Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/Diypr3vJjsD6oVhZFFFgmZ4Hn28.roa
File: Diypr3vJjsD6oVhZFFFgmZ4Hn28.roa (raw, json)
Hash identifier: rCPb0zDx4dgT3wiTjczBCZVUACNVtuDeom59aFDPsoM=
Subject key identifier: 0E:2C:A9:AF:7B:C9:8E:C0:FA:A1:58:59:14:51:60:99:9E:07:9F:6F
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 018CCA2A08AD10DEA98E54EA047BBED9C1F8
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/Diypr3vJjsD6oVhZFFFgmZ4Hn28.roa
Signing time: Tue 02 Jan 2024 12:33:21 +0000
ROA not before: Tue 02 Jan 2024 12:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201308
IP address blocks: 84.239.46.0/24 maxlen: 24
2a02:2160:7113::/48 maxlen: 48
2a02:2160:7111::/48 maxlen: 48
2a02:2160:7112::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:08:ad:10:de:a9:8e:54:ea:04:7b:be:d9:c1:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 2 12:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e2ca9af7bc98ec0faa15859145160999e079f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5d:43:60:bb:62:b1:06:8b:03:ff:77:03:ad:
6f:c4:4a:39:e8:cb:ce:91:0c:85:a1:fb:69:aa:31:
29:a7:b1:97:7c:68:a8:4d:74:dd:ea:4d:8d:7c:a9:
c7:62:10:f0:c5:76:67:82:c5:3a:b4:d4:a0:88:52:
87:4a:fe:47:06:1a:40:41:80:5f:24:88:81:41:b1:
eb:e0:d1:5e:84:fc:70:8b:0c:71:04:c8:d2:fa:5b:
94:40:15:4a:c1:ff:73:b2:aa:3b:d5:e1:69:27:7b:
70:df:d4:6e:d5:eb:5e:e2:6d:63:9e:1c:db:c4:9e:
d3:7f:8b:69:af:38:2e:a4:63:da:e1:33:42:be:81:
9a:8e:d9:5c:81:e9:c4:c7:42:20:a4:60:36:1c:2c:
06:17:df:cf:99:6f:4a:12:6c:9a:cf:6e:3d:a2:99:
20:9e:01:04:54:5c:05:12:8c:e0:04:00:bd:e1:38:
df:92:74:5e:83:a0:29:90:83:e5:81:bd:64:fc:e5:
5c:fc:5e:6e:1e:54:3b:8c:01:d7:49:3c:5e:83:9d:
f8:90:bd:b1:e0:a3:9c:99:0a:37:41:36:6d:63:4e:
99:3e:dc:ad:24:71:3a:94:76:fe:59:e5:2c:6d:e6:
b1:37:d0:d7:c2:d2:7d:1a:f7:5d:18:58:4d:49:15:
88:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2C:A9:AF:7B:C9:8E:C0:FA:A1:58:59:14:51:60:99:9E:07:9F:6F
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/Diypr3vJjsD6oVhZFFFgmZ4Hn28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.46.0/24
IPv6:
2a02:2160:7111::-2a02:2160:7113:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
66:76:14:98:07:ce:66:b2:27:14:ab:42:b8:88:7d:c7:1e:1c:
3b:09:b4:7b:2e:60:77:3e:9e:1b:12:42:74:9c:a0:8c:4f:67:
d6:02:60:52:2f:c9:91:cb:7b:48:a9:58:99:c9:d5:2b:de:0f:
9d:1b:16:ad:59:0b:ba:d7:9b:23:46:07:2e:cc:68:50:a9:f2:
49:1c:c9:79:48:b6:20:5b:bb:a4:a8:b7:68:f9:d8:34:75:ad:
15:9f:6f:6f:59:63:13:a0:d6:c9:da:02:16:51:38:be:01:dd:
87:1b:1f:d7:79:32:4c:a9:bd:6b:3f:33:c4:42:61:ee:b8:2a:
2c:02:85:4a:31:8e:9a:c9:c3:fc:36:dd:81:8f:b4:1a:a5:bb:
da:33:05:93:72:52:72:dc:cf:85:44:62:b8:0b:11:a7:db:67:
32:fb:1c:de:38:41:fb:ff:42:ee:52:cc:1a:3b:0c:65:8b:c7:
66:8a:18:e7:f7:8e:60:a9:20:c0:b0:fc:11:6a:5c:f1:8b:ea:
9f:2e:55:95:54:19:90:c3:0a:53:30:62:99:78:05:a2:d7:8f:
5d:87:b2:e1:65:22:8e:f4:1f:ef:0b:bc:66:37:91:0a:3d:c5:
d8:ed:94:92:92:4f:3c:b7:7d:f9:50:6b:20:ad:ae:52:f5:c6:
05:b4:d8:a1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzKKgitEN6pjlTqBHu+2cH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjQwMTAyMTIzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJjYTlhZjdiYzk4ZWMwZmFhMTU4NTkxNDUxNjA5OTllMDc5ZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx11DYLtisQaLA/93A61vxEo56MvO
kQyFoftpqjEpp7GXfGioTXTd6k2NfKnHYhDwxXZngsU6tNSgiFKHSv5HBhpAQYBf
JIiBQbHr4NFehPxwiwxxBMjS+luUQBVKwf9zsqo71eFpJ3tw39Ru1ete4m1jnhzb
xJ7Tf4tprzgupGPa4TNCvoGajtlcgenEx0IgpGA2HCwGF9/PmW9KEmyaz249opkg
ngEEVFwFEozgBAC94TjfknReg6ApkIPlgb1k/OVc/F5uHlQ7jAHXSTxeg534kL2x
4KOcmQo3QTZtY06ZPtytJHE6lHb+WeUsbeaxN9DXwtJ9GvddGFhNSRWI1wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA4sqa97yY7A+qFYWRRRYJmeB59vMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvRGl5cHIzdkpqc0Q2b1ZoWkZGRmdtWjRIbjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAVO8uMBoE
AgACMBQwEgMHACoCIWBxEQMHAioCIWBxEDANBgkqhkiG9w0BAQsFAAOCAQEAZnYU
mAfOZrInFKtCuIh9xx4cOwm0ey5gdz6eGxJCdJygjE9n1gJgUi/Jkct7SKlYmcnV
K94PnRsWrVkLutebI0YHLsxoUKnySRzJeUi2IFu7pKi3aPnYNHWtFZ9vb1ljE6DW
ydoCFlE4vgHdhxsf13kyTKm9az8zxEJh7rgqLAKFSjGOmsnD/DbdgY+0GqW72jMF
k3JSctzPhURiuAsRp9tnMvsc3jhB+/9C7lLMGjsMZYvHZooY5/eOYKkgwLD8EWpc
8Yvqny5VlVQZkMMKUzBimXgFotePXYey4WUijvQf7wu8ZjeRCj3F2O2UkpJPPLd9
+VBrIK2uUvXGBbTYoQ==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:56:42 2024 by rpki-client on console-ams.rpki-client.org