Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/EnHKWmvKiaYwAlcBJAynVEsEFV4.roa
File: EnHKWmvKiaYwAlcBJAynVEsEFV4.roa (raw, json)
Hash identifier: dsdSFJ0qt+0VyjsLIgPQUs+yVrsFQz6ZnrmJrZCJDkg=
Subject key identifier: 12:71:CA:5A:6B:CA:89:A6:30:02:57:01:24:0C:A7:54:4B:04:15:5E
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCD56A83FAE0534807E375C871E6B0
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/EnHKWmvKiaYwAlcBJAynVEsEFV4.roa
Signing time: Tue 02 Jan 2024 10:34:04 +0000
ROA not before: Tue 02 Jan 2024 10:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41843
IP address blocks: 2a02:2698:5400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d5:6a:83:fa:e0:53:48:07:e3:75:c8:71:e6:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1271ca5a6bca89a630025701240ca7544b04155e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6a:2c:b9:08:4b:b3:04:62:bb:51:48:9f:45:
4f:97:c4:0c:6b:b0:ba:8b:d2:1a:8b:05:ff:27:3c:
44:87:cd:6a:3a:93:b1:17:8e:ab:90:42:3e:15:2a:
b9:61:fd:d9:17:77:87:dc:0f:02:08:98:a5:d2:91:
d9:76:25:92:cd:45:fa:20:ea:b8:f9:8c:0c:fe:ad:
59:6b:75:64:e3:9d:e5:a6:a2:f2:56:26:11:41:b0:
f3:5c:f4:5c:d9:83:4b:06:56:75:5d:00:3b:f4:d0:
9a:47:e4:5e:e6:f8:ea:fa:76:88:db:75:fb:4f:a0:
91:e8:f4:6b:a2:8d:eb:70:46:36:58:4b:b9:e3:d9:
86:6a:a9:6b:4a:37:47:30:81:8a:13:62:24:71:f4:
1f:4e:fa:22:7e:b8:fd:12:5b:39:44:6b:be:43:fe:
8f:d7:36:92:82:21:6d:2e:de:bc:54:86:49:91:11:
38:49:c2:af:c3:6c:fe:38:be:61:ae:d7:1c:c4:35:
af:98:aa:9c:d8:22:ac:76:2d:ab:17:bd:da:bf:08:
b3:88:3b:42:e5:3c:99:58:55:f9:d6:1b:8f:a4:9b:
fc:cf:be:71:a2:47:5a:d3:37:91:20:31:47:5d:5d:
29:d5:17:1b:5a:cb:19:d6:5d:c7:24:17:a3:23:b5:
53:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:71:CA:5A:6B:CA:89:A6:30:02:57:01:24:0C:A7:54:4B:04:15:5E
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/EnHKWmvKiaYwAlcBJAynVEsEFV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:5400::/38
Signature Algorithm: sha256WithRSAEncryption
45:76:19:06:31:47:90:e6:1c:c7:17:ec:e4:75:9f:21:28:fc:
22:57:d0:de:f4:98:aa:9f:06:e7:60:56:4d:f7:68:c0:78:54:
ac:88:3d:4a:45:8a:66:a2:2a:5b:64:9d:2d:d5:f6:92:7e:e5:
86:7f:7b:a7:5c:7f:f8:ed:ec:aa:9f:11:3d:b5:7e:6b:c0:63:
72:7e:e6:17:a4:fa:0e:42:01:78:9c:f7:a8:8b:11:0e:32:76:
05:c5:9d:db:b4:01:1b:bb:a8:ad:6a:20:50:88:0e:58:d6:24:
ac:78:33:b1:14:1f:95:b1:53:3a:f0:08:26:be:0d:bf:10:eb:
71:8d:db:a5:57:b3:66:ee:2e:f4:cd:63:0f:f2:1d:e0:12:9a:
41:35:d3:30:e2:cc:f1:9c:6d:eb:b4:fc:af:f5:71:34:1c:93:
f8:a9:93:d3:c1:54:1e:28:f9:19:21:55:63:78:28:12:96:43:
74:37:3d:d4:96:42:5e:b7:a8:a1:3f:99:86:82:51:e2:af:a5:
1e:63:cd:56:37:bc:82:1e:d2:7c:83:b5:7b:6f:02:28:2f:fa:
99:46:77:c7:92:f0:67:d5:5d:85:ca:5e:00:0d:c1:62:ff:78:
f8:51:0c:dc:a5:5e:1f:a5:68:da:88:ea:12:33:b5:16:23:c5:
92:a0:f0:3a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJvNVqg/rgU0gH43XIceawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjcxY2E1YTZiY2E4OWE2MzAwMjU3MDEyNDBjYTc1NDRiMDQxNTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGosuQhLswRiu1FIn0VPl8QMa7C6
i9IaiwX/JzxEh81qOpOxF46rkEI+FSq5Yf3ZF3eH3A8CCJil0pHZdiWSzUX6IOq4
+YwM/q1Za3Vk453lpqLyViYRQbDzXPRc2YNLBlZ1XQA79NCaR+Re5vjq+naI23X7
T6CR6PRroo3rcEY2WEu549mGaqlrSjdHMIGKE2IkcfQfTvoifrj9Els5RGu+Q/6P
1zaSgiFtLt68VIZJkRE4ScKvw2z+OL5hrtccxDWvmKqc2CKsdi2rF73avwiziDtC
5TyZWFX51huPpJv8z75xokda0zeRIDFHXV0p1RcbWssZ1l3HJBejI7VTzwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBJxylpryommMAJXASQMp1RLBBVeMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvRW5IS1dtdktpYVl3QWxjQkpBeW5WRXNFRlY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmFQw
DQYJKoZIhvcNAQELBQADggEBAEV2GQYxR5DmHMcX7OR1nyEo/CJX0N70mKqfBudg
Vk33aMB4VKyIPUpFimaiKltknS3V9pJ+5YZ/e6dcf/jt7KqfET21fmvAY3J+5hek
+g5CAXic96iLEQ4ydgXFndu0ARu7qK1qIFCIDljWJKx4M7EUH5WxUzrwCCa+Db8Q
63GN26VXs2buLvTNYw/yHeASmkE10zDizPGcbeu0/K/1cTQck/ipk9PBVB4o+Rkh
VWN4KBKWQ3Q3PdSWQl63qKE/mYaCUeKvpR5jzVY3vIIe0nyDtXtvAigv+plGd8eS
8GfVXYXKXgANwWL/ePhRDNylXh+laNqI6hIztRYjxZKg8Do=
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:58:31 2024 by rpki-client on console-fra.rpki-client.org