Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/2B1mQlbgxSaXvo16VT-tf1_f2oE.roa
File: 2B1mQlbgxSaXvo16VT-tf1_f2oE.roa (raw, json)
Hash identifier: hlL6IdasOSwfpyusOxkW+2xzRUgHeqpGjKSz9jGe8Eo=
Subject key identifier: D8:1D:66:42:56:E0:C5:26:97:BE:8D:7A:55:3F:AD:7F:5F:DF:DA:81
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 018CC8015179E53292A2AE098228F453FE92
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/2B1mQlbgxSaXvo16VT-tf1_f2oE.roa
Signing time: Tue 02 Jan 2024 02:29:38 +0000
ROA not before: Tue 02 Jan 2024 02:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2874
IP address blocks: 57.79.0.0/16 maxlen: 32
57.86.0.0/16 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.mft
rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:51:79:e5:32:92:a2:ae:09:82:28:f4:53:fe:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 2 02:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d81d664256e0c52697be8d7a553fad7f5fdfda81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:90:79:3a:ad:8c:1f:ec:66:ca:71:38:c3:f9:
c3:df:d8:e2:a8:5e:d1:8f:a3:16:ff:29:45:94:14:
64:88:54:ab:06:d8:b8:91:15:04:0f:ad:52:10:e1:
9b:93:5e:22:6b:37:9d:a4:4f:59:28:56:fe:f1:71:
ab:c4:f2:82:3d:ab:0c:fb:73:6f:d2:3a:df:95:b7:
9d:88:03:85:aa:19:00:4d:aa:82:d6:3f:e5:32:29:
4c:60:e4:66:5a:ae:76:ec:ee:65:6c:13:7b:4e:5e:
0a:fc:17:6c:5a:7a:a6:a4:90:7a:45:88:95:be:e5:
d1:26:35:1c:fe:eb:5d:60:33:14:74:89:a0:f5:40:
42:e9:9f:54:2a:3b:4b:7e:81:b0:4d:7d:2a:0d:61:
4a:00:9a:7d:f7:3c:25:d6:5d:0d:09:26:d5:24:e6:
1c:68:9f:f8:9e:64:c4:85:70:f5:7e:b4:54:bc:5f:
ac:b9:f2:15:01:80:1a:d7:be:13:84:d2:cc:f3:08:
c1:66:20:d9:0c:1a:4a:18:ca:32:23:99:2b:a5:88:
b7:e9:44:a0:17:7b:8c:28:c9:21:87:06:fd:0c:4b:
dc:cc:84:e8:c8:e9:85:99:0d:fc:9a:44:fa:ca:f7:
51:0d:9f:ee:ac:a6:4a:32:4e:81:d3:f9:e5:ce:d2:
9a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1D:66:42:56:E0:C5:26:97:BE:8D:7A:55:3F:AD:7F:5F:DF:DA:81
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/2B1mQlbgxSaXvo16VT-tf1_f2oE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.79.0.0/16
57.86.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c0:02:43:76:28:02:28:6a:31:45:bd:8d:a5:e8:1f:c2:44:63:
40:e5:80:3e:aa:ce:a0:8c:08:45:4a:35:d6:63:e4:05:44:6c:
5a:95:80:a0:59:da:e6:06:32:5f:58:f7:f6:26:b0:03:05:d3:
c4:40:e9:67:b7:75:4e:93:1f:17:3d:fb:c9:56:80:a9:d3:a0:
b8:fd:c1:c1:31:ee:1d:03:ba:57:f2:47:f1:21:10:f0:c9:8c:
8e:33:48:31:09:fd:52:64:88:e3:fb:5c:22:92:e9:b3:b9:b4:
22:75:6b:42:63:38:49:24:70:4d:4d:fe:09:a1:9e:46:21:0e:
b7:46:97:f4:18:26:d8:be:4d:d6:4e:ea:23:87:5c:76:c0:9d:
10:5a:b2:76:fc:b1:f6:8c:36:e7:c3:a0:79:06:39:27:9c:e1:
96:a3:84:7d:b6:dd:52:0e:02:4e:54:a4:58:09:7c:5b:0d:64:
9d:83:2b:22:55:f4:44:27:9d:76:8a:ea:12:97:87:2d:19:5e:
19:72:c5:f9:27:43:64:18:21:66:c6:be:b0:a9:e6:ee:b9:2f:
a0:8a:f6:c8:18:ea:8a:95:61:cd:f5:8d:2d:dc:73:b7:11:22:
ae:6f:91:bc:ab:83:ae:2d:97:5e:4b:45:0c:44:aa:e5:4e:1d:
9e:f1:ef:45
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYzIAVF55TKSoq4Jgij0U/6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjQwMTAyMDIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFkNjY0MjU2ZTBjNTI2OTdiZThkN2E1NTNmYWQ3ZjVmZGZkYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZB5Oq2MH+xmynE4w/nD39jiqF7R
j6MW/ylFlBRkiFSrBti4kRUED61SEOGbk14iazedpE9ZKFb+8XGrxPKCPasM+3Nv
0jrflbediAOFqhkATaqC1j/lMilMYORmWq527O5lbBN7Tl4K/BdsWnqmpJB6RYiV
vuXRJjUc/utdYDMUdImg9UBC6Z9UKjtLfoGwTX0qDWFKAJp99zwl1l0NCSbVJOYc
aJ/4nmTEhXD1frRUvF+sufIVAYAa174ThNLM8wjBZiDZDBpKGMoyI5krpYi36USg
F3uMKMkhhwb9DEvczIToyOmFmQ38mkT6yvdRDZ/urKZKMk6B0/nlztKaUQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFNgdZkJW4MUml76NelU/rX9f39qBMB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvMkIxbVFsYmd4U2FYdm8xNlZULXRmMV9mMm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAOU8DAwA5
VjANBgkqhkiG9w0BAQsFAAOCAQEAwAJDdigCKGoxRb2NpegfwkRjQOWAPqrOoIwI
RUo11mPkBURsWpWAoFna5gYyX1j39iawAwXTxEDpZ7d1TpMfFz37yVaAqdOguP3B
wTHuHQO6V/JH8SEQ8MmMjjNIMQn9UmSI4/tcIpLps7m0InVrQmM4SSRwTU3+CaGe
RiEOt0aX9Bgm2L5N1k7qI4dcdsCdEFqydvyx9ow258OgeQY5J5zhlqOEfbbdUg4C
TlSkWAl8Ww1knYMrIlX0RCeddorqEpeHLRleGXLF+SdDZBghZsa+sKnm7rkvoIr2
yBjqipVhzfWNLdxztxEirm+RvKuDri2XXktFDESq5U4dnvHvRQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:52:27 2024 by rpki-client on console-ams.rpki-client.org