Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/ZhXFh7ybPBwsATvgPQRZFg9fWvA.roa
File: ZhXFh7ybPBwsATvgPQRZFg9fWvA.roa (raw, json)
Hash identifier: lkDNgjmHCH48Ue3+so8zVkUfr70z4cZuNdlsXc+l1LI=
Subject key identifier: 66:15:C5:87:BC:9B:3C:1C:2C:01:3B:E0:3D:04:59:16:0F:5F:5A:F0
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018E0ADAE40C2E0D15A3FBA0E7260F27DAF8
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/ZhXFh7ybPBwsATvgPQRZFg9fWvA.roa
Signing time: Mon 04 Mar 2024 19:05:01 +0000
ROA not before: Mon 04 Mar 2024 19:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18747
IP address blocks: 2a0e:1c80:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0a:da:e4:0c:2e:0d:15:a3:fb:a0:e7:26:0f:27:da:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Mar 4 19:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6615c587bc9b3c1c2c013be03d0459160f5f5af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e3:90:cf:0e:95:07:4e:d0:3b:ba:ea:21:91:
b1:19:23:1c:ac:3e:c0:98:f6:71:72:9a:33:a2:06:
bc:c7:97:43:b5:d4:08:82:17:af:47:9f:c1:8c:4c:
66:a0:64:d9:e9:ac:40:48:97:87:30:06:b5:11:91:
13:6e:05:05:41:b9:87:3a:68:c5:f3:7f:7e:6e:2b:
5d:1a:18:b0:58:51:1e:61:02:6b:c1:29:99:35:8c:
17:68:4e:a4:95:97:fb:8c:69:dc:fc:92:00:5b:7d:
df:68:3e:b1:24:e6:fc:e8:94:79:6a:ce:93:5f:51:
7b:65:b9:96:09:ef:66:11:ab:e1:6f:5d:7e:d2:06:
2d:d0:44:78:c4:a1:13:14:03:42:2b:b3:48:93:e8:
05:8e:c1:48:91:2d:15:6e:8c:34:6f:8e:40:e8:ca:
fc:0c:71:da:96:50:1c:17:95:31:e7:86:b0:c8:82:
b6:a2:68:b6:aa:c4:31:48:68:e5:4b:f7:5d:e8:90:
8e:ed:2f:1f:83:78:ae:e5:9b:68:f4:5c:f7:31:51:
63:6d:ee:ab:26:68:70:4f:04:c6:ac:25:0e:6b:ed:
e2:b2:40:8a:ba:d7:73:2b:cc:ce:f0:9f:90:63:ae:
c3:a1:9f:5c:a8:00:12:c3:12:52:00:a7:bd:f0:a6:
6e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:15:C5:87:BC:9B:3C:1C:2C:01:3B:E0:3D:04:59:16:0F:5F:5A:F0
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/ZhXFh7ybPBwsATvgPQRZFg9fWvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1c80:1d::/48
Signature Algorithm: sha256WithRSAEncryption
0f:cc:71:6f:8c:0a:03:ff:0e:da:55:0b:05:d0:5a:69:c7:6f:
26:71:fc:91:91:3f:0d:a1:08:ca:35:71:86:fb:23:15:46:75:
a7:11:97:7c:7b:b5:a6:fb:66:21:6d:5e:b4:3d:90:ed:99:4a:
be:89:4a:4d:66:e7:23:7f:4f:63:d3:7a:f9:cd:17:b9:38:a8:
5e:59:d3:b5:e9:60:d5:80:29:96:03:fb:b0:48:0f:46:87:49:
1b:fe:da:3d:8b:ee:ba:5e:96:c8:06:f5:aa:c0:99:62:a6:f4:
80:0c:ac:09:1d:c8:dd:6a:00:c6:87:4f:51:a4:5f:10:a3:15:
f1:e5:1c:4a:49:2d:75:1c:8a:13:86:95:c4:6d:a5:25:9a:c6:
9e:5c:fc:94:66:6d:b2:27:20:6f:5d:6c:ec:1b:48:28:f4:f3:
a6:6e:bf:e1:48:a2:02:e9:db:ba:9b:d4:21:17:89:5a:ea:28:
15:7e:dd:c0:4c:87:e9:84:87:91:e1:d0:77:c3:47:bc:93:c2:
c7:b8:a2:6f:c7:64:79:69:68:ed:3d:0d:f3:bc:90:5b:38:f9:
6e:c3:83:4e:84:5e:c6:f7:6f:80:19:9c:7a:64:c4:eb:47:24:
98:16:18:fc:7d:35:a0:90:6b:47:a9:8d:f3:92:26:34:ef:6f:
eb:97:c6:cf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY4K2uQMLg0Vo/ug5yYPJ9r4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjQwMzA0MTkwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjE1YzU4N2JjOWIzYzFjMmMwMTNiZTAzZDA0NTkxNjBmNWY1YWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+OQzw6VB07QO7rqIZGxGSMcrD7A
mPZxcpozoga8x5dDtdQIghevR5/BjExmoGTZ6axASJeHMAa1EZETbgUFQbmHOmjF
839+bitdGhiwWFEeYQJrwSmZNYwXaE6klZf7jGnc/JIAW33faD6xJOb86JR5as6T
X1F7ZbmWCe9mEavhb11+0gYt0ER4xKETFANCK7NIk+gFjsFIkS0Vbow0b45A6Mr8
DHHallAcF5Ux54awyIK2omi2qsQxSGjlS/dd6JCO7S8fg3iu5Zto9Fz3MVFjbe6r
JmhwTwTGrCUOa+3iskCKutdzK8zO8J+QY67DoZ9cqAASwxJSAKe98KZu6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGYVxYe8mzwcLAE74D0EWRYPX1rwMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvWmhYRmg3eWJQQndzQVR2Z1BRUlpGZzlmV3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cgAAd
MA0GCSqGSIb3DQEBCwUAA4IBAQAPzHFvjAoD/w7aVQsF0Fppx28mcfyRkT8NoQjK
NXGG+yMVRnWnEZd8e7Wm+2YhbV60PZDtmUq+iUpNZucjf09j03r5zRe5OKheWdO1
6WDVgCmWA/uwSA9Gh0kb/to9i+66XpbIBvWqwJlipvSADKwJHcjdagDGh09RpF8Q
oxXx5RxKSS11HIoThpXEbaUlmsaeXPyUZm2yJyBvXWzsG0go9POmbr/hSKIC6du6
m9QhF4la6igVft3ATIfphIeR4dB3w0e8k8LHuKJvx2R5aWjtPQ3zvJBbOPluw4NO
hF7G92+AGZx6ZMTrRySYFhj8fTWgkGtHqY3zkiY072/rl8bP
-----END CERTIFICATE-----
Generated at Sun May 5 00:28:00 2024 by rpki-client on console-ams.rpki-client.org