Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/10wL3zf3C38nu3vCZkilJCb8QXg.roa
File: 10wL3zf3C38nu3vCZkilJCb8QXg.roa (raw, json)
Hash identifier: ogKMSxQDvdVu0P1oi4mqgpqVpIm8yrorAcRnqyCTrGM=
Subject key identifier: D7:4C:0B:DF:37:F7:0B:7F:27:BB:7B:C2:66:48:A5:24:26:FC:41:78
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018CCA2974B2A855F1FA563D331C67C7FCD7
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/10wL3zf3C38nu3vCZkilJCb8QXg.roa
Signing time: Tue 02 Jan 2024 12:32:43 +0000
ROA not before: Tue 02 Jan 2024 12:32:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213031
IP address blocks: 2a0e:8f02:f004::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 04:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:74:b2:a8:55:f1:fa:56:3d:33:1c:67:c7:fc:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 2 12:32:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d74c0bdf37f70b7f27bb7bc26648a52426fc4178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d5:91:b9:c0:4b:aa:91:0f:b0:5a:2d:2f:ab:
1a:09:f4:9b:34:19:9a:e6:a2:3c:ea:95:6e:64:46:
c1:8a:18:f9:a6:02:00:11:fb:a6:52:d4:09:d3:2d:
9b:c5:d9:d4:e1:a4:93:bf:e2:2e:dc:d1:84:04:f6:
30:06:91:e5:aa:00:59:9e:da:cb:0c:d6:70:54:f4:
37:3b:76:97:04:6f:d9:ba:2b:63:d7:4d:fa:a3:26:
c2:72:b1:98:d9:3e:63:fa:ce:bd:5d:8f:47:4c:eb:
92:fe:a0:f6:20:73:5c:9b:5d:a4:e2:cf:3b:25:da:
0e:4b:54:bc:b6:68:99:3a:4c:ff:f1:92:aa:b3:1f:
47:fb:59:b0:c5:70:3d:17:7d:66:54:07:2b:d3:0b:
3e:f2:3f:90:c0:bc:de:9e:e6:c9:b9:73:a9:c5:0e:
51:4c:95:d4:74:b1:21:9e:7c:f7:61:ec:a7:f5:e2:
a5:e6:e5:b2:99:4e:4a:85:1a:df:8a:79:5f:48:13:
9b:ba:f8:d4:cf:c4:de:9f:d7:ba:a0:ed:00:b6:4c:
91:e5:66:d7:c6:73:10:72:07:ac:29:0f:9d:ee:d5:
34:f2:5c:57:f1:d8:9a:28:c1:29:8b:98:05:d0:70:
73:18:76:32:9e:9b:dc:48:0c:ce:2b:eb:11:53:09:
a2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:4C:0B:DF:37:F7:0B:7F:27:BB:7B:C2:66:48:A5:24:26:FC:41:78
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/10wL3zf3C38nu3vCZkilJCb8QXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f004::/48
Signature Algorithm: sha256WithRSAEncryption
6d:82:4d:ed:1f:b4:35:8d:4b:8f:0f:d8:2c:e4:e4:21:88:ca:
4c:d6:84:c4:83:90:aa:f3:aa:15:98:24:e4:54:97:21:04:ff:
8b:72:b5:14:ca:90:2c:34:b3:03:f7:6a:be:53:6d:b6:01:85:
ad:28:f6:b4:ab:f3:56:74:e9:e7:9a:d3:19:e4:e0:8b:55:e9:
34:9a:ff:f6:9a:e9:1a:e0:ea:98:aa:ad:4b:1b:ec:78:f2:dc:
0a:18:f3:4e:71:a2:25:f5:d2:5d:f4:15:ff:82:4c:3d:09:6a:
09:9a:13:92:8f:59:bc:4b:cd:3e:bc:ae:f3:11:7e:8b:67:a6:
30:e5:d5:d4:19:00:4d:c0:9a:ce:6f:c4:ee:aa:bf:72:71:da:
f3:21:3e:36:6e:11:84:36:e1:3d:66:77:d1:23:eb:ee:65:65:
31:15:42:80:c1:89:7d:1c:bb:21:9b:77:98:08:96:79:68:48:
11:b7:9b:86:be:5b:dd:1a:c1:2c:2e:e8:60:b4:5d:a2:77:3f:
b8:3f:e5:67:a9:76:b6:71:45:80:66:bf:98:5b:eb:40:7c:80:
b1:4e:12:67:25:cb:c3:a5:40:39:2c:bc:be:36:96:74:e2:b0:
af:5a:0c:e0:aa:6f:8c:f4:c7:45:79:75:d2:b8:9a:25:b0:88:
7a:03:02:86
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKXSyqFXx+lY9Mxxnx/zXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQwMTAyMTIzMjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzRjMGJkZjM3ZjcwYjdmMjdiYjdiYzI2NjQ4YTUyNDI2ZmM0MTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNWRucBLqpEPsFotL6saCfSbNBma
5qI86pVuZEbBihj5pgIAEfumUtQJ0y2bxdnU4aSTv+Iu3NGEBPYwBpHlqgBZntrL
DNZwVPQ3O3aXBG/Zuitj1036oybCcrGY2T5j+s69XY9HTOuS/qD2IHNcm12k4s87
JdoOS1S8tmiZOkz/8ZKqsx9H+1mwxXA9F31mVAcr0ws+8j+QwLzenubJuXOpxQ5R
TJXUdLEhnnz3Yeyn9eKl5uWymU5KhRrfinlfSBObuvjUz8Ten9e6oO0AtkyR5WbX
xnMQcgesKQ+d7tU08lxX8diaKMEpi5gF0HBzGHYynpvcSAzOK+sRUwmi4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNdMC9839wt/J7t7wmZIpSQm/EF4MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvMTB3TDN6ZjNDMzhudTN2Q1praWxKQ2I4UVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAE
MA0GCSqGSIb3DQEBCwUAA4IBAQBtgk3tH7Q1jUuPD9gs5OQhiMpM1oTEg5Cq86oV
mCTkVJchBP+LcrUUypAsNLMD92q+U222AYWtKPa0q/NWdOnnmtMZ5OCLVek0mv/2
muka4OqYqq1LG+x48twKGPNOcaIl9dJd9BX/gkw9CWoJmhOSj1m8S80+vK7zEX6L
Z6Yw5dXUGQBNwJrOb8Tuqr9ycdrzIT42bhGENuE9ZnfRI+vuZWUxFUKAwYl9HLsh
m3eYCJZ5aEgRt5uGvlvdGsEsLuhgtF2idz+4P+VnqXa2cUWAZr+YW+tAfICxThJn
JcvDpUA5LLy+NpZ04rCvWgzgqm+M9MdFeXXSuJolsIh6AwKG
-----END CERTIFICATE-----
Generated at Tue May 21 12:50:20 2024 by rpki-client on console-fra.rpki-client.org