Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/5KRg1MWAfFgni-Ag8k7C_lrP0ds.roa
File: 5KRg1MWAfFgni-Ag8k7C_lrP0ds.roa (raw, json)
Hash identifier: kfxun+ZCduxLeiVKxGsRoL50MzZoVQSjEXfCryv6ER0=
Subject key identifier: E4:A4:60:D4:C5:80:7C:58:27:8B:E0:20:F2:4E:C2:FE:5A:CF:D1:DB
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC4255FCD513BD5E21F821204ADD4AD8F
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/5KRg1MWAfFgni-Ag8k7C_lrP0ds.roa
Signing time: Mon 01 Jan 2024 08:30:32 +0000
ROA not before: Mon 01 Jan 2024 08:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50867
IP address blocks: 2a0b:7086:fff0::/44 maxlen: 44
2a0b:b87:ffc0::/44 maxlen: 44
2a0b:b86:fff0::/44 maxlen: 44
2a0b:7087:fff0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5f:cd:51:3b:d5:e2:1f:82:12:04:ad:d4:ad:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4a460d4c5807c58278be020f24ec2fe5acfd1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:54:6a:87:2a:cc:d3:cd:64:83:88:6d:4b:51:
82:a9:52:c6:31:51:c3:1a:14:1a:01:f7:8a:8e:65:
91:cb:fe:2f:05:7e:02:2b:ba:a4:0c:aa:90:df:05:
3f:8c:be:b7:bb:10:01:3f:17:dd:ac:2e:b6:66:37:
f3:7e:e2:5e:84:e2:9c:8e:8c:54:88:68:f5:9c:9d:
e1:2a:cb:a0:b1:6b:ee:15:ea:98:b1:c1:2d:64:89:
e7:97:02:b4:ed:f5:97:4b:fe:61:30:30:5b:02:86:
95:df:60:8d:67:22:1d:27:21:c0:07:cb:a4:bd:85:
62:b6:6c:ad:fc:c1:84:ed:82:e2:6d:c2:76:08:e1:
ee:1b:91:67:04:67:2e:50:a2:35:23:e6:f9:ea:53:
15:82:6b:08:04:e4:b0:5d:ff:8b:c8:e0:30:e8:97:
c4:65:f6:2e:6d:8d:42:33:18:ec:d2:ef:42:55:80:
01:c7:c9:a8:79:8d:d3:30:89:69:5c:85:19:db:49:
65:fe:70:f2:02:2b:36:81:41:fe:fb:2b:d0:7e:60:
4b:76:63:44:07:30:ac:24:bb:c0:d2:27:04:2e:1b:
f2:cf:c6:63:ac:57:a9:20:05:99:b6:4d:08:63:7e:
71:d7:e9:91:80:19:e0:ab:cd:7e:70:2b:39:30:c8:
ee:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A4:60:D4:C5:80:7C:58:27:8B:E0:20:F2:4E:C2:FE:5A:CF:D1:DB
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/5KRg1MWAfFgni-Ag8k7C_lrP0ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b86:fff0::/44
2a0b:b87:ffc0::/44
2a0b:7086:fff0::/44
2a0b:7087:fff0::/44
Signature Algorithm: sha256WithRSAEncryption
07:c5:97:fb:75:0a:5b:02:73:05:88:2e:42:83:b1:c5:44:c7:
89:4f:dd:3e:34:3e:7b:43:d0:62:61:9a:5e:8f:47:e2:c3:48:
af:06:c1:5b:ec:3c:d4:83:6e:6a:bd:94:1e:18:97:42:0d:fd:
d5:55:d9:52:7d:ae:1d:88:2c:24:af:8d:f2:40:2a:ca:43:10:
af:51:60:95:f1:be:70:4a:35:af:cb:e7:63:c3:d3:c2:8b:b3:
25:d8:bd:87:9d:9e:d7:ce:1a:2b:2f:ee:c3:6e:ac:12:b1:04:
9d:89:9d:db:0b:19:96:08:d8:ac:57:ac:b3:47:f9:f9:2a:53:
c0:f5:14:be:49:e0:07:f6:34:39:3c:30:a0:9a:ca:bb:c6:5d:
5c:c5:b0:88:3f:9d:0b:72:b8:04:40:08:25:8f:20:62:65:7f:
74:e5:92:82:4d:d4:0e:4e:46:57:32:d0:2b:33:b8:a8:84:56:
46:86:a8:b6:1c:8c:ab:d7:cb:a2:0c:6b:6a:e0:ae:00:2b:5a:
ca:67:75:9a:ad:77:8c:c0:49:b9:6c:5d:e7:81:c9:00:26:a9:
ee:77:18:6e:8b:83:97:87:fb:e0:2a:fb:ce:d3:c9:96:75:3c:
41:d3:63:7e:13:89:67:fc:9e:09:10:ab:ed:d4:87:5d:fd:38:
b6:de:ee:fc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEJV/NUTvV4h+CEgSt1K2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGE0NjBkNGM1ODA3YzU4Mjc4YmUwMjBmMjRlYzJmZTVhY2ZkMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlRqhyrM081kg4htS1GCqVLGMVHD
GhQaAfeKjmWRy/4vBX4CK7qkDKqQ3wU/jL63uxABPxfdrC62ZjfzfuJehOKcjoxU
iGj1nJ3hKsugsWvuFeqYscEtZInnlwK07fWXS/5hMDBbAoaV32CNZyIdJyHAB8uk
vYVitmyt/MGE7YLibcJ2COHuG5FnBGcuUKI1I+b56lMVgmsIBOSwXf+LyOAw6JfE
ZfYubY1CMxjs0u9CVYABx8moeY3TMIlpXIUZ20ll/nDyAis2gUH++yvQfmBLdmNE
BzCsJLvA0icELhvyz8ZjrFepIAWZtk0IY35x1+mRgBngq81+cCs5MMju5QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOSkYNTFgHxYJ4vgIPJOwv5az9HbMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvNUtSZzFNV0FmRmduaS1BZzhrN0NfbHJQMGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKgsLhv/w
AwcEKgsLh//AAwcEKgtwhv/wAwcEKgtwh//wMA0GCSqGSIb3DQEBCwUAA4IBAQAH
xZf7dQpbAnMFiC5Cg7HFRMeJT90+ND57Q9BiYZpej0fiw0ivBsFb7DzUg25qvZQe
GJdCDf3VVdlSfa4diCwkr43yQCrKQxCvUWCV8b5wSjWvy+djw9PCi7Ml2L2HnZ7X
zhorL+7DbqwSsQSdiZ3bCxmWCNisV6yzR/n5KlPA9RS+SeAH9jQ5PDCgmsq7xl1c
xbCIP50LcrgEQAgljyBiZX905ZKCTdQOTkZXMtArM7iohFZGhqi2HIyr18uiDGtq
4K4AK1rKZ3WarXeMwEm5bF3ngckAJqnudxhui4OXh/vgKvvO08mWdTxB02N+E4ln
/J4JEKvt1Idd/Ti23u78
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:47:27 2024 by rpki-client on console-fra.rpki-client.org