Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/2AVRiS3rOwsYRF57cQ7keqkjs-Y.roa
File: 2AVRiS3rOwsYRF57cQ7keqkjs-Y.roa (raw, json)
Hash identifier: OidiwvJpgKTsIoeKm8H8+kWSSSNeGT5XEbGJm0fmEk4=
Subject key identifier: D8:05:51:89:2D:EB:3B:0B:18:44:5E:7B:71:0E:E4:7A:A9:23:B3:E6
Certificate issuer: /CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Certificate serial: 018CC5002A2D4A8DA9CAA0E95A123F3992B6
Authority key identifier: 56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/2AVRiS3rOwsYRF57cQ7keqkjs-Y.roa
Signing time: Mon 01 Jan 2024 12:29:31 +0000
ROA not before: Mon 01 Jan 2024 12:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212568
IP address blocks: 2a11:e487:affe::/48 maxlen: 48
2a11:e487:cafe::/48 maxlen: 48
2a11:e487:dead::/48 maxlen: 48
2a11:e487:42::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 22:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:2a:2d:4a:8d:a9:ca:a0:e9:5a:12:3f:39:92:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Validity
Not Before: Jan 1 12:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d80551892deb3b0b18445e7b710ee47aa923b3e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:63:65:0e:39:e3:a9:de:4b:c3:1b:d5:8f:61:
0b:7f:21:aa:1d:72:ee:a9:a1:a1:04:3d:9f:b0:f3:
2d:19:fe:6e:f9:e9:d3:59:6b:4c:9c:9d:aa:fb:fd:
1f:26:70:24:21:5f:f6:66:28:21:55:21:3b:a6:2d:
f4:23:5b:5c:4c:d0:7b:20:96:81:ab:f5:c7:cf:e8:
82:ef:f1:40:30:47:fb:8a:ad:89:07:36:17:0f:39:
d0:f1:5d:80:49:ed:9e:bb:45:20:c1:c7:ca:c3:52:
15:af:57:8c:09:27:da:64:9a:8b:f6:a4:55:8d:0e:
ac:50:cb:be:4f:37:4c:12:a5:40:41:13:42:41:87:
27:f6:2b:e3:d3:59:9a:2e:fe:43:d1:4d:34:58:6f:
85:3b:b8:1a:5f:29:14:97:89:37:08:34:1c:44:1d:
5e:c6:0a:79:55:60:ce:13:a7:42:00:ba:2e:63:7d:
d6:72:08:83:c8:e6:96:49:19:a0:d1:33:55:c3:82:
e5:07:3f:95:d8:1b:f0:12:92:e8:fa:b5:9e:66:bc:
57:03:32:77:20:c0:fb:e7:f9:7f:f2:e6:89:d6:47:
9d:90:23:ae:91:d0:65:7b:d7:ad:30:3d:0f:42:49:
99:f8:4f:6b:e7:c1:33:48:d8:85:49:cf:eb:38:a7:
8f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:05:51:89:2D:EB:3B:0B:18:44:5E:7B:71:0E:E4:7A:A9:23:B3:E6
X509v3 Authority Key Identifier:
keyid:56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/2AVRiS3rOwsYRF57cQ7keqkjs-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e487:42::/48
2a11:e487:affe::/48
2a11:e487:cafe::/48
2a11:e487:dead::/48
Signature Algorithm: sha256WithRSAEncryption
28:59:5d:36:bf:71:a2:5a:b2:40:bd:75:66:0c:fd:7e:34:6e:
c8:dd:12:42:38:02:7f:29:ce:8e:57:63:99:a8:df:ed:be:88:
bd:e7:a4:b1:db:f4:02:0e:5e:4e:bb:80:cf:01:9d:4e:e3:0c:
cb:4e:73:8e:6f:a9:b8:a8:58:ad:35:6d:15:fc:89:0e:f9:d6:
72:15:11:53:41:a4:ca:27:3f:58:ef:bb:c0:e8:03:36:17:63:
47:84:c4:37:c7:ab:b0:3b:95:76:aa:a8:89:54:7d:3b:e1:da:
e8:3b:ba:25:56:42:0b:31:6b:86:82:56:ef:8e:f7:9b:a5:da:
72:fd:0e:4c:96:c0:8c:69:cb:7e:ed:20:c7:66:09:eb:e1:94:
ed:92:ac:33:5a:e9:63:b1:82:64:4b:3f:08:a3:52:5a:76:96:
d1:84:aa:93:b2:de:b6:da:b2:2f:9e:8c:43:71:32:a6:be:98:
e8:3b:23:6b:f6:86:57:d1:19:cd:91:23:97:1b:4c:f0:49:ed:
23:95:dd:d9:bf:bd:2e:cc:bf:8d:7f:15:9b:d8:b7:e9:df:bc:
f4:27:36:48:d9:a9:ea:c3:4c:bd:ca:20:af:74:39:5d:61:6d:
34:56:1c:2a:48:d4:6b:14:84:aa:06:8c:b5:ef:e6:93:0d:62:
1d:41:00:f0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFACotSo2pyqDpWhI/OZK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWZjZDhmYjQwYWFlMWQyNDNjMmE4Y2UyNTQxYTY5OTg3
ZWVkMTMwHhcNMjQwMTAxMTIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODA1NTE4OTJkZWIzYjBiMTg0NDVlN2I3MTBlZTQ3YWE5MjNiM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGNlDjnjqd5LwxvVj2ELfyGqHXLu
qaGhBD2fsPMtGf5u+enTWWtMnJ2q+/0fJnAkIV/2ZighVSE7pi30I1tcTNB7IJaB
q/XHz+iC7/FAMEf7iq2JBzYXDznQ8V2ASe2eu0UgwcfKw1IVr1eMCSfaZJqL9qRV
jQ6sUMu+TzdMEqVAQRNCQYcn9ivj01maLv5D0U00WG+FO7gaXykUl4k3CDQcRB1e
xgp5VWDOE6dCALouY33WcgiDyOaWSRmg0TNVw4LlBz+V2BvwEpLo+rWeZrxXAzJ3
IMD75/l/8uaJ1kedkCOukdBle9etMD0PQkmZ+E9r58EzSNiFSc/rOKePnwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNgFUYkt6zsLGERee3EO5HqpI7PmMB8GA1UdIwQY
MBaAFFavzY+0Cq4dJDwqjOJUGmmYfu0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYt
MjM3YmU3NzMwMDdhLzEvMkFWUmlTM3JPd3NZUkY1N2NRN2tlcWtqcy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYtMjM3YmU3NzMwMDdh
LzEvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKhHkhwBC
AwcAKhHkh6/+AwcAKhHkh8r+AwcAKhHkh96tMA0GCSqGSIb3DQEBCwUAA4IBAQAo
WV02v3GiWrJAvXVmDP1+NG7I3RJCOAJ/Kc6OV2OZqN/tvoi956Sx2/QCDl5Ou4DP
AZ1O4wzLTnOOb6m4qFitNW0V/IkO+dZyFRFTQaTKJz9Y77vA6AM2F2NHhMQ3x6uw
O5V2qqiJVH074droO7olVkILMWuGglbvjvebpdpy/Q5MlsCMact+7SDHZgnr4ZTt
kqwzWuljsYJkSz8Io1JadpbRhKqTst622rIvnoxDcTKmvpjoOyNr9oZX0RnNkSOX
G0zwSe0jld3Zv70uzL+NfxWb2Lfp37z0JzZI2anqw0y9yiCvdDldYW00VhwqSNRr
FISqBoy17+aTDWIdQQDw
-----END CERTIFICATE-----
Generated at Mon May 20 04:56:25 2024 by rpki-client on console-ams.rpki-client.org