Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/u3EwHPWXUhZ_CR5cMQb04PVbhLU.roa
File: u3EwHPWXUhZ_CR5cMQb04PVbhLU.roa (raw, json)
Hash identifier: hR2Qc3Iv0u8imYdAE2cM6E+2GpbTBAFBwVO6DKidV4U=
Subject key identifier: BB:71:30:1C:F5:97:52:16:7F:09:1E:5C:31:06:F4:E0:F5:5B:84:B5
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018E39B5E318C053DE2BD41F8B8E50F07DB2
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/u3EwHPWXUhZ_CR5cMQb04PVbhLU.roa
Signing time: Wed 13 Mar 2024 21:26:45 +0000
ROA not before: Wed 13 Mar 2024 21:26:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38230
IP address blocks: 2a0e:8f01::/35 maxlen: 48
2a0e:8f01::/48 maxlen: 48
2a0e:8f01:104::/48 maxlen: 48
2a0e:8f01:10b::/48 maxlen: 48
2a0e:8f01:10c::/48 maxlen: 48
2a0e:8f01:1f0::/48 maxlen: 48
2a0e:8f01:1f1::/48 maxlen: 48
2a0e:8f01:1f2::/48 maxlen: 48
2a0e:8f01:1f3::/48 maxlen: 48
2a0e:8f01:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:b5:e3:18:c0:53:de:2b:d4:1f:8b:8e:50:f0:7d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Mar 13 21:26:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb71301cf59752167f091e5c3106f4e0f55b84b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a7:c2:e5:8a:48:96:7e:e5:30:4d:40:9c:4b:
b8:82:f7:24:ae:0c:ca:44:51:6a:5f:1b:5d:2a:02:
ab:b4:c8:c9:bf:2a:9f:b8:e1:cc:1f:64:5d:06:91:
9d:f2:13:63:36:4c:21:8e:7c:27:05:6a:ff:98:ee:
8f:0d:57:90:1e:bf:3d:f7:71:8c:3e:33:8b:da:0e:
d5:02:d9:5a:86:c3:da:ac:79:d9:a7:60:b3:91:b1:
ae:8f:0c:2e:df:90:b3:56:14:19:46:5e:a0:d1:72:
35:86:71:2e:42:4b:c9:1c:55:42:09:f4:e1:54:7b:
c1:dd:36:41:fb:95:dd:ef:96:9e:10:2d:f9:36:70:
d5:2b:59:01:db:c5:53:8e:a4:57:39:ae:3e:75:bc:
b3:fd:38:86:ff:48:65:20:4d:6e:77:6d:b2:a3:e8:
6e:07:e7:69:0c:28:78:d8:e9:e1:32:c7:9f:cc:92:
ac:e1:33:84:a6:6b:38:1b:77:d8:39:a5:07:69:f1:
3a:96:c9:aa:fc:95:d2:78:26:0e:20:40:33:7e:a6:
96:d0:97:99:ff:73:ff:f3:46:14:25:9c:d5:58:ab:
cc:eb:f0:b2:f0:c9:2a:a4:75:5d:21:97:e1:73:ff:
2a:a9:e4:1e:02:e3:ed:14:72:d8:c0:e7:e8:20:77:
5d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:71:30:1C:F5:97:52:16:7F:09:1E:5C:31:06:F4:E0:F5:5B:84:B5
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/u3EwHPWXUhZ_CR5cMQb04PVbhLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f01::/35
2a0e:8f01:8000::/48
Signature Algorithm: sha256WithRSAEncryption
3c:d2:6d:67:a5:62:01:b2:23:c8:26:48:7e:59:a4:7b:a0:86:
74:58:4b:0d:52:72:31:bb:64:e3:6e:39:f1:8b:da:fb:97:03:
17:ae:c9:3d:33:ee:80:cc:bd:63:6d:ef:58:6f:55:18:70:e9:
3f:9e:83:3e:73:03:2c:4a:b7:b8:f3:77:93:72:99:e6:67:42:
71:f1:ca:ca:bd:06:87:08:8b:98:42:24:d5:62:2b:c3:c5:35:
6f:5d:c0:17:12:a8:9c:8f:bb:17:b8:0c:7a:d1:3d:a3:9a:c8:
45:f5:9f:0d:25:49:bb:a4:e9:79:40:8a:b2:46:1c:38:5b:3f:
15:57:07:43:0c:e4:7a:f8:72:26:42:21:34:eb:ed:6f:90:0b:
00:95:74:21:c3:f9:8d:0a:c1:c4:62:bf:57:da:b5:97:06:fc:
50:e2:4e:94:48:0f:b7:9e:32:15:72:39:e2:c7:fa:4d:95:23:
62:78:4e:8d:6b:79:8c:17:dd:a4:86:d2:4d:b8:a2:f7:c7:b3:
9a:5b:97:43:b4:16:7e:5a:71:0f:c3:43:90:13:36:6b:4e:ba:
51:c0:92:fc:34:30:98:60:b6:07:56:00:54:12:15:02:7b:e7:
af:32:e8:68:39:f7:2c:43:4c:dc:63:86:0e:bf:68:cf:78:e5:
92:c4:53:8d
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY45teMYwFPeK9Qfi45Q8H2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQwMzEzMjEyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjcxMzAxY2Y1OTc1MjE2N2YwOTFlNWMzMTA2ZjRlMGY1NWI4NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKfC5YpIln7lME1AnEu4gvckrgzK
RFFqXxtdKgKrtMjJvyqfuOHMH2RdBpGd8hNjNkwhjnwnBWr/mO6PDVeQHr8993GM
PjOL2g7VAtlahsParHnZp2CzkbGujwwu35CzVhQZRl6g0XI1hnEuQkvJHFVCCfTh
VHvB3TZB+5Xd75aeEC35NnDVK1kB28VTjqRXOa4+dbyz/TiG/0hlIE1ud22yo+hu
B+dpDCh42OnhMsefzJKs4TOEpms4G3fYOaUHafE6lsmq/JXSeCYOIEAzfqaW0JeZ
/3P/80YUJZzVWKvM6/Cy8MkqpHVdIZfhc/8qqeQeAuPtFHLYwOfoIHddeQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFLtxMBz1l1IWfwkeXDEG9OD1W4S1MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvdTNFd0hQV1hVaFpfQ1I1Y01RYjA0UFZiaExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYFKg6PAQAD
BwAqDo8BgAAwDQYJKoZIhvcNAQELBQADggEBADzSbWelYgGyI8gmSH5ZpHughnRY
Sw1ScjG7ZONuOfGL2vuXAxeuyT0z7oDMvWNt71hvVRhw6T+egz5zAyxKt7jzd5Ny
meZnQnHxysq9BocIi5hCJNViK8PFNW9dwBcSqJyPuxe4DHrRPaOayEX1nw0lSbuk
6XlAirJGHDhbPxVXB0MM5Hr4ciZCITTr7W+QCwCVdCHD+Y0KwcRiv1fatZcG/FDi
TpRID7eeMhVyOeLH+k2VI2J4To1reYwX3aSG0k24ovfHs5pbl0O0Fn5acQ/DQ5AT
NmtOulHAkvw0MJhgtgdWAFQSFQJ7568y6Gg59yxDTNxjhg6/aM945ZLEU40=
-----END CERTIFICATE-----
Generated at Tue May 21 19:01:56 2024 by rpki-client on console-fra.rpki-client.org