Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/0C1ANAw7jlwRWHGSMFmAwPCrxfs.roa
File: 0C1ANAw7jlwRWHGSMFmAwPCrxfs.roa (raw, json)
Hash identifier: oA3NJaJEde/mmj9opMLIY2+pIsl+CSHoy95IoiczIEs=
Subject key identifier: D0:2D:40:34:0C:3B:8E:5C:11:58:71:92:30:59:80:C0:F0:AB:C5:FB
Certificate issuer: /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial: 018CC493735B061654FE76A369F730E8AB70
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/0C1ANAw7jlwRWHGSMFmAwPCrxfs.roa
Signing time: Mon 01 Jan 2024 10:30:46 +0000
ROA not before: Mon 01 Jan 2024 10:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209241
IP address blocks: 80.78.134.0/24 maxlen: 24
2a0d:2146:8050::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.mft
rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:73:5b:06:16:54:fe:76:a3:69:f7:30:e8:ab:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Validity
Not Before: Jan 1 10:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d02d40340c3b8e5c11587192305980c0f0abc5fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5d:3f:66:e1:16:2b:b2:8f:72:18:2a:a2:12:
9c:1d:34:b9:01:f5:cf:0b:76:f6:cb:70:5b:e4:51:
04:67:df:af:c4:7f:d6:17:cb:00:eb:85:e8:aa:d8:
76:a9:06:1c:9b:a1:24:f6:8c:a3:ba:5a:b5:1f:5f:
4b:eb:71:a1:9f:37:be:bf:30:b1:11:f2:07:d5:d7:
40:e9:03:37:14:66:86:d2:68:19:66:8d:ad:e2:93:
f0:60:a3:ba:50:af:28:3d:9e:e1:17:08:3e:f6:99:
f1:53:4d:b3:15:25:b8:07:14:21:c8:70:e1:a3:bf:
7d:e8:a3:06:5f:c1:dc:a6:d0:0c:da:7c:0d:a5:10:
36:d8:f9:1d:53:f6:f4:c4:e8:d8:6b:64:63:d2:4e:
4e:cb:b3:18:72:9e:d2:e8:3d:48:af:fa:d2:2c:c4:
02:b0:5d:42:cd:70:e3:eb:96:5a:7f:39:07:0e:b8:
7c:71:9f:14:d5:35:d3:d7:12:82:ef:7a:8c:66:d1:
1d:79:10:3d:48:55:fb:e3:df:7f:50:bd:33:e9:d8:
07:b5:f1:87:8a:ea:a2:cb:12:06:af:a7:64:ba:04:
82:79:46:bd:ca:40:f9:23:99:f5:b1:6a:ef:e6:cd:
ec:15:be:73:73:42:ef:e5:09:f2:79:0b:ad:9f:27:
17:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:2D:40:34:0C:3B:8E:5C:11:58:71:92:30:59:80:C0:F0:AB:C5:FB
X509v3 Authority Key Identifier:
keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/0C1ANAw7jlwRWHGSMFmAwPCrxfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.134.0/24
IPv6:
2a0d:2146:8050::/44
Signature Algorithm: sha256WithRSAEncryption
ae:3f:ca:df:dc:cd:90:f5:18:5c:99:02:c6:c5:27:71:37:22:
bd:73:03:48:65:fe:90:d9:7e:2f:42:72:b6:74:39:61:08:69:
ae:1d:f0:a2:ff:0d:12:dc:2e:d8:85:1f:f2:e6:85:83:f1:d8:
94:bb:89:df:f6:cf:47:0b:35:21:4b:08:23:60:2b:36:89:33:
4b:b4:fd:db:c2:23:45:ab:3c:01:ff:2e:4f:e4:ba:ae:b0:e1:
eb:c4:77:da:14:bb:54:af:0d:67:eb:6f:4a:3f:c6:db:c5:76:
ee:bc:e2:9b:16:8e:e0:06:d2:23:2b:12:86:7f:ff:68:a6:42:
69:aa:20:67:f3:8d:30:36:94:e0:53:6b:65:b3:e2:b0:c7:ae:
fa:e4:2f:c9:70:3a:65:21:7d:cd:dc:8e:3e:da:48:2e:32:92:
0f:1a:8a:31:43:8e:4a:64:40:f4:8d:ef:1e:13:4e:23:51:33:
67:fd:e0:fe:bb:3c:b7:54:73:6b:4b:6f:da:d7:e7:a1:91:b1:
4f:e5:59:db:5b:75:6f:37:19:75:ed:80:37:34:62:9e:61:15:
5b:16:f2:81:4e:21:22:50:a0:32:79:24:cb:df:bd:b2:5b:b2:
1d:0c:af:80:d9:f1:1f:39:12:80:4b:6e:49:d4:b9:a3:3a:87:
1f:98:2e:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEk3NbBhZU/najafcw6KtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGFjNjExNjE0ZGQxNjVkOTQ1NTcyOTZlZDdlZDQ2Yzhm
YzAyNWYwHhcNMjQwMTAxMTAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDJkNDAzNDBjM2I4ZTVjMTE1ODcxOTIzMDU5ODBjMGYwYWJjNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV0/ZuEWK7KPchgqohKcHTS5AfXP
C3b2y3Bb5FEEZ9+vxH/WF8sA64Xoqth2qQYcm6Ek9oyjulq1H19L63Ghnze+vzCx
EfIH1ddA6QM3FGaG0mgZZo2t4pPwYKO6UK8oPZ7hFwg+9pnxU02zFSW4BxQhyHDh
o7996KMGX8HcptAM2nwNpRA22PkdU/b0xOjYa2Rj0k5Oy7MYcp7S6D1Ir/rSLMQC
sF1CzXDj65ZafzkHDrh8cZ8U1TXT1xKC73qMZtEdeRA9SFX7499/UL0z6dgHtfGH
iuqiyxIGr6dkugSCeUa9ykD5I5n1sWrv5s3sFb5zc0Lv5QnyeQutnycXlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNAtQDQMO45cEVhxkjBZgMDwq8X7MB8GA1UdIwQY
MBaAFOFKxhFhTdFl2UVXKW7X7UbI/AJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUt
NzBlODk4YmIzOGRkLzEvMEMxQU5BdzdqbHdSV0hHU01GbUF3UENyeGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUtNzBlODk4YmIzOGRk
LzEvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUE6GMA8E
AgACMAkDBwQqDSFGgFAwDQYJKoZIhvcNAQELBQADggEBAK4/yt/czZD1GFyZAsbF
J3E3Ir1zA0hl/pDZfi9CcrZ0OWEIaa4d8KL/DRLcLtiFH/LmhYPx2JS7id/2z0cL
NSFLCCNgKzaJM0u0/dvCI0WrPAH/Lk/kuq6w4evEd9oUu1SvDWfrb0o/xtvFdu68
4psWjuAG0iMrEoZ//2imQmmqIGfzjTA2lOBTa2Wz4rDHrvrkL8lwOmUhfc3cjj7a
SC4ykg8aijFDjkpkQPSN7x4TTiNRM2f94P67PLdUc2tLb9rX56GRsU/lWdtbdW83
GXXtgDc0Yp5hFVsW8oFOISJQoDJ5JMvfvbJbsh0Mr4DZ8R85EoBLbknUuaM6hx+Y
LiU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:45:41 2024 by rpki-client on console-ams.rpki-client.org