Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-BvhYbjniUltOv_EEKQkKDEIbJQ.roa
File: 1-BvhYbjniUltOv_EEKQkKDEIbJQ.roa (raw, json)
Hash identifier: Obc7VrDN02jdQNpUU6W6E4RrggX1DmTxEwqYeSaGv7M=
Subject key identifier: F8:1B:E1:61:B8:E7:89:49:6D:3A:FF:C4:10:A4:24:28:31:08:6C:94
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019014E4C1E22DF45B96E740BA26669B7AB1
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-BvhYbjniUltOv_EEKQkKDEIbJQ.roa
Signing time: Fri 14 Jun 2024 03:57:34 +0000
ROA not before: Fri 14 Jun 2024 03:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 2a04:a5c0::/32 maxlen: 32
2a04:a5c1::/32 maxlen: 32
2a04:a5c2::/32 maxlen: 32
2a04:a5c3::/32 maxlen: 32
2a04:a5c4::/32 maxlen: 32
2a04:a5c5::/32 maxlen: 32
2a04:a5c6::/32 maxlen: 32
2a04:a5c7::/32 maxlen: 32
2a0e:d00::/32 maxlen: 32
2a0e:d01::/32 maxlen: 32
2a0e:d02::/32 maxlen: 32
2a0e:d03::/32 maxlen: 32
2a0e:d04::/32 maxlen: 32
2a0e:d05::/32 maxlen: 32
2a0e:d06::/32 maxlen: 32
2a0e:d07::/32 maxlen: 32
2a0e:b140::/32 maxlen: 32
2a0e:b141::/32 maxlen: 32
2a0e:b142::/32 maxlen: 32
2a0e:b143::/32 maxlen: 32
2a0e:b144::/32 maxlen: 32
2a0e:b145::/32 maxlen: 32
2a0e:b146::/32 maxlen: 32
2a0e:b147::/32 maxlen: 32
2a0f:db80::/32 maxlen: 32
2a0f:db81::/32 maxlen: 32
2a0f:db82::/32 maxlen: 32
2a0f:db83::/32 maxlen: 32
2a0f:db84::/32 maxlen: 32
2a0f:db85::/32 maxlen: 32
2a0f:db86::/32 maxlen: 32
2a0f:db87::/32 maxlen: 32
2a10:4700::/31 maxlen: 31
2a10:4702::/31 maxlen: 31
2a10:4704::/31 maxlen: 31
2a10:4706::/31 maxlen: 31
2a11:4b41::/32 maxlen: 32
2a11:4b42::/32 maxlen: 32
2a12:4300::/31 maxlen: 31
2a12:4302::/31 maxlen: 31
2a12:4304::/31 maxlen: 31
2a12:4306::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 03:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:14:e4:c1:e2:2d:f4:5b:96:e7:40:ba:26:66:9b:7a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jun 14 03:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f81be161b8e789496d3affc410a4242831086c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dd:c4:b7:04:63:b0:21:5b:21:c9:78:29:38:
b7:18:7c:6d:e9:bc:fd:5a:58:b8:d9:eb:66:79:bd:
3a:34:d6:c7:2d:e2:6a:67:f4:f9:33:01:30:9c:b6:
d8:e8:eb:d5:bb:de:ca:88:95:3f:bb:27:85:af:27:
64:9e:17:03:70:3f:37:30:08:a7:4b:60:44:97:cb:
09:0f:6f:f0:60:13:d9:60:43:82:23:22:16:57:d9:
95:31:c6:82:ac:e4:97:72:2a:81:65:c7:b7:6b:eb:
18:06:29:6d:98:40:e0:53:6d:f4:78:6e:55:50:d3:
ab:00:52:4e:c9:e9:6d:b1:94:27:1e:0f:63:c3:10:
c7:e9:47:0f:12:2f:85:f5:00:f2:af:be:14:f3:cd:
48:4a:9a:f3:01:f6:0a:52:2a:80:4d:cc:5d:9b:00:
33:59:12:35:95:53:92:72:3c:d7:b2:17:6b:ac:02:
4c:0b:3e:90:6c:ca:4b:8c:7f:10:8c:4b:e9:0d:c2:
ac:e6:e8:0e:4c:ec:95:64:68:65:ae:17:dd:45:bc:
ef:8d:7b:3e:5d:c4:7d:ca:f1:17:d3:17:7c:c3:2f:
0a:98:f1:66:3f:9c:1b:de:fa:68:f3:44:75:ae:da:
21:02:53:cd:c0:ff:e8:05:ad:9c:f5:83:12:ab:a0:
ec:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:1B:E1:61:B8:E7:89:49:6D:3A:FF:C4:10:A4:24:28:31:08:6C:94
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-BvhYbjniUltOv_EEKQkKDEIbJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a5c0::/29
2a0e:d00::/29
2a0e:b140::/29
2a0f:db80::/29
2a10:4700::/29
2a11:4b41::-2a11:4b42:ffff:ffff:ffff:ffff:ffff:ffff
2a12:4300::/29
Signature Algorithm: sha256WithRSAEncryption
8e:7e:9d:4d:ed:ac:f2:93:2b:ff:7d:42:ae:fb:f6:ec:f5:e1:
36:cf:ef:cd:fe:bf:6b:dd:4d:b3:f0:99:ab:f9:ef:d2:85:60:
cc:32:0f:73:59:5d:4d:de:b2:ee:ca:be:ba:a5:51:8d:99:65:
b8:bd:1a:8d:1f:7b:ac:b0:6f:80:08:e5:d0:44:2f:40:82:60:
db:01:3a:5e:5e:a9:37:e7:ca:6f:d0:8f:82:d4:5d:c7:48:12:
5d:ac:a2:8b:24:91:fc:d7:a3:09:59:b1:b9:e2:a1:dd:29:3e:
5c:92:52:52:a1:65:3e:92:c1:a7:17:7f:72:b9:36:17:50:d5:
fd:cd:1c:c8:49:f5:d7:a8:c5:5a:9c:74:30:da:10:f7:58:e0:
a5:96:d1:55:b2:6b:8f:d7:85:eb:8c:9d:62:a7:3a:97:33:f9:
10:f1:c7:3f:1b:c1:a0:a3:da:d5:03:df:63:7e:c5:4c:12:56:
af:66:c1:a8:bb:c3:a2:92:13:c6:5f:ef:0d:73:48:39:df:9e:
2a:44:0f:dc:94:22:d3:b6:71:ba:62:03:1d:86:02:55:90:24:
f4:8d:b1:44:42:e8:66:83:72:22:76:a7:c3:49:58:62:fc:c4:
7e:f7:5d:5c:d1:9d:b8:c4:bd:34:ed:a3:d7:7d:88:3a:c3:b1:
71:a2:32:6e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZAU5MHiLfRbludAuiZmm3qxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNjE0MDM1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODFiZTE2MWI4ZTc4OTQ5NmQzYWZmYzQxMGE0MjQyODMxMDg2Yzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr93EtwRjsCFbIcl4KTi3GHxt6bz9
Wli42etmeb06NNbHLeJqZ/T5MwEwnLbY6OvVu97KiJU/uyeFrydknhcDcD83MAin
S2BEl8sJD2/wYBPZYEOCIyIWV9mVMcaCrOSXciqBZce3a+sYBiltmEDgU230eG5V
UNOrAFJOyeltsZQnHg9jwxDH6UcPEi+F9QDyr74U881ISprzAfYKUiqATcxdmwAz
WRI1lVOScjzXshdrrAJMCz6QbMpLjH8QjEvpDcKs5ugOTOyVZGhlrhfdRbzvjXs+
XcR9yvEX0xd8wy8KmPFmP5wb3vpo80R1rtohAlPNwP/oBa2c9YMSq6Ds8wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFPgb4WG454lJbTr/xBCkJCgxCGyUMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMS1CdmhZYmpuaVVsdE92X0VFS1FrS0RFSWJKUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmUvMWZhNmEzLThkYzUtNGMzNS1hNDliLTE3MWMzNjdiZTc4
Mi8xL2RRaEhYX0RZN0pZRE5nRnVEZ1FpR3BqbDdQSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBTBggrBgEFBQcBBwEB/wREMEIwQAQCAAIwOgMFAyoEpcAD
BQMqDg0AAwUDKg6xQAMFAyoP24ADBQMqEEcAMA4DBQAqEUtBAwUAKhFLQgMFAyoS
QwAwDQYJKoZIhvcNAQELBQADggEBAI5+nU3trPKTK/99Qq779uz14TbP783+v2vd
TbPwmav579KFYMwyD3NZXU3esu7KvrqlUY2ZZbi9Go0fe6ywb4AI5dBEL0CCYNsB
Ol5eqTfnym/Qj4LUXcdIEl2sooskkfzXowlZsbniod0pPlySUlKhZT6SwacXf3K5
NhdQ1f3NHMhJ9deoxVqcdDDaEPdY4KWW0VWya4/XheuMnWKnOpcz+RDxxz8bwaCj
2tUD32N+xUwSVq9mwai7w6KSE8Zf7w1zSDnfnipED9yUItO2cbpiAx2GAlWQJPSN
sURC6GaDciJ2p8NJWGL8xH73XVzRnbjEvTTto9d9iDrDsXGiMm4=
-----END CERTIFICATE-----
Generated at Wed Jun 26 11:35:59 2024 by rpki-client on console-fra.rpki-client.org