Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/blFYZkK5cZ-m8_pciAqWAGRzo8I.roa
File: blFYZkK5cZ-m8_pciAqWAGRzo8I.roa (raw, json)
Hash identifier: VYn1ansPjuq8UIrvl5g1NS7Bo+TOMklWJD1QWJpI6jE=
Subject key identifier: 6E:51:58:66:42:B9:71:9F:A6:F3:FA:5C:88:0A:96:00:64:73:A3:C2
Certificate issuer: /CN=ea0f5b221f6af32098f3064d68251b617892ac92
Certificate serial: 018CC94C101424D738608BE072DA5BE187C6
Authority key identifier: EA:0F:5B:22:1F:6A:F3:20:98:F3:06:4D:68:25:1B:61:78:92:AC:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g9bIh9q8yCY8wZNaCUbYXiSrJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/blFYZkK5cZ-m8_pciAqWAGRzo8I.roa
Signing time: Tue 02 Jan 2024 08:30:54 +0000
ROA not before: Tue 02 Jan 2024 08:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a03:1e84:1900::/56 maxlen: 56
2a03:1e80:303:200::/56 maxlen: 56
2a03:1e84:9261::/48 maxlen: 48
2a03:1e84:1900:200::/56 maxlen: 56
2a03:1e84:9260::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/6g9bIh9q8yCY8wZNaCUbYXiSrJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/6g9bIh9q8yCY8wZNaCUbYXiSrJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6g9bIh9q8yCY8wZNaCUbYXiSrJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:10:14:24:d7:38:60:8b:e0:72:da:5b:e1:87:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea0f5b221f6af32098f3064d68251b617892ac92
Validity
Not Before: Jan 2 08:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e51586642b9719fa6f3fa5c880a96006473a3c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c9:bb:aa:32:4d:f6:86:e3:db:7b:52:f4:6d:
c5:6f:37:c6:30:1d:ed:94:0a:96:c5:e6:9c:ab:9b:
0e:09:fe:c9:92:18:1c:a3:57:68:51:82:e0:0e:c6:
c2:5a:48:50:c5:7e:8f:d2:bf:ef:da:83:a4:cb:e7:
8d:e5:1b:b3:75:08:db:ee:5f:f4:ed:21:ca:76:8e:
49:1a:5f:aa:b6:e5:22:96:b8:4e:fd:a1:5f:7b:62:
d7:89:df:63:2c:d8:4a:9d:74:13:89:85:f2:da:b9:
a7:a2:ab:a8:37:37:01:11:6e:e3:38:e2:e5:57:bf:
26:14:78:9c:31:15:e9:87:a0:fb:8e:9d:40:3c:05:
59:73:04:fa:21:8b:c5:b6:00:cc:64:83:e6:ad:1d:
83:1b:79:71:8f:35:7a:2f:f2:a8:1a:71:e6:42:8a:
de:e5:7b:a5:b0:09:74:da:49:67:14:08:a3:d8:39:
5b:8e:ac:3e:57:08:39:00:9e:ef:07:8a:56:66:1a:
7a:92:9f:7a:96:fa:54:73:54:78:d5:f8:54:5b:c2:
11:43:64:05:92:60:61:9d:62:59:4c:23:27:c0:87:
a0:76:aa:c1:45:88:94:80:b2:a2:f0:67:de:40:56:
73:01:ff:2e:f6:81:38:8b:1b:96:3e:a5:46:36:59:
6c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:51:58:66:42:B9:71:9F:A6:F3:FA:5C:88:0A:96:00:64:73:A3:C2
X509v3 Authority Key Identifier:
keyid:EA:0F:5B:22:1F:6A:F3:20:98:F3:06:4D:68:25:1B:61:78:92:AC:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g9bIh9q8yCY8wZNaCUbYXiSrJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/blFYZkK5cZ-m8_pciAqWAGRzo8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/6g9bIh9q8yCY8wZNaCUbYXiSrJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:1e80:303:200::/56
2a03:1e84:1900::/56
2a03:1e84:1900:200::/56
2a03:1e84:9260::/47
Signature Algorithm: sha256WithRSAEncryption
b7:72:24:a4:70:9a:f1:59:76:6b:6d:cb:af:41:2d:fe:97:9a:
1a:cd:dc:7c:8d:a3:59:42:de:79:13:4f:ac:07:e6:6a:ad:98:
94:79:06:d3:1a:38:e4:24:d4:d6:e8:1e:eb:70:19:ae:e0:61:
77:24:fc:b6:a5:fc:1a:1b:e7:db:44:93:82:c4:55:cf:a4:22:
7f:a9:3b:26:c9:08:24:c9:b8:9e:97:5e:d1:5a:12:07:32:1a:
06:63:b1:29:ed:10:76:8f:0e:f0:e0:1e:f6:80:fa:be:27:0b:
06:fc:f8:4e:12:39:d9:7c:d5:25:15:49:bb:14:63:17:1e:4e:
eb:18:b9:9f:ac:57:1d:f6:a2:4f:98:b3:42:c0:45:c0:89:1c:
cb:ab:bf:e2:c9:c0:1e:cc:74:e7:36:2a:0e:b1:e3:13:00:1b:
60:de:86:1c:4d:af:3c:66:eb:81:0c:f4:12:29:05:70:aa:c1:
58:3d:a6:7d:2d:7a:79:79:23:ea:61:5b:ca:0a:23:d8:4a:3e:
cf:a4:70:72:0b:6f:ef:63:0e:4f:d5:f3:5c:1a:4f:2e:e1:ef:
9e:73:36:36:18:1d:c5:f6:09:39:e9:1c:df:ed:87:29:9a:c5:
ab:85:2f:ec:2f:35:3c:9f:af:5c:b5:cf:66:16:a8:ee:bd:7a:
45:3d:ce:cd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJTBAUJNc4YIvgctpb4YfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMGY1YjIyMWY2YWYzMjA5OGYzMDY0ZDY4MjUxYjYxNzg5
MmFjOTIwHhcNMjQwMTAyMDgzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTUxNTg2NjQyYjk3MTlmYTZmM2ZhNWM4ODBhOTYwMDY0NzNhM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8m7qjJN9obj23tS9G3FbzfGMB3t
lAqWxeacq5sOCf7Jkhgco1doUYLgDsbCWkhQxX6P0r/v2oOky+eN5RuzdQjb7l/0
7SHKdo5JGl+qtuUilrhO/aFfe2LXid9jLNhKnXQTiYXy2rmnoquoNzcBEW7jOOLl
V78mFHicMRXph6D7jp1APAVZcwT6IYvFtgDMZIPmrR2DG3lxjzV6L/KoGnHmQore
5XulsAl02klnFAij2Dlbjqw+Vwg5AJ7vB4pWZhp6kp96lvpUc1R41fhUW8IRQ2QF
kmBhnWJZTCMnwIegdqrBRYiUgLKi8GfeQFZzAf8u9oE4ixuWPqVGNllswQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG5RWGZCuXGfpvP6XIgKlgBkc6PCMB8GA1UdIwQY
MBaAFOoPWyIfavMgmPMGTWglG2F4kqySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmc5YkloOXE4eUNZOHdaTmFDVWJZWGlTckpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lODUzYWItZjQ3MC00OTI4LWJjNjgt
NTdlOTBjNTZhMGUyLzEvYmxGWVprSzVjWi1tOF9wY2lBcVdBR1J6bzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lODUzYWItZjQ3MC00OTI4LWJjNjgtNTdlOTBjNTZhMGUy
LzEvNmc5YkloOXE4eUNZOHdaTmFDVWJZWGlTckpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAAjAnAwgAKgMegAMD
AgMIACoDHoQZAAADCAAqAx6EGQACAwcBKgMehJJgMA0GCSqGSIb3DQEBCwUAA4IB
AQC3ciSkcJrxWXZrbcuvQS3+l5oazdx8jaNZQt55E0+sB+ZqrZiUeQbTGjjkJNTW
6B7rcBmu4GF3JPy2pfwaG+fbRJOCxFXPpCJ/qTsmyQgkybiel17RWhIHMhoGY7Ep
7RB2jw7w4B72gPq+JwsG/PhOEjnZfNUlFUm7FGMXHk7rGLmfrFcd9qJPmLNCwEXA
iRzLq7/iycAezHTnNioOseMTABtg3oYcTa88ZuuBDPQSKQVwqsFYPaZ9LXp5eSPq
YVvKCiPYSj7PpHByC2/vYw5P1fNcGk8u4e+eczY2GB3F9gk56Rzf7YcpmsWrhS/s
LzU8n69ctc9mFqjuvXpFPc7N
-----END CERTIFICATE-----
Generated at Thu May 2 21:19:08 2024 by rpki-client on console-fra.rpki-client.org