Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/CA02NgGe58Fexwh3aXKQmfruw-k.roa
File: CA02NgGe58Fexwh3aXKQmfruw-k.roa (raw, json)
Hash identifier: TWusG1KXb1aMiQHxxtkPoIKAcF6Y2yNK+n9B6pl++n4=
Subject key identifier: 08:0D:36:36:01:9E:E7:C1:5E:C7:08:77:69:72:90:99:FA:EE:C3:E9
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 018CC3B72B820EDB1863F605C656AF1908D9
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/CA02NgGe58Fexwh3aXKQmfruw-k.roa
Signing time: Mon 01 Jan 2024 06:30:10 +0000
ROA not before: Mon 01 Jan 2024 06:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59793
IP address blocks: 2a02:d0c2:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2b:82:0e:db:18:63:f6:05:c6:56:af:19:08:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 06:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=080d3636019ee7c15ec7087769729099faeec3e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ca:2e:7c:dd:6f:d9:9a:28:1d:76:42:75:e1:
9c:5d:30:9f:33:be:cf:1f:05:4f:fe:4b:05:87:bb:
8a:a1:b8:95:f7:6d:f6:8d:43:6c:24:62:6a:8e:d7:
6d:13:b3:9b:95:16:68:67:5b:27:0e:35:ff:44:84:
c3:91:b8:3b:8f:f7:57:3f:9f:6f:75:96:f0:75:36:
97:ec:43:55:df:40:01:74:c3:2a:e7:57:3a:b3:37:
bf:a2:c4:66:9c:4d:15:2e:f7:95:f3:fd:9f:55:59:
24:fb:c5:e0:f6:80:2c:de:04:48:d2:cb:7f:35:7a:
70:8a:7e:f2:67:e4:2b:ec:40:fa:12:9e:5a:e5:26:
35:04:0e:01:5f:e6:07:32:fa:45:00:00:c0:f1:a8:
21:9e:d2:40:00:bf:21:f6:d6:31:a6:95:44:e0:17:
71:5b:f0:ae:ac:50:2a:4a:0e:59:4e:f0:4e:70:fe:
fd:87:99:63:de:b1:47:47:7d:c8:aa:9f:46:0f:77:
f8:24:d6:02:e5:9d:18:ca:44:f7:48:77:d3:c6:0a:
a6:0a:4f:bd:6d:51:83:14:0d:86:75:65:b2:22:ea:
d1:77:c0:1d:f4:1a:4e:c0:91:e9:a6:40:ed:00:7c:
c7:4c:47:c5:2d:33:86:08:e6:d9:87:07:42:76:18:
75:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:0D:36:36:01:9E:E7:C1:5E:C7:08:77:69:72:90:99:FA:EE:C3:E9
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/CA02NgGe58Fexwh3aXKQmfruw-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:d0c2:1::/48
Signature Algorithm: sha256WithRSAEncryption
56:dc:8d:3c:a2:f2:f9:1f:3d:9b:d7:db:eb:ec:f2:c7:1b:c7:
2b:7b:f4:9e:7a:11:3d:d4:fa:59:21:f1:b4:71:27:ae:9a:5c:
7e:c9:ae:9b:b3:bd:a0:f6:09:58:0b:04:d5:e5:cf:db:29:4b:
ac:2c:21:92:b1:b8:f0:87:5c:ec:9a:30:53:96:91:97:80:58:
3d:80:cf:5d:c4:f5:2f:a4:d4:cb:73:8a:e3:8b:78:38:1c:86:
a9:09:9d:a4:08:b6:6a:22:5f:81:56:cf:40:ac:14:a0:83:c6:
77:45:9c:d8:46:01:f9:11:a6:ab:c7:c4:b0:6b:51:5b:6e:44:
b9:f1:d4:74:7e:c0:e8:bf:27:ed:63:97:f4:19:84:88:82:c0:
5e:bb:7b:d1:ce:ae:ef:3c:f9:96:2e:fc:c7:77:03:6b:fb:b4:
72:69:b9:d3:fc:16:72:22:5e:27:07:6e:86:d0:fd:34:e5:e0:
8d:13:6c:69:cc:dc:97:86:70:4f:a9:d1:19:12:d5:77:aa:de:
1f:fd:e3:10:a0:e7:5b:21:94:2c:ec:7f:65:79:e1:8e:76:68:
f7:06:4b:09:58:d6:69:74:b5:7d:c9:cd:56:1b:6b:ba:bd:82:
0d:6a:a6:09:a1:8d:ff:57:0d:0b:b0:b2:bf:99:14:a4:29:ca:
bc:16:41:e1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDtyuCDtsYY/YFxlavGQjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNDVkYWNjODM3Nzk4YzNlNmNmMzFmNGQyNzk0NmEzM2Iw
ZGU2NjEwHhcNMjQwMTAxMDYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODBkMzYzNjAxOWVlN2MxNWVjNzA4Nzc2OTcyOTA5OWZhZWVjM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8soufN1v2ZooHXZCdeGcXTCfM77P
HwVP/ksFh7uKobiV9232jUNsJGJqjtdtE7OblRZoZ1snDjX/RITDkbg7j/dXP59v
dZbwdTaX7ENV30ABdMMq51c6sze/osRmnE0VLveV8/2fVVkk+8Xg9oAs3gRI0st/
NXpwin7yZ+Qr7ED6Ep5a5SY1BA4BX+YHMvpFAADA8aghntJAAL8h9tYxppVE4Bdx
W/CurFAqSg5ZTvBOcP79h5lj3rFHR33Iqp9GD3f4JNYC5Z0YykT3SHfTxgqmCk+9
bVGDFA2GdWWyIurRd8Ad9BpOwJHppkDtAHzHTEfFLTOGCObZhwdCdhh1xQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAgNNjYBnufBXscId2lykJn67sPpMB8GA1UdIwQY
MBaAFBBF2syDd5jD5s8x9NJ5RqM7DeZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUVYYXpJTjNtTVBtenpIMDBubEdvenNONW1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8yNjZjYWYtM2I0My00OWUwLWI2ZTEt
OWMxNzRlNTNlNGZlLzEvQ0EwMk5nR2U1OEZleHdoM2FYS1FtZnJ1dy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8yNjZjYWYtM2I0My00OWUwLWI2ZTEtOWMxNzRlNTNlNGZl
LzEvRUVYYXpJTjNtTVBtenpIMDBubEdvenNONW1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgLQwgAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBW3I08ovL5Hz2b19vr7PLHG8cre/SeehE91PpZ
IfG0cSeumlx+ya6bs72g9glYCwTV5c/bKUusLCGSsbjwh1zsmjBTlpGXgFg9gM9d
xPUvpNTLc4rji3g4HIapCZ2kCLZqIl+BVs9ArBSgg8Z3RZzYRgH5Eaarx8Swa1Fb
bkS58dR0fsDovyftY5f0GYSIgsBeu3vRzq7vPPmWLvzHdwNr+7RyabnT/BZyIl4n
B26G0P005eCNE2xpzNyXhnBPqdEZEtV3qt4f/eMQoOdbIZQs7H9leeGOdmj3BksJ
WNZpdLV9yc1WG2u6vYINaqYJoY3/Vw0LsLK/mRSkKcq8FkHh
-----END CERTIFICATE-----
Generated at Sun May 19 18:35:19 2024 by rpki-client on console-fra.rpki-client.org