Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/1-xyl6Jxfq3HeiUj71vDE_TbOW60.roa
File: 1-xyl6Jxfq3HeiUj71vDE_TbOW60.roa (raw, json)
Hash identifier: gP68iykkZ409IWqQwgiXAqAzymlud85K5V+ITzCeJSo=
Subject key identifier: FB:1C:A5:E8:9C:5F:AB:71:DE:89:48:FB:D6:F0:C4:FD:36:CE:5B:AD
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018CCA287EDD76B95A87E3B17EEBD0748F02
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/1-xyl6Jxfq3HeiUj71vDE_TbOW60.roa
Signing time: Tue 02 Jan 2024 12:31:40 +0000
ROA not before: Tue 02 Jan 2024 12:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50304
IP address blocks: 45.15.19.0/24 maxlen: 24
2a0e:1c80:19::/48 maxlen: 48
2a0e:1c80:7::/48 maxlen: 48
2a0e:1c80:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 02:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:7e:dd:76:b9:5a:87:e3:b1:7e:eb:d0:74:8f:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Jan 2 12:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb1ca5e89c5fab71de8948fbd6f0c4fd36ce5bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6c:13:21:74:17:4f:15:09:f2:97:b5:9a:34:
ad:66:04:83:3e:41:cf:df:9f:eb:c0:a0:b2:fa:f5:
bf:b3:5b:84:80:0c:d7:0c:cd:f0:63:65:e1:e5:f4:
7a:5f:91:89:0e:1f:10:ca:a2:7e:a7:2b:1b:0f:2f:
ef:78:0c:e4:d6:bd:18:6b:2f:2c:91:ae:c9:67:90:
4b:f9:a4:91:c2:7a:ee:d0:be:03:bf:a4:ab:02:a2:
e2:bf:c8:77:aa:2b:79:55:70:ca:cb:59:61:e3:a4:
a0:8f:93:ca:54:dc:9e:a4:36:d8:fb:99:86:4b:cd:
11:ce:8a:f2:dc:b6:7c:63:53:c2:f6:52:0f:58:57:
17:0e:cf:ae:ef:38:89:50:02:d5:38:04:3a:f1:bc:
b3:39:61:c3:67:4a:0d:20:d9:80:c9:3c:35:d2:b3:
8a:af:33:25:bd:07:41:f8:ac:d9:2a:ca:93:10:ab:
f4:e6:a5:07:64:52:b4:dc:a7:b8:34:3e:d5:d5:41:
06:35:af:d2:46:70:fd:e8:81:f2:c1:24:b9:3c:c2:
08:fe:59:54:d7:d2:ce:9b:9d:b4:bb:fc:65:19:c2:
5f:f3:68:68:e7:ee:82:10:57:1e:6a:25:ff:3a:c6:
03:69:ab:3e:da:6d:95:bc:d3:40:6e:2f:04:74:ff:
a1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:1C:A5:E8:9C:5F:AB:71:DE:89:48:FB:D6:F0:C4:FD:36:CE:5B:AD
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/1-xyl6Jxfq3HeiUj71vDE_TbOW60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.19.0/24
IPv6:
2a0e:1c80:2::/48
2a0e:1c80:7::/48
2a0e:1c80:19::/48
Signature Algorithm: sha256WithRSAEncryption
11:88:95:3c:88:9c:d9:e1:87:7e:42:a9:2b:1b:49:36:dc:84:
58:32:e1:62:b9:dc:9c:90:b6:f3:42:df:9c:13:20:a4:36:69:
a3:16:d9:1c:15:02:85:87:0a:96:7d:90:24:48:82:dc:aa:61:
80:88:f2:0b:b4:af:f7:c4:e9:95:60:6e:d8:df:eb:e6:ed:b2:
33:d5:cb:78:7b:ae:a1:d7:71:86:fb:78:3e:b8:f8:6e:ff:8c:
fc:b3:8e:6a:79:3d:40:ff:31:2a:e0:ae:de:05:fb:e9:57:1c:
8a:6a:ba:fb:1e:32:d0:c3:ba:99:ac:a2:73:07:b7:2e:09:82:
d2:f0:59:63:95:21:84:7c:51:cb:ea:bc:9c:e0:e7:bd:08:34:
dc:42:51:33:dd:85:3f:0b:95:e2:ca:74:41:61:8a:d4:43:b2:
b3:b0:81:7e:70:78:1a:1c:25:93:40:3c:2a:b2:09:a2:04:70:
60:53:e4:79:cc:cd:2f:03:ff:3e:fe:53:57:b4:ae:65:70:4c:
6e:22:4d:24:42:71:54:7e:14:19:22:89:5f:96:37:52:f7:bd:
37:2e:4e:25:28:b1:e6:90:da:2d:a9:e7:4c:c5:e1:2e:b6:4b:
a4:aa:45:15:f5:54:1a:21:7a:c7:c3:3a:14:8f:6a:05:a2:76:
29:0a:6a:c6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzKKH7ddrlah+OxfuvQdI8CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjQwMTAyMTIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjFjYTVlODljNWZhYjcxZGU4OTQ4ZmJkNmYwYzRmZDM2Y2U1YmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGwTIXQXTxUJ8pe1mjStZgSDPkHP
35/rwKCy+vW/s1uEgAzXDM3wY2Xh5fR6X5GJDh8QyqJ+pysbDy/veAzk1r0Yay8s
ka7JZ5BL+aSRwnru0L4Dv6SrAqLiv8h3qit5VXDKy1lh46Sgj5PKVNyepDbY+5mG
S80Rzory3LZ8Y1PC9lIPWFcXDs+u7ziJUALVOAQ68byzOWHDZ0oNINmAyTw10rOK
rzMlvQdB+KzZKsqTEKv05qUHZFK03Ke4ND7V1UEGNa/SRnD96IHywSS5PMII/llU
19LOm520u/xlGcJf82ho5+6CEFceaiX/OsYDaas+2m2VvNNAbi8EdP+hHQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPscpeicX6tx3olI+9bwxP02zlutMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvMS14eWw2SnhmcTNIZWlVajcxdkRFX1RiT1c2MC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvMjMxM2I4LWRlMDItNDIyOC05MDBhLTA5YmU5ZGIxMWY2
Ni8xLzViODZjc3JXOUxQY01GdE12akVJY0ZIWmdfWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBCBggrBgEFBQcBBwEB/wQzMDEwDAQCAAEwBgMEAC0PEzAh
BAIAAjAbAwcAKg4cgAACAwcAKg4cgAAHAwcAKg4cgAAZMA0GCSqGSIb3DQEBCwUA
A4IBAQARiJU8iJzZ4Yd+QqkrG0k23IRYMuFiudyckLbzQt+cEyCkNmmjFtkcFQKF
hwqWfZAkSILcqmGAiPILtK/3xOmVYG7Y3+vm7bIz1ct4e66h13GG+3g+uPhu/4z8
s45qeT1A/zEq4K7eBfvpVxyKarr7HjLQw7qZrKJzB7cuCYLS8FljlSGEfFHL6ryc
4Oe9CDTcQlEz3YU/C5XiynRBYYrUQ7KzsIF+cHgaHCWTQDwqsgmiBHBgU+R5zM0v
A/8+/lNXtK5lcExuIk0kQnFUfhQZIolfljdS9703Lk4lKLHmkNotqedMxeEutkuk
qkUV9VQaIXrHwzoUj2oFonYpCmrG
-----END CERTIFICATE-----
Generated at Sun Jun 2 07:25:51 2024 by rpki-client on console-ams.rpki-client.org