Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/xA85fZrKXIvbQJ6oc6-mqnEdELY.roa
File: xA85fZrKXIvbQJ6oc6-mqnEdELY.roa (raw, json)
Hash identifier: 8cwQi8z5HjQHanuvxnu5K05S/zJnPIlg5zp5tzEef1I=
Subject key identifier: C4:0F:39:7D:9A:CA:5C:8B:DB:40:9E:A8:73:AF:A6:AA:71:1D:10:B6
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 018E32EC36D47FAB096434C861494DC71E0F
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/xA85fZrKXIvbQJ6oc6-mqnEdELY.roa
Signing time: Tue 12 Mar 2024 13:48:44 +0000
ROA not before: Tue 12 Mar 2024 13:48:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42695
IP address blocks: 80.254.229.0/24 maxlen: 24
80.254.230.0/24 maxlen: 24
2a13:5243::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.mft
rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:ec:36:d4:7f:ab:09:64:34:c8:61:49:4d:c7:1e:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Mar 12 13:48:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c40f397d9aca5c8bdb409ea873afa6aa711d10b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:20:02:a6:42:4c:3e:f5:ab:04:13:7d:f3:53:
f3:ed:f5:76:ed:ef:c2:31:29:36:32:32:0f:c1:74:
b3:12:bf:8c:19:6f:16:d2:cc:58:4c:08:3e:37:f3:
fe:56:9a:7a:bd:8b:22:fa:ae:5f:ec:73:58:82:f7:
c3:06:8e:4a:d2:76:dd:b3:f4:6a:1c:35:77:1f:ae:
29:0a:d2:07:ca:66:8c:29:1a:1a:4e:50:7b:56:e2:
72:75:df:1f:bd:e8:26:b8:a1:60:b5:53:ca:80:61:
3c:58:9a:01:13:10:37:7c:ca:5d:5c:4a:34:6a:26:
25:ee:e3:b3:20:c0:96:87:34:91:1d:9d:b2:89:71:
d5:7a:96:46:8e:73:57:be:e6:f4:dd:88:a7:3d:f7:
58:fe:2b:29:75:60:d9:8e:eb:36:4d:51:f5:39:18:
23:46:f3:85:04:10:94:2d:96:71:0a:e2:78:d8:4e:
bc:2c:53:9c:c7:f1:60:4d:30:1f:b6:21:b5:cc:7f:
fe:00:86:98:33:80:67:70:06:70:0a:9d:9d:27:86:
dc:5b:31:51:09:fd:20:64:db:aa:a9:de:23:ec:fa:
26:be:94:67:b8:c0:cb:59:1d:03:55:72:42:30:52:
f4:de:c5:7b:41:bc:f1:0b:d5:2c:08:13:f5:e3:8c:
c0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0F:39:7D:9A:CA:5C:8B:DB:40:9E:A8:73:AF:A6:AA:71:1D:10:B6
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/xA85fZrKXIvbQJ6oc6-mqnEdELY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.229.0-80.254.230.255
IPv6:
2a13:5243::/32
Signature Algorithm: sha256WithRSAEncryption
99:d7:08:6f:fa:fd:57:d8:f6:3d:71:c4:db:6e:33:5d:07:d6:
91:c5:94:e8:4c:97:ab:05:ac:d8:23:df:b0:a4:1e:23:b6:45:
c6:e7:39:61:21:88:d6:3f:cf:d3:9b:bd:c3:ec:39:90:bf:2c:
e4:96:db:1c:c2:25:3b:53:ee:f3:de:48:8b:75:f3:1f:07:95:
34:26:da:f8:fc:57:bc:f4:8b:83:0a:87:8d:5f:c8:2a:dd:d4:
78:d5:0e:7f:05:cd:2b:1f:8a:b9:20:e1:16:99:69:02:08:9f:
3f:7a:af:e7:62:6d:a2:88:20:69:c1:ba:ae:85:bf:8e:45:b3:
e5:98:c7:73:e8:aa:b2:42:19:df:c2:a1:4d:0f:62:78:f2:00:
0c:82:ed:34:e3:91:3d:b1:fd:5f:88:dc:89:35:4d:b5:12:0e:
ff:6b:3d:9b:3d:20:f9:4a:75:11:c0:19:4b:16:d6:ea:24:4e:
d5:13:35:5d:24:a1:72:47:89:db:38:53:a9:1d:b8:09:09:34:
97:57:e0:7f:d0:2d:66:03:91:7a:b9:8a:57:53:79:d9:e4:bd:
92:75:aa:78:7e:ee:67:be:23:2a:79:d2:ff:d7:c2:0e:ff:42:
1d:7c:ba:c0:9b:58:5c:b1:81:ad:2d:85:be:09:d4:01:36:7b:
8c:4b:51:c5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY4y7DbUf6sJZDTIYUlNxx4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjQwMzEyMTM0ODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDBmMzk3ZDlhY2E1YzhiZGI0MDllYTg3M2FmYTZhYTcxMWQxMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiACpkJMPvWrBBN981Pz7fV27e/C
MSk2MjIPwXSzEr+MGW8W0sxYTAg+N/P+Vpp6vYsi+q5f7HNYgvfDBo5K0nbds/Rq
HDV3H64pCtIHymaMKRoaTlB7VuJydd8fvegmuKFgtVPKgGE8WJoBExA3fMpdXEo0
aiYl7uOzIMCWhzSRHZ2yiXHVepZGjnNXvub03YinPfdY/ispdWDZjus2TVH1ORgj
RvOFBBCULZZxCuJ42E68LFOcx/FgTTAftiG1zH/+AIaYM4BncAZwCp2dJ4bcWzFR
Cf0gZNuqqd4j7PomvpRnuMDLWR0DVXJCMFL03sV7QbzxC9UsCBP144zAhQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMQPOX2aylyL20CeqHOvpqpxHRC2MB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEveEE4NWZacktYSXZiUUo2b2M2LW1xbkVkRUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBABQ/uUD
BABQ/uYwDQQCAAIwBwMFACoTUkMwDQYJKoZIhvcNAQELBQADggEBAJnXCG/6/VfY
9j1xxNtuM10H1pHFlOhMl6sFrNgj37CkHiO2RcbnOWEhiNY/z9ObvcPsOZC/LOSW
2xzCJTtT7vPeSIt18x8HlTQm2vj8V7z0i4MKh41fyCrd1HjVDn8FzSsfirkg4RaZ
aQIInz96r+dibaKIIGnBuq6Fv45Fs+WYx3PoqrJCGd/CoU0PYnjyAAyC7TTjkT2x
/V+I3Ik1TbUSDv9rPZs9IPlKdRHAGUsW1uokTtUTNV0koXJHids4U6kduAkJNJdX
4H/QLWYDkXq5ildTednkvZJ1qnh+7me+Iyp50v/Xwg7/Qh18usCbWFyxga0thb4J
1AE2e4xLUcU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:07 2024 by rpki-client on console-fra.rpki-client.org