Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/s1khpLb71kx3hxXXWolEiv3ExMk.roa
File: s1khpLb71kx3hxXXWolEiv3ExMk.roa (raw, json)
Hash identifier: DqEqBdL2tfiq6IeGF1q/l8P7/eRkVKRizJU5ZpJ5bIQ=
Subject key identifier: B3:59:21:A4:B6:FB:D6:4C:77:87:15:D7:5A:89:44:8A:FD:C4:C4:C9
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 018CC5DC8D0A49BE3E623DE918A4F809FD3C
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/s1khpLb71kx3hxXXWolEiv3ExMk.roa
Signing time: Mon 01 Jan 2024 16:30:14 +0000
ROA not before: Mon 01 Jan 2024 16:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3573
IP address blocks: 2a02:ee80:4066::/48 maxlen: 48
2a02:ee80:4066::/47 maxlen: 47
2a02:ee80:4171::/48 maxlen: 48
2a02:ee80:415c::/47 maxlen: 47
2a02:ee80:4067::/48 maxlen: 48
2a02:ee80:404a::/48 maxlen: 48
2a02:ee80:404a::/47 maxlen: 47
2a02:ee80:4170::/48 maxlen: 48
2a02:ee80:41a8::/47 maxlen: 47
2a02:ee80:4170::/47 maxlen: 47
2a02:ee80:404b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 22:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:8d:0a:49:be:3e:62:3d:e9:18:a4:f8:09:fd:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Jan 1 16:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b35921a4b6fbd64c778715d75a89448afdc4c4c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e2:ca:0a:91:29:f2:01:c2:6b:8a:ad:e1:c9:
a9:4a:86:40:d7:1d:22:77:ee:70:db:be:3c:a1:bb:
e4:4a:33:f2:14:a7:a8:d2:e1:ea:df:5d:d9:cc:af:
b9:32:25:40:61:8b:d7:61:d1:d9:3e:a3:d1:aa:bb:
75:06:18:63:d6:28:37:39:93:f2:46:c2:94:49:22:
00:96:c8:4c:32:e4:35:d1:29:07:01:d5:17:ce:79:
95:b1:21:7b:bb:fc:54:af:44:d5:8a:fe:b1:d3:d9:
cc:46:b6:21:dd:f9:68:d8:9a:cb:19:3e:94:e0:c2:
42:20:ff:ff:8f:8d:69:01:af:dc:dd:60:95:3e:a3:
40:38:ec:9b:25:82:81:bf:ce:33:1c:61:ca:06:33:
e0:dd:22:30:c2:ca:78:e1:ac:f1:83:47:97:15:94:
8c:93:29:c1:f2:8f:63:3d:ef:db:37:26:43:7b:55:
c7:71:8e:89:83:d9:20:66:35:16:53:f4:1a:1c:b7:
71:cd:02:37:f6:47:2b:f7:a7:fe:11:06:c9:7d:f7:
f2:2c:70:d1:e3:20:41:90:0e:1e:7b:c1:5c:a2:a6:
76:85:bc:80:bd:d9:3a:f6:04:e6:f1:7e:db:78:43:
c4:2e:9c:4e:b8:b2:af:6b:55:c4:34:af:3d:ba:a2:
8c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:59:21:A4:B6:FB:D6:4C:77:87:15:D7:5A:89:44:8A:FD:C4:C4:C9
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/s1khpLb71kx3hxXXWolEiv3ExMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:ee80:404a::/47
2a02:ee80:4066::/47
2a02:ee80:415c::/47
2a02:ee80:4170::/47
2a02:ee80:41a8::/47
Signature Algorithm: sha256WithRSAEncryption
83:9a:17:50:7f:4c:95:5d:4a:97:3e:ed:31:86:c2:96:ce:4f:
ae:9b:cc:98:7b:9a:05:f5:63:90:ef:ac:07:37:8a:65:90:e6:
9b:09:6f:ad:32:eb:02:5f:81:90:ac:f1:1c:f6:d6:97:a1:ec:
a1:42:04:58:6c:e3:b2:e9:8b:e9:13:6f:62:1d:48:37:35:24:
de:18:ff:8c:29:80:a3:70:a9:76:b9:2a:87:c9:fb:b7:4c:bc:
20:03:0c:d6:c1:b7:97:5c:b1:ba:8c:21:0d:19:a4:52:67:d0:
be:83:ac:c1:f3:74:cf:62:26:84:89:91:7b:58:2b:35:a3:ee:
16:7e:d5:12:21:08:a3:25:70:97:c1:b9:3f:09:0b:84:71:a1:
18:ed:ec:f8:28:ee:14:df:0c:e8:e4:55:48:41:52:71:6f:24:
0f:43:9e:3f:ae:65:25:ba:f3:c1:9c:f5:97:1d:5f:c0:d5:20:
da:7f:ce:7b:4a:b5:21:28:92:6a:77:ce:13:ea:b6:a8:d8:02:
12:19:e2:28:1f:46:20:17:84:57:23:f2:42:08:2d:53:f2:bc:
d5:f5:3f:2c:c0:99:36:af:a3:90:0d:d9:e0:9d:bc:55:e2:09:
82:e3:e6:41:45:ad:c0:25:3f:32:e3:1f:24:3c:87:8c:c9:7f:
3e:4f:86:40
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzF3I0KSb4+Yj3pGKT4Cf08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjQwMTAxMTYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzU5MjFhNGI2ZmJkNjRjNzc4NzE1ZDc1YTg5NDQ4YWZkYzRjNGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOLKCpEp8gHCa4qt4cmpSoZA1x0i
d+5w2748obvkSjPyFKeo0uHq313ZzK+5MiVAYYvXYdHZPqPRqrt1Bhhj1ig3OZPy
RsKUSSIAlshMMuQ10SkHAdUXznmVsSF7u/xUr0TViv6x09nMRrYh3flo2JrLGT6U
4MJCIP//j41pAa/c3WCVPqNAOOybJYKBv84zHGHKBjPg3SIwwsp44azxg0eXFZSM
kynB8o9jPe/bNyZDe1XHcY6Jg9kgZjUWU/QaHLdxzQI39kcr96f+EQbJfffyLHDR
4yBBkA4ee8FcoqZ2hbyAvdk69gTm8X7beEPELpxOuLKva1XENK89uqKM7QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLNZIaS2+9ZMd4cV11qJRIr9xMTJMB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvczFraHBMYjcxa3gzaHhYWFdvbEVpdjNFeE1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcBKgLugEBK
AwcBKgLugEBmAwcBKgLugEFcAwcBKgLugEFwAwcBKgLugEGoMA0GCSqGSIb3DQEB
CwUAA4IBAQCDmhdQf0yVXUqXPu0xhsKWzk+um8yYe5oF9WOQ76wHN4plkOabCW+t
MusCX4GQrPEc9taXoeyhQgRYbOOy6YvpE29iHUg3NSTeGP+MKYCjcKl2uSqHyfu3
TLwgAwzWwbeXXLG6jCENGaRSZ9C+g6zB83TPYiaEiZF7WCs1o+4WftUSIQijJXCX
wbk/CQuEcaEY7ez4KO4U3wzo5FVIQVJxbyQPQ54/rmUluvPBnPWXHV/A1SDaf857
SrUhKJJqd84T6rao2AISGeIoH0YgF4RXI/JCCC1T8rzV9T8swJk2r6OQDdngnbxV
4gmC4+ZBRa3AJT8y4x8kPIeMyX8+T4ZA
-----END CERTIFICATE-----
Generated at Tue May 14 07:27:20 2024 by rpki-client on console-fra.rpki-client.org