Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/erDNj8C186V3CJ476Q-nS2L6t0c.roa
File: erDNj8C186V3CJ476Q-nS2L6t0c.roa (raw, json)
Hash identifier: jv1LwF0ZiibVBXp6x1qpI7//tKfPe461vp5815tkHSk=
Subject key identifier: 7A:B0:CD:8F:C0:B5:F3:A5:77:08:9E:3B:E9:0F:A7:4B:62:FA:B7:47
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 018E32EB4C675962E3D54EDB5D0A351581F3
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/erDNj8C186V3CJ476Q-nS2L6t0c.roa
Signing time: Tue 12 Mar 2024 13:47:45 +0000
ROA not before: Tue 12 Mar 2024 13:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34686
IP address blocks: 80.254.231.0/24 maxlen: 24
91.216.32.0/24 maxlen: 24
2001:67c:1084::/48 maxlen: 48
2a13:5240::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.mft
rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:eb:4c:67:59:62:e3:d5:4e:db:5d:0a:35:15:81:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Mar 12 13:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ab0cd8fc0b5f3a577089e3be90fa74b62fab747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9d:51:6b:f0:d3:d3:97:ec:37:aa:d3:b4:70:
4a:7e:bd:25:04:e5:04:63:ac:b3:30:63:ce:40:33:
a5:c3:ab:e3:0a:36:f3:61:b0:0b:8b:9d:30:d8:eb:
e4:72:ea:39:0f:4f:77:06:45:de:b5:f0:81:d7:10:
4c:c3:cb:90:4f:db:7d:39:6f:d5:2d:4e:f0:bf:d9:
50:c3:15:2c:17:b7:77:4e:2e:a3:16:87:2a:98:e1:
4e:6f:cf:4e:9e:39:a7:02:27:fe:46:8c:57:69:8c:
4d:63:7e:30:1d:b7:79:a4:3d:37:7f:df:48:30:0b:
4c:ec:92:cc:9e:40:f4:15:4f:17:46:52:ef:ca:60:
b8:a8:61:05:27:7b:9d:bf:8a:93:04:24:e9:a2:5a:
d9:a3:43:68:e2:62:68:0b:32:14:8b:a6:38:1f:28:
4a:34:27:51:4b:d0:7c:67:21:a9:70:12:98:48:51:
09:7d:43:ed:aa:af:f0:3e:9b:f6:2d:a3:69:11:f8:
62:4a:bc:9f:e2:61:49:07:ea:81:14:b5:77:f3:95:
2a:ce:4d:b6:ec:4a:db:dc:0f:c0:c9:53:bf:03:69:
50:4d:6b:d4:71:32:97:d4:81:de:bb:86:09:48:87:
71:8c:08:54:65:d4:85:63:38:86:4c:51:19:75:05:
0f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B0:CD:8F:C0:B5:F3:A5:77:08:9E:3B:E9:0F:A7:4B:62:FA:B7:47
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/erDNj8C186V3CJ476Q-nS2L6t0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.231.0/24
91.216.32.0/24
IPv6:
2001:67c:1084::/48
2a13:5240::/32
Signature Algorithm: sha256WithRSAEncryption
7b:ca:12:32:8c:e6:06:7d:b0:d2:41:27:39:f2:a8:17:67:91:
57:a1:c6:54:a3:02:61:82:a2:5e:62:b8:43:5d:8f:a4:76:1f:
bc:39:5f:fb:bd:89:35:69:e9:02:18:ef:f1:2d:c6:17:d8:02:
e1:cb:a5:30:e8:d3:27:d0:0e:85:d9:24:e9:09:43:a3:3e:83:
84:99:89:03:23:3a:c9:ca:af:c1:a2:fa:ae:56:f4:3b:32:20:
4c:7f:4e:72:ff:58:ff:c7:26:2d:29:02:05:cf:10:9a:01:32:
8a:eb:f7:7e:c5:11:0c:3a:cd:bd:33:fa:9c:5c:eb:57:51:b4:
9c:bc:71:2f:5e:d7:4d:d4:1c:1a:b9:54:0d:92:ba:81:d6:e3:
c3:a2:6e:60:fa:e2:88:ed:25:1e:79:0c:7a:b4:da:ea:e8:c4:
88:cf:86:a4:0b:c6:e8:f2:70:e6:1d:fd:f9:1b:58:95:8b:10:
6f:67:5c:e1:a0:eb:7a:65:9a:f4:95:96:4e:2c:93:2c:36:b1:
12:f2:56:c1:b0:c8:5d:ef:64:ba:46:c7:50:03:b3:c8:c3:fa:
d6:7e:31:7d:fa:c4:b6:86:7a:02:3a:21:c3:af:1f:e2:94:a2:
d7:84:9a:3f:01:52:7d:c0:41:ec:9a:93:97:55:10:04:30:8e:
20:25:8d:54
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY4y60xnWWLj1U7bXQo1FYHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjQwMzEyMTM0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWIwY2Q4ZmMwYjVmM2E1NzcwODllM2JlOTBmYTc0YjYyZmFiNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ1Ra/DT05fsN6rTtHBKfr0lBOUE
Y6yzMGPOQDOlw6vjCjbzYbALi50w2Ovkcuo5D093BkXetfCB1xBMw8uQT9t9OW/V
LU7wv9lQwxUsF7d3Ti6jFocqmOFOb89OnjmnAif+RoxXaYxNY34wHbd5pD03f99I
MAtM7JLMnkD0FU8XRlLvymC4qGEFJ3udv4qTBCTpolrZo0No4mJoCzIUi6Y4HyhK
NCdRS9B8ZyGpcBKYSFEJfUPtqq/wPpv2LaNpEfhiSryf4mFJB+qBFLV385Uqzk22
7Erb3A/AyVO/A2lQTWvUcTKX1IHeu4YJSIdxjAhUZdSFYziGTFEZdQUPFQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHqwzY/AtfOldwieO+kPp0ti+rdHMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvZXJETmo4QzE4NlYzQ0o0NzZRLW5TMkw2dDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAUP7nAwQA
W9ggMBYEAgACMBADBwAgAQZ8EIQDBQAqE1JAMA0GCSqGSIb3DQEBCwUAA4IBAQB7
yhIyjOYGfbDSQSc58qgXZ5FXocZUowJhgqJeYrhDXY+kdh+8OV/7vYk1aekCGO/x
LcYX2ALhy6Uw6NMn0A6F2STpCUOjPoOEmYkDIzrJyq/BovquVvQ7MiBMf05y/1j/
xyYtKQIFzxCaATKK6/d+xREMOs29M/qcXOtXUbScvHEvXtdN1BwauVQNkrqB1uPD
om5g+uKI7SUeeQx6tNrq6MSIz4akC8bo8nDmHf35G1iVixBvZ1zhoOt6ZZr0lZZO
LJMsNrES8lbBsMhd72S6RsdQA7PIw/rWfjF9+sS2hnoCOiHDrx/ilKLXhJo/AVJ9
wEHsmpOXVRAEMI4gJY1U
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:07 2024 by rpki-client on console-fra.rpki-client.org