Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/L1laDd3yKHr-pHkuY4J7xAEC1oE.roa
File: L1laDd3yKHr-pHkuY4J7xAEC1oE.roa (raw, json)
Hash identifier: YE1BMczhmFEGz39++sm77tSR1SHDqQVc+L50fPoO+To=
Subject key identifier: 2F:59:5A:0D:DD:F2:28:7A:FE:A4:79:2E:63:82:7B:C4:01:02:D6:81
Certificate issuer: /CN=0057ad09ae9a1a98012275851aabe69e4e15a2f4
Certificate serial: 018CCA99B043BF2A107EDFA0E4B6AA9B550A
Authority key identifier: 00:57:AD:09:AE:9A:1A:98:01:22:75:85:1A:AB:E6:9E:4E:15:A2:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/L1laDd3yKHr-pHkuY4J7xAEC1oE.roa
Signing time: Tue 02 Jan 2024 14:35:18 +0000
ROA not before: Tue 02 Jan 2024 14:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209304
IP address blocks: 213.217.12.0/22 maxlen: 24
5.11.56.0/22 maxlen: 24
2a09:5940::/29 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:b0:43:bf:2a:10:7e:df:a0:e4:b6:aa:9b:55:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0057ad09ae9a1a98012275851aabe69e4e15a2f4
Validity
Not Before: Jan 2 14:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f595a0dddf2287afea4792e63827bc40102d681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b9:64:a7:63:ea:7c:e1:af:07:d3:22:4e:4a:
d1:c4:f0:24:0a:cc:83:7c:73:1d:fb:c6:2a:82:75:
34:72:de:71:0e:54:0b:17:a2:d6:07:30:67:60:45:
b5:ad:14:26:7e:af:3b:84:20:2c:fe:ed:9e:f8:82:
74:bc:07:af:28:e7:2f:9b:97:68:d7:c4:ef:4a:d1:
30:d8:66:6d:c5:c4:0c:fb:3c:87:5d:6f:72:09:9a:
c0:41:72:ff:1c:a4:15:a5:97:c4:7a:41:6f:f0:41:
15:bd:3f:8b:b1:db:3c:d8:fd:08:13:30:6f:ac:f7:
29:f0:84:8e:5e:d3:02:4e:57:97:d2:19:08:0b:68:
d8:0f:7a:41:a7:12:42:98:96:43:a1:18:6e:9f:65:
ed:4c:cd:a3:46:eb:3f:b0:ef:6c:5a:6e:9f:78:b9:
2c:0e:e0:89:ed:ea:fa:90:b5:e7:1d:b8:02:b1:2e:
4c:2c:3e:02:e8:bb:8c:5e:0e:cf:4c:d0:76:cd:83:
23:b1:8a:9f:de:b2:49:cb:48:53:01:4a:94:51:28:
66:a6:8c:b3:19:73:ef:27:00:b6:8c:4a:9a:e3:79:
f8:77:02:61:ce:21:45:e7:24:d9:1e:60:9d:b7:51:
0a:f6:ee:12:36:12:18:4b:49:04:c8:9c:47:01:35:
5a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:59:5A:0D:DD:F2:28:7A:FE:A4:79:2E:63:82:7B:C4:01:02:D6:81
X509v3 Authority Key Identifier:
keyid:00:57:AD:09:AE:9A:1A:98:01:22:75:85:1A:AB:E6:9E:4E:15:A2:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFetCa6aGpgBInWFGqvmnk4VovQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/L1laDd3yKHr-pHkuY4J7xAEC1oE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/4c32b9-f775-4868-923d-dca38d59a158/1/AFetCa6aGpgBInWFGqvmnk4VovQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.56.0/22
213.217.12.0/22
IPv6:
2a09:5940::/29
Signature Algorithm: sha256WithRSAEncryption
07:ae:54:9f:14:27:f3:0a:0c:ee:8e:44:b6:3e:79:ab:76:cb:
a0:23:ba:de:76:03:19:d3:c9:12:57:f9:e7:47:a1:e3:8f:f9:
ff:5e:7e:ce:5a:69:b9:19:9f:f5:2a:81:98:ac:77:89:1f:08:
a9:c7:66:8e:b1:b3:e9:62:19:9a:c8:9f:2d:9d:98:8d:1f:b7:
6f:e2:b9:22:af:4d:19:66:26:b4:22:44:2a:c5:c7:57:3c:22:
06:6d:4a:5c:b4:bf:80:48:c2:82:50:8f:62:df:ea:56:aa:82:
c8:61:5d:1a:d7:5f:f7:0b:ea:f8:65:11:4b:9c:34:70:c6:c3:
ca:ce:01:c5:3e:16:08:87:c2:12:cf:23:72:12:ef:f9:a8:94:
00:cf:58:3d:9d:9f:6a:b4:f3:fb:b8:65:bd:d2:b5:1f:97:a4:
00:d8:39:16:89:87:66:fa:32:78:3d:27:ac:df:fa:bc:32:0a:
af:e8:5a:5b:af:5a:8f:2f:33:5d:4e:4f:7e:96:ca:54:46:a3:
10:02:68:87:01:dd:0c:29:cc:2e:da:af:97:2a:f7:dd:9f:ee:
11:53:7b:3c:f8:35:f6:2e:d9:16:b9:86:96:ce:18:20:02:63:
4c:e5:f7:fa:36:c4:f0:81:d3:c0:9f:bd:7f:80:16:35:9f:51:
48:f8:3c:b3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKmbBDvyoQft+g5Laqm1UKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTdhZDA5YWU5YTFhOTgwMTIyNzU4NTFhYWJlNjllNGUx
NWEyZjQwHhcNMjQwMTAyMTQzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjU5NWEwZGRkZjIyODdhZmVhNDc5MmU2MzgyN2JjNDAxMDJkNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrlkp2PqfOGvB9MiTkrRxPAkCsyD
fHMd+8YqgnU0ct5xDlQLF6LWBzBnYEW1rRQmfq87hCAs/u2e+IJ0vAevKOcvm5do
18TvStEw2GZtxcQM+zyHXW9yCZrAQXL/HKQVpZfEekFv8EEVvT+Lsds82P0IEzBv
rPcp8ISOXtMCTleX0hkIC2jYD3pBpxJCmJZDoRhun2XtTM2jRus/sO9sWm6feLks
DuCJ7er6kLXnHbgCsS5MLD4C6LuMXg7PTNB2zYMjsYqf3rJJy0hTAUqUUShmpoyz
GXPvJwC2jEqa43n4dwJhziFF5yTZHmCdt1EK9u4SNhIYS0kEyJxHATVatQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC9ZWg3d8ih6/qR5LmOCe8QBAtaBMB8GA1UdIwQY
MBaAFABXrQmumhqYASJ1hRqr5p5OFaL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZldENhNmFHcGdCSW5XRkdxdm1uazRWb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy80YzMyYjktZjc3NS00ODY4LTkyM2Qt
ZGNhMzhkNTlhMTU4LzEvTDFsYURkM3lLSHItcEhrdVk0Sjd4QUVDMW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy80YzMyYjktZjc3NS00ODY4LTkyM2QtZGNhMzhkNTlhMTU4
LzEvQUZldENhNmFHcGdCSW5XRkdxdm1uazRWb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBQs4AwQC
1dkMMA0EAgACMAcDBQMqCVlAMA0GCSqGSIb3DQEBCwUAA4IBAQAHrlSfFCfzCgzu
jkS2PnmrdsugI7redgMZ08kSV/nnR6Hjj/n/Xn7OWmm5GZ/1KoGYrHeJHwipx2aO
sbPpYhmayJ8tnZiNH7dv4rkir00ZZia0IkQqxcdXPCIGbUpctL+ASMKCUI9i3+pW
qoLIYV0a11/3C+r4ZRFLnDRwxsPKzgHFPhYIh8ISzyNyEu/5qJQAz1g9nZ9qtPP7
uGW90rUfl6QA2DkWiYdm+jJ4PSes3/q8Mgqv6Fpbr1qPLzNdTk9+lspURqMQAmiH
Ad0MKcwu2q+XKvfdn+4RU3s8+DX2LtkWuYaWzhggAmNM5ff6NsTwgdPAn71/gBY1
n1FI+Dyz
-----END CERTIFICATE-----
Generated at Sun May 19 23:02:43 2024 by rpki-client on console-ams.rpki-client.org