Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/d3pZdTQE7FO7qs5wMMIgAvshzqQ.roa
File: d3pZdTQE7FO7qs5wMMIgAvshzqQ.roa (raw, json)
Hash identifier: 3+D7YP6tLMlOGg8UtgIViVfptm4jR2eZeifL2umvNIQ=
Subject key identifier: 77:7A:59:75:34:04:EC:53:BB:AA:CE:70:30:C2:20:02:FB:21:CE:A4
Certificate issuer: /CN=ea0f5b221f6af32098f3064d68251b617892ac92
Certificate serial: 018CC94C0F5822020759F692919B3D438F51
Authority key identifier: EA:0F:5B:22:1F:6A:F3:20:98:F3:06:4D:68:25:1B:61:78:92:AC:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g9bIh9q8yCY8wZNaCUbYXiSrJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/d3pZdTQE7FO7qs5wMMIgAvshzqQ.roa
Signing time: Tue 02 Jan 2024 08:30:54 +0000
ROA not before: Tue 02 Jan 2024 08:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a03:1e84:1900::/56 maxlen: 56
2a03:1e80:303:200::/56 maxlen: 56
2a03:1e84:9261::/48 maxlen: 48
2a03:1e84:9260::/48 maxlen: 48
2a03:1e84:1900:200::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/6g9bIh9q8yCY8wZNaCUbYXiSrJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/6g9bIh9q8yCY8wZNaCUbYXiSrJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6g9bIh9q8yCY8wZNaCUbYXiSrJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:0f:58:22:02:07:59:f6:92:91:9b:3d:43:8f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea0f5b221f6af32098f3064d68251b617892ac92
Validity
Not Before: Jan 2 08:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=777a59753404ec53bbaace7030c22002fb21cea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:10:99:22:d0:c9:93:de:8d:88:ac:77:7b:3e:
0a:31:bc:87:fc:d2:b5:a1:c1:33:e5:fc:1c:a5:d5:
e4:b0:34:27:9d:5d:9e:d2:2f:9b:c6:38:e3:f8:09:
d2:8e:64:ee:b2:79:7e:e3:a0:85:d1:e5:81:3b:7c:
aa:5b:84:10:21:96:85:63:63:67:83:58:a8:0b:0d:
f7:7a:52:c7:72:5a:58:35:f7:c8:df:d7:4b:2b:29:
af:88:0e:bd:b0:33:05:e9:2e:69:60:07:d5:e3:79:
8d:ac:f5:4d:0f:32:56:58:2c:73:3c:10:a9:e5:3c:
2c:e8:2f:8b:6b:7d:92:9d:8b:c6:a1:e4:89:99:09:
d5:f1:30:ed:6f:b3:d8:d4:ab:31:77:e5:3a:94:a2:
fd:c3:85:cf:3a:7b:8a:c5:fc:10:17:fc:8d:e4:cf:
5e:d2:72:9c:f0:da:da:ac:ef:af:67:f1:7a:fb:5d:
cd:fc:1f:7d:92:7b:30:5a:1a:e6:77:85:1f:85:c8:
c9:5d:ca:f1:ed:c2:cc:8c:a7:6c:8d:38:6f:49:1e:
06:b5:1a:8d:bc:e6:e2:68:20:9f:5f:8c:fe:ab:8d:
70:6c:3f:dd:8b:a3:9c:5c:6d:0f:77:ff:e7:4e:86:
61:76:13:ed:18:cc:de:f2:4c:f2:09:36:b3:ab:3d:
b3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:7A:59:75:34:04:EC:53:BB:AA:CE:70:30:C2:20:02:FB:21:CE:A4
X509v3 Authority Key Identifier:
keyid:EA:0F:5B:22:1F:6A:F3:20:98:F3:06:4D:68:25:1B:61:78:92:AC:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g9bIh9q8yCY8wZNaCUbYXiSrJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/d3pZdTQE7FO7qs5wMMIgAvshzqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e853ab-f470-4928-bc68-57e90c56a0e2/1/6g9bIh9q8yCY8wZNaCUbYXiSrJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:1e80:303:200::/56
2a03:1e84:1900::/56
2a03:1e84:1900:200::/56
2a03:1e84:9260::/47
Signature Algorithm: sha256WithRSAEncryption
b5:dc:18:75:6f:a5:78:12:28:8e:17:d0:b3:1e:b8:50:2d:d6:
c5:e7:bd:58:8a:d7:42:93:88:af:3a:92:f6:c9:25:25:ac:f4:
d6:d2:1f:98:17:02:b2:04:0e:2d:5b:42:be:42:41:80:e0:85:
c7:3a:93:6c:1e:8a:85:6b:03:af:9b:aa:9c:2a:89:4d:93:42:
d1:77:5f:6a:a3:d5:07:6c:49:2c:6b:40:ac:33:27:df:d5:94:
ce:6d:cc:c9:f4:e2:4c:52:99:ae:e3:8b:66:29:6e:5a:ae:63:
ed:63:82:92:30:58:1c:49:15:6d:cb:6b:29:17:40:b5:ef:22:
d8:d8:7b:e8:82:7c:94:7f:5d:04:ad:07:ae:26:71:d5:59:12:
ef:43:89:f1:44:3e:9d:10:8c:8e:5a:30:bb:32:30:00:8f:31:
8c:29:bd:de:c5:7a:bb:82:60:0d:0f:07:64:ce:a1:a5:64:29:
b4:06:ed:83:2d:06:32:da:0f:95:22:8a:20:c8:ed:aa:ec:3f:
ed:65:89:60:50:38:e2:cf:ae:fe:eb:2e:b6:f3:02:d8:5f:c8:
6f:2b:57:08:bb:71:c7:ae:76:bb:fd:2c:59:42:39:98:9e:42:
d6:a8:d0:35:e4:61:bc:cd:10:91:42:05:7c:a5:5f:bc:e7:26:
20:ae:35:22
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJTA9YIgIHWfaSkZs9Q49RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMGY1YjIyMWY2YWYzMjA5OGYzMDY0ZDY4MjUxYjYxNzg5
MmFjOTIwHhcNMjQwMTAyMDgzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzdhNTk3NTM0MDRlYzUzYmJhYWNlNzAzMGMyMjAwMmZiMjFjZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRCZItDJk96NiKx3ez4KMbyH/NK1
ocEz5fwcpdXksDQnnV2e0i+bxjjj+AnSjmTusnl+46CF0eWBO3yqW4QQIZaFY2Nn
g1ioCw33elLHclpYNffI39dLKymviA69sDMF6S5pYAfV43mNrPVNDzJWWCxzPBCp
5Tws6C+La32SnYvGoeSJmQnV8TDtb7PY1Ksxd+U6lKL9w4XPOnuKxfwQF/yN5M9e
0nKc8NrarO+vZ/F6+13N/B99knswWhrmd4UfhcjJXcrx7cLMjKdsjThvSR4GtRqN
vObiaCCfX4z+q41wbD/di6OcXG0Pd//nToZhdhPtGMze8kzyCTazqz2z9wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHd6WXU0BOxTu6rOcDDCIAL7Ic6kMB8GA1UdIwQY
MBaAFOoPWyIfavMgmPMGTWglG2F4kqySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmc5YkloOXE4eUNZOHdaTmFDVWJZWGlTckpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lODUzYWItZjQ3MC00OTI4LWJjNjgt
NTdlOTBjNTZhMGUyLzEvZDNwWmRUUUU3Rk83cXM1d01NSWdBdnNoenFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lODUzYWItZjQ3MC00OTI4LWJjNjgtNTdlOTBjNTZhMGUy
LzEvNmc5YkloOXE4eUNZOHdaTmFDVWJZWGlTckpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAAjAnAwgAKgMegAMD
AgMIACoDHoQZAAADCAAqAx6EGQACAwcBKgMehJJgMA0GCSqGSIb3DQEBCwUAA4IB
AQC13Bh1b6V4EiiOF9CzHrhQLdbF571YitdCk4ivOpL2ySUlrPTW0h+YFwKyBA4t
W0K+QkGA4IXHOpNsHoqFawOvm6qcKolNk0LRd19qo9UHbEksa0CsMyff1ZTObczJ
9OJMUpmu44tmKW5armPtY4KSMFgcSRVty2spF0C17yLY2HvognyUf10ErQeuJnHV
WRLvQ4nxRD6dEIyOWjC7MjAAjzGMKb3exXq7gmANDwdkzqGlZCm0Bu2DLQYy2g+V
IoogyO2q7D/tZYlgUDjiz67+6y628wLYX8hvK1cIu3HHrna7/SxZQjmYnkLWqNA1
5GG8zRCRQgV8pV+85yYgrjUi
-----END CERTIFICATE-----
Generated at Thu May 2 12:56:29 2024 by rpki-client on console-ams.rpki-client.org