Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/cX2y_eJdeTTCKjmC615v7EyU0JQ.roa
File: cX2y_eJdeTTCKjmC615v7EyU0JQ.roa (raw, json)
Hash identifier: yLrNmVvVS2zb4Mku3m5TgF/hDyLbR8vKVRz+VytqBG0=
Subject key identifier: 71:7D:B2:FD:E2:5D:79:34:C2:2A:39:82:EB:5E:6F:EC:4C:94:D0:94
Certificate issuer: /CN=1b980f22a5952a4ef9a4ec4a9e0d0c351fec9454
Certificate serial: 018CC49399CF75A7DC3FAAA0F7FD2D836165
Authority key identifier: 1B:98:0F:22:A5:95:2A:4E:F9:A4:EC:4A:9E:0D:0C:35:1F:EC:94:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G5gPIqWVKk75pOxKng0MNR_slFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/cX2y_eJdeTTCKjmC615v7EyU0JQ.roa
Signing time: Mon 01 Jan 2024 10:30:56 +0000
ROA not before: Mon 01 Jan 2024 10:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25560
IP address blocks: 62.216.160.0/19 maxlen: 24
85.199.128.0/18 maxlen: 24
217.24.208.0/20 maxlen: 24
95.143.160.0/20 maxlen: 24
85.199.184.0/22 maxlen: 24
2001:1a50::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/G5gPIqWVKk75pOxKng0MNR_slFQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/G5gPIqWVKk75pOxKng0MNR_slFQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/G5gPIqWVKk75pOxKng0MNR_slFQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:99:cf:75:a7:dc:3f:aa:a0:f7:fd:2d:83:61:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b980f22a5952a4ef9a4ec4a9e0d0c351fec9454
Validity
Not Before: Jan 1 10:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=717db2fde25d7934c22a3982eb5e6fec4c94d094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cf:e3:3e:a3:14:79:b5:d6:bd:df:f2:a0:97:
37:13:04:91:e6:ae:aa:3a:f8:c4:4f:f4:13:43:54:
c5:14:2a:8e:53:49:a2:3c:36:9e:ad:14:38:fb:3d:
62:6c:68:52:8f:38:6f:25:73:d0:16:45:1d:64:d6:
a0:25:d4:de:95:3c:45:5e:d2:a6:e0:bd:c3:bc:fa:
95:8f:cc:59:a6:ed:a2:cb:98:d2:d5:a6:31:db:0e:
89:a9:15:35:e6:c5:9f:1c:a1:09:34:bb:ec:8c:de:
63:68:ee:d6:d2:5d:cc:98:46:d4:ef:a0:9d:7b:cb:
3c:8a:7a:b4:44:d6:ca:a5:dd:43:20:52:3e:2d:3c:
29:88:c2:ad:50:9d:74:5b:35:11:70:77:4d:c9:54:
1e:8f:53:b5:2a:df:7d:bf:b0:8f:10:45:86:49:2f:
9e:70:3c:a5:67:35:ca:47:16:7e:74:38:72:88:e9:
45:fb:6f:ec:c8:2c:97:59:45:52:ce:a0:1a:50:d4:
96:56:84:8d:ca:4c:4f:a1:bd:8c:a0:e7:8c:0b:c7:
f4:c5:3a:cd:da:82:b7:1c:bb:f6:5f:5d:c2:a7:5b:
86:3d:9c:df:97:d7:91:23:5d:0e:cd:ad:7c:17:4f:
e3:67:82:80:62:91:b5:46:11:bb:d0:12:2a:4d:e1:
0b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7D:B2:FD:E2:5D:79:34:C2:2A:39:82:EB:5E:6F:EC:4C:94:D0:94
X509v3 Authority Key Identifier:
keyid:1B:98:0F:22:A5:95:2A:4E:F9:A4:EC:4A:9E:0D:0C:35:1F:EC:94:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G5gPIqWVKk75pOxKng0MNR_slFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/cX2y_eJdeTTCKjmC615v7EyU0JQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/G5gPIqWVKk75pOxKng0MNR_slFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.160.0/19
85.199.128.0/18
95.143.160.0/20
217.24.208.0/20
IPv6:
2001:1a50::/32
Signature Algorithm: sha256WithRSAEncryption
1b:61:87:a8:b2:6f:aa:1e:6b:78:d4:dd:66:45:b2:0c:78:61:
4c:bb:68:ba:b9:f0:24:d4:33:4c:d0:b0:7a:75:2e:6a:96:9e:
81:f5:f6:fb:23:54:67:53:92:6b:3b:56:1d:60:07:51:f5:45:
37:28:d1:5d:fe:ea:6d:6f:a2:8f:33:23:a1:78:fb:9e:bf:44:
6f:8c:e1:57:b3:44:ff:ed:19:81:6c:cf:06:3d:ad:78:bb:8e:
ff:4a:59:9e:8d:30:cd:09:04:33:3b:b4:9c:99:a4:7d:1c:30:
9f:21:f5:45:41:5d:c8:22:ee:3d:a3:82:84:1c:35:2b:7c:e7:
90:4a:57:09:42:a1:a1:72:67:1d:9c:11:f8:bf:ef:ad:7f:5b:
f1:e3:6e:73:75:2d:b2:83:7d:dd:1f:78:f3:8d:17:f0:c3:9a:
a2:1b:e1:e3:4b:cf:01:be:8f:44:ae:a2:6b:06:e9:3e:4a:75:
7e:9b:1b:03:83:cf:0d:48:85:3a:c6:20:e5:e2:8c:58:fe:ea:
8d:02:0b:4c:f0:4d:69:15:e4:06:40:4e:d4:3f:b7:15:f1:51:
cd:83:04:da:61:e5:7a:85:ba:f6:30:05:1e:ca:31:e8:c0:92:
af:da:c3:93:06:78:85:49:e0:91:e6:8c:a1:39:02:79:41:84:
d3:1a:b1:1b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEk5nPdafcP6qg9/0tg2FlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOTgwZjIyYTU5NTJhNGVmOWE0ZWM0YTllMGQwYzM1MWZl
Yzk0NTQwHhcNMjQwMTAxMTAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTdkYjJmZGUyNWQ3OTM0YzIyYTM5ODJlYjVlNmZlYzRjOTRkMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAms/jPqMUebXWvd/yoJc3EwSR5q6q
OvjET/QTQ1TFFCqOU0miPDaerRQ4+z1ibGhSjzhvJXPQFkUdZNagJdTelTxFXtKm
4L3DvPqVj8xZpu2iy5jS1aYx2w6JqRU15sWfHKEJNLvsjN5jaO7W0l3MmEbU76Cd
e8s8inq0RNbKpd1DIFI+LTwpiMKtUJ10WzURcHdNyVQej1O1Kt99v7CPEEWGSS+e
cDylZzXKRxZ+dDhyiOlF+2/syCyXWUVSzqAaUNSWVoSNykxPob2MoOeMC8f0xTrN
2oK3HLv2X13Cp1uGPZzfl9eRI10Oza18F0/jZ4KAYpG1RhG70BIqTeELlQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHF9sv3iXXk0wio5guteb+xMlNCUMB8GA1UdIwQY
MBaAFBuYDyKllSpO+aTsSp4NDDUf7JRUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzVnUElxV1ZLazc1cE94S25nME1OUl9zbEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83NzRlMjYtZDA4Zi00NmQzLWFkMDYt
MzQ3YjU2NmRkYmQxLzEvY1gyeV9lSmRlVFRDS2ptQzYxNXY3RXlVMEpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83NzRlMjYtZDA4Zi00NmQzLWFkMDYtMzQ3YjU2NmRkYmQx
LzEvRzVnUElxV1ZLazc1cE94S25nME1OUl9zbEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFPtigAwQG
VceAAwQEX4+gAwQE2RjQMA0EAgACMAcDBQAgARpQMA0GCSqGSIb3DQEBCwUAA4IB
AQAbYYeosm+qHmt41N1mRbIMeGFMu2i6ufAk1DNM0LB6dS5qlp6B9fb7I1RnU5Jr
O1YdYAdR9UU3KNFd/uptb6KPMyOhePuev0RvjOFXs0T/7RmBbM8GPa14u47/Slme
jTDNCQQzO7ScmaR9HDCfIfVFQV3IIu49o4KEHDUrfOeQSlcJQqGhcmcdnBH4v++t
f1vx425zdS2yg33dH3jzjRfww5qiG+HjS88Bvo9ErqJrBuk+SnV+mxsDg88NSIU6
xiDl4oxY/uqNAgtM8E1pFeQGQE7UP7cV8VHNgwTaYeV6hbr2MAUeyjHowJKv2sOT
BniFSeCR5oyhOQJ5QYTTGrEb
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:48:01 2024 by rpki-client on console-fra.rpki-client.org