Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/1QYdW1CUi3lP5JgZnnCz5Vw4Y6A.roa
File: 1QYdW1CUi3lP5JgZnnCz5Vw4Y6A.roa (raw, json)
Hash identifier: pGKES0Uz6KNO8UHtbUeKIhZvH7HwIvArEwYhURIS8NI=
Subject key identifier: D5:06:1D:5B:50:94:8B:79:4F:E4:98:19:9E:70:B3:E5:5C:38:63:A0
Certificate issuer: /CN=9af9d0d4befda09e999eabd0c8724e217364de10
Certificate serial: 018CC3488F0DAE1CB11E5AF86CD2F860C45B
Authority key identifier: 9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/1QYdW1CUi3lP5JgZnnCz5Vw4Y6A.roa
Signing time: Mon 01 Jan 2024 04:29:21 +0000
ROA not before: Mon 01 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44534
IP address blocks: 2a0e:fd87:5::/48 maxlen: 48
2a0e:fd87:7::/48 maxlen: 48
2a0e:fd87:4::/48 maxlen: 48
2a0e:fd87:9::/48 maxlen: 48
2a0e:fd87:1::/48 maxlen: 48
2a0e:fd87:6::/48 maxlen: 48
2a0e:fd87:3::/48 maxlen: 48
2a0e:fd87::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8f:0d:ae:1c:b1:1e:5a:f8:6c:d2:f8:60:c4:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af9d0d4befda09e999eabd0c8724e217364de10
Validity
Not Before: Jan 1 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5061d5b50948b794fe498199e70b3e55c3863a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e6:29:83:75:09:12:f6:53:b0:11:86:28:f1:
5a:21:15:92:9a:46:0e:f3:cd:22:f2:04:92:4e:33:
fc:09:f6:50:86:3f:db:4c:74:20:7a:7b:ad:b6:4d:
82:b1:70:44:04:74:37:f4:5f:b1:49:5e:a9:b6:2f:
0a:10:43:ef:87:ab:37:1c:d8:fa:db:a8:e3:94:d8:
c4:56:86:5e:44:6f:c6:81:85:9f:dc:00:62:25:b1:
ce:5c:eb:2b:2b:37:88:6a:05:47:a8:38:76:25:27:
08:ce:67:c3:50:c0:ee:66:b9:d8:ea:db:8f:20:52:
13:8d:c5:6d:0c:dd:5a:0f:7d:12:ce:e9:57:e0:52:
59:e6:57:25:69:8d:27:29:39:53:82:86:ec:d9:c9:
f8:80:18:0b:02:85:e1:7e:98:cc:e2:49:c4:8f:41:
cc:de:3f:16:bf:df:76:35:99:8c:1c:77:43:78:26:
68:c0:03:ca:3f:d8:90:28:17:c0:d6:27:ab:6c:b5:
80:6d:de:92:ea:f1:4e:18:51:36:d5:63:2b:cf:30:
48:9e:9f:b3:8a:b5:d4:36:52:c6:ba:9b:70:b5:71:
1a:dc:a3:b5:4a:23:62:0d:11:0a:7d:59:0e:3e:cc:
8b:08:53:56:29:a9:d0:de:c1:26:e1:05:3d:a5:5e:
84:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:06:1D:5B:50:94:8B:79:4F:E4:98:19:9E:70:B3:E5:5C:38:63:A0
X509v3 Authority Key Identifier:
keyid:9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/1QYdW1CUi3lP5JgZnnCz5Vw4Y6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd87::/47
2a0e:fd87:3::-2a0e:fd87:7:ffff:ffff:ffff:ffff:ffff
2a0e:fd87:9::/48
Signature Algorithm: sha256WithRSAEncryption
0c:02:e5:47:98:a5:1f:70:fb:46:57:d1:5b:e6:3e:83:ad:bc:
f5:e0:81:43:e1:0e:1d:20:26:d4:26:da:5e:54:5f:65:6d:5e:
5e:fd:5f:fc:87:85:ac:7d:e9:3c:69:8e:e1:f1:70:30:3f:31:
92:67:9c:43:57:c7:16:16:c0:a1:24:bb:38:d8:64:1e:fa:6d:
c3:c4:4f:6a:b1:50:3d:28:97:66:63:d1:2f:46:7c:d5:5f:79:
3b:e0:3f:54:59:88:1f:6a:94:62:fd:04:d7:86:f5:b1:d0:23:
9c:49:f6:df:c5:b1:fb:55:20:a7:2b:9e:02:9d:cd:22:6a:91:
dd:46:3b:13:81:ee:e6:40:fa:01:d6:52:23:b2:bf:3f:14:4c:
ee:00:e5:9e:f6:de:3d:ae:3c:f5:35:a1:4e:0f:00:33:db:f8:
6d:3c:1a:fd:d0:2c:48:cb:60:f9:ed:98:3e:a2:08:3d:0b:57:
c6:da:55:95:86:6d:a6:87:8c:55:d2:9d:e2:1c:82:20:9e:f7:
74:8d:77:27:e2:af:58:b8:43:74:a4:13:af:11:57:0e:3f:11:
22:9d:e7:51:7d:b6:66:2e:73:4d:14:fe:4f:c1:77:d2:fb:09:
ee:e1:11:bb:df:f2:cf:e5:82:fb:1e:6c:db:31:ef:61:c8:79:
8a:99:72:36
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDSI8NrhyxHlr4bNL4YMRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjlkMGQ0YmVmZGEwOWU5OTllYWJkMGM4NzI0ZTIxNzM2
NGRlMTAwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTA2MWQ1YjUwOTQ4Yjc5NGZlNDk4MTk5ZTcwYjNlNTVjMzg2M2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuYpg3UJEvZTsBGGKPFaIRWSmkYO
880i8gSSTjP8CfZQhj/bTHQgenuttk2CsXBEBHQ39F+xSV6pti8KEEPvh6s3HNj6
26jjlNjEVoZeRG/GgYWf3ABiJbHOXOsrKzeIagVHqDh2JScIzmfDUMDuZrnY6tuP
IFITjcVtDN1aD30SzulX4FJZ5lclaY0nKTlTgobs2cn4gBgLAoXhfpjM4knEj0HM
3j8Wv992NZmMHHdDeCZowAPKP9iQKBfA1ierbLWAbd6S6vFOGFE21WMrzzBInp+z
irXUNlLGuptwtXEa3KO1SiNiDREKfVkOPsyLCFNWKanQ3sEm4QU9pV6E+wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNUGHVtQlIt5T+SYGZ5ws+VcOGOgMB8GA1UdIwQY
MBaAFJr50NS+/aCemZ6r0MhyTiFzZN4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgt
MjY3MDFiMTYyZmMzLzEvMVFZZFcxQ1VpM2xQNUpnWm5uQ3o1Vnc0WTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgtMjY3MDFiMTYyZmMz
LzEvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcBKg79hwAA
MBIDBwAqDv2HAAMDBwMqDv2HAAADBwAqDv2HAAkwDQYJKoZIhvcNAQELBQADggEB
AAwC5UeYpR9w+0ZX0VvmPoOtvPXggUPhDh0gJtQm2l5UX2VtXl79X/yHhax96Txp
juHxcDA/MZJnnENXxxYWwKEkuzjYZB76bcPET2qxUD0ol2Zj0S9GfNVfeTvgP1RZ
iB9qlGL9BNeG9bHQI5xJ9t/FsftVIKcrngKdzSJqkd1GOxOB7uZA+gHWUiOyvz8U
TO4A5Z723j2uPPU1oU4PADPb+G08Gv3QLEjLYPntmD6iCD0LV8baVZWGbaaHjFXS
neIcgiCe93SNdyfir1i4Q3SkE68RVw4/ESKd51F9tmYuc00U/k/Bd9L7Ce7hEbvf
8s/lgvsebNsx72HIeYqZcjY=
-----END CERTIFICATE-----
Generated at Mon Jun 17 00:02:26 2024 by rpki-client on console-ams.rpki-client.org