Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/rA9u7_aCYD5rgPP81hsKwgB0qMc.roa
File: rA9u7_aCYD5rgPP81hsKwgB0qMc.roa (raw, json)
Hash identifier: +vdy4wYdw0j7WKHyFdKJ9/kzdqrbhtCSwMffImjqyss=
Subject key identifier: AC:0F:6E:EF:F6:82:60:3E:6B:80:F3:FC:D6:1B:0A:C2:00:74:A8:C7
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018CCA287E6FABD4127061F6EE3B4EB3439F
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/rA9u7_aCYD5rgPP81hsKwgB0qMc.roa
Signing time: Tue 02 Jan 2024 12:31:40 +0000
ROA not before: Tue 02 Jan 2024 12:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42675
IP address blocks: 194.26.217.0/24 maxlen: 24
45.15.16.0/24 maxlen: 24
62.204.40.0/24 maxlen: 24
2a0e:1c80:8::/48 maxlen: 48
2a0e:1c80:6::/48 maxlen: 48
2a12:7800::/32 maxlen: 32
2a0e:1c80:1::/48 maxlen: 48
2a0e:1c80:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:7e:6f:ab:d4:12:70:61:f6:ee:3b:4e:b3:43:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Jan 2 12:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac0f6eeff682603e6b80f3fcd61b0ac20074a8c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4e:cd:d0:dc:57:7c:4a:50:81:19:79:6a:88:
16:a0:88:ec:20:01:79:ab:03:4c:f6:43:65:5c:cf:
98:cc:86:04:07:0d:71:8c:f1:31:34:04:c6:9c:38:
5c:ec:4c:b2:d2:ac:90:ac:bc:10:62:8a:73:55:06:
33:5b:19:4c:06:f8:71:0c:af:7e:6a:c2:ee:74:08:
b2:99:a2:c6:70:a9:72:3a:23:3d:b8:18:4d:de:0c:
c0:fc:d6:61:56:dc:a8:09:e1:47:70:3b:38:92:55:
d1:c3:8d:b1:4d:65:9a:07:24:dd:23:c4:26:58:fc:
7f:d5:d7:ea:74:2c:8c:b1:01:2a:a0:b7:ac:1b:fc:
cf:39:c7:61:a5:08:2f:c6:38:3b:50:16:0e:fd:ab:
d1:ac:1b:fb:c5:47:e7:a8:9e:00:c6:b8:b5:a0:76:
65:a2:86:40:79:45:f9:1c:6c:c5:d5:46:8f:e7:03:
9b:54:4f:93:4d:f8:54:c2:90:f4:fd:8d:04:ae:c7:
3e:fd:cd:b6:69:39:05:55:98:f2:1a:0d:c8:5b:94:
eb:99:cb:a2:37:82:b9:94:f6:7e:80:a3:69:24:5b:
5d:f2:8a:01:72:dd:bf:46:d4:e5:62:b8:ac:0d:e0:
8c:80:58:16:42:2a:18:20:ae:0f:9c:bd:d4:39:41:
75:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:0F:6E:EF:F6:82:60:3E:6B:80:F3:FC:D6:1B:0A:C2:00:74:A8:C7
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/rA9u7_aCYD5rgPP81hsKwgB0qMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.16.0/24
62.204.40.0/24
194.26.217.0/24
IPv6:
2a0e:1c80:1::/48
2a0e:1c80:6::/48
2a0e:1c80:8::/48
2a0e:1c80:f::/48
2a12:7800::/32
Signature Algorithm: sha256WithRSAEncryption
09:d1:7b:e4:02:31:07:06:18:9a:0f:39:df:97:24:28:91:06:
f4:5b:00:a4:d9:4a:f8:6c:46:dd:ae:da:8b:ee:77:1f:9b:89:
83:c5:0b:db:29:5e:9b:61:42:8a:13:24:92:17:f8:fd:22:31:
66:4f:de:e6:c5:19:c1:aa:59:1e:59:dd:3d:2f:91:03:a3:26:
ef:b9:23:10:2c:da:f0:01:b1:d3:d3:2d:88:20:8e:3c:d5:f3:
47:01:86:f1:5a:d3:a8:89:16:bf:b2:1f:fe:6d:12:0d:a1:68:
7f:6f:cd:b1:dd:21:c7:2a:99:ca:92:5a:e4:75:58:cb:44:c7:
c8:5e:a2:e9:91:14:f0:06:92:98:2e:ed:71:3d:e6:af:c5:45:
77:9c:f8:fa:96:5e:0c:36:c9:4b:60:c6:f6:66:dd:4d:a0:cb:
e7:54:06:45:a6:59:4d:b5:ac:b1:82:c9:4e:36:b8:8a:80:06:
70:6b:f5:ce:16:5b:6b:28:98:a7:29:23:f0:6f:d1:0c:8d:7b:
4b:05:0d:5b:86:cc:3b:5f:f9:c2:a5:65:2c:b2:89:fc:11:9a:
b1:e5:e0:3e:1f:56:d2:f5:fe:4a:39:35:b9:d6:9a:11:52:ec:
0b:ee:ee:f6:bb:20:8d:da:9c:e9:03:bb:04:12:4a:68:7a:fe:
29:c5:59:ac
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzKKH5vq9QScGH27jtOs0OfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjQwMTAyMTIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzBmNmVlZmY2ODI2MDNlNmI4MGYzZmNkNjFiMGFjMjAwNzRhOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo07N0NxXfEpQgRl5aogWoIjsIAF5
qwNM9kNlXM+YzIYEBw1xjPExNATGnDhc7Eyy0qyQrLwQYopzVQYzWxlMBvhxDK9+
asLudAiymaLGcKlyOiM9uBhN3gzA/NZhVtyoCeFHcDs4klXRw42xTWWaByTdI8Qm
WPx/1dfqdCyMsQEqoLesG/zPOcdhpQgvxjg7UBYO/avRrBv7xUfnqJ4Axri1oHZl
ooZAeUX5HGzF1UaP5wObVE+TTfhUwpD0/Y0Ersc+/c22aTkFVZjyGg3IW5Trmcui
N4K5lPZ+gKNpJFtd8ooBct2/RtTlYrisDeCMgFgWQioYIK4PnL3UOUF1/wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKwPbu/2gmA+a4Dz/NYbCsIAdKjHMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvckE5dTdfYUNZRDVyZ1BQODFoc0t3Z0IwcU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQALQ8QAwQA
PswoAwQAwhrZMDEEAgACMCsDBwAqDhyAAAEDBwAqDhyAAAYDBwAqDhyAAAgDBwAq
DhyAAA8DBQAqEngAMA0GCSqGSIb3DQEBCwUAA4IBAQAJ0XvkAjEHBhiaDznflyQo
kQb0WwCk2Ur4bEbdrtqL7ncfm4mDxQvbKV6bYUKKEySSF/j9IjFmT97mxRnBqlke
Wd09L5EDoybvuSMQLNrwAbHT0y2III481fNHAYbxWtOoiRa/sh/+bRINoWh/b82x
3SHHKpnKklrkdVjLRMfIXqLpkRTwBpKYLu1xPeavxUV3nPj6ll4MNslLYMb2Zt1N
oMvnVAZFpllNtayxgslONriKgAZwa/XOFltrKJinKSPwb9EMjXtLBQ1bhsw7X/nC
pWUsson8EZqx5eA+H1bS9f5KOTW51poRUuwL7u72uyCN2pzpA7sEEkpoev4pxVms
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:02:07 2024 by rpki-client on console-fra.rpki-client.org