Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/67c605-010f-4592-a919-9ece0b25658e/1/53EbTN65wPXCJOivHixndKHBOPo.roa
File: 53EbTN65wPXCJOivHixndKHBOPo.roa (raw, json)
Hash identifier: fADBiJ6EYGfhJureuwDV1GqhbW0CdMKucNR+Cwe7La4=
Subject key identifier: E7:71:1B:4C:DE:B9:C0:F5:C2:24:E8:AF:1E:2C:67:74:A1:C1:38:FA
Certificate issuer: /CN=1c2d3755a3501b9cb0d5ebaa499e5ea149bcf08b
Certificate serial: 018CC4922F45FC89C9B241084CD4CF8640E0
Authority key identifier: 1C:2D:37:55:A3:50:1B:9C:B0:D5:EB:AA:49:9E:5E:A1:49:BC:F0:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HC03VaNQG5yw1euqSZ5eoUm88Is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/67c605-010f-4592-a919-9ece0b25658e/1/53EbTN65wPXCJOivHixndKHBOPo.roa
Signing time: Mon 01 Jan 2024 10:29:23 +0000
ROA not before: Mon 01 Jan 2024 10:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61327
IP address blocks: 185.11.40.0/22 maxlen: 24
185.42.216.0/22 maxlen: 24
2a03:68c0::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/67c605-010f-4592-a919-9ece0b25658e/1/HC03VaNQG5yw1euqSZ5eoUm88Is.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/67c605-010f-4592-a919-9ece0b25658e/1/HC03VaNQG5yw1euqSZ5eoUm88Is.mft
rsync://rpki.ripe.net/repository/DEFAULT/HC03VaNQG5yw1euqSZ5eoUm88Is.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 10:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:2f:45:fc:89:c9:b2:41:08:4c:d4:cf:86:40:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c2d3755a3501b9cb0d5ebaa499e5ea149bcf08b
Validity
Not Before: Jan 1 10:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7711b4cdeb9c0f5c224e8af1e2c6774a1c138fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:43:26:cf:de:22:ee:26:5b:41:60:0a:3a:c6:
bd:33:06:93:e1:a7:ae:dc:2d:e7:32:7e:e2:ae:d2:
1a:35:68:67:cb:2c:30:82:c7:f7:9b:6e:41:1e:49:
e2:24:55:85:6f:19:c3:40:29:20:51:03:86:2d:77:
13:54:db:da:71:f9:dc:55:18:ee:e9:31:e8:27:0b:
34:cf:41:6b:b3:cb:cb:bb:22:48:22:66:4d:44:34:
c4:fb:a7:eb:46:7e:7d:19:b7:0d:84:5b:5a:4c:22:
75:79:f1:84:c8:f0:23:8c:f8:8f:cd:a0:16:03:47:
68:3c:77:9b:5f:be:f7:e2:7f:16:45:81:72:60:8b:
43:03:3a:b5:c1:0c:d6:bf:d1:b8:25:80:6e:96:ed:
f4:b0:b2:39:47:1c:4d:0c:30:d5:eb:2c:c9:f0:b5:
df:46:ff:b5:5d:80:13:34:47:63:74:14:4a:f8:2f:
41:9c:21:8a:79:19:bb:42:93:f9:12:56:60:ab:e2:
a8:70:f9:f3:2a:60:11:01:26:d1:2b:71:30:47:ab:
3a:8b:6e:c2:a7:57:d5:d4:00:fc:2e:f1:f3:c1:38:
6c:c2:10:af:cb:93:23:53:af:f3:07:25:dc:73:71:
1f:e5:d7:3e:58:04:70:d8:6d:43:69:ba:2f:89:a9:
8d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:71:1B:4C:DE:B9:C0:F5:C2:24:E8:AF:1E:2C:67:74:A1:C1:38:FA
X509v3 Authority Key Identifier:
keyid:1C:2D:37:55:A3:50:1B:9C:B0:D5:EB:AA:49:9E:5E:A1:49:BC:F0:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HC03VaNQG5yw1euqSZ5eoUm88Is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/67c605-010f-4592-a919-9ece0b25658e/1/53EbTN65wPXCJOivHixndKHBOPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/67c605-010f-4592-a919-9ece0b25658e/1/HC03VaNQG5yw1euqSZ5eoUm88Is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.40.0/22
185.42.216.0/22
IPv6:
2a03:68c0::/32
Signature Algorithm: sha256WithRSAEncryption
16:94:e8:a5:0b:06:9f:e9:ba:90:02:81:7f:b7:78:58:ad:38:
52:4c:79:4d:b8:da:42:b7:28:7a:13:5a:74:1e:ed:11:de:07:
10:d3:fc:25:e7:fa:24:48:c6:bc:2e:2e:f6:41:68:42:78:2f:
d5:1c:b9:48:d5:92:41:eb:8a:80:85:3a:2f:37:3a:fb:0b:f3:
48:c0:ce:e4:69:9f:f1:2e:55:c1:b1:05:61:e3:7d:c0:e0:6e:
02:13:56:4a:b2:33:e8:8b:bc:41:e0:ff:51:a4:08:cc:74:e0:
0d:6f:cc:5f:85:65:13:8b:5b:f4:56:6c:a6:34:b6:d4:9c:61:
80:10:f5:80:b1:7f:44:9f:69:5d:1f:76:11:a5:6a:b9:fd:2c:
6d:40:9a:c5:63:9a:34:07:2f:64:68:35:0b:13:31:37:f9:22:
71:77:b5:bc:51:48:d0:48:43:0f:9f:35:62:a8:f0:91:1e:88:
c3:76:6d:9b:fd:12:38:99:51:27:eb:70:a9:b9:d8:f0:30:ba:
a8:30:40:65:8c:92:1f:41:58:f4:d2:af:5f:ec:bf:1f:b6:94:
07:63:74:1a:52:cb:5e:ea:79:96:e1:46:e2:07:94:52:0c:22:
e7:66:86:2e:2d:0d:fa:bc:7d:65:6e:59:d0:d6:88:ec:df:4f:
b2:4a:ec:cc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEki9F/InJskEITNTPhkDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMmQzNzU1YTM1MDFiOWNiMGQ1ZWJhYTQ5OWU1ZWExNDli
Y2YwOGIwHhcNMjQwMTAxMTAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzcxMWI0Y2RlYjljMGY1YzIyNGU4YWYxZTJjNjc3NGExYzEzOGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUMmz94i7iZbQWAKOsa9MwaT4aeu
3C3nMn7irtIaNWhnyywwgsf3m25BHkniJFWFbxnDQCkgUQOGLXcTVNvacfncVRju
6THoJws0z0Frs8vLuyJIImZNRDTE+6frRn59GbcNhFtaTCJ1efGEyPAjjPiPzaAW
A0doPHebX7734n8WRYFyYItDAzq1wQzWv9G4JYBulu30sLI5RxxNDDDV6yzJ8LXf
Rv+1XYATNEdjdBRK+C9BnCGKeRm7QpP5ElZgq+KocPnzKmARASbRK3EwR6s6i27C
p1fV1AD8LvHzwThswhCvy5MjU6/zByXcc3Ef5dc+WARw2G1DaboviamNUQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOdxG0zeucD1wiTorx4sZ3ShwTj6MB8GA1UdIwQY
MBaAFBwtN1WjUBucsNXrqkmeXqFJvPCLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEMwM1ZhTlFHNXl3MWV1cVNaNWVvVW04OElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82N2M2MDUtMDEwZi00NTkyLWE5MTkt
OWVjZTBiMjU2NThlLzEvNTNFYlRONjV3UFhDSk9pdkhpeG5kS0hCT1BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82N2M2MDUtMDEwZi00NTkyLWE5MTktOWVjZTBiMjU2NThl
LzEvSEMwM1ZhTlFHNXl3MWV1cVNaNWVvVW04OElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQsoAwQC
uSrYMA0EAgACMAcDBQAqA2jAMA0GCSqGSIb3DQEBCwUAA4IBAQAWlOilCwaf6bqQ
AoF/t3hYrThSTHlNuNpCtyh6E1p0Hu0R3gcQ0/wl5/okSMa8Li72QWhCeC/VHLlI
1ZJB64qAhTovNzr7C/NIwM7kaZ/xLlXBsQVh433A4G4CE1ZKsjPoi7xB4P9RpAjM
dOANb8xfhWUTi1v0VmymNLbUnGGAEPWAsX9En2ldH3YRpWq5/SxtQJrFY5o0By9k
aDULEzE3+SJxd7W8UUjQSEMPnzViqPCRHojDdm2b/RI4mVEn63CpudjwMLqoMEBl
jJIfQVj00q9f7L8ftpQHY3QaUste6nmW4UbiB5RSDCLnZoYuLQ36vH1lblnQ1ojs
30+ySuzM
-----END CERTIFICATE-----
Generated at Sun Jun 2 15:43:13 2024 by rpki-client on console-ams.rpki-client.org