Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/4BNcK_FAZgtb1fNrUn-odlud6HM.roa
File: 4BNcK_FAZgtb1fNrUn-odlud6HM.roa (raw, json)
Hash identifier: oIXpORXI1qd3Kj9yWrnrXkhfmMOD/Jg7bJbtUQ5wuzY=
Subject key identifier: E0:13:5C:2B:F1:40:66:0B:5B:D5:F3:6B:52:7F:A8:76:5B:9D:E8:73
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 018CC3B6742C269195A9449B53147B8812D0
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/4BNcK_FAZgtb1fNrUn-odlud6HM.roa
Signing time: Mon 01 Jan 2024 06:29:23 +0000
ROA not before: Mon 01 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49245
IP address blocks: 2a05:4140:14::/48 maxlen: 48
2a05:4140:12::/48 maxlen: 48
2a05:4140:13::/48 maxlen: 48
2a05:4140:3::/48 maxlen: 48
2a05:4140:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:74:2c:26:91:95:a9:44:9b:53:14:7b:88:12:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0135c2bf140660b5bd5f36b527fa8765b9de873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ca:12:f1:4d:d9:2f:72:08:63:ea:b5:ed:96:
14:b1:43:18:09:f5:12:46:5d:0c:04:2a:24:a6:42:
95:1e:9f:f4:78:f7:0e:fe:62:5a:87:c3:be:f2:b5:
a9:1d:59:3d:eb:eb:42:96:67:f7:20:ff:71:b8:f6:
c1:89:02:d3:45:ff:22:ed:13:29:40:56:ff:75:48:
ba:03:f4:15:18:de:9e:4f:0e:8f:65:43:66:99:88:
e0:89:c3:02:f5:4a:1e:1d:c0:1f:e2:15:fa:1a:15:
36:0e:5f:ff:10:ea:9a:c7:13:e9:a0:d6:e1:ff:b5:
49:68:5c:67:22:bc:c7:70:b4:ed:7f:c7:62:73:d0:
99:c2:8e:51:b2:18:a4:33:0e:dd:96:25:ca:4b:ca:
b3:4f:81:9e:ac:00:e1:5d:76:6a:76:a3:d1:93:5f:
63:e5:e1:06:9c:0a:79:dd:72:15:3e:b2:6b:e5:3e:
d5:bc:ee:76:41:cb:93:59:bc:58:68:b9:8c:58:cf:
4a:3b:18:86:f5:e6:b4:50:c3:6f:fe:de:1c:d7:2d:
f5:69:58:43:0f:a6:cf:01:d4:0b:93:ae:f2:c1:c1:
25:a3:65:94:fa:6b:dc:19:f6:9e:67:62:2c:59:52:
b5:3a:1f:80:13:fa:5d:97:cd:ca:5a:b3:b7:d3:01:
2f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:13:5C:2B:F1:40:66:0B:5B:D5:F3:6B:52:7F:A8:76:5B:9D:E8:73
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/4BNcK_FAZgtb1fNrUn-odlud6HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:3::/48
2a05:4140:11::-2a05:4140:14:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4c:22:0a:67:fc:25:4d:42:a1:42:e7:6f:58:a1:66:38:d6:d9:
ff:cc:d1:2d:1d:19:5a:ff:e9:d7:38:7d:6c:86:ac:5b:bf:ce:
76:d6:c6:82:60:dd:af:4f:8e:50:61:a7:9f:44:0d:8b:0e:cb:
e4:5b:2c:a2:0c:32:0a:c3:2a:2a:3c:6e:7a:29:a5:94:4b:06:
9d:87:28:66:ce:a9:f0:e4:23:df:28:de:5a:89:cd:87:74:d1:
df:8c:cc:5f:47:b3:53:12:99:4a:7d:64:59:aa:5b:66:41:73:
62:da:5b:fb:b7:92:bc:37:34:f1:d1:02:63:bb:67:17:03:37:
72:f7:6e:aa:8e:9d:98:72:d4:8f:35:5e:de:16:bc:43:c8:e0:
7d:b8:8d:41:82:2d:d9:49:62:22:9a:27:03:5f:f3:1e:e6:43:
9b:97:2d:3c:54:f1:8a:1c:28:29:84:ec:0c:a2:3f:38:99:02:
34:ba:70:59:ca:2c:7d:02:9e:95:8c:0a:45:29:a5:12:f5:74:
5c:a3:d7:70:6c:15:19:4f:7c:fb:46:f5:07:04:59:87:49:bc:
aa:62:27:c6:57:29:6f:a9:cd:44:d2:54:54:9d:be:df:6f:af:
8a:88:d1:70:05:a8:bb:54:b5:2f:e8:51:24:d7:67:5e:e0:78:
c9:54:90:7f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDtnQsJpGVqUSbUxR7iBLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQwMTAxMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDEzNWMyYmYxNDA2NjBiNWJkNWYzNmI1MjdmYTg3NjViOWRlODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsoS8U3ZL3IIY+q17ZYUsUMYCfUS
Rl0MBCokpkKVHp/0ePcO/mJah8O+8rWpHVk96+tClmf3IP9xuPbBiQLTRf8i7RMp
QFb/dUi6A/QVGN6eTw6PZUNmmYjgicMC9UoeHcAf4hX6GhU2Dl//EOqaxxPpoNbh
/7VJaFxnIrzHcLTtf8dic9CZwo5RshikMw7dliXKS8qzT4GerADhXXZqdqPRk19j
5eEGnAp53XIVPrJr5T7VvO52QcuTWbxYaLmMWM9KOxiG9ea0UMNv/t4c1y31aVhD
D6bPAdQLk67ywcElo2WU+mvcGfaeZ2IsWVK1Oh+AE/pdl83KWrO30wEvlwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOATXCvxQGYLW9Xza1J/qHZbnehzMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvNEJOY0tfRkFaZ3RiMWZOclVuLW9kbHVkNkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKgVBQAAD
MBIDBwAqBUFAABEDBwAqBUFAABQwDQYJKoZIhvcNAQELBQADggEBAEwiCmf8JU1C
oULnb1ihZjjW2f/M0S0dGVr/6dc4fWyGrFu/znbWxoJg3a9PjlBhp59EDYsOy+Rb
LKIMMgrDKio8bnoppZRLBp2HKGbOqfDkI98o3lqJzYd00d+MzF9Hs1MSmUp9ZFmq
W2ZBc2LaW/u3krw3NPHRAmO7ZxcDN3L3bqqOnZhy1I81Xt4WvEPI4H24jUGCLdlJ
YiKaJwNf8x7mQ5uXLTxU8YocKCmE7AyiPziZAjS6cFnKLH0CnpWMCkUppRL1dFyj
13BsFRlPfPtG9QcEWYdJvKpiJ8ZXKW+pzUTSVFSdvt9vr4qI0XAFqLtUtS/oUSTX
Z17geMlUkH8=
-----END CERTIFICATE-----
Generated at Sat Jun 1 23:01:32 2024 by rpki-client on console-fra.rpki-client.org