aa:f4:ba:
23:2d:a2:11:42:f4:92:7b:73:76:dc:3a:c8:3c:76:
cb:c7:a8:2f:2b:60:04:51:42:0f:fc:e5:f3:44:44:
22:24:0b:b1:c4:dc:96:05:28:ee:55:18:3f:33:79:
9d:4d:47:a6:b2:f7:92:7d:10:b5:44:e9:94:91:ae:
07:26:2f:ee:5d:24:b1:e7:ea:98:71:71:7c:fc:34:
a2:d1:b3:4c:24:b8:54:dd:09:8b:ea:9c:86:2c:8b:
33:4a:97:6a:32:39:fc:96:4d:cd:e4:39:ec:1c:85:
e4:82:57:87:c5:ad:90:e9:be:c4:53:52:bc:7d:2d:
63:1c:49:1b:dc:86:94:cb:f4:21:ab:f7:0e:ac:c2:
c5:09:9c:47:af:c0:8f:95:e2:56:bd:c9:61:e6:96:
ac:d0:0d:af:7f:bb:41:c9:7b:93:13:bb:dd:df:72:
1f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C2:AC:0F:C1:D1:03:ED:AF:1D:F0:BC:52:C2:0D:9A:87:A5:E0:C3
X509v3 Authority Key Identifier:
keyid:11:D1:9F:DA:E9:C5:3D:8D:28:B1:E4:1C:A9:13:9C:33:55:6B:A6:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EdGf2unFPY0oseQcqROcM1VrpiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5c46d2-9818-4afc-880e-1cc5fd2544e9/1/1-sKsD8HRA-2vHfC8UsINmoel4MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5c46d2-9818-4afc-880e-1cc5fd2544e9/1/EdGf2unFPY0oseQcqROcM1VrpiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.88.144.0/21
146.19.99.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:df:c5:c0:7c:c5:98:03:74:52:14:b2:6f:4d:c9:d0:bf:c2:
b6:e1:b2:92:87:a8:96:a9:2e:7b:01:3a:98:79:27:af:60:b3:
0d:73:e0:83:e0:63:36:03:0e:20:07:e3:6f:57:8b:ea:12:65:
f4:5a:73:58:87:21:c0:91:61:a8:07:a9:c8:f4:1f:8c:a3:c7:
bb:29:4a:f9:05:a8:1c:9c:c5:ac:0e:fa:e5:46:eb:96:9a:c6:
bb:8b:d3:2d:a1:af:9d:22:ca:9f:2c:e2:e2:8a:32:48:49:7a:
43:6b:3b:b4:9b:48:e7:39:ad:0c:85:94:36:11:c7:61:01:37:
39:b0:5b:d8:60:30:3a:4c:79:62:8f:d7:ff:46:11:4e:7f:1d:
a6:96:00:d6:91:3c:ef:44:8c:df:f0:fb:01:bf:cf:4a:c7:ec:
87:89:de:e7:91:f3:4e:1e:22:cf:8f:ef:f6:57:0e:17:fb:5d:
cb:42:d0:de:64:b2:67:78:36:de:2e:07:9d:47:b2:6b:a2:cb:
54:19:a1:a5:e3:05:a2:df:0f:64:43:e6:8f:d3:37:11:ba:7d:
5a:23:30:45:70:c7:b3:4b:db:0c:81:90:7d:bf:40:a2:07:f3:
6c:a4:9c:4a:5f:a9:80:b1:d5:df:ac:88:c9:bc:34:6d:36:6e:
79:ce:e0:d4
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzC2zXSzVByG6L39HzLc5gXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZDE5ZmRhZTljNTNkOGQyOGIxZTQxY2E5MTM5YzMzNTU2
YmE2MjUwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWMyYWMwZmMxZDEwM2VkYWYxZGYwYmM1MmMyMGQ5YTg3YTVlMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11l3TRzjXg6KPQpL34ciUKiloWTH
8op4piudmeX6878qQKcEFqrG9B6izySxnH4ujdb5HK/dlpbLHUCr5oqri3VUmP36
/4/lSPinnbjGCVRLuLpTzBqq9LojLaIRQvSSe3N23DrIPHbLx6gvK2AEUUIP/OXz
REQiJAuxxNyWBSjuVRg/M3mdTUemsveSfRC1ROmUka4HJi/uXSSx5+qYcXF8/DSi
0bNMJLhU3QmL6pyGLIszSpdqMjn8lk3N5DnsHIXkgleHxa2Q6b7EU1K8fS1jHEkb
3IaUy/Qhq/cOrMLFCZxHr8CPleJWvclh5pas0A2vf7tByXuTE7vd33IfHwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPrCrA/B0QPtrx3wvFLCDZqHpeDDMB8GA1UdIwQY
MBaAFBHRn9rpxT2NKLHkHKkTnDNVa6YlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWRHZjJ1bkZQWTBvc2VRY3FST2NNMVZycGlVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YzQ2ZDItOTgxOC00YWZjLTg4MGUt
MWNjNWZkMjU0NGU5LzEvMS1zS3NEOEhSQS0ydkhmQzhVc0lObW9lbDRNTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvNWM0NmQyLTk4MTgtNGFmYy04ODBlLTFjYzVmZDI1NDRl
OS8xL0VkR2YydW5GUFkwb3NlUWNxUk9jTTFWcnBpVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1BYkAME
AJITYzANBgkqhkiG9w0BAQsFAAOCAQEAot/FwHzFmAN0UhSyb03J0L/CtuGykoeo
lqkuewE6mHknr2CzDXPgg+BjNgMOIAfjb1eL6hJl9FpzWIchwJFhqAepyPQfjKPH
uylK+QWoHJzFrA765UbrlprGu4vTLaGvnSLKnyzi4ooySEl6Q2s7tJtI5zmtDIWU
NhHHYQE3ObBb2GAwOkx5Yo/X/0YRTn8dppYA1pE870SM3/D7Ab/PSsfsh4ne55Hz
Th4iz4/v9lcOF/tdy0LQ3mSyZ3g23i4HnUeya6LLVBmhpeMFot8PZEPmj9M3Ebp9
WiMwRXDHs0vbDIGQfb9AogfzbKScSl+pgLHV36yIybw0bTZuec7g1A==
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:04:54 2024 by rpki-client on console-fra.rpki-client.org