Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/2uFq4GGEFUONlKyvH9HPeuWNuoo.roa
File: 2uFq4GGEFUONlKyvH9HPeuWNuoo.roa (raw, json)
Hash identifier: uiYKUxPXzils+KzPF9mRMujCa+ALPlJjRUBUP8H3q04=
Subject key identifier: DA:E1:6A:E0:61:84:15:43:8D:94:AC:AF:1F:D1:CF:7A:E5:8D:BA:8A
Certificate issuer: /CN=cdee78ad857607523b50b60acd9e22ca5a107854
Certificate serial: 018CC26D4D18D915436FAE50CC0B2574E32D
Authority key identifier: CD:EE:78:AD:85:76:07:52:3B:50:B6:0A:CD:9E:22:CA:5A:10:78:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ze54rYV2B1I7ULYKzZ4iyloQeFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/2uFq4GGEFUONlKyvH9HPeuWNuoo.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34350
IP address blocks: 80.70.50.0/24 maxlen: 24
80.70.55.0/24 maxlen: 24
80.70.52.0/24 maxlen: 24
80.70.52.0/22 maxlen: 22
80.70.54.0/24 maxlen: 24
80.70.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/ze54rYV2B1I7ULYKzZ4iyloQeFQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/ze54rYV2B1I7ULYKzZ4iyloQeFQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ze54rYV2B1I7ULYKzZ4iyloQeFQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4d:18:d9:15:43:6f:ae:50:cc:0b:25:74:e3:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdee78ad857607523b50b60acd9e22ca5a107854
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dae16ae0618415438d94acaf1fd1cf7ae58dba8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e1:ab:b0:59:59:3c:f2:35:e0:ab:4c:22:59:
d0:46:26:76:6b:1b:15:60:21:68:bd:74:7f:af:2c:
71:c6:21:77:87:95:11:09:b0:e9:88:b7:0d:1b:27:
69:8c:0c:83:9f:be:cb:7a:a1:13:94:2f:b3:79:8e:
bd:51:5b:f9:be:8f:97:f2:a6:ac:68:b7:96:57:b2:
49:6a:21:8b:39:63:c1:64:98:12:1a:64:0d:a5:46:
93:43:56:0d:c3:86:91:31:85:9f:10:43:f2:e5:31:
44:bd:e3:94:fa:82:6a:51:64:91:15:17:73:b0:53:
78:d8:c7:49:bd:fd:2f:22:d6:4b:07:0a:b4:7a:bb:
23:e6:ee:63:3e:fc:d2:ab:93:95:f5:ec:cb:9a:5a:
f8:fa:b9:10:62:2a:b5:69:89:45:c2:f9:85:bf:63:
9c:8e:f8:c9:d8:ed:1e:ce:89:b5:b2:ad:38:98:b3:
4a:bb:52:92:20:98:ce:3a:eb:07:67:4c:86:d2:4c:
0b:50:a4:6f:1a:f8:f5:c5:57:61:a9:8e:e3:be:e1:
79:ae:7f:aa:b0:a7:92:dc:e4:d1:d2:28:c5:e2:82:
32:d9:8c:cc:71:56:ab:e7:0a:70:ca:f6:d0:6b:47:
73:aa:aa:1b:b9:97:78:ec:61:de:0c:86:bc:44:a0:
a8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E1:6A:E0:61:84:15:43:8D:94:AC:AF:1F:D1:CF:7A:E5:8D:BA:8A
X509v3 Authority Key Identifier:
keyid:CD:EE:78:AD:85:76:07:52:3B:50:B6:0A:CD:9E:22:CA:5A:10:78:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ze54rYV2B1I7ULYKzZ4iyloQeFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/2uFq4GGEFUONlKyvH9HPeuWNuoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5a49bf-c059-4bea-88d3-cf0124ced4d6/1/ze54rYV2B1I7ULYKzZ4iyloQeFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.50.0/24
80.70.52.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:b4:6e:5a:cf:23:a4:14:a7:f0:fe:2d:c0:ba:b2:7c:44:6c:
cd:4d:e2:67:5a:2c:b0:07:ea:91:46:c5:a5:ec:ed:58:c6:01:
f0:87:1d:fa:f9:58:49:df:2f:4f:e9:18:92:74:bd:45:a3:a3:
b4:4d:56:66:b0:d6:4f:a7:32:d5:85:f3:b9:3f:ca:af:b0:ca:
45:c7:c6:d2:62:0b:cf:fc:4c:79:18:fe:c1:d7:a1:c8:52:01:
95:0f:78:1f:4a:7b:ab:ab:6e:13:fb:60:62:55:1f:75:d5:d0:
3e:57:40:f1:b1:41:02:20:66:28:ce:44:30:39:da:44:de:47:
d6:a6:dd:b7:49:e3:d5:05:4e:f0:00:b6:c1:54:40:4c:e1:b9:
f5:0f:bd:e8:d5:0c:7a:93:04:f8:af:a8:66:d9:9e:f3:7c:e7:
7e:1c:1b:dc:f4:3f:e4:75:3f:24:08:9e:de:71:65:98:f6:08:
09:67:3f:54:3d:13:3b:1c:98:a5:5f:08:64:09:9e:c8:0b:b4:
1a:6a:da:15:57:85:31:fc:07:82:2b:23:ad:41:28:3e:f8:e9:
9c:08:9d:0e:24:bd:89:c3:51:18:22:a9:c5:1c:8e:17:dc:d7:
2d:3f:02:6a:2c:47:74:7a:5d:e4:93:1d:4f:b0:7d:b3:e7:53:
bf:72:0d:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbU0Y2RVDb65QzAsldOMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZWU3OGFkODU3NjA3NTIzYjUwYjYwYWNkOWUyMmNhNWEx
MDc4NTQwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWUxNmFlMDYxODQxNTQzOGQ5NGFjYWYxZmQxY2Y3YWU1OGRiYThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOGrsFlZPPI14KtMIlnQRiZ2axsV
YCFovXR/ryxxxiF3h5URCbDpiLcNGydpjAyDn77LeqETlC+zeY69UVv5vo+X8qas
aLeWV7JJaiGLOWPBZJgSGmQNpUaTQ1YNw4aRMYWfEEPy5TFEveOU+oJqUWSRFRdz
sFN42MdJvf0vItZLBwq0ersj5u5jPvzSq5OV9ezLmlr4+rkQYiq1aYlFwvmFv2Oc
jvjJ2O0ezom1sq04mLNKu1KSIJjOOusHZ0yG0kwLUKRvGvj1xVdhqY7jvuF5rn+q
sKeS3OTR0ijF4oIy2YzMcVar5wpwyvbQa0dzqqobuZd47GHeDIa8RKCobQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNrhauBhhBVDjZSsrx/Rz3rljbqKMB8GA1UdIwQY
MBaAFM3ueK2FdgdSO1C2Cs2eIspaEHhUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemU1NHJZVjJCMUk3VUxZS3paNGl5bG9RZUZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81YTQ5YmYtYzA1OS00YmVhLTg4ZDMt
Y2YwMTI0Y2VkNGQ2LzEvMnVGcTRHR0VGVU9ObEt5dkg5SFBldVdOdW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy81YTQ5YmYtYzA1OS00YmVhLTg4ZDMtY2YwMTI0Y2VkNGQ2
LzEvemU1NHJZVjJCMUk3VUxZS3paNGl5bG9RZUZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEYyAwQC
UEY0MA0GCSqGSIb3DQEBCwUAA4IBAQCltG5azyOkFKfw/i3AurJ8RGzNTeJnWiyw
B+qRRsWl7O1YxgHwhx36+VhJ3y9P6RiSdL1Fo6O0TVZmsNZPpzLVhfO5P8qvsMpF
x8bSYgvP/Ex5GP7B16HIUgGVD3gfSnurq24T+2BiVR911dA+V0DxsUECIGYozkQw
OdpE3kfWpt23SePVBU7wALbBVEBM4bn1D73o1Qx6kwT4r6hm2Z7zfOd+HBvc9D/k
dT8kCJ7ecWWY9ggJZz9UPRM7HJilXwhkCZ7IC7QaatoVV4Ux/AeCKyOtQSg++Omc
CJ0OJL2Jw1EYIqnFHI4X3NctPwJqLEd0el3kkx1PsH2z51O/cg1J
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:23:30 2024 by rpki-client on console-fra.rpki-client.org