Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/1-axFyWRN1tBOmwTeWkPOaozpACs.roa
File: 1-axFyWRN1tBOmwTeWkPOaozpACs.roa (raw, json)
Hash identifier: Qb1nBIGjwmWZsaFKj4Nj+e6YYM4hHR9IJs+I77eui7o=
Subject key identifier: F9:AC:45:C9:64:4D:D6:D0:4E:9B:04:DE:5A:43:CE:6A:8C:E9:00:2B
Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial: 018CC5DCA7FCB69314F51F0842F8CD49357E
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/1-axFyWRN1tBOmwTeWkPOaozpACs.roa
Signing time: Mon 01 Jan 2024 16:30:21 +0000
ROA not before: Mon 01 Jan 2024 16:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51375
IP address blocks: 84.235.102.0/24 maxlen: 24
84.235.101.0/24 maxlen: 24
84.235.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:a7:fc:b6:93:14:f5:1f:08:42:f8:cd:49:35:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Validity
Not Before: Jan 1 16:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9ac45c9644dd6d04e9b04de5a43ce6a8ce9002b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a6:43:81:4d:1b:ee:23:66:79:98:ac:fe:d5:
d5:5f:fd:88:35:8d:2e:dd:03:34:0d:70:c8:83:69:
a1:ca:4f:9d:db:f0:93:02:6f:fb:e1:45:e5:9e:49:
27:5e:ec:57:5f:b0:39:c3:ba:9b:18:20:15:d5:a5:
bc:6f:41:d2:3b:52:6c:14:5f:cf:a4:52:4c:76:73:
2f:98:c7:9a:4a:1a:13:79:ed:65:51:27:18:a7:67:
77:e8:16:9f:d8:89:e3:19:94:9c:52:02:5e:09:2e:
e1:a0:0b:76:9a:24:d3:9c:5f:1d:67:f5:b2:9a:1f:
ad:f7:e0:f8:a4:69:0e:75:4d:07:db:58:06:4d:ec:
0e:8b:6e:03:3a:09:f7:3e:a4:d9:a7:43:1e:1d:1d:
6b:37:e8:66:35:70:c4:d3:8e:af:16:e4:05:83:c5:
ac:f8:df:42:64:ed:04:09:e1:5b:e3:d0:a3:ef:ae:
08:6d:5d:f8:a8:43:fa:ea:94:93:ac:71:8c:9e:53:
e3:80:c4:99:83:69:f4:55:56:9e:53:3b:d4:81:08:
b7:4e:37:10:48:a5:18:a0:21:74:6f:9b:da:1c:92:
cc:ad:20:33:15:9c:63:4d:14:ec:bb:9f:f2:af:35:
97:e6:64:ed:3e:c6:e6:d6:c7:d3:7a:0e:11:46:ec:
50:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AC:45:C9:64:4D:D6:D0:4E:9B:04:DE:5A:43:CE:6A:8C:E9:00:2B
X509v3 Authority Key Identifier:
keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/1-axFyWRN1tBOmwTeWkPOaozpACs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.235.101.0-84.235.102.255
84.235.107.0/24
Signature Algorithm: sha256WithRSAEncryption
82:13:45:dd:01:f6:96:4c:1e:ea:36:d9:27:3b:7d:71:99:23:
a5:9b:bb:97:43:e1:85:5e:05:ad:c0:2f:28:2d:41:13:99:8f:
2e:30:fc:42:2a:bb:27:47:71:f3:2f:43:70:6f:18:af:55:8b:
7b:65:f5:04:93:ef:4d:e5:41:68:6d:a1:e3:14:e4:1e:e2:ee:
0a:f5:fa:38:57:e2:25:31:6d:6d:3d:58:37:ff:13:83:78:36:
29:ec:ed:ce:bb:ef:92:2a:1a:27:f1:76:78:b0:52:02:24:4d:
03:2b:30:2e:cb:26:f0:04:47:cc:17:f2:24:72:80:d2:26:98:
e8:3e:aa:90:91:d3:5c:d1:20:87:f2:e1:f3:5a:01:00:95:cf:
c6:d6:b6:a2:10:a1:3c:a9:7c:c4:39:c0:ab:f1:8f:c7:15:f7:
6c:d5:b3:92:30:3c:00:0e:92:a6:04:dd:2b:3e:6d:09:da:cd:
12:d9:fe:d7:ba:3b:f9:7f:d6:ea:6a:33:ab:a0:dc:1f:73:5f:
11:d9:be:36:b2:bf:5a:f5:0e:63:77:49:3f:73:68:84:0f:80:
d3:a7:1f:38:ee:41:85:75:a3:06:21:a2:60:20:46:73:53:3a:
a6:2d:3a:d3:73:00:b0:e6:4a:15:a9:46:98:ed:49:88:2e:d4:
22:b7:fb:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3Kf8tpMU9R8IQvjNSTV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjQwMTAxMTYzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFjNDVjOTY0NGRkNmQwNGU5YjA0ZGU1YTQzY2U2YThjZTkwMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6ZDgU0b7iNmeZis/tXVX/2INY0u
3QM0DXDIg2mhyk+d2/CTAm/74UXlnkknXuxXX7A5w7qbGCAV1aW8b0HSO1JsFF/P
pFJMdnMvmMeaShoTee1lUScYp2d36Baf2InjGZScUgJeCS7hoAt2miTTnF8dZ/Wy
mh+t9+D4pGkOdU0H21gGTewOi24DOgn3PqTZp0MeHR1rN+hmNXDE046vFuQFg8Ws
+N9CZO0ECeFb49Cj764IbV34qEP66pSTrHGMnlPjgMSZg2n0VVaeUzvUgQi3TjcQ
SKUYoCF0b5vaHJLMrSAzFZxjTRTsu5/yrzWX5mTtPsbm1sfTeg4RRuxQXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPmsRclkTdbQTpsE3lpDzmqM6QArMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvMS1heEZ5V1JOMXRCT213VGVXa1BPYW96cEFDcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTIvODhmZGQxLThiN2ItNDEwMS1hYzY2LWI1OTA5NTdkOTQx
NS8xL1hodjJveG5hSkltQmF1MjZHMF9RekgzZlBoNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQAVOtl
AwQAVOtmAwQAVOtrMA0GCSqGSIb3DQEBCwUAA4IBAQCCE0XdAfaWTB7qNtknO31x
mSOlm7uXQ+GFXgWtwC8oLUETmY8uMPxCKrsnR3HzL0NwbxivVYt7ZfUEk+9N5UFo
baHjFOQe4u4K9fo4V+IlMW1tPVg3/xODeDYp7O3Ou++SKhon8XZ4sFICJE0DKzAu
yybwBEfMF/IkcoDSJpjoPqqQkdNc0SCH8uHzWgEAlc/G1raiEKE8qXzEOcCr8Y/H
Ffds1bOSMDwADpKmBN0rPm0J2s0S2f7Xujv5f9bqajOroNwfc18R2b42sr9a9Q5j
d0k/c2iED4DTpx847kGFdaMGIaJgIEZzUzqmLTrTcwCw5koVqUaY7UmILtQit/sd
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:37:58 2024 by rpki-client on console-ams.rpki-client.org