Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/crzOIIY9iaHUQMni0jIhdrkfnPU.roa
File: crzOIIY9iaHUQMni0jIhdrkfnPU.roa (raw, json)
Hash identifier: KlgExnVYcFqcG4Kjtd2jetLtUevwMXVwzHadkUetfio=
Subject key identifier: 72:BC:CE:20:86:3D:89:A1:D4:40:C9:E2:D2:32:21:76:B9:1F:9C:F5
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 018E5142A180B6BF86424D7BED0F95C51853
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/crzOIIY9iaHUQMni0jIhdrkfnPU.roa
Signing time: Mon 18 Mar 2024 11:11:44 +0000
ROA not before: Mon 18 Mar 2024 11:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 2a05:541:102::/48 maxlen: 48
2a05:541:103::/48 maxlen: 48
2a05:541:104::/48 maxlen: 48
2a05:541:105::/48 maxlen: 48
2a05:541:106::/48 maxlen: 48
2a05:541:107::/48 maxlen: 48
2a05:541:108::/48 maxlen: 48
2a05:541:109::/48 maxlen: 48
2a05:541:110::/48 maxlen: 48
2a05:541:111::/48 maxlen: 48
2a05:541:112::/48 maxlen: 48
2a05:541:113::/48 maxlen: 48
2a05:541:114::/48 maxlen: 48
2a05:541:115::/48 maxlen: 48
2a05:541:116::/48 maxlen: 48
2a05:541:117::/48 maxlen: 48
2a05:541:118::/48 maxlen: 48
2a05:541:119::/48 maxlen: 48
2a05:541:121::/48 maxlen: 48
2a05:541:122::/48 maxlen: 48
2a05:541:123::/48 maxlen: 48
2a05:541:124::/48 maxlen: 48
2a05:541:125::/48 maxlen: 48
2a05:541:126::/48 maxlen: 48
2a05:541:127::/48 maxlen: 48
2a05:541:129::/48 maxlen: 48
2a05:541:131::/48 maxlen: 48
2a05:541:132::/48 maxlen: 48
2a05:541:133::/48 maxlen: 48
2a05:541:134::/48 maxlen: 48
2a05:541:135::/48 maxlen: 48
2a05:541:136::/48 maxlen: 48
2a05:541:137::/48 maxlen: 48
2a05:541:138::/48 maxlen: 48
2a05:541:139::/48 maxlen: 48
2a05:541:140::/48 maxlen: 48
2a05:541:141::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:42:a1:80:b6:bf:86:42:4d:7b:ed:0f:95:c5:18:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Mar 18 11:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72bcce20863d89a1d440c9e2d2322176b91f9cf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7f:cb:6f:b2:de:ce:e3:db:62:e9:08:bc:71:
fb:33:e3:db:28:e6:e2:54:16:9d:c8:8b:3d:af:4d:
02:b5:f1:b8:a1:8d:31:a1:d4:aa:b1:ad:c7:0c:a2:
dc:a2:cf:9a:32:c6:55:07:e8:f2:f4:95:13:1a:aa:
c1:0f:a7:2f:3f:b0:29:85:51:d6:34:e8:9a:80:31:
4d:cb:20:85:ee:1e:f2:a0:bc:32:11:0c:7f:9d:3c:
df:36:45:33:18:f5:f7:19:26:76:54:44:af:8e:18:
03:9b:17:99:41:e1:94:cc:eb:72:0e:3d:e7:10:63:
84:26:72:32:41:3f:eb:3c:16:68:de:ba:91:de:7e:
2e:8e:99:98:b9:b8:13:de:06:db:a8:83:85:8d:ae:
1b:74:ca:a6:aa:fd:15:9b:e8:9d:3d:b8:bb:f1:04:
19:69:5f:28:60:24:af:37:4c:1a:12:3e:83:70:71:
00:9a:2b:22:30:ea:17:27:36:7d:cc:cf:a1:42:8b:
3f:7a:ee:af:06:51:53:83:ed:ae:01:34:cc:df:eb:
67:68:a4:51:78:a8:31:af:34:2e:9e:37:2c:52:88:
19:29:38:b0:ef:21:7d:60:4e:2e:dd:a7:1e:8c:14:
66:38:ce:ae:44:e4:2e:6c:4a:6a:d2:d4:89:f6:89:
2a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BC:CE:20:86:3D:89:A1:D4:40:C9:E2:D2:32:21:76:B9:1F:9C:F5
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/crzOIIY9iaHUQMni0jIhdrkfnPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:541:102::-2a05:541:109:ffff:ffff:ffff:ffff:ffff
2a05:541:110::-2a05:541:119:ffff:ffff:ffff:ffff:ffff
2a05:541:121::-2a05:541:127:ffff:ffff:ffff:ffff:ffff
2a05:541:129::/48
2a05:541:131::-2a05:541:139:ffff:ffff:ffff:ffff:ffff
2a05:541:140::/47
Signature Algorithm: sha256WithRSAEncryption
18:47:b8:5b:90:fa:c4:c0:32:4e:f3:d6:de:38:e6:79:2b:2a:
b8:69:ea:5f:92:23:bf:ec:3e:b1:49:57:14:30:ee:f1:76:b2:
bf:0f:09:60:44:9d:e2:ef:f5:6b:cd:b0:54:8e:eb:ae:2e:56:
e1:f7:71:4c:65:45:86:7c:ed:fb:f1:cc:9b:43:da:a0:e1:d7:
da:b6:9e:40:88:ea:40:21:b1:41:37:b1:3e:65:ae:4c:ef:81:
5d:f7:12:b1:d4:11:ba:1d:b4:21:4e:73:19:6a:e1:c6:50:8d:
0a:23:1d:c0:47:78:14:03:ba:2a:f0:ca:05:97:8d:91:eb:bb:
7b:9f:63:c5:40:df:fb:b8:3a:a5:b4:02:b8:0c:4d:7f:5a:ee:
40:4d:1b:86:0c:c0:73:17:f9:9d:04:9d:c9:37:b2:5d:f8:c9:
d6:f7:0a:1f:28:2e:41:ad:17:ed:ab:53:fa:55:e2:42:b6:cf:
c2:b8:d7:fb:59:1c:e9:bf:99:fd:8c:74:20:c0:c9:e2:6b:fd:
59:28:07:d9:60:e3:35:7f:d2:67:3c:6d:81:ef:01:50:dd:af:
5e:bc:36:8c:1e:1d:95:e2:56:f7:91:15:17:8e:32:87:3e:5c:
7c:68:69:71:0c:f2:3e:84:f7:02:b9:bf:3a:29:30:11:ac:0f:
19:8a:82:5f
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY5RQqGAtr+GQk177Q+VxRhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjQwMzE4MTExMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmJjY2UyMDg2M2Q4OWExZDQ0MGM5ZTJkMjMyMjE3NmI5MWY5Y2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgH/Lb7LezuPbYukIvHH7M+PbKObi
VBadyIs9r00CtfG4oY0xodSqsa3HDKLcos+aMsZVB+jy9JUTGqrBD6cvP7AphVHW
NOiagDFNyyCF7h7yoLwyEQx/nTzfNkUzGPX3GSZ2VESvjhgDmxeZQeGUzOtyDj3n
EGOEJnIyQT/rPBZo3rqR3n4ujpmYubgT3gbbqIOFja4bdMqmqv0Vm+idPbi78QQZ
aV8oYCSvN0waEj6DcHEAmisiMOoXJzZ9zM+hQos/eu6vBlFTg+2uATTM3+tnaKRR
eKgxrzQunjcsUogZKTiw7yF9YE4u3acejBRmOM6uROQubEpq0tSJ9okqWwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFHK8ziCGPYmh1EDJ4tIyIXa5H5z1MB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvY3J6T0lJWTlpYUhVUU1uaTBqSWhkcmtmblBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAAjBiMBIDBwEqBQVB
AQIDBwEqBQVBAQgwEgMHBCoFBUEBEAMHASoFBUEBGDASAwcAKgUFQQEhAwcDKgUF
QQEgAwcAKgUFQQEpMBIDBwAqBQVBATEDBwEqBQVBATgDBwEqBQVBAUAwDQYJKoZI
hvcNAQELBQADggEBABhHuFuQ+sTAMk7z1t445nkrKrhp6l+SI7/sPrFJVxQw7vF2
sr8PCWBEneLv9WvNsFSO664uVuH3cUxlRYZ87fvxzJtD2qDh19q2nkCI6kAhsUE3
sT5lrkzvgV33ErHUEbodtCFOcxlq4cZQjQojHcBHeBQDuirwygWXjZHru3ufY8VA
3/u4OqW0ArgMTX9a7kBNG4YMwHMX+Z0Enck3sl34ydb3Ch8oLkGtF+2rU/pV4kK2
z8K41/tZHOm/mf2MdCDAyeJr/VkoB9lg4zV/0mc8bYHvAVDdr168NoweHZXiVveR
FReOMoc+XHxoaXEM8j6E9wK5vzopMBGsDxmKgl8=
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:03:41 2024 by rpki-client on console-fra.rpki-client.org