Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/dYrzsYQ2wQpmQU8IX3gTHzhco6c.roa
File: dYrzsYQ2wQpmQU8IX3gTHzhco6c.roa (raw, json)
Hash identifier: BXG4QOkUzGhisHoTrVSXoTcZbT/74xSRgkE18OZH9aI=
Subject key identifier: 75:8A:F3:B1:84:36:C1:0A:66:41:4F:08:5F:78:13:1F:38:5C:A3:A7
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018CCA287EA76E5AF1B26F1FAB66453C9421
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/dYrzsYQ2wQpmQU8IX3gTHzhco6c.roa
Signing time: Tue 02 Jan 2024 12:31:40 +0000
ROA not before: Tue 02 Jan 2024 12:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47869
IP address blocks: 2a0e:1c80:d::/48 maxlen: 48
2a0e:1c80:1b::/48 maxlen: 48
2a0e:1c80:4::/48 maxlen: 48
2a0e:1c80:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 14:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:7e:a7:6e:5a:f1:b2:6f:1f:ab:66:45:3c:94:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Jan 2 12:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=758af3b18436c10a66414f085f78131f385ca3a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:28:6c:87:bb:2e:a2:68:0f:6b:e2:db:ad:8c:
53:38:b0:8e:d8:e9:7a:aa:af:b6:7c:bf:9f:aa:9e:
90:a7:c9:2f:3f:61:a5:00:8d:ae:df:59:7c:2b:ee:
6c:aa:d2:99:36:07:81:b5:9c:25:ef:c9:00:23:f9:
a7:a2:33:ae:80:77:a7:75:01:59:25:c8:21:4c:02:
83:74:8e:32:33:92:94:f2:77:8b:87:d8:c2:a1:a6:
c6:6a:47:dd:42:b5:44:54:d4:64:45:4b:dc:75:13:
4b:02:e4:fe:d2:5c:07:2a:b0:12:fb:94:02:ac:e9:
a7:2f:ad:78:ec:34:35:3a:7c:ca:f0:8c:f1:74:3e:
c3:0e:d0:0a:1e:bb:97:23:5c:83:3d:74:2c:94:0d:
e6:e1:d2:eb:d9:9d:91:9a:e4:3e:aa:9d:07:2c:f7:
ab:a3:9c:1a:a9:cd:6c:6e:3e:20:6f:97:aa:fc:46:
44:a1:e8:c7:4b:b0:7e:18:75:be:36:27:24:49:b6:
10:33:e3:01:e7:20:18:ba:1a:ee:85:3f:ed:0e:fa:
f4:a1:8d:90:c8:4c:c6:f9:32:b9:a1:bc:8b:9b:c7:
89:d6:a5:a8:ea:e9:2c:ff:4a:25:03:4a:cf:1f:6c:
ae:d6:15:fd:1b:e5:ee:fc:07:95:ec:9a:6b:13:52:
eb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:8A:F3:B1:84:36:C1:0A:66:41:4F:08:5F:78:13:1F:38:5C:A3:A7
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/dYrzsYQ2wQpmQU8IX3gTHzhco6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1c80:4::/48
2a0e:1c80:c::/47
2a0e:1c80:1b::/48
Signature Algorithm: sha256WithRSAEncryption
0c:0e:11:dc:3c:e6:cd:a9:bf:ae:d8:4c:3a:ff:dc:5f:08:17:
4f:c0:31:c9:9b:aa:24:f2:c8:3d:cb:43:3c:7c:ba:bc:1e:b8:
34:56:6e:68:d6:ad:93:31:ac:3e:96:08:11:1d:7f:1e:73:5e:
4e:3d:33:a5:ad:e9:ad:9e:d2:e6:60:a3:16:69:35:fc:a4:85:
4f:80:e9:ea:5b:25:be:fd:e2:4a:25:af:c7:07:87:21:49:ff:
66:53:f0:71:0c:00:6b:3b:1a:4a:91:45:f2:46:82:c9:85:78:
8d:fe:52:5b:5f:5b:11:e3:4d:e8:d0:6a:05:80:70:4d:1e:b5:
4c:5e:5e:02:ce:0e:ed:12:8d:b0:3a:d4:59:68:58:d1:e2:12:
1d:a1:fc:4b:62:53:e3:6e:f6:d0:40:87:97:98:8c:5f:d6:e9:
c7:2d:fd:0e:cf:8b:94:ef:78:59:cb:4b:99:21:36:75:96:bf:
64:48:b1:3a:46:93:c0:27:b8:b1:c1:fe:fb:a0:2f:d1:da:c6:
a0:1f:19:6d:b8:57:1d:9c:7a:24:3f:f1:12:83:68:f1:db:25:
3d:7f:bf:ae:f1:8e:74:61:19:b9:10:6e:f2:9a:f2:4e:0d:6c:
af:77:ca:a4:e9:44:4f:56:76:61:be:65:25:fd:28:12:d8:27:
d6:38:cf:b1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKH6nblrxsm8fq2ZFPJQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjQwMTAyMTIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NThhZjNiMTg0MzZjMTBhNjY0MTRmMDg1Zjc4MTMxZjM4NWNhM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkihsh7suomgPa+LbrYxTOLCO2Ol6
qq+2fL+fqp6Qp8kvP2GlAI2u31l8K+5sqtKZNgeBtZwl78kAI/mnojOugHendQFZ
JcghTAKDdI4yM5KU8neLh9jCoabGakfdQrVEVNRkRUvcdRNLAuT+0lwHKrAS+5QC
rOmnL6147DQ1OnzK8IzxdD7DDtAKHruXI1yDPXQslA3m4dLr2Z2RmuQ+qp0HLPer
o5waqc1sbj4gb5eq/EZEoejHS7B+GHW+NickSbYQM+MB5yAYuhruhT/tDvr0oY2Q
yEzG+TK5obyLm8eJ1qWo6uks/0olA0rPH2yu1hX9G+Xu/AeV7JprE1Lr7wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHWK87GENsEKZkFPCF94Ex84XKOnMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvZFlyenNZUTJ3UXBtUVU4SVgzZ1RIemhjbzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg4cgAAE
AwcBKg4cgAAMAwcAKg4cgAAbMA0GCSqGSIb3DQEBCwUAA4IBAQAMDhHcPObNqb+u
2Ew6/9xfCBdPwDHJm6ok8sg9y0M8fLq8Hrg0Vm5o1q2TMaw+lggRHX8ec15OPTOl
remtntLmYKMWaTX8pIVPgOnqWyW+/eJKJa/HB4chSf9mU/BxDABrOxpKkUXyRoLJ
hXiN/lJbX1sR403o0GoFgHBNHrVMXl4Czg7tEo2wOtRZaFjR4hIdofxLYlPjbvbQ
QIeXmIxf1unHLf0Oz4uU73hZy0uZITZ1lr9kSLE6RpPAJ7ixwf77oC/R2sagHxlt
uFcdnHokP/ESg2jx2yU9f7+u8Y50YRm5EG7ymvJODWyvd8qk6URPVnZhvmUl/SgS
2CfWOM+x
-----END CERTIFICATE-----
Generated at Mon Jun 3 17:00:26 2024 by rpki-client on console-fra.rpki-client.org