Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/c8900c-f3d2-457c-b38b-6d7650ca3d04/1/1XronpqXFa8y1HWAdN_IA9jVZvQ.roa
File: 1XronpqXFa8y1HWAdN_IA9jVZvQ.roa (raw, json)
Hash identifier: K1X3R4PmiMUchaQKywokIViDF8DeOrXRjVjKNVF+14Q=
Subject key identifier: D5:7A:E8:9E:9A:97:15:AF:32:D4:75:80:74:DF:C8:03:D8:D5:66:F4
Certificate issuer: /CN=e28a86ccbf567bd9a282fddf75f0b7f5542222d2
Certificate serial: 018F9EDB541A27D80BAF450F57D71C5425DB
Authority key identifier: E2:8A:86:CC:BF:56:7B:D9:A2:82:FD:DF:75:F0:B7:F5:54:22:22:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4oqGzL9We9migv3fdfC39VQiItI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/c8900c-f3d2-457c-b38b-6d7650ca3d04/1/1XronpqXFa8y1HWAdN_IA9jVZvQ.roa
Signing time: Wed 22 May 2024 05:52:04 +0000
ROA not before: Wed 22 May 2024 05:52:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38949
IP address blocks: 80.94.48.0/20 maxlen: 20
2a02:c80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/c8900c-f3d2-457c-b38b-6d7650ca3d04/1/4oqGzL9We9migv3fdfC39VQiItI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/c8900c-f3d2-457c-b38b-6d7650ca3d04/1/4oqGzL9We9migv3fdfC39VQiItI.mft
rsync://rpki.ripe.net/repository/DEFAULT/4oqGzL9We9migv3fdfC39VQiItI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9e:db:54:1a:27:d8:0b:af:45:0f:57:d7:1c:54:25:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e28a86ccbf567bd9a282fddf75f0b7f5542222d2
Validity
Not Before: May 22 05:52:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d57ae89e9a9715af32d4758074dfc803d8d566f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:98:73:5b:3a:b7:b7:d9:dd:ee:82:a9:a9:2b:
6c:36:d0:5b:3f:1b:b5:19:27:6a:db:8c:51:63:d9:
78:0d:2a:cd:88:cb:b3:24:33:a1:a3:08:eb:3b:57:
cc:4a:08:a5:51:6e:2a:e3:26:2e:1c:fb:38:f1:64:
dc:88:b6:70:99:c8:49:17:8e:8c:00:f3:96:f0:28:
b5:84:f8:30:ca:00:54:22:d7:fa:df:58:7f:e2:30:
cf:50:3c:00:6a:f6:dc:c5:c1:fe:1d:63:29:5c:d1:
87:a3:b1:73:55:15:fa:81:d6:91:31:cf:4a:a7:4f:
e6:62:8f:71:25:02:61:6e:2d:36:09:40:18:32:ce:
a8:e4:b5:ef:5a:a4:2f:67:e9:99:b8:0c:88:08:97:
f8:66:ea:26:60:14:f9:9d:39:60:78:91:59:0b:24:
93:af:1b:2a:d0:37:15:f5:17:38:20:87:7f:27:72:
8a:49:c5:c2:6c:80:32:82:5a:89:ec:89:cf:30:e1:
9f:ff:79:15:ff:76:21:6a:6a:e8:b6:20:df:6b:b9:
02:e6:54:45:cb:da:7c:03:14:df:36:df:7c:7e:0e:
e1:f2:f8:5a:6d:99:52:5a:31:dc:d3:16:8f:0b:2b:
fe:e6:ad:e2:00:35:b7:fc:40:0f:5d:ed:ac:88:a8:
18:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7A:E8:9E:9A:97:15:AF:32:D4:75:80:74:DF:C8:03:D8:D5:66:F4
X509v3 Authority Key Identifier:
keyid:E2:8A:86:CC:BF:56:7B:D9:A2:82:FD:DF:75:F0:B7:F5:54:22:22:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4oqGzL9We9migv3fdfC39VQiItI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c8900c-f3d2-457c-b38b-6d7650ca3d04/1/1XronpqXFa8y1HWAdN_IA9jVZvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c8900c-f3d2-457c-b38b-6d7650ca3d04/1/4oqGzL9We9migv3fdfC39VQiItI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.48.0/20
IPv6:
2a02:c80::/32
Signature Algorithm: sha256WithRSAEncryption
51:a1:60:ea:3e:b2:4c:4d:70:b3:ab:6a:c9:70:c1:ba:32:30:
04:1d:f3:cb:02:38:7c:e8:c0:dc:9b:16:5c:6a:8b:71:4a:4f:
fe:8d:81:8b:fd:ad:cb:75:be:63:04:08:b2:f5:6b:19:a0:f2:
e5:5e:aa:91:61:b2:3c:83:b9:5c:f6:4e:af:c6:66:c9:c0:b8:
c4:4f:92:af:63:ee:89:0c:47:5f:83:8e:82:47:20:7d:f3:f3:
0b:ba:3e:56:f5:f7:bd:19:a3:9a:64:d9:22:3e:0a:ec:bf:6c:
ac:10:3a:7e:7c:2b:60:a9:b5:7e:e4:62:04:57:3a:ec:cc:da:
92:44:8c:b4:2e:fa:22:9e:d6:ba:4d:0c:21:df:4a:75:b5:c1:
46:9a:78:5a:43:61:bf:be:7f:73:18:c7:32:5e:0c:9a:ed:8d:
01:4b:d5:df:d0:32:74:57:2f:6b:8d:9d:f5:a0:e8:f3:c4:68:
e5:15:5c:39:89:44:12:da:ab:41:fa:bf:8f:94:b2:60:39:a1:
47:ab:19:a8:68:22:1b:b9:11:b6:59:de:2c:18:48:6d:de:06:
34:88:4c:a7:0e:c3:b8:9c:0c:fd:56:22:c4:42:4a:54:fe:eb:
ee:96:bf:a4:a8:7d:eb:a8:b7:47:5b:01:df:1a:8e:07:02:1e:
12:19:13:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+e21QaJ9gLr0UPV9ccVCXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOGE4NmNjYmY1NjdiZDlhMjgyZmRkZjc1ZjBiN2Y1NTQy
MjIyZDIwHhcNMjQwNTIyMDU1MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTdhZTg5ZTlhOTcxNWFmMzJkNDc1ODA3NGRmYzgwM2Q4ZDU2NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJhzWzq3t9nd7oKpqStsNtBbPxu1
GSdq24xRY9l4DSrNiMuzJDOhowjrO1fMSgilUW4q4yYuHPs48WTciLZwmchJF46M
APOW8Ci1hPgwygBUItf631h/4jDPUDwAavbcxcH+HWMpXNGHo7FzVRX6gdaRMc9K
p0/mYo9xJQJhbi02CUAYMs6o5LXvWqQvZ+mZuAyICJf4ZuomYBT5nTlgeJFZCyST
rxsq0DcV9Rc4IId/J3KKScXCbIAyglqJ7InPMOGf/3kV/3YhamrotiDfa7kC5lRF
y9p8AxTfNt98fg7h8vhabZlSWjHc0xaPCyv+5q3iADW3/EAPXe2siKgYsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNV66J6alxWvMtR1gHTfyAPY1Wb0MB8GA1UdIwQY
MBaAFOKKhsy/VnvZooL933Xwt/VUIiLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG9xR3pMOVdlOW1pZ3YzZmRmQzM5VlFpSXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9jODkwMGMtZjNkMi00NTdjLWIzOGIt
NmQ3NjUwY2EzZDA0LzEvMVhyb25wcVhGYTh5MUhXQWROX0lBOWpWWnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9jODkwMGMtZjNkMi00NTdjLWIzOGItNmQ3NjUwY2EzZDA0
LzEvNG9xR3pMOVdlOW1pZ3YzZmRmQzM5VlFpSXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUF4wMA0E
AgACMAcDBQAqAgyAMA0GCSqGSIb3DQEBCwUAA4IBAQBRoWDqPrJMTXCzq2rJcMG6
MjAEHfPLAjh86MDcmxZcaotxSk/+jYGL/a3Ldb5jBAiy9WsZoPLlXqqRYbI8g7lc
9k6vxmbJwLjET5KvY+6JDEdfg46CRyB98/MLuj5W9fe9GaOaZNkiPgrsv2ysEDp+
fCtgqbV+5GIEVzrszNqSRIy0Lvointa6TQwh30p1tcFGmnhaQ2G/vn9zGMcyXgya
7Y0BS9Xf0DJ0Vy9rjZ31oOjzxGjlFVw5iUQS2qtB+r+PlLJgOaFHqxmoaCIbuRG2
Wd4sGEht3gY0iEynDsO4nAz9ViLEQkpU/uvulr+kqH3rqLdHWwHfGo4HAh4SGRPz
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:22:42 2024 by rpki-client on console-ams.rpki-client.org