Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/aVPeSeOrLK-hnGy_U6CSkoo7dK0.roa
File: aVPeSeOrLK-hnGy_U6CSkoo7dK0.roa (raw, json)
Hash identifier: jWwybzlZyB9d377/BC7aPNITmhuEaIMTsWAaK/8Inm0=
Subject key identifier: 69:53:DE:49:E3:AB:2C:AF:A1:9C:6C:BF:53:A0:92:92:8A:3B:74:AD
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 018CC56E86B25DC53EA9386DFDCEC1B76444
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/aVPeSeOrLK-hnGy_U6CSkoo7dK0.roa
Signing time: Mon 01 Jan 2024 14:30:04 +0000
ROA not before: Mon 01 Jan 2024 14:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15702
IP address blocks: 80.252.32.0/20 maxlen: 24
185.99.80.0/22 maxlen: 24
195.74.65.0/24 maxlen: 24
217.19.32.0/20 maxlen: 24
2001:1618::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:86:b2:5d:c5:3e:a9:38:6d:fd:ce:c1:b7:64:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 14:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6953de49e3ab2cafa19c6cbf53a092928a3b74ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:36:32:e0:51:4b:cb:45:1d:52:81:ba:ca:94:
5a:37:81:41:13:2f:84:4f:c4:32:9c:fe:da:1b:ae:
f1:fa:a5:57:cd:fd:fd:57:50:f4:69:b8:31:db:a1:
38:9e:98:4b:33:b2:3e:0d:e0:4a:c7:53:00:7f:f4:
1e:9d:7b:a8:21:8f:a6:91:a5:7e:4f:2c:55:7d:c0:
84:34:48:5a:a8:ef:2c:0d:07:d6:11:f1:ee:65:d0:
1c:2b:b1:4a:04:a7:8f:93:df:0b:f9:cf:00:7b:8e:
73:4d:c9:43:a5:b2:79:6a:c0:54:0e:30:36:a6:ec:
da:bc:e2:67:21:2b:20:8d:c0:ca:0a:d5:84:c9:a4:
15:db:83:be:ec:1c:5f:e3:2f:75:62:ba:0a:1a:d7:
e2:fb:8d:5b:a5:c3:4c:be:ba:3d:db:e2:13:06:a6:
41:f6:d3:66:b3:79:96:74:45:3c:e2:4d:12:be:1e:
05:54:c9:af:9e:af:64:b6:fa:cc:7f:c9:2e:d9:a3:
c1:2b:95:44:0a:48:85:19:36:76:67:1a:b8:d5:93:
9c:84:c0:be:fe:61:c5:9a:cb:66:1d:27:43:55:e5:
83:cb:aa:10:a2:7f:67:73:b8:69:e3:fa:ee:e4:c3:
e5:90:a4:92:3d:a0:34:49:ca:e6:67:e9:18:3e:08:
d4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:53:DE:49:E3:AB:2C:AF:A1:9C:6C:BF:53:A0:92:92:8A:3B:74:AD
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/aVPeSeOrLK-hnGy_U6CSkoo7dK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.32.0/20
185.99.80.0/22
195.74.65.0/24
217.19.32.0/20
IPv6:
2001:1618::/29
Signature Algorithm: sha256WithRSAEncryption
39:29:20:69:df:97:cd:98:4f:03:59:2d:4b:6f:21:07:f5:f3:
f4:05:e8:68:6a:4b:6c:89:7f:5c:e6:a8:94:9a:6a:2c:a4:9e:
ef:59:06:c8:c7:d5:d2:b3:73:25:86:7a:cd:2c:c6:fd:f2:4b:
b0:51:d2:05:bc:96:6e:5a:7d:91:f1:9b:10:6c:f2:dc:44:37:
09:78:75:f0:cc:b8:c6:fe:26:24:10:33:44:28:c9:37:5c:97:
32:7a:42:60:f3:f1:4d:ca:2d:25:7e:23:fa:18:1d:47:48:7d:
bf:64:19:e1:2f:45:b6:9b:c6:f2:cb:2b:7c:a6:38:ee:2b:84:
a9:8b:a0:38:4e:da:e4:27:1d:23:64:3d:16:00:52:c0:02:11:
de:09:c4:56:38:34:80:63:ac:69:a3:56:80:2d:d3:c3:67:02:
c8:ca:53:09:65:bb:ab:46:21:99:84:56:8d:85:4c:64:15:5c:
48:20:42:f5:9f:60:02:5a:92:f0:53:9c:9c:95:f7:93:ba:3e:
9b:b0:50:ea:4c:34:27:47:02:64:4c:91:f8:df:85:9f:34:4f:
e3:9a:c9:f7:b7:ee:70:f3:79:5c:29:c5:9b:e4:70:ef:09:56:
59:68:e3:bd:33:d6:fa:38:45:22:43:3f:34:cf:ba:19:47:d3:
45:a2:11:6c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFboayXcU+qTht/c7Bt2REMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjQwMTAxMTQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTUzZGU0OWUzYWIyY2FmYTE5YzZjYmY1M2EwOTI5MjhhM2I3NGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzYy4FFLy0UdUoG6ypRaN4FBEy+E
T8QynP7aG67x+qVXzf39V1D0abgx26E4nphLM7I+DeBKx1MAf/QenXuoIY+mkaV+
TyxVfcCENEhaqO8sDQfWEfHuZdAcK7FKBKePk98L+c8Ae45zTclDpbJ5asBUDjA2
puzavOJnISsgjcDKCtWEyaQV24O+7Bxf4y91YroKGtfi+41bpcNMvro92+ITBqZB
9tNms3mWdEU84k0Svh4FVMmvnq9ktvrMf8ku2aPBK5VECkiFGTZ2Zxq41ZOchMC+
/mHFmstmHSdDVeWDy6oQon9nc7hp4/ru5MPlkKSSPaA0ScrmZ+kYPgjULwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGlT3knjqyyvoZxsv1OgkpKKO3StMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvYVZQZVNlT3JMSy1obkd5X1U2Q1Nrb283ZEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUPwgAwQC
uWNQAwQAw0pBAwQE2RMgMA0EAgACMAcDBQMgARYYMA0GCSqGSIb3DQEBCwUAA4IB
AQA5KSBp35fNmE8DWS1LbyEH9fP0BehoaktsiX9c5qiUmmospJ7vWQbIx9XSs3Ml
hnrNLMb98kuwUdIFvJZuWn2R8ZsQbPLcRDcJeHXwzLjG/iYkEDNEKMk3XJcyekJg
8/FNyi0lfiP6GB1HSH2/ZBnhL0W2m8byyyt8pjjuK4Spi6A4TtrkJx0jZD0WAFLA
AhHeCcRWODSAY6xpo1aALdPDZwLIylMJZburRiGZhFaNhUxkFVxIIEL1n2ACWpLw
U5yclfeTuj6bsFDqTDQnRwJkTJH434WfNE/jmsn3t+5w83lcKcWb5HDvCVZZaOO9
M9b6OEUiQz80z7oZR9NFohFs
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:04 2024 by rpki-client on console-fra.rpki-client.org