Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/dprewLF_sfeKlHAH_YbAwCF2KXY.roa
File: dprewLF_sfeKlHAH_YbAwCF2KXY.roa (raw, json)
Hash identifier: PzMgBkL8ZkSzAVzDxQlnnQYAukvCbtjYwoNsNU7Yk7Y=
Subject key identifier: 76:9A:DE:C0:B1:7F:B1:F7:8A:94:70:07:FD:86:C0:C0:21:76:29:76
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 018CC80138A4863C2BD2961E4CD9F479ED51
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/dprewLF_sfeKlHAH_YbAwCF2KXY.roa
Signing time: Tue 02 Jan 2024 02:29:32 +0000
ROA not before: Tue 02 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397514
IP address blocks: 2a01:488:bb15::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:38:a4:86:3c:2b:d2:96:1e:4c:d9:f4:79:ed:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=769adec0b17fb1f78a947007fd86c0c021762976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:63:a6:55:9f:9d:1d:a7:4e:42:f4:3d:4a:2e:
de:f9:e1:e0:58:17:ac:2e:42:eb:96:8e:83:61:7b:
29:e3:41:bc:50:89:c1:af:eb:55:5c:1c:b9:0b:a7:
6b:1a:0c:80:44:32:e6:b8:98:d0:d0:27:5f:37:ce:
f8:97:2c:64:37:4a:64:fc:18:0e:54:05:eb:05:7c:
96:ad:f9:b4:3c:3d:ec:3e:ca:be:a7:7d:54:72:ff:
a9:65:25:5d:bc:4b:4b:1d:71:7a:46:db:67:5d:0d:
fc:97:c1:81:5f:3d:52:10:f7:c7:d1:34:4b:a8:39:
51:47:8d:b2:77:26:64:79:5a:7f:1e:c1:77:4f:70:
01:90:3c:b4:76:6c:0a:08:c8:c7:e7:28:b0:b7:80:
5d:07:70:c9:22:48:ea:23:e1:37:fa:99:0f:fc:63:
97:af:1b:c1:41:74:f2:32:b1:bc:a8:be:41:b5:d0:
51:af:3f:8b:32:ac:c1:7b:af:ab:f4:3f:17:67:3c:
ea:00:04:79:ab:90:62:d5:79:4d:b9:ad:9e:56:d6:
7e:fb:65:8f:78:5a:bb:50:e2:38:b1:40:2a:cb:ed:
a4:63:56:56:9c:d0:2f:46:6d:e2:e0:c4:f5:14:01:
2c:fe:69:cc:0d:ca:4c:85:16:bb:1d:87:a6:72:4a:
3b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:9A:DE:C0:B1:7F:B1:F7:8A:94:70:07:FD:86:C0:C0:21:76:29:76
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/dprewLF_sfeKlHAH_YbAwCF2KXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb15::/48
Signature Algorithm: sha256WithRSAEncryption
67:16:0a:f2:b9:f3:e3:cf:82:97:f9:ae:6a:1c:76:3d:a9:8f:
4c:a7:82:15:2f:b7:da:38:06:59:7d:0d:c4:34:44:03:5c:df:
00:aa:63:31:47:1f:a4:53:35:c1:55:68:15:55:53:c6:cd:50:
dc:8a:e3:36:38:71:fa:73:84:91:28:d0:b7:53:72:20:9e:00:
18:73:4f:34:2a:b8:69:95:f7:a9:af:b0:93:72:a3:05:5a:d9:
d8:ad:e0:e9:d5:e7:70:bb:f0:55:dc:6c:b0:5b:67:50:dd:a0:
2b:fa:50:23:59:ab:35:e1:11:04:04:7a:b2:c0:17:d5:28:1e:
ca:92:a9:82:4c:05:b9:f6:56:e4:e7:bb:ea:00:41:c7:04:4d:
53:79:6a:92:7f:3a:08:8a:ec:18:e7:a2:30:e6:b9:56:74:13:
a6:93:f5:1e:bc:98:eb:48:ed:be:3c:9e:9c:84:46:a1:7d:46:
7b:5c:23:6d:79:0e:70:89:e3:87:9d:22:da:15:b1:2a:70:07:
66:39:f5:2e:22:bc:fa:f7:4e:9f:0a:d8:8f:ba:f5:76:1a:be:
24:dc:68:c1:5a:00:d3:5d:15:39:be:b3:fe:19:1f:b7:a7:81:
5a:55:26:73:11:0a:5d:fb:0f:45:64:69:8a:2a:27:b4:a5:d4:
87:f0:fa:e0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIATikhjwr0pYeTNn0ee1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjQwMTAyMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjlhZGVjMGIxN2ZiMWY3OGE5NDcwMDdmZDg2YzBjMDIxNzYyOTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWOmVZ+dHadOQvQ9Si7e+eHgWBes
LkLrlo6DYXsp40G8UInBr+tVXBy5C6drGgyARDLmuJjQ0CdfN874lyxkN0pk/BgO
VAXrBXyWrfm0PD3sPsq+p31Ucv+pZSVdvEtLHXF6RttnXQ38l8GBXz1SEPfH0TRL
qDlRR42ydyZkeVp/HsF3T3ABkDy0dmwKCMjH5yiwt4BdB3DJIkjqI+E3+pkP/GOX
rxvBQXTyMrG8qL5BtdBRrz+LMqzBe6+r9D8XZzzqAAR5q5Bi1XlNua2eVtZ++2WP
eFq7UOI4sUAqy+2kY1ZWnNAvRm3i4MT1FAEs/mnMDcpMhRa7HYemcko7VQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHaa3sCxf7H3ipRwB/2GwMAhdil2MB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvZHByZXdMRl9zZmVLbEhBSF9ZYkF3Q0YyS1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsV
MA0GCSqGSIb3DQEBCwUAA4IBAQBnFgryufPjz4KX+a5qHHY9qY9Mp4IVL7faOAZZ
fQ3ENEQDXN8AqmMxRx+kUzXBVWgVVVPGzVDciuM2OHH6c4SRKNC3U3IgngAYc080
Krhplfepr7CTcqMFWtnYreDp1edwu/BV3GywW2dQ3aAr+lAjWas14REEBHqywBfV
KB7KkqmCTAW59lbk57vqAEHHBE1TeWqSfzoIiuwY56Iw5rlWdBOmk/UevJjrSO2+
PJ6chEahfUZ7XCNteQ5wieOHnSLaFbEqcAdmOfUuIrz6906fCtiPuvV2Gr4k3GjB
WgDTXRU5vrP+GR+3p4FaVSZzEQpd+w9FZGmKKie0pdSH8Prg
-----END CERTIFICATE-----
Generated at Sun May 5 21:15:44 2024 by rpki-client on console-fra.rpki-client.org