Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/1p_az5c7k8KA5DzS6lVo587GPkM.roa
File: 1p_az5c7k8KA5DzS6lVo587GPkM.roa (raw, json)
Hash identifier: wf4keozm1NOnZQixghm5axKm+0gMRh39Ba8naJIacAM=
Subject key identifier: D6:9F:DA:CF:97:3B:93:C2:80:E4:3C:D2:EA:55:68:E7:CE:C6:3E:43
Certificate issuer: /CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Certificate serial: 0191FF208CD6AB89D9FD39F1E381BCDD29BA
Authority key identifier: CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/1p_az5c7k8KA5DzS6lVo587GPkM.roa
Signing time: Tue 17 Sep 2024 08:36:48 +0000
ROA not before: Tue 17 Sep 2024 08:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 442444
IP address blocks: 2.144.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/z1VnEiqIypiJoXmLbJQtzAy8dTs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/z1VnEiqIypiJoXmLbJQtzAy8dTs.mft
rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:20:8c:d6:ab:89:d9:fd:39:f1:e3:81:bc:dd:29:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b
Validity
Not Before: Sep 17 08:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d69fdacf973b93c280e43cd2ea5568e7cec63e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c7:8f:f1:67:95:91:4a:17:ee:2e:65:cd:24:
82:e1:63:3f:22:95:73:74:41:1e:a1:16:b1:bc:39:
37:a5:b6:80:a6:83:0b:6d:2a:17:da:04:7f:67:8d:
88:86:53:bb:d9:d7:eb:19:4b:53:2d:28:f0:7e:bf:
7c:39:8b:f6:d3:0c:d8:67:73:10:f8:ef:a0:d1:b2:
f4:88:c9:3e:19:21:e0:bb:04:10:08:15:e6:cc:69:
eb:d3:1e:56:7a:de:3d:0f:b8:c7:5a:ac:63:a8:b8:
bc:26:6f:69:d6:a4:8f:6c:65:99:30:78:7a:76:89:
95:63:8a:90:c5:e6:36:68:eb:83:e1:f7:23:19:2f:
b3:4f:6d:79:44:77:18:6b:ef:17:70:65:a0:06:b0:
0b:70:04:b8:18:72:fe:fe:78:6a:31:02:22:a4:a9:
75:2b:44:98:52:90:0d:12:cc:af:55:1b:dd:4a:16:
0a:ce:86:8c:f0:54:18:ad:18:33:f0:cf:55:47:cc:
5c:e6:8d:02:e8:b7:ba:d7:71:d5:b7:57:c9:61:13:
39:ef:50:81:8e:c7:65:11:d1:52:9b:f2:33:fb:88:
2a:5f:ca:b1:47:96:2d:ed:5d:12:46:55:96:3a:a1:
bc:59:54:ef:d3:68:aa:87:7a:24:fc:39:42:e6:7e:
3b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:9F:DA:CF:97:3B:93:C2:80:E4:3C:D2:EA:55:68:E7:CE:C6:3E:43
X509v3 Authority Key Identifier:
keyid:CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/1p_az5c7k8KA5DzS6lVo587GPkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/z1VnEiqIypiJoXmLbJQtzAy8dTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.144.13.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:c5:0c:0b:92:bd:1a:0a:3e:01:a5:5d:5c:31:54:7f:b5:02:
b8:33:98:6f:e5:0d:52:f7:55:32:17:cb:ee:7f:82:51:41:a1:
4b:d0:4f:07:7c:43:92:1c:bf:88:68:27:a5:95:b8:2d:fe:1f:
d2:42:51:20:66:3f:b1:e7:7a:22:d4:a9:71:5b:86:4c:44:dd:
c1:9f:aa:78:7f:a0:8b:87:e5:84:91:6a:0f:f2:64:9e:6d:f7:
39:5d:d9:40:19:6e:fb:ce:f5:3c:aa:78:f6:b8:03:64:45:a7:
d7:93:6f:5f:24:a8:cc:87:d9:a1:05:54:eb:f2:52:30:23:d4:
d7:2f:89:8f:8b:44:fe:d2:5c:1c:bf:a2:23:53:63:26:8c:2a:
f6:d4:53:6d:e0:a8:34:86:05:ef:63:0a:ef:2e:08:18:52:49:
6d:7f:90:b4:ae:c7:1c:ee:d9:5b:15:70:05:44:c2:ae:ef:f6:
74:67:4a:bb:e3:74:1b:46:73:b1:19:58:0b:3f:bb:93:c5:d1:
8c:bb:87:99:02:39:fa:08:31:9c:4f:26:e9:9f:71:f1:28:9b:
de:92:c5:9a:58:da:43:ab:94:5a:70:4e:e9:eb:74:6d:00:33:
8a:ce:0a:9b:b1:2a:63:67:3a:72:57:82:73:25:cf:48:0c:e4:
1d:54:f3:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZH/IIzWq4nZ/Tnx44G83Sm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNTU2NzEyMmE4OGNhOTg4OWExNzk4YjZjOTQyZGNjMGNi
Yzc1M2IwHhcNMjQwOTE3MDgzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjlmZGFjZjk3M2I5M2MyODBlNDNjZDJlYTU1NjhlN2NlYzYzZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxceP8WeVkUoX7i5lzSSC4WM/IpVz
dEEeoRaxvDk3pbaApoMLbSoX2gR/Z42IhlO72dfrGUtTLSjwfr98OYv20wzYZ3MQ
+O+g0bL0iMk+GSHguwQQCBXmzGnr0x5Wet49D7jHWqxjqLi8Jm9p1qSPbGWZMHh6
domVY4qQxeY2aOuD4fcjGS+zT215RHcYa+8XcGWgBrALcAS4GHL+/nhqMQIipKl1
K0SYUpANEsyvVRvdShYKzoaM8FQYrRgz8M9VR8xc5o0C6Le613HVt1fJYRM571CB
jsdlEdFSm/Iz+4gqX8qxR5Yt7V0SRlWWOqG8WVTv02iqh3ok/DlC5n47/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNaf2s+XO5PCgOQ80upVaOfOxj5DMB8GA1UdIwQY
MBaAFM9VZxIqiMqYiaF5i2yULcwMvHU7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAt
OGQ3MTVhYzIxN2UyLzEvMXBfYXo1YzdrOEtBNUR6UzZsVm81ODdHUGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAtOGQ3MTVhYzIxN2Uy
LzEvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAApANMA0G
CSqGSIb3DQEBCwUAA4IBAQBNxQwLkr0aCj4BpV1cMVR/tQK4M5hv5Q1S91UyF8vu
f4JRQaFL0E8HfEOSHL+IaCellbgt/h/SQlEgZj+x53oi1KlxW4ZMRN3Bn6p4f6CL
h+WEkWoP8mSebfc5XdlAGW77zvU8qnj2uANkRafXk29fJKjMh9mhBVTr8lIwI9TX
L4mPi0T+0lwcv6IjU2MmjCr21FNt4Kg0hgXvYwrvLggYUkltf5C0rscc7tlbFXAF
RMKu7/Z0Z0q743QbRnOxGVgLP7uTxdGMu4eZAjn6CDGcTybpn3HxKJveksWaWNpD
q5RacE7p63RtADOKzgqbsSpjZzpyV4JzJc9IDOQdVPOM
-----END CERTIFICATE-----
Generated at Sat Sep 28 10:58:14 2024 by rpki-client on console-fra.rpki-client.org