Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/l80JW1MefK5Tu_nMPS2-t4sf17I.roa
File: l80JW1MefK5Tu_nMPS2-t4sf17I.roa (raw, json)
Hash identifier: BHI/gwXcxDtLJ0EVVPxZOj7di99uq1+h9k0miPG2NP8=
Subject key identifier: 97:CD:09:5B:53:1E:7C:AE:53:BB:F9:CC:3D:2D:BE:B7:8B:1F:D7:B2
Certificate issuer: /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial: 018CCA2ADD15CC67E5E34E77DB0A0E7E5D52
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/l80JW1MefK5Tu_nMPS2-t4sf17I.roa
Signing time: Tue 02 Jan 2024 12:34:15 +0000
ROA not before: Tue 02 Jan 2024 12:34:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2027
IP address blocks: 45.13.104.0/22 maxlen: 22
62.204.43.0/24 maxlen: 24
193.58.42.0/23 maxlen: 24
2a0f:ce00::/29 maxlen: 29
2a0e:e700::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:dd:15:cc:67:e5:e3:4e:77:db:0a:0e:7e:5d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Validity
Not Before: Jan 2 12:34:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97cd095b531e7cae53bbf9cc3d2dbeb78b1fd7b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:06:0f:ab:63:c7:74:55:ec:30:aa:05:82:f0:
55:b7:ee:56:5b:28:cd:2f:b7:31:97:f3:51:6c:f5:
b8:3d:07:7f:c7:c9:7e:24:f3:5b:d0:c8:db:ac:11:
9c:85:23:3e:02:3a:16:aa:9b:38:f2:23:c0:c8:6f:
30:1a:ac:9e:21:f9:f0:c6:ef:36:1a:df:3f:c1:15:
ea:3a:6c:ec:06:24:ce:13:a7:2f:de:4a:24:f0:a3:
e8:f4:f9:0b:8d:a5:c5:92:31:11:a5:cc:cb:53:0a:
cb:f1:84:55:86:93:aa:98:b8:5a:0f:a5:f1:ab:b7:
a9:47:a9:c2:82:7b:50:d8:3d:3c:47:c5:4d:da:23:
36:5d:dd:ba:c9:84:e8:c0:e2:da:e4:9d:eb:c7:15:
3c:c9:7e:5c:81:fe:68:3e:85:63:2e:72:90:aa:23:
1d:7b:11:58:16:50:2e:ca:ff:08:5d:4d:63:18:f8:
87:af:b7:98:1e:10:30:1e:eb:60:93:84:86:f9:ff:
d0:36:7b:04:6b:fd:5b:82:ca:4c:54:0e:e9:d8:c4:
bd:9b:37:3d:91:c2:64:e6:1a:c0:75:96:2a:e8:bb:
e9:c8:4e:52:58:56:66:12:0f:e5:fc:bc:8e:30:f2:
0d:55:56:16:2d:16:96:50:ee:0c:f1:d8:f6:8f:a1:
8a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CD:09:5B:53:1E:7C:AE:53:BB:F9:CC:3D:2D:BE:B7:8B:1F:D7:B2
X509v3 Authority Key Identifier:
keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/l80JW1MefK5Tu_nMPS2-t4sf17I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.104.0/22
62.204.43.0/24
193.58.42.0/23
IPv6:
2a0e:e700::/31
2a0f:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
65:3f:5e:f7:59:2b:f4:22:55:ba:96:7d:e9:79:89:fc:2e:ed:
7c:65:93:30:d9:0a:00:b6:ed:04:5f:d3:dd:1c:b4:87:77:ea:
01:31:1d:b7:63:b3:8d:f6:0b:67:83:79:44:e6:0e:02:f8:4f:
78:5a:0f:46:d0:54:89:ed:43:de:83:5b:ab:32:f8:a0:65:33:
ce:25:3d:5b:14:32:05:b3:5f:84:45:06:48:79:56:32:03:f1:
1b:99:59:42:0c:d5:2f:ff:af:e9:31:0d:2c:6d:be:b3:2e:6f:
a2:10:87:ba:80:02:f6:ba:bb:0c:76:33:44:c3:e5:7f:1d:ce:
18:3d:36:ac:c2:bc:94:51:02:06:b9:5a:96:29:22:06:6c:0c:
45:c0:a0:fc:20:a7:f9:d0:8a:c9:dd:23:a6:01:3a:64:4c:2a:
70:f9:f2:6f:06:a0:57:fc:26:66:09:fa:b6:b8:d0:5a:b9:5a:
38:0d:f9:bd:33:bb:e0:25:e8:54:e2:4b:b9:67:06:51:f7:15:
ba:3a:b5:47:eb:bb:50:74:6a:80:86:59:71:a8:c4:ca:b8:3a:
ea:28:e4:5b:8f:d4:51:5c:3b:7a:25:ac:5d:f5:cc:69:67:32:
18:b6:a8:d5:58:c1:d0:38:9b:da:b0:96:63:20:67:42:53:b1:
74:4b:84:00
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzKKt0VzGfl40532woOfl1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjQwMTAyMTIzNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2NkMDk1YjUzMWU3Y2FlNTNiYmY5Y2MzZDJkYmViNzhiMWZkN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gYPq2PHdFXsMKoFgvBVt+5WWyjN
L7cxl/NRbPW4PQd/x8l+JPNb0MjbrBGchSM+AjoWqps48iPAyG8wGqyeIfnwxu82
Gt8/wRXqOmzsBiTOE6cv3kok8KPo9PkLjaXFkjERpczLUwrL8YRVhpOqmLhaD6Xx
q7epR6nCgntQ2D08R8VN2iM2Xd26yYTowOLa5J3rxxU8yX5cgf5oPoVjLnKQqiMd
exFYFlAuyv8IXU1jGPiHr7eYHhAwHutgk4SG+f/QNnsEa/1bgspMVA7p2MS9mzc9
kcJk5hrAdZYq6LvpyE5SWFZmEg/l/LyOMPINVVYWLRaWUO4M8dj2j6GKFQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJfNCVtTHnyuU7v5zD0tvreLH9eyMB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEvbDgwSlcxTWVmSzVUdV9uTVBTMi10NHNmMTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLQ1oAwQA
PswrAwQBwToqMBQEAgACMA4DBQEqDucAAwUDKg/OADANBgkqhkiG9w0BAQsFAAOC
AQEAZT9e91kr9CJVupZ96XmJ/C7tfGWTMNkKALbtBF/T3Ry0h3fqATEdt2OzjfYL
Z4N5ROYOAvhPeFoPRtBUie1D3oNbqzL4oGUzziU9WxQyBbNfhEUGSHlWMgPxG5lZ
QgzVL/+v6TENLG2+sy5vohCHuoAC9rq7DHYzRMPlfx3OGD02rMK8lFECBrlaliki
BmwMRcCg/CCn+dCKyd0jpgE6ZEwqcPnybwagV/wmZgn6trjQWrlaOA35vTO74CXo
VOJLuWcGUfcVujq1R+u7UHRqgIZZcajEyrg66ijkW4/UUVw7eiWsXfXMaWcyGLao
1VjB0Dib2rCWYyBnQlOxdEuEAA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:05:24 2024 by rpki-client on console-fra.rpki-client.org