Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/LfUAeq4HoqluHslZzpNUz5HEhDc.roa
File: LfUAeq4HoqluHslZzpNUz5HEhDc.roa (raw, json)
Hash identifier: y9gnbVVxIl48xMNvYwTjS72tAVL5JTRCMWMJoqC66Y4=
Subject key identifier: 2D:F5:00:7A:AE:07:A2:A9:6E:1E:C9:59:CE:93:54:CF:91:C4:84:37
Certificate issuer: /CN=5f5ed9921c63bf10db084bad332ea9ff9f8199e6
Certificate serial: 018CC348E01A0B4A8032269563967303241E
Authority key identifier: 5F:5E:D9:92:1C:63:BF:10:DB:08:4B:AD:33:2E:A9:FF:9F:81:99:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X17ZkhxjvxDbCEutMy6p_5-BmeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/LfUAeq4HoqluHslZzpNUz5HEhDc.roa
Signing time: Mon 01 Jan 2024 04:29:42 +0000
ROA not before: Mon 01 Jan 2024 04:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 2a14:4e87:1001::/48 maxlen: 48
2a14:4e87:1010::/48 maxlen: 48
2a14:4e87:1020::/48 maxlen: 48
2a14:4e87:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/X17ZkhxjvxDbCEutMy6p_5-BmeY.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/X17ZkhxjvxDbCEutMy6p_5-BmeY.mft
rsync://rpki.ripe.net/repository/DEFAULT/X17ZkhxjvxDbCEutMy6p_5-BmeY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e0:1a:0b:4a:80:32:26:95:63:96:73:03:24:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5ed9921c63bf10db084bad332ea9ff9f8199e6
Validity
Not Before: Jan 1 04:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2df5007aae07a2a96e1ec959ce9354cf91c48437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6a:fc:00:f0:be:fd:d0:23:f4:7e:40:93:e2:
cf:da:78:42:d2:90:f3:fe:16:f6:90:4b:62:6f:18:
f5:0a:94:ca:01:cc:db:40:16:ad:5d:07:d7:8d:df:
88:43:af:50:91:e6:fc:d2:c7:4a:55:04:c7:82:d1:
2e:23:27:e7:a3:3e:24:bb:b3:44:c1:c9:08:9b:e3:
cc:dc:92:cf:54:42:9f:11:70:2e:49:ac:a6:28:a0:
40:21:3d:a9:56:da:55:fc:a1:9d:88:6e:7c:af:a2:
6a:39:8c:1b:e0:01:fe:c1:1a:be:14:97:4c:4b:50:
ed:f6:37:86:cb:61:e5:85:2a:ad:8d:cc:61:32:9c:
1b:29:3e:81:68:f1:6c:00:b4:db:c0:c8:2e:15:8d:
b5:d7:51:00:4f:d1:27:15:54:29:7f:ba:a1:90:cb:
8f:e5:37:18:15:52:b1:01:2e:5e:60:5d:a1:5a:a9:
ba:5e:30:ab:2e:21:70:1e:00:18:aa:82:f3:d2:48:
51:a3:fb:bf:f9:cb:96:79:be:63:bb:6b:1f:c1:bb:
27:da:bd:06:8d:cc:6c:f3:37:a0:94:69:61:46:0c:
8c:c4:fa:32:07:83:87:15:54:dc:f6:2e:25:c8:ff:
71:54:cd:2f:a7:86:03:a3:ad:37:97:b1:47:73:b1:
80:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F5:00:7A:AE:07:A2:A9:6E:1E:C9:59:CE:93:54:CF:91:C4:84:37
X509v3 Authority Key Identifier:
keyid:5F:5E:D9:92:1C:63:BF:10:DB:08:4B:AD:33:2E:A9:FF:9F:81:99:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X17ZkhxjvxDbCEutMy6p_5-BmeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/LfUAeq4HoqluHslZzpNUz5HEhDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/X17ZkhxjvxDbCEutMy6p_5-BmeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4e87:1000::/47
2a14:4e87:1010::/48
2a14:4e87:1020::/48
Signature Algorithm: sha256WithRSAEncryption
1c:3b:7c:55:2d:a5:c3:84:23:e1:c7:bb:74:8d:fd:de:6b:95:
79:5a:e5:98:aa:91:8a:9e:33:dc:f4:c2:b3:00:1c:9b:1f:22:
2a:da:7a:15:80:b5:07:db:8a:8d:09:c1:b3:4a:97:34:bf:d4:
7c:48:cf:21:f2:d1:42:3b:e1:fc:74:19:b6:9d:06:77:26:2b:
97:6e:1c:8f:49:20:92:a5:af:cc:50:c0:a9:2e:f7:34:b0:b0:
33:cf:ab:3b:9c:89:e0:8b:41:e0:d8:13:eb:44:03:cf:ed:ca:
5d:5f:87:c8:d2:33:95:19:83:0e:2b:e7:4d:ea:d4:3a:a2:e8:
2d:cb:aa:f2:f2:a9:ed:99:77:52:b7:60:8f:62:b1:e7:a2:3d:
69:f6:57:29:32:3f:bf:24:30:1f:ec:4a:42:dd:98:54:28:c3:
1a:8d:25:a0:18:78:9d:f6:a8:82:40:ed:96:71:35:de:7f:f9:
c8:64:d9:aa:4a:a7:80:9e:d4:62:39:59:50:da:2f:2e:fc:0b:
b1:31:14:13:16:fe:b4:4a:de:f2:1b:92:cd:1a:00:f4:57:ad:
be:3c:1f:b5:2c:4a:31:08:a0:b2:0c:24:58:8d:9b:b0:7f:28:
3b:d2:03:11:f3:45:dd:db:a6:3d:0c:21:c8:a0:63:6d:1c:b2:
d7:63:d5:5c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSOAaC0qAMiaVY5ZzAyQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNWVkOTkyMWM2M2JmMTBkYjA4NGJhZDMzMmVhOWZmOWY4
MTk5ZTYwHhcNMjQwMTAxMDQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGY1MDA3YWFlMDdhMmE5NmUxZWM5NTljZTkzNTRjZjkxYzQ4NDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGr8APC+/dAj9H5Ak+LP2nhC0pDz
/hb2kEtibxj1CpTKAczbQBatXQfXjd+IQ69Qkeb80sdKVQTHgtEuIyfnoz4ku7NE
wckIm+PM3JLPVEKfEXAuSaymKKBAIT2pVtpV/KGdiG58r6JqOYwb4AH+wRq+FJdM
S1Dt9jeGy2HlhSqtjcxhMpwbKT6BaPFsALTbwMguFY2111EAT9EnFVQpf7qhkMuP
5TcYFVKxAS5eYF2hWqm6XjCrLiFwHgAYqoLz0khRo/u/+cuWeb5ju2sfwbsn2r0G
jcxs8zeglGlhRgyMxPoyB4OHFVTc9i4lyP9xVM0vp4YDo603l7FHc7GA3wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC31AHquB6Kpbh7JWc6TVM+RxIQ3MB8GA1UdIwQY
MBaAFF9e2ZIcY78Q2whLrTMuqf+fgZnmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDE3WmtoeGp2eERiQ0V1dE15NnBfNS1CbWVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9kZjBiN2EtNjhiMy00N2Q1LWI2NzEt
ZGYyN2YxMGM3MDk3LzEvTGZVQWVxNEhvcWx1SHNsWnpwTlV6NUhFaERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9kZjBiN2EtNjhiMy00N2Q1LWI2NzEtZGYyN2YxMGM3MDk3
LzEvWDE3WmtoeGp2eERiQ0V1dE15NnBfNS1CbWVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKhROhxAA
AwcAKhROhxAQAwcAKhROhxAgMA0GCSqGSIb3DQEBCwUAA4IBAQAcO3xVLaXDhCPh
x7t0jf3ea5V5WuWYqpGKnjPc9MKzABybHyIq2noVgLUH24qNCcGzSpc0v9R8SM8h
8tFCO+H8dBm2nQZ3JiuXbhyPSSCSpa/MUMCpLvc0sLAzz6s7nIngi0Hg2BPrRAPP
7cpdX4fI0jOVGYMOK+dN6tQ6ougty6ry8qntmXdSt2CPYrHnoj1p9lcpMj+/JDAf
7EpC3ZhUKMMajSWgGHid9qiCQO2WcTXef/nIZNmqSqeAntRiOVlQ2i8u/AuxMRQT
Fv60St7yG5LNGgD0V62+PB+1LEoxCKCyDCRYjZuwfyg70gMR80Xd26Y9DCHIoGNt
HLLXY9Vc
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:54:36 2024 by rpki-client on console-ams.rpki-client.org