Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/aHw4739QneDJicfHm8Yc1Rl4TvQ.roa
File: aHw4739QneDJicfHm8Yc1Rl4TvQ.roa (raw, json)
Hash identifier: BsLCOfhX+hvi7DBkxd42/1OkNtDnKQzEOvGL2JzJUAM=
Subject key identifier: 68:7C:38:EF:7F:50:9D:E0:C9:89:C7:C7:9B:C6:1C:D5:19:78:4E:F4
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 018CC86F21D7682BD2228591831E671B82FA
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/aHw4739QneDJicfHm8Yc1Rl4TvQ.roa
Signing time: Tue 02 Jan 2024 04:29:35 +0000
ROA not before: Tue 02 Jan 2024 04:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34164
IP address blocks: 2a01:3e0:402::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:21:d7:68:2b:d2:22:85:91:83:1e:67:1b:82:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Jan 2 04:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=687c38ef7f509de0c989c7c79bc61cd519784ef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2d:1f:a8:b1:e0:46:d9:e9:d8:6c:5d:9a:27:
84:99:45:9a:65:91:e7:6e:39:dc:77:40:1a:d0:00:
fc:90:c8:d2:80:60:54:ba:1b:f1:52:6b:b8:cd:4b:
d7:b9:87:87:c4:80:c6:a7:8c:08:62:69:83:7f:fb:
09:74:fc:c5:de:24:b6:73:b5:34:a4:46:e5:4f:d1:
e0:3b:af:62:d3:b1:6f:e6:22:ff:ea:d4:90:00:d2:
fc:dc:84:a3:cb:98:b3:eb:4f:bd:59:95:1a:b9:20:
6c:e0:21:aa:60:1c:38:5d:49:f7:e4:ea:b5:c8:b8:
ea:43:f6:8a:54:a0:93:ef:6d:b6:a3:f2:1c:00:fb:
5a:a8:5d:23:d9:db:fa:28:8b:c5:ba:d6:b7:fd:fe:
9b:8f:0f:88:95:fd:93:db:d5:c1:d1:e8:16:6a:f5:
56:9b:3f:90:b5:3b:dc:68:9e:9e:a3:08:68:65:cc:
35:1e:9d:dc:2f:cb:7c:44:90:40:84:9e:d9:e6:16:
c8:ef:01:d8:55:25:e6:f4:cd:6d:9f:24:73:50:2e:
00:15:72:6c:5a:aa:44:67:b0:17:63:a2:73:0b:f9:
3e:e7:b3:f2:6d:97:a1:4f:5a:b6:23:2a:39:fd:ec:
f3:01:ca:f9:2c:0c:a2:24:69:f5:df:2e:05:84:ef:
05:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7C:38:EF:7F:50:9D:E0:C9:89:C7:C7:9B:C6:1C:D5:19:78:4E:F4
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/aHw4739QneDJicfHm8Yc1Rl4TvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:3e0:402::/48
Signature Algorithm: sha256WithRSAEncryption
8f:be:db:20:74:d8:20:ce:a9:e7:74:3c:b9:72:34:0e:2e:85:
e2:48:5a:7f:00:a4:c6:79:22:9d:ec:39:ad:61:c7:58:29:ad:
95:2b:99:bf:6b:1b:3f:7e:9a:ca:dc:8c:3e:8d:f2:84:63:0e:
a8:29:b6:3b:b4:1d:72:51:26:e9:1b:f0:67:b2:40:05:5a:6f:
bb:15:6b:14:58:f3:f2:4a:fe:c7:63:04:83:05:94:93:d6:11:
ad:1a:b4:8c:ec:a0:d6:58:4c:dc:10:83:43:23:7c:21:ef:b1:
68:e3:de:45:e1:cf:a7:07:a1:a3:71:dc:7e:42:66:17:63:18:
cc:9b:4f:dd:62:1c:6f:14:bc:b3:e9:17:10:13:5d:31:7e:23:
f9:dc:64:c8:54:46:ae:ed:d2:ad:c2:97:e7:42:d8:48:b0:15:
29:7d:eb:d8:ab:12:f5:e5:25:43:58:b7:10:a7:7f:f6:8a:30:
12:fb:17:cc:05:ef:32:88:bc:c2:22:46:f7:c7:1f:12:41:c5:
20:3f:fd:e1:5e:c3:0b:4b:b4:c1:58:c3:19:6a:b0:6f:13:4e:
d2:54:b2:6b:50:63:2b:35:45:f6:76:14:fa:e9:45:f8:cc:e8:
1e:b9:8a:c2:c6:0a:14:bc:14:3b:81:17:32:f3:61:69:9e:40:
c8:87:0e:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIbyHXaCvSIoWRgx5nG4L6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjQwMTAyMDQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODdjMzhlZjdmNTA5ZGUwYzk4OWM3Yzc5YmM2MWNkNTE5Nzg0ZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiy0fqLHgRtnp2GxdmieEmUWaZZHn
bjncd0Aa0AD8kMjSgGBUuhvxUmu4zUvXuYeHxIDGp4wIYmmDf/sJdPzF3iS2c7U0
pEblT9HgO69i07Fv5iL/6tSQANL83ISjy5iz60+9WZUauSBs4CGqYBw4XUn35Oq1
yLjqQ/aKVKCT7222o/IcAPtaqF0j2dv6KIvFuta3/f6bjw+Ilf2T29XB0egWavVW
mz+QtTvcaJ6eowhoZcw1Hp3cL8t8RJBAhJ7Z5hbI7wHYVSXm9M1tnyRzUC4AFXJs
WqpEZ7AXY6JzC/k+57PybZehT1q2Iyo5/ezzAcr5LAyiJGn13y4FhO8FpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGh8OO9/UJ3gyYnHx5vGHNUZeE70MB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvYUh3NDczOVFuZURKaWNmSG04WWMxUmw0VHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgED4AQC
MA0GCSqGSIb3DQEBCwUAA4IBAQCPvtsgdNggzqnndDy5cjQOLoXiSFp/AKTGeSKd
7DmtYcdYKa2VK5m/axs/fprK3Iw+jfKEYw6oKbY7tB1yUSbpG/BnskAFWm+7FWsU
WPPySv7HYwSDBZST1hGtGrSM7KDWWEzcEINDI3wh77Fo495F4c+nB6Gjcdx+QmYX
YxjMm0/dYhxvFLyz6RcQE10xfiP53GTIVEau7dKtwpfnQthIsBUpfevYqxL15SVD
WLcQp3/2ijAS+xfMBe8yiLzCIkb3xx8SQcUgP/3hXsMLS7TBWMMZarBvE07SVLJr
UGMrNUX2dhT66UX4zOgeuYrCxgoUvBQ7gRcy82FpnkDIhw5i
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:16:11 2024 by rpki-client on console-ams.rpki-client.org