Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/67501a-78db-4c38-8a95-261666c3a589/1/tUlWmb3s398cB9J0JhRTjX79e3o.roa
File: tUlWmb3s398cB9J0JhRTjX79e3o.roa (raw, json)
Hash identifier: tASO2rdCXvhOfsXoPLhPBujbvPA2yvo0B8Z9mCXtkF0=
Subject key identifier: B5:49:56:99:BD:EC:DF:DF:1C:07:D2:74:26:14:53:8D:7E:FD:7B:7A
Certificate issuer: /CN=8cfff21538e225618314615e4f0d0688b7b0dd5a
Certificate serial: 018E14813114D71E0400B2135B182127B1B6
Authority key identifier: 8C:FF:F2:15:38:E2:25:61:83:14:61:5E:4F:0D:06:88:B7:B0:DD:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jP_yFTjiJWGDFGFeTw0GiLew3Vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/67501a-78db-4c38-8a95-261666c3a589/1/tUlWmb3s398cB9J0JhRTjX79e3o.roa
Signing time: Wed 06 Mar 2024 16:03:14 +0000
ROA not before: Wed 06 Mar 2024 16:03:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39292
IP address blocks: 185.80.247.0/24 maxlen: 24
2a01:1b1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/67501a-78db-4c38-8a95-261666c3a589/1/jP_yFTjiJWGDFGFeTw0GiLew3Vo.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/67501a-78db-4c38-8a95-261666c3a589/1/jP_yFTjiJWGDFGFeTw0GiLew3Vo.mft
rsync://rpki.ripe.net/repository/DEFAULT/jP_yFTjiJWGDFGFeTw0GiLew3Vo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:14:81:31:14:d7:1e:04:00:b2:13:5b:18:21:27:b1:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cfff21538e225618314615e4f0d0688b7b0dd5a
Validity
Not Before: Mar 6 16:03:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5495699bdecdfdf1c07d2742614538d7efd7b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a7:e1:07:c3:87:03:79:42:16:57:bc:6e:a3:
6b:b4:2f:52:de:d9:da:46:2b:3b:77:f0:cc:84:45:
71:af:53:3d:e0:16:b3:a8:08:02:59:e3:d3:c3:63:
2c:c2:a2:59:59:24:4d:74:85:b6:0b:5c:43:62:8d:
07:f1:88:75:9c:8b:59:91:0c:05:33:dc:79:4c:e7:
02:a2:ea:0f:34:6c:58:34:94:1c:18:c0:56:0e:e9:
e6:67:9b:64:20:26:e5:61:2d:eb:bb:20:6a:fd:e9:
6a:9e:01:38:72:6a:27:59:0a:9b:45:40:4d:94:79:
0e:36:7c:e2:76:d7:e2:e8:b4:55:c7:ff:03:0c:08:
87:e6:ec:f2:9b:66:76:63:e6:62:33:6d:55:be:bb:
a7:73:ac:0e:95:42:d3:90:c0:19:bf:76:c4:e3:c0:
e2:0d:6d:da:6e:0d:37:c6:40:7d:4e:52:19:28:ec:
b0:ef:40:2e:33:c0:6d:bd:51:2e:51:f4:53:a8:f5:
bc:59:e0:52:1a:36:25:2e:58:26:82:f0:c9:52:7b:
55:57:ef:39:2c:cf:b1:e4:81:4b:2f:e7:a8:bc:ed:
25:62:ec:52:4e:e2:7e:b6:ae:7f:2b:1a:b1:c3:7a:
33:c8:68:b0:c4:f8:e2:4a:15:2e:4a:47:f3:b0:6c:
b4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:49:56:99:BD:EC:DF:DF:1C:07:D2:74:26:14:53:8D:7E:FD:7B:7A
X509v3 Authority Key Identifier:
keyid:8C:FF:F2:15:38:E2:25:61:83:14:61:5E:4F:0D:06:88:B7:B0:DD:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jP_yFTjiJWGDFGFeTw0GiLew3Vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/67501a-78db-4c38-8a95-261666c3a589/1/tUlWmb3s398cB9J0JhRTjX79e3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/67501a-78db-4c38-8a95-261666c3a589/1/jP_yFTjiJWGDFGFeTw0GiLew3Vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.247.0/24
IPv6:
2a01:1b1::/32
Signature Algorithm: sha256WithRSAEncryption
3e:f5:b8:7f:66:ff:cb:7d:72:13:26:ac:1a:bf:a1:7f:a8:f9:
72:17:7e:e8:07:4b:05:a8:63:65:27:89:2f:e5:0d:8f:dd:ec:
a1:23:24:1f:48:ee:a3:57:a4:d2:cb:21:b6:21:71:e6:29:15:
c6:2e:f5:04:50:c8:44:d0:59:3a:ab:92:e7:22:5e:96:b7:ba:
78:6d:18:61:b5:ce:91:7e:91:a7:43:08:5c:6a:f4:0e:50:38:
93:1d:36:c5:66:ae:c0:e2:32:e8:6f:cd:32:8d:1d:d1:b3:fc:
03:80:de:0a:42:85:17:2e:6a:cb:32:0c:80:a9:9f:21:61:0b:
14:e6:87:8a:98:68:96:13:e8:a7:68:77:98:a7:89:bd:02:54:
64:cb:01:d9:b7:09:55:c2:9e:41:0a:7a:09:c2:03:e7:9c:67:
c1:cb:5e:d2:12:54:bd:2d:57:4f:5a:3b:8a:10:4d:32:e1:43:
25:32:6d:d6:a7:6b:ae:29:38:59:dc:a0:15:d0:d1:ff:f6:3a:
07:cd:a5:55:7b:3f:6b:a7:8b:91:de:5d:e7:fe:40:ba:2f:ee:
19:ec:32:94:f6:73:a6:7c:05:d1:a5:82:de:e5:e0:48:08:40:
0b:52:f6:b0:f1:0c:fd:ee:b9:f6:1d:e6:ed:09:a3:44:6c:92:
01:9c:7a:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY4UgTEU1x4EALITWxghJ7G2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZmZmMjE1MzhlMjI1NjE4MzE0NjE1ZTRmMGQwNjg4Yjdi
MGRkNWEwHhcNMjQwMzA2MTYwMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQ5NTY5OWJkZWNkZmRmMWMwN2QyNzQyNjE0NTM4ZDdlZmQ3YjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoafhB8OHA3lCFle8bqNrtC9S3tna
Ris7d/DMhEVxr1M94BazqAgCWePTw2MswqJZWSRNdIW2C1xDYo0H8Yh1nItZkQwF
M9x5TOcCouoPNGxYNJQcGMBWDunmZ5tkICblYS3ruyBq/elqngE4cmonWQqbRUBN
lHkONnzidtfi6LRVx/8DDAiH5uzym2Z2Y+ZiM21Vvrunc6wOlULTkMAZv3bE48Di
DW3abg03xkB9TlIZKOyw70AuM8BtvVEuUfRTqPW8WeBSGjYlLlgmgvDJUntVV+85
LM+x5IFLL+eovO0lYuxSTuJ+tq5/Kxqxw3ozyGiwxPjiShUuSkfzsGy0zQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLVJVpm97N/fHAfSdCYUU41+/Xt6MB8GA1UdIwQY
MBaAFIz/8hU44iVhgxRhXk8NBoi3sN1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalBfeUZUamlKV0dERkdGZVR3MEdpTGV3M1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82NzUwMWEtNzhkYi00YzM4LThhOTUt
MjYxNjY2YzNhNTg5LzEvdFVsV21iM3MzOThjQjlKMEpoUlRqWDc5ZTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82NzUwMWEtNzhkYi00YzM4LThhOTUtMjYxNjY2YzNhNTg5
LzEvalBfeUZUamlKV0dERkdGZVR3MEdpTGV3M1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuVD3MA0E
AgACMAcDBQAqAQGxMA0GCSqGSIb3DQEBCwUAA4IBAQA+9bh/Zv/LfXITJqwav6F/
qPlyF37oB0sFqGNlJ4kv5Q2P3eyhIyQfSO6jV6TSyyG2IXHmKRXGLvUEUMhE0Fk6
q5LnIl6Wt7p4bRhhtc6RfpGnQwhcavQOUDiTHTbFZq7A4jLob80yjR3Rs/wDgN4K
QoUXLmrLMgyAqZ8hYQsU5oeKmGiWE+inaHeYp4m9AlRkywHZtwlVwp5BCnoJwgPn
nGfBy17SElS9LVdPWjuKEE0y4UMlMm3Wp2uuKThZ3KAV0NH/9joHzaVVez9rp4uR
3l3n/kC6L+4Z7DKU9nOmfAXRpYLe5eBICEALUvaw8Qz97rn2HebtCaNEbJIBnHpt
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:18:43 2024 by rpki-client on console-fra.rpki-client.org