Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/eKguPXH_SoHfBl5-_gNB9QclqH4.roa
File: eKguPXH_SoHfBl5-_gNB9QclqH4.roa (raw, json)
Hash identifier: rVgJF5dkS8e3tf1tjAwP8F5vYdIBdRUJO4x5WcCkjI0=
Subject key identifier: 78:A8:2E:3D:71:FF:4A:81:DF:06:5E:7E:FE:03:41:F5:07:25:A8:7E
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 018CC26D8473BDDC13FD85CB53F55D75B914
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/eKguPXH_SoHfBl5-_gNB9QclqH4.roa
Signing time: Mon 01 Jan 2024 00:30:06 +0000
ROA not before: Mon 01 Jan 2024 00:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199491
IP address blocks: 2a00:1908:e000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 07:03:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:84:73:bd:dc:13:fd:85:cb:53:f5:5d:75:b9:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Jan 1 00:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78a82e3d71ff4a81df065e7efe0341f50725a87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:78:cb:9c:46:c9:4f:85:7d:cf:bb:1e:cb:61:
c9:6e:c2:af:fb:59:45:0f:0b:07:1d:02:a6:0e:65:
10:55:87:fb:c3:77:08:69:9a:ec:57:f7:ce:d8:c2:
3a:8c:3e:bc:ff:4d:b6:e3:1f:11:93:9b:6e:f2:bd:
69:35:b9:40:5a:e3:d3:10:97:63:93:e8:be:8c:29:
55:ed:ff:e1:e3:ed:43:3b:52:b5:0d:51:1b:73:09:
e0:2b:df:a2:e6:93:52:ab:f3:88:22:c2:77:f0:52:
4a:e3:23:10:12:b9:e6:80:bf:55:93:bf:8c:37:23:
8c:78:06:8a:6a:04:1a:b4:99:97:6d:55:97:99:bd:
4f:07:01:dd:ba:17:a7:41:70:e8:75:fb:1d:68:f6:
2f:a6:06:b5:fd:5a:ec:54:7b:ce:ea:6d:9c:dc:bd:
4a:86:88:0c:0e:e6:56:3d:56:28:1f:66:7c:d6:87:
44:c3:ca:49:36:e2:6d:b7:cc:b1:4a:b0:25:0d:76:
9b:69:5d:c6:ad:98:01:b5:3e:79:16:14:c9:21:e7:
33:4a:0a:2d:a8:20:d9:0c:97:55:42:d8:53:09:0f:
4a:f8:05:df:66:0e:02:62:3f:5b:01:be:df:dc:96:
48:af:bb:11:29:d2:b3:73:83:19:06:17:6c:51:b8:
a5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A8:2E:3D:71:FF:4A:81:DF:06:5E:7E:FE:03:41:F5:07:25:A8:7E
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/eKguPXH_SoHfBl5-_gNB9QclqH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1908:e000::/48
Signature Algorithm: sha256WithRSAEncryption
72:a3:78:42:3d:1b:e1:fe:b3:ef:40:f3:62:d5:fe:13:d9:41:
57:bc:f1:5c:73:dd:4a:82:72:f7:fa:e5:3f:da:b1:c9:e5:10:
26:04:2c:4f:a0:18:de:23:df:7a:23:42:96:88:cc:9f:4c:38:
ea:47:33:30:44:98:44:64:29:b8:20:b8:68:1c:d9:4b:08:89:
38:f8:84:c5:bd:f6:79:11:7d:60:e0:77:40:de:1f:f2:ab:61:
0f:12:0b:1e:8b:0b:b5:0b:b4:24:0d:e7:9f:81:7a:88:f8:b4:
de:dd:4d:09:83:b4:8d:f7:fa:46:c0:30:fb:f4:5a:85:6b:37:
0f:f5:f3:2f:22:91:86:8e:0e:74:3d:58:be:22:71:e8:2c:18:
9c:13:ba:c9:df:da:5d:f2:cc:09:2c:cf:c2:13:ac:47:43:72:
87:e1:26:1a:b5:d1:ca:06:4e:cc:51:37:1b:a9:ea:35:66:f0:
02:8e:b3:b9:b8:07:78:97:6a:e6:fd:d7:00:e8:b3:67:82:08:
a2:e7:50:d6:ba:8a:21:5c:7d:39:fe:28:08:d5:52:76:20:4e:
8e:ab:7b:49:0a:d4:48:70:e4:a1:3c:ea:e3:c4:92:b2:d1:ee:
8d:86:a0:47:f8:be:2a:da:d9:43:4e:b8:aa:49:ff:8e:ab:e9:
2d:33:d5:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbYRzvdwT/YXLU/VddbkUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjQwMTAxMDAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGE4MmUzZDcxZmY0YTgxZGYwNjVlN2VmZTAzNDFmNTA3MjVhODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHjLnEbJT4V9z7sey2HJbsKv+1lF
DwsHHQKmDmUQVYf7w3cIaZrsV/fO2MI6jD68/0224x8Rk5tu8r1pNblAWuPTEJdj
k+i+jClV7f/h4+1DO1K1DVEbcwngK9+i5pNSq/OIIsJ38FJK4yMQErnmgL9Vk7+M
NyOMeAaKagQatJmXbVWXmb1PBwHduhenQXDodfsdaPYvpga1/VrsVHvO6m2c3L1K
hogMDuZWPVYoH2Z81odEw8pJNuJtt8yxSrAlDXabaV3GrZgBtT55FhTJIeczSgot
qCDZDJdVQthTCQ9K+AXfZg4CYj9bAb7f3JZIr7sRKdKzc4MZBhdsUbildQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHioLj1x/0qB3wZefv4DQfUHJah+MB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvZUtndVBYSF9Tb0hmQmw1LV9nTkI5UWNscUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAZCOAA
MA0GCSqGSIb3DQEBCwUAA4IBAQByo3hCPRvh/rPvQPNi1f4T2UFXvPFcc91KgnL3
+uU/2rHJ5RAmBCxPoBjeI996I0KWiMyfTDjqRzMwRJhEZCm4ILhoHNlLCIk4+ITF
vfZ5EX1g4HdA3h/yq2EPEgseiwu1C7QkDeefgXqI+LTe3U0Jg7SN9/pGwDD79FqF
azcP9fMvIpGGjg50PVi+InHoLBicE7rJ39pd8swJLM/CE6xHQ3KH4SYatdHKBk7M
UTcbqeo1ZvACjrO5uAd4l2rm/dcA6LNnggii51DWuoohXH05/igI1VJ2IE6Oq3tJ
CtRIcOShPOrjxJKy0e6NhqBH+L4q2tlDTriqSf+Oq+ktM9VX
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:45:30 2024 by rpki-client on console-ams.rpki-client.org