Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/do2B3YEz0kTKSfDRFk6Z3h6pH_0.roa
File: do2B3YEz0kTKSfDRFk6Z3h6pH_0.roa (raw, json)
Hash identifier: J9J1OBP2NDNSRJhPb3gkAf376zhLkp7rOQElmmlsaY8=
Subject key identifier: 76:8D:81:DD:81:33:D2:44:CA:49:F0:D1:16:4E:99:DE:1E:A9:1F:FD
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EA2E560C0AEC1140DFC1A33D109A65AC2
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/do2B3YEz0kTKSfDRFk6Z3h6pH_0.roa
Signing time: Wed 03 Apr 2024 07:38:45 +0000
ROA not before: Wed 03 Apr 2024 07:38:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57580
IP address blocks: 2.63.170.0/24 maxlen: 24
217.107.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:e5:60:c0:ae:c1:14:0d:fc:1a:33:d1:09:a6:5a:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 3 07:38:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=768d81dd8133d244ca49f0d1164e99de1ea91ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:62:57:42:12:92:e7:4d:dc:88:c4:34:d0:3e:
ce:99:8f:57:63:27:12:17:25:96:8b:f5:68:34:38:
28:26:ab:fa:e9:60:e6:8d:84:b6:14:eb:56:0e:6c:
18:7e:e1:6c:85:d5:a8:3d:db:be:f1:69:84:51:a5:
d7:0e:66:94:89:3d:59:ee:09:64:35:6b:f6:53:75:
e3:89:86:77:4c:2f:1c:f9:65:5f:16:8b:5d:0c:17:
0b:9a:9f:9b:3d:7f:bd:dd:6d:a0:71:f4:6f:89:e0:
e6:c6:c1:f4:61:aa:15:9e:f6:b5:48:fd:d4:85:a3:
50:1a:18:d0:65:c5:3a:fc:03:08:37:a4:97:f1:cf:
e0:f8:94:d0:fe:c2:43:2c:26:13:7c:06:2c:40:41:
70:76:e2:ae:4d:5a:7b:d6:ea:fd:9d:26:9e:9e:65:
53:40:a4:05:d3:23:18:ef:19:1c:77:65:c2:b7:a4:
49:58:38:2a:be:af:57:1b:5b:1d:a9:5d:f7:f1:ee:
24:f3:62:b0:80:bb:66:d5:f0:b9:f2:a9:21:d6:ff:
92:90:44:24:74:67:fb:1f:45:50:51:c4:cf:e7:8b:
77:51:bb:31:58:02:5e:71:7c:01:29:53:86:61:c1:
57:66:66:34:dd:86:7d:01:22:e9:d2:f1:70:b7:0e:
a2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8D:81:DD:81:33:D2:44:CA:49:F0:D1:16:4E:99:DE:1E:A9:1F:FD
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/do2B3YEz0kTKSfDRFk6Z3h6pH_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.170.0/24
217.107.120.0/24
Signature Algorithm: sha256WithRSAEncryption
49:3c:13:69:07:f9:e7:46:b1:98:07:92:fa:79:98:38:d5:20:
20:2e:af:93:b7:af:43:25:20:c2:a4:29:36:31:0d:b5:39:0d:
dd:00:7a:d7:81:fb:51:e7:9c:23:2b:64:19:d4:25:04:15:3a:
8a:42:bc:6b:2d:58:4c:47:dd:fd:f3:df:1b:5f:e4:3a:a1:54:
12:94:28:56:b9:cc:02:7b:89:26:cb:6b:d4:76:66:5d:e0:3e:
11:96:70:ec:57:e1:76:ba:5d:d8:d8:da:7c:61:00:9b:7b:fe:
83:70:5f:04:33:ed:e8:bc:bb:54:9a:47:fa:82:03:6d:ef:ae:
ef:55:aa:a9:ad:a4:4f:e9:2b:39:d3:b8:cf:32:bf:01:33:7a:
78:e1:96:a9:9e:db:d5:7b:50:b5:30:4a:93:a5:f0:45:77:0f:
51:35:4c:69:89:fa:0f:8f:cb:85:b9:a6:8c:70:80:26:1c:cc:
42:3f:05:6a:98:38:00:d8:07:3c:4c:3e:5f:87:61:d3:ad:9c:
09:fb:d4:21:bc:af:da:80:8c:67:ad:44:99:94:24:7c:b1:01:
56:31:56:99:02:35:bd:d0:f3:67:ed:a9:00:33:aa:d5:1d:f9:
68:33:19:47:23:52:0c:e7:11:18:5f:11:98:7b:26:b2:8c:75:
9d:0c:09:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6i5WDArsEUDfwaM9EJplrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDAzMDczODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhkODFkZDgxMzNkMjQ0Y2E0OWYwZDExNjRlOTlkZTFlYTkxZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WJXQhKS503ciMQ00D7OmY9XYycS
FyWWi/VoNDgoJqv66WDmjYS2FOtWDmwYfuFshdWoPdu+8WmEUaXXDmaUiT1Z7glk
NWv2U3XjiYZ3TC8c+WVfFotdDBcLmp+bPX+93W2gcfRvieDmxsH0YaoVnva1SP3U
haNQGhjQZcU6/AMIN6SX8c/g+JTQ/sJDLCYTfAYsQEFwduKuTVp71ur9nSaenmVT
QKQF0yMY7xkcd2XCt6RJWDgqvq9XG1sdqV338e4k82KwgLtm1fC58qkh1v+SkEQk
dGf7H0VQUcTP54t3UbsxWAJecXwBKVOGYcFXZmY03YZ9ASLp0vFwtw6ihwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHaNgd2BM9JEyknw0RZOmd4eqR/9MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvZG8yQjNZRXowa1RLU2ZEUkZrNlozaDZwSF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAj+qAwQA
2Wt4MA0GCSqGSIb3DQEBCwUAA4IBAQBJPBNpB/nnRrGYB5L6eZg41SAgLq+Tt69D
JSDCpCk2MQ21OQ3dAHrXgftR55wjK2QZ1CUEFTqKQrxrLVhMR939898bX+Q6oVQS
lChWucwCe4kmy2vUdmZd4D4RlnDsV+F2ul3Y2Np8YQCbe/6DcF8EM+3ovLtUmkf6
ggNt767vVaqpraRP6Ss507jPMr8BM3p44ZapntvVe1C1MEqTpfBFdw9RNUxpifoP
j8uFuaaMcIAmHMxCPwVqmDgA2Ac8TD5fh2HTrZwJ+9QhvK/agIxnrUSZlCR8sQFW
MVaZAjW90PNn7akAM6rVHfloMxlHI1IM5xEYXxGYeyayjHWdDAkR
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:23:17 2024 by rpki-client on console-fra.rpki-client.org