Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/8WV74wbbtX0Kt7W2sAXt1AWiBBc.roa
File: 8WV74wbbtX0Kt7W2sAXt1AWiBBc.roa (raw, json)
Hash identifier: dKvC9qozVEZz7TsTbZPGX7t6QrRXfr54kc50ykIBy8I=
Subject key identifier: F1:65:7B:E3:06:DB:B5:7D:0A:B7:B5:B6:B0:05:ED:D4:05:A2:04:17
Certificate issuer: /CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Certificate serial: 018FBA76DB4B2BA15FE3B8BC86D078B9F553
Authority key identifier: 05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/8WV74wbbtX0Kt7W2sAXt1AWiBBc.roa
Signing time: Mon 27 May 2024 14:31:42 +0000
ROA not before: Mon 27 May 2024 14:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52053
IP address blocks: 2a14:1d00::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ba:76:db:4b:2b:a1:5f:e3:b8:bc:86:d0:78:b9:f5:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Validity
Not Before: May 27 14:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1657be306dbb57d0ab7b5b6b005edd405a20417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:61:80:d5:d0:59:11:88:07:ad:3f:a8:36:df:
11:56:16:22:14:52:69:04:db:b5:82:f5:cc:e3:5c:
07:df:5a:a7:be:42:73:c6:4b:c1:11:e8:0e:02:95:
6b:ca:a0:c8:66:80:c2:fd:90:82:1f:be:6a:a3:48:
69:7f:23:15:33:cb:da:6a:ef:6f:a0:8a:02:8b:92:
d9:7c:65:c2:74:34:98:1e:3c:34:be:19:6e:d3:f8:
37:03:32:eb:3f:46:52:5b:a3:5e:09:3d:6b:45:8f:
0f:e4:69:70:23:3b:ca:e5:30:c2:f6:3f:0e:e3:a5:
3b:60:ef:c5:60:3b:12:a4:d8:f8:a3:5f:70:cb:28:
a7:1d:55:a0:1f:74:1a:37:40:5a:03:73:41:c4:44:
1b:75:2d:22:98:17:b5:56:fd:2b:25:e8:02:92:5b:
7f:ca:38:96:58:cb:99:b2:1d:ee:66:dc:21:0a:0b:
ed:19:37:6f:a3:2a:33:41:84:f1:eb:6c:72:f2:d7:
d8:34:bc:1e:75:f0:5e:55:7f:0b:d5:c5:94:d5:51:
5a:27:90:66:11:35:50:0e:3d:51:3f:44:e1:ff:49:
18:75:f1:9c:bf:cd:9d:73:f5:a9:a9:fd:45:d4:5b:
a6:d9:cd:3f:3e:84:89:14:38:14:ac:21:70:3c:bd:
c2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:65:7B:E3:06:DB:B5:7D:0A:B7:B5:B6:B0:05:ED:D4:05:A2:04:17
X509v3 Authority Key Identifier:
keyid:05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/8WV74wbbtX0Kt7W2sAXt1AWiBBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1d00::/44
Signature Algorithm: sha256WithRSAEncryption
57:c6:21:67:74:59:36:6d:aa:cb:d7:21:cc:f7:67:3c:80:7e:
db:e1:e2:e3:de:09:ed:67:26:ed:02:1f:9b:b2:c4:42:5e:27:
4a:26:a9:0d:d0:79:2a:6b:8d:e1:bf:57:a6:11:e1:a3:10:82:
b8:ec:c8:f7:54:9a:1b:07:34:d6:d2:78:16:fe:68:c0:cf:c3:
1f:2a:a6:1b:63:33:4c:9f:0e:22:29:52:ef:8e:f5:88:18:f7:
ed:2c:1f:87:58:81:bd:81:e0:0f:07:c2:35:17:50:7e:c1:31:
5e:c4:29:e0:17:7b:69:30:b5:95:fd:d1:c9:37:18:dd:31:c4:
42:7c:21:fd:ad:c6:07:95:a5:2f:59:fb:d7:67:21:c2:e3:ed:
79:3c:5e:01:6c:66:38:c6:d5:eb:05:1d:5c:c3:ca:0f:ee:5e:
4b:f0:90:7e:f8:f2:b1:21:3c:31:c9:ca:2e:f9:a5:6b:0b:64:
8d:0c:68:27:a0:7d:31:f1:0f:77:b6:9f:d7:21:be:38:ad:49:
a1:fd:cc:10:48:69:bd:c6:90:3f:e5:af:4c:8d:ce:16:d8:ec:
1b:96:da:9b:ce:a7:ab:ef:50:be:72:f9:b1:c9:c4:ad:7c:47:
f8:b9:29:25:7d:ba:17:e1:ef:96:a1:c3:b2:ca:f7:84:3f:c8:
93:d5:0f:01
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY+6dttLK6Ff47i8htB4ufVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjNjYjI2M2RmNTBkMmQ0ZDA3M2MwZjdkYjZjZDI3NzYz
MDJjOWQwHhcNMjQwNTI3MTQzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTY1N2JlMzA2ZGJiNTdkMGFiN2I1YjZiMDA1ZWRkNDA1YTIwNDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2GA1dBZEYgHrT+oNt8RVhYiFFJp
BNu1gvXM41wH31qnvkJzxkvBEegOApVryqDIZoDC/ZCCH75qo0hpfyMVM8vaau9v
oIoCi5LZfGXCdDSYHjw0vhlu0/g3AzLrP0ZSW6NeCT1rRY8P5GlwIzvK5TDC9j8O
46U7YO/FYDsSpNj4o19wyyinHVWgH3QaN0BaA3NBxEQbdS0imBe1Vv0rJegCklt/
yjiWWMuZsh3uZtwhCgvtGTdvoyozQYTx62xy8tfYNLwedfBeVX8L1cWU1VFaJ5Bm
ETVQDj1RP0Th/0kYdfGcv82dc/Wpqf1F1Fum2c0/PoSJFDgUrCFwPL3C1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPFle+MG27V9Cre1trAF7dQFogQXMB8GA1UdIwQY
MBaAFAVjyyY99Q0tTQc8D322zSd2MCydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQt
MTUwMzU0YjAwZTU1LzEvOFdWNzR3YmJ0WDBLdDdXMnNBWHQxQVdpQkJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQtMTUwMzU0YjAwZTU1
LzEvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhQdAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBXxiFndFk2barL1yHM92c8gH7b4eLj3gntZybt
Ah+bssRCXidKJqkN0Hkqa43hv1emEeGjEIK47Mj3VJobBzTW0ngW/mjAz8MfKqYb
YzNMnw4iKVLvjvWIGPftLB+HWIG9geAPB8I1F1B+wTFexCngF3tpMLWV/dHJNxjd
McRCfCH9rcYHlaUvWfvXZyHC4+15PF4BbGY4xtXrBR1cw8oP7l5L8JB++PKxITwx
ycou+aVrC2SNDGgnoH0x8Q93tp/XIb44rUmh/cwQSGm9xpA/5a9Mjc4W2Owbltqb
zqer71C+cvmxycStfEf4uSklfboX4e+WocOyyveEP8iT1Q8B
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:52:30 2024 by rpki-client on console-fra.rpki-client.org