Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/E4SWu64tus818gEG4WEa0ykuvX8.roa
File: E4SWu64tus818gEG4WEa0ykuvX8.roa (raw, json)
Hash identifier: x5X43n6nxKK98an5uLLnKBP3NJReP32cy8t7wpACMKg=
Subject key identifier: 13:84:96:BB:AE:2D:BA:CF:35:F2:01:06:E1:61:1A:D3:29:2E:BD:7F
Certificate issuer: /CN=331a51afd4cb6682c230ded640658c113c562fd2
Certificate serial: 018CC795403F46383C06081439B0B05C56D8
Authority key identifier: 33:1A:51:AF:D4:CB:66:82:C2:30:DE:D6:40:65:8C:11:3C:56:2F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/E4SWu64tus818gEG4WEa0ykuvX8.roa
Signing time: Tue 02 Jan 2024 00:31:36 +0000
ROA not before: Tue 02 Jan 2024 00:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198378
IP address blocks: 2001:67c:cac::/48 maxlen: 48
2001:67c:cb0::/48 maxlen: 48
2001:67c:ca8::/48 maxlen: 48
2001:67c:7a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:40:3f:46:38:3c:06:08:14:39:b0:b0:5c:56:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331a51afd4cb6682c230ded640658c113c562fd2
Validity
Not Before: Jan 2 00:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=138496bbae2dbacf35f20106e1611ad3292ebd7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6c:82:e3:6f:8f:7c:ab:57:9d:4c:0e:02:24:
14:ff:2c:fc:aa:29:c8:12:15:4f:e8:d3:d8:04:b4:
d5:04:fd:89:f0:18:a0:00:d2:7c:c8:25:ed:85:7d:
63:20:09:fe:87:18:a9:c6:23:95:0f:4a:cc:5c:51:
f7:65:47:76:70:a8:cf:40:b8:ac:63:b6:17:4d:4d:
a6:1f:d1:48:e4:7c:4f:28:0c:0e:e9:a1:c5:8c:bd:
4e:c5:bd:e4:83:7c:b6:5d:55:55:af:03:4e:5e:26:
c3:23:e7:97:e7:cf:44:ca:f9:9f:fd:b1:05:11:f5:
d7:5b:97:0c:7c:42:bd:f5:56:60:a4:f3:83:69:e9:
da:d3:48:a5:b9:d9:8c:9b:12:1f:18:f5:e2:c6:2a:
e5:d8:b6:b0:87:b4:74:41:01:d6:8b:15:03:a2:c1:
f1:f3:79:ef:e9:7d:1b:90:21:12:e9:8a:13:aa:f8:
72:9d:de:24:e0:a7:22:18:87:e7:03:43:ce:eb:95:
80:b7:03:2c:b6:72:7a:bd:e1:0c:a6:3a:75:75:5e:
d7:59:26:fc:d3:cb:31:21:3b:b4:83:b5:a3:d8:11:
d5:28:92:6c:97:ba:53:29:3c:7a:b7:97:f4:77:63:
5e:ad:d8:c4:ff:f6:93:21:79:6d:e5:2c:fa:f1:69:
65:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:84:96:BB:AE:2D:BA:CF:35:F2:01:06:E1:61:1A:D3:29:2E:BD:7F
X509v3 Authority Key Identifier:
keyid:33:1A:51:AF:D4:CB:66:82:C2:30:DE:D6:40:65:8C:11:3C:56:2F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxpRr9TLZoLCMN7WQGWMETxWL9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/E4SWu64tus818gEG4WEa0ykuvX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1cdbb1-e265-44c5-b980-4a566add54b2/1/MxpRr9TLZoLCMN7WQGWMETxWL9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:7a0::/48
2001:67c:ca8::/48
2001:67c:cac::/48
2001:67c:cb0::/48
Signature Algorithm: sha256WithRSAEncryption
3c:55:43:26:66:96:3e:5d:0a:ca:e6:7f:8d:7b:f3:1a:0d:66:
50:20:dc:70:11:53:5e:f3:0e:e5:4b:76:ed:c1:b0:60:c6:07:
aa:22:a3:cb:1b:af:87:ba:04:89:f8:cc:23:71:26:94:e2:17:
1e:89:b0:14:3b:ff:8f:4d:e9:95:89:5d:7d:37:ed:73:bf:21:
1c:cb:5d:ad:9f:12:06:bb:b7:7a:00:d7:96:9f:c1:35:37:d8:
fc:e7:f9:40:07:07:a6:45:2e:91:e9:d5:4d:54:87:16:d4:43:
2a:27:da:77:72:3f:c1:d0:7c:ee:d6:2a:ca:34:66:2f:12:93:
a1:5a:17:15:73:4d:54:42:77:5f:b1:bd:ee:11:6b:b5:fa:6d:
ec:e3:ae:cb:71:05:98:9d:c4:98:3e:70:6c:2a:63:ff:b7:d6:
37:c3:9d:51:6b:53:0a:36:b8:77:db:f8:e1:2e:77:fc:13:7f:
1b:d6:6c:fe:e7:a6:ed:3b:fd:b1:e8:f8:73:4b:4d:69:92:c9:
93:75:96:30:fc:a6:dc:31:a3:fd:66:87:66:13:c4:2e:76:f3:
d6:4c:3e:96:0c:df:ee:ae:54:be:e3:d7:11:6c:a3:b4:c9:bb:
7d:b1:91:b8:8e:0d:49:b1:11:36:93:cf:bc:fc:6d:5a:04:3c:
0d:a9:b8:62
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHlUA/Rjg8BggUObCwXFbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWE1MWFmZDRjYjY2ODJjMjMwZGVkNjQwNjU4YzExM2M1
NjJmZDIwHhcNMjQwMTAyMDAzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzg0OTZiYmFlMmRiYWNmMzVmMjAxMDZlMTYxMWFkMzI5MmViZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGyC42+PfKtXnUwOAiQU/yz8qinI
EhVP6NPYBLTVBP2J8BigANJ8yCXthX1jIAn+hxipxiOVD0rMXFH3ZUd2cKjPQLis
Y7YXTU2mH9FI5HxPKAwO6aHFjL1Oxb3kg3y2XVVVrwNOXibDI+eX589Eyvmf/bEF
EfXXW5cMfEK99VZgpPODaena00iludmMmxIfGPXixirl2Lawh7R0QQHWixUDosHx
83nv6X0bkCES6YoTqvhynd4k4KciGIfnA0PO65WAtwMstnJ6veEMpjp1dV7XWSb8
08sxITu0g7Wj2BHVKJJsl7pTKTx6t5f0d2NerdjE//aTIXlt5Sz68WllewIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBOElruuLbrPNfIBBuFhGtMpLr1/MB8GA1UdIwQY
MBaAFDMaUa/Uy2aCwjDe1kBljBE8Vi/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xY2RiYjEtZTI2NS00NGM1LWI5ODAt
NGE1NjZhZGQ1NGIyLzEvRTRTV3U2NHR1czgxOGdFRzRXRWEweWt1dlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xY2RiYjEtZTI2NS00NGM1LWI5ODAtNGE1NjZhZGQ1NGIy
LzEvTXhwUnI5VExab0xDTU43V1FHV01FVHhXTDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGfAeg
AwcAIAEGfAyoAwcAIAEGfAysAwcAIAEGfAywMA0GCSqGSIb3DQEBCwUAA4IBAQA8
VUMmZpY+XQrK5n+Ne/MaDWZQINxwEVNe8w7lS3btwbBgxgeqIqPLG6+HugSJ+Mwj
cSaU4hceibAUO/+PTemViV19N+1zvyEcy12tnxIGu7d6ANeWn8E1N9j85/lABwem
RS6R6dVNVIcW1EMqJ9p3cj/B0Hzu1irKNGYvEpOhWhcVc01UQndfsb3uEWu1+m3s
467LcQWYncSYPnBsKmP/t9Y3w51Ra1MKNrh32/jhLnf8E38b1mz+56btO/2x6Phz
S01pksmTdZYw/KbcMaP9ZodmE8QudvPWTD6WDN/urlS+49cRbKO0ybt9sZG4jg1J
sRE2k8+8/G1aBDwNqbhi
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:54:06 2024 by rpki-client on console-fra.rpki-client.org