Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/Di3resvlbYdCxFkf0DwvgkOEtFY.roa
File: Di3resvlbYdCxFkf0DwvgkOEtFY.roa (raw, json)
Hash identifier: px9WtGp9Q17afVBwcQ7YNnHq2cZMGBKaJQ5/BG8m7ks=
Subject key identifier: 0E:2D:EB:7A:CB:E5:6D:87:42:C4:59:1F:D0:3C:2F:82:43:84:B4:56
Certificate issuer: /CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Certificate serial: 018CC5002D050BC4C240BF2984F57F12E864
Authority key identifier: 2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/Di3resvlbYdCxFkf0DwvgkOEtFY.roa
Signing time: Mon 01 Jan 2024 12:29:32 +0000
ROA not before: Mon 01 Jan 2024 12:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35184
IP address blocks: 87.240.64.0/18 maxlen: 24
46.21.128.0/20 maxlen: 24
2a03:6c00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:2d:05:0b:c4:c2:40:bf:29:84:f5:7f:12:e8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Validity
Not Before: Jan 1 12:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e2deb7acbe56d8742c4591fd03c2f824384b456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bb:de:7c:1c:20:ed:ad:2e:8a:db:90:a6:43:
86:3c:b8:54:8e:46:7d:3f:8d:0d:a8:38:86:47:dd:
36:0d:d9:7b:da:03:5c:10:61:6e:34:a9:49:7b:f5:
33:e4:bd:8d:af:ca:40:ec:26:1c:6d:fe:e3:c1:88:
67:82:80:08:b8:07:2d:49:13:45:78:e6:68:47:ef:
74:91:60:e6:66:c0:81:90:22:3d:38:7e:77:04:23:
3b:51:e4:8e:db:51:e5:d8:eb:31:53:13:6d:d4:5e:
f1:01:e3:8f:cc:0a:0c:3a:ab:20:7f:02:51:30:04:
a7:6c:6f:fd:67:c3:fc:c6:de:5e:e5:49:76:94:d6:
6d:e9:1e:e1:e0:40:c7:27:a8:f6:b2:6d:2d:c0:af:
92:f0:24:7b:0b:e0:ef:9b:bd:66:82:3f:70:de:01:
5a:4b:9b:49:0d:1d:5a:a5:f1:87:bd:71:7a:04:cc:
87:98:82:e6:03:8b:d8:5e:8a:21:b9:0a:0b:bf:1f:
55:35:0f:ef:90:2a:c0:ac:92:f5:1b:d0:37:06:c3:
14:8a:f7:74:cd:8a:ab:b3:db:43:a8:f2:fd:07:c5:
69:38:7d:3a:a6:10:24:cf:35:7d:0a:13:ff:33:7a:
be:7d:46:99:b2:c5:d9:47:16:a3:27:78:61:97:88:
d3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2D:EB:7A:CB:E5:6D:87:42:C4:59:1F:D0:3C:2F:82:43:84:B4:56
X509v3 Authority Key Identifier:
keyid:2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/Di3resvlbYdCxFkf0DwvgkOEtFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.128.0/20
87.240.64.0/18
IPv6:
2a03:6c00::/32
Signature Algorithm: sha256WithRSAEncryption
75:70:37:28:f5:f7:d6:20:a8:c3:02:be:75:96:04:09:b4:c0:
e7:21:3d:98:7d:d6:91:b3:48:4c:56:62:33:f1:4f:91:58:6c:
62:3a:3b:14:58:0b:ed:66:95:51:73:d3:c9:60:f0:fa:13:22:
e5:c6:5e:3c:35:4b:de:7e:56:90:ea:89:72:a9:38:da:73:ec:
14:98:6b:8e:e1:6f:61:a4:e8:a0:37:c2:61:6e:e1:3c:a9:ae:
c0:28:a6:ae:ef:70:91:14:8e:dd:8b:f5:21:cc:40:45:7f:fa:
99:80:cb:2b:ea:8e:62:f0:52:27:27:92:25:ce:05:04:e7:82:
13:32:1a:84:3c:4c:99:74:13:bf:9b:cb:77:c0:b7:ca:38:da:
8a:c5:52:be:a5:e9:a3:ca:6a:0e:b4:13:2d:46:39:6e:1b:b2:
69:a4:07:bd:87:66:17:2d:7f:7a:26:de:81:40:b0:82:2f:5a:
43:48:a6:ad:21:57:7d:be:4c:1b:9e:52:09:70:bc:f1:1d:4d:
a4:25:8a:bc:04:36:a1:88:4d:28:4e:95:4d:3b:3e:03:98:1a:
94:50:cd:78:53:b5:b0:bd:90:89:9f:71:88:97:26:c9:3a:d8:
c1:86:d5:bd:0c:74:99:66:d6:54:58:e6:ad:21:50:56:16:6f:
60:69:e6:5e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAC0FC8TCQL8phPV/EuhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzEyMWUxNTQ1ZGYzZTViYjg2ZTkxODhmMjgyNWZhZDc0
NzdmNzUwHhcNMjQwMTAxMTIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJkZWI3YWNiZTU2ZDg3NDJjNDU5MWZkMDNjMmY4MjQzODRiNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLvefBwg7a0uituQpkOGPLhUjkZ9
P40NqDiGR902Ddl72gNcEGFuNKlJe/Uz5L2Nr8pA7CYcbf7jwYhngoAIuActSRNF
eOZoR+90kWDmZsCBkCI9OH53BCM7UeSO21Hl2OsxUxNt1F7xAeOPzAoMOqsgfwJR
MASnbG/9Z8P8xt5e5Ul2lNZt6R7h4EDHJ6j2sm0twK+S8CR7C+Dvm71mgj9w3gFa
S5tJDR1apfGHvXF6BMyHmILmA4vYXoohuQoLvx9VNQ/vkCrArJL1G9A3BsMUivd0
zYqrs9tDqPL9B8VpOH06phAkzzV9ChP/M3q+fUaZssXZRxajJ3hhl4jTdwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA4t63rL5W2HQsRZH9A8L4JDhLRWMB8GA1UdIwQY
MBaAFC7BIeFUXfPlu4bpGI8oJfrXR391MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgt
OWY1MjJhMjg0NTk1LzEvRGkzcmVzdmxiWWRDeEZrZjBEd3Zna09FdEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgtOWY1MjJhMjg0NTk1
LzEvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQELhWAAwQG
V/BAMA0EAgACMAcDBQAqA2wAMA0GCSqGSIb3DQEBCwUAA4IBAQB1cDco9ffWIKjD
Ar51lgQJtMDnIT2YfdaRs0hMVmIz8U+RWGxiOjsUWAvtZpVRc9PJYPD6EyLlxl48
NUveflaQ6olyqTjac+wUmGuO4W9hpOigN8JhbuE8qa7AKKau73CRFI7di/UhzEBF
f/qZgMsr6o5i8FInJ5IlzgUE54ITMhqEPEyZdBO/m8t3wLfKONqKxVK+pemjymoO
tBMtRjluG7JppAe9h2YXLX96Jt6BQLCCL1pDSKatIVd9vkwbnlIJcLzxHU2kJYq8
BDahiE0oTpVNOz4DmBqUUM14U7WwvZCJn3GIlybJOtjBhtW9DHSZZtZUWOatIVBW
Fm9gaeZe
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:53:53 2024 by rpki-client on console-ams.rpki-client.org