Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/aCgDvocUKfI05oFVse5QHrrSCbw.roa
File: aCgDvocUKfI05oFVse5QHrrSCbw.roa (raw, json)
Hash identifier: JGMazpxsiggfjtLz7FzniAsSIVgABFXYe5BCsKifm8I=
Subject key identifier: 68:28:03:BE:87:14:29:F2:34:E6:81:55:B1:EE:50:1E:BA:D2:09:BC
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018CCA287C76E9A6FB4FB98A3C2E5DBF6505
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/aCgDvocUKfI05oFVse5QHrrSCbw.roa
Signing time: Tue 02 Jan 2024 12:31:40 +0000
ROA not before: Tue 02 Jan 2024 12:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 45.15.17.0/24 maxlen: 24
2a0e:1c80:18::/48 maxlen: 48
2a0e:1c80:16::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:7c:76:e9:a6:fb:4f:b9:8a:3c:2e:5d:bf:65:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Jan 2 12:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=682803be871429f234e68155b1ee501ebad209bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8e:97:1b:69:70:99:16:53:38:23:c0:aa:a8:
15:b6:ea:af:98:41:87:84:35:ac:49:69:ce:72:e7:
ee:82:fc:8b:af:f5:6a:97:d0:b2:4f:79:02:65:a6:
08:de:cb:5a:a4:7b:8e:9d:c6:df:83:1e:c5:c1:5a:
09:fd:a1:28:c6:6b:ad:d2:9a:bd:46:71:19:7b:f8:
49:29:74:14:53:87:a5:a5:a3:f0:c4:63:b7:ee:db:
09:f2:eb:44:da:ab:12:fd:0f:4a:0e:bc:57:7c:9e:
46:56:10:dd:02:da:e9:eb:de:3f:26:02:81:39:9f:
01:24:3a:85:10:e8:66:23:d1:ec:a9:1c:5b:9c:fa:
96:04:5d:45:4f:15:a3:e0:63:a7:ed:cf:7c:23:75:
2b:56:60:8d:d2:7c:75:09:18:f8:20:94:4b:d5:61:
63:35:4c:4f:39:78:df:62:76:47:5b:a2:aa:70:84:
46:b3:fd:ce:6f:3e:bd:5a:a3:81:5d:81:c2:2d:c7:
71:dc:80:cc:8a:fa:01:34:d0:70:2b:98:c3:73:8f:
40:c3:f4:a5:a7:85:f6:ca:8c:4e:a9:a9:0f:c3:31:
dc:51:a9:b4:16:5e:07:be:de:97:a7:ab:e0:75:62:
8f:19:ae:ec:34:52:c3:7e:af:0e:78:9e:46:e3:18:
e4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:28:03:BE:87:14:29:F2:34:E6:81:55:B1:EE:50:1E:BA:D2:09:BC
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/aCgDvocUKfI05oFVse5QHrrSCbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.17.0/24
IPv6:
2a0e:1c80:16::/48
2a0e:1c80:18::/48
Signature Algorithm: sha256WithRSAEncryption
7f:6e:99:34:e5:32:fb:48:95:59:66:14:a7:dc:96:9e:eb:27:
3b:3b:7b:20:f6:9a:23:b3:eb:12:9b:b7:6d:de:6c:5c:3d:5a:
28:4e:3a:08:c3:6b:14:88:5a:56:1b:36:51:38:3b:ff:74:8c:
0c:54:dd:8b:1a:86:84:33:94:04:07:62:f8:89:a4:fc:50:20:
77:39:40:2d:e7:43:a3:0f:73:47:f5:a4:9f:9c:df:84:ba:44:
62:36:3f:0c:0c:6f:0f:9c:b5:9a:2b:1b:b1:89:46:2f:1e:69:
0c:a2:64:19:92:41:a6:a6:dd:8f:c0:48:95:e5:72:fa:b3:77:
76:44:40:eb:25:f1:3d:75:78:d3:82:77:4a:38:0b:33:4a:dc:
99:7a:d6:61:c9:a6:48:0e:6c:ec:ca:f2:5b:ec:98:ec:2a:af:
cb:4b:b0:aa:5d:b8:dc:d1:30:f2:f3:c6:7a:24:99:62:04:14:
42:56:da:11:7e:21:a3:65:e5:8f:d3:fa:26:e0:83:f5:02:e4:
f5:18:ff:68:71:2b:71:88:b5:63:7c:30:66:82:dc:e6:31:23:
3c:00:47:ba:c8:74:dc:a1:50:53:ff:4c:be:51:c8:ca:3f:54:
56:ac:c0:ce:fe:ad:f1:7c:5d:f9:b6:98:12:9f:d4:62:bc:46:
a3:08:f7:86
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzKKHx26ab7T7mKPC5dv2UFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjQwMTAyMTIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODI4MDNiZTg3MTQyOWYyMzRlNjgxNTViMWVlNTAxZWJhZDIwOWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI6XG2lwmRZTOCPAqqgVtuqvmEGH
hDWsSWnOcufugvyLr/Vql9CyT3kCZaYI3stapHuOncbfgx7FwVoJ/aEoxmut0pq9
RnEZe/hJKXQUU4elpaPwxGO37tsJ8utE2qsS/Q9KDrxXfJ5GVhDdAtrp694/JgKB
OZ8BJDqFEOhmI9HsqRxbnPqWBF1FTxWj4GOn7c98I3UrVmCN0nx1CRj4IJRL1WFj
NUxPOXjfYnZHW6KqcIRGs/3Obz69WqOBXYHCLcdx3IDMivoBNNBwK5jDc49Aw/Sl
p4X2yoxOqakPwzHcUam0Fl4Hvt6Xp6vgdWKPGa7sNFLDfq8OeJ5G4xjkKQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGgoA76HFCnyNOaBVbHuUB660gm8MB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvYUNnRHZvY1VLZkkwNW9GVnNlNVFIcnJTQ2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQALQ8RMBgE
AgACMBIDBwAqDhyAABYDBwAqDhyAABgwDQYJKoZIhvcNAQELBQADggEBAH9umTTl
MvtIlVlmFKfclp7rJzs7eyD2miOz6xKbt23ebFw9WihOOgjDaxSIWlYbNlE4O/90
jAxU3YsahoQzlAQHYviJpPxQIHc5QC3nQ6MPc0f1pJ+c34S6RGI2PwwMbw+ctZor
G7GJRi8eaQyiZBmSQaam3Y/ASJXlcvqzd3ZEQOsl8T11eNOCd0o4CzNK3Jl61mHJ
pkgObOzK8lvsmOwqr8tLsKpduNzRMPLzxnokmWIEFEJW2hF+IaNl5Y/T+ibgg/UC
5PUY/2hxK3GItWN8MGaC3OYxIzwAR7rIdNyhUFP/TL5RyMo/VFaswM7+rfF8Xfm2
mBKf1GK8RqMI94Y=
-----END CERTIFICATE-----
Generated at Tue Apr 30 17:37:43 2024 by rpki-client on console-fra.rpki-client.org