Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/XIeSdghqIXcylkQpKgMiSGS6jg4.roa
File: XIeSdghqIXcylkQpKgMiSGS6jg4.roa (raw, json)
Hash identifier: 2fdWglEEGpAq1S22iLyVWM5O/eTRaiGJGRTHCAOmWZ8=
Subject key identifier: 5C:87:92:76:08:6A:21:77:32:96:44:29:2A:03:22:48:64:BA:8E:0E
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 018CC26D84341E219F6464CF5594EB3D296A
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/XIeSdghqIXcylkQpKgMiSGS6jg4.roa
Signing time: Mon 01 Jan 2024 00:30:06 +0000
ROA not before: Mon 01 Jan 2024 00:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50475
IP address blocks: 2a00:1908:e965::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 07:03:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:84:34:1e:21:9f:64:64:cf:55:94:eb:3d:29:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Jan 1 00:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c879276086a2177329644292a03224864ba8e0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9b:a2:f8:4b:82:46:71:4b:6f:b9:fb:ad:8b:
64:90:25:d5:99:99:66:6e:56:1d:d6:55:36:5d:d9:
4e:27:4a:d2:05:b9:3d:52:bd:2c:a5:b8:13:c3:47:
9c:6b:91:d0:70:9e:c2:9a:1b:ea:79:93:d0:48:a0:
b0:f9:ad:43:81:68:65:5f:26:8c:52:95:c1:c8:ca:
11:d6:98:07:1a:73:af:00:6b:14:5f:53:3c:c6:be:
98:cb:9e:c5:66:e7:c9:90:a6:bb:95:cb:5f:b8:9a:
71:86:eb:10:ed:48:11:ed:31:ad:38:c4:77:11:ed:
c8:aa:dd:d2:d9:0c:35:1f:66:67:d8:6b:07:79:da:
53:6a:f2:3c:82:56:1b:40:04:ed:9a:c0:7b:84:1f:
0c:a8:b2:da:27:55:af:93:e5:97:99:8f:a1:cc:ca:
ca:b2:da:3a:f2:c3:3e:22:be:1d:93:43:f3:0e:63:
57:1c:1d:8a:3d:e6:a8:b6:d0:ac:c7:cb:cd:43:a7:
99:b7:61:aa:6d:2b:a1:a6:a2:23:3b:0f:eb:a9:11:
44:b1:a0:3a:9b:0a:03:79:d0:32:16:0e:ed:95:69:
9c:7a:c4:1c:85:dd:34:27:e9:58:4b:da:de:d5:25:
f4:63:74:1d:ec:d5:57:da:01:65:23:52:12:c6:09:
3b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:87:92:76:08:6A:21:77:32:96:44:29:2A:03:22:48:64:BA:8E:0E
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/XIeSdghqIXcylkQpKgMiSGS6jg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1908:e965::/48
Signature Algorithm: sha256WithRSAEncryption
52:cf:d7:9d:ac:5a:5c:3f:02:02:e8:2f:bf:28:c2:5f:0b:8c:
c4:ab:da:8f:81:38:a4:13:57:40:af:a5:7d:c5:74:e0:d8:64:
9f:d1:b4:9f:24:8e:b5:21:66:f3:0f:d9:d2:34:a9:6c:5a:e8:
4c:4a:eb:48:20:f8:6e:e1:ce:47:42:91:51:b9:ce:83:84:7b:
db:1d:2e:15:32:0c:07:18:e5:35:96:6d:d6:36:14:e3:00:9d:
9e:1a:3d:bd:7d:b2:9e:41:d3:c9:84:2e:dc:ad:5a:49:f0:6d:
e5:53:7a:51:8d:93:5f:16:e6:bd:d6:88:72:b8:5a:ac:7d:9b:
4e:ed:02:28:b6:7a:79:da:84:ff:e3:15:ae:79:cc:7d:fb:ef:
dc:33:fa:67:7f:04:6f:f8:a1:29:17:ac:3b:87:cf:29:d3:67:
23:ca:b8:a3:83:2a:95:78:07:98:b8:84:7f:99:69:a3:36:9a:
37:b7:aa:c2:be:cf:ce:28:f9:3d:2f:9b:d1:27:39:87:ec:d6:
23:8c:3a:7b:c3:bd:f7:21:34:2f:3d:9f:40:bc:90:bf:f9:8e:
51:3c:ab:2a:66:55:0d:3f:44:5b:86:61:79:b6:39:2b:de:91:
d3:5d:81:11:33:e4:df:e9:1c:ff:03:96:fa:52:ea:2b:f0:97:
8c:b6:09:1b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbYQ0HiGfZGTPVZTrPSlqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjQwMTAxMDAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg3OTI3NjA4NmEyMTc3MzI5NjQ0MjkyYTAzMjI0ODY0YmE4ZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJui+EuCRnFLb7n7rYtkkCXVmZlm
blYd1lU2XdlOJ0rSBbk9Ur0spbgTw0eca5HQcJ7CmhvqeZPQSKCw+a1DgWhlXyaM
UpXByMoR1pgHGnOvAGsUX1M8xr6Yy57FZufJkKa7lctfuJpxhusQ7UgR7TGtOMR3
Ee3Iqt3S2Qw1H2Zn2GsHedpTavI8glYbQATtmsB7hB8MqLLaJ1Wvk+WXmY+hzMrK
sto68sM+Ir4dk0PzDmNXHB2KPeaottCsx8vNQ6eZt2GqbSuhpqIjOw/rqRFEsaA6
mwoDedAyFg7tlWmcesQchd00J+lYS9re1SX0Y3Qd7NVX2gFlI1ISxgk7nwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFyHknYIaiF3MpZEKSoDIkhkuo4OMB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvWEllU2RnaHFJWGN5bGtRcEtnTWlTR1M2amc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAZCOll
MA0GCSqGSIb3DQEBCwUAA4IBAQBSz9edrFpcPwIC6C+/KMJfC4zEq9qPgTikE1dA
r6V9xXTg2GSf0bSfJI61IWbzD9nSNKlsWuhMSutIIPhu4c5HQpFRuc6DhHvbHS4V
MgwHGOU1lm3WNhTjAJ2eGj29fbKeQdPJhC7crVpJ8G3lU3pRjZNfFua91ohyuFqs
fZtO7QIotnp52oT/4xWuecx9++/cM/pnfwRv+KEpF6w7h88p02cjyrijgyqVeAeY
uIR/mWmjNpo3t6rCvs/OKPk9L5vRJzmH7NYjjDp7w733ITQvPZ9AvJC/+Y5RPKsq
ZlUNP0RbhmF5tjkr3pHTXYERM+Tf6Rz/A5b6Uuor8JeMtgkb
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:45:30 2024 by rpki-client on console-ams.rpki-client.org