Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/a64qO5K7CkjoIWqRpzRQHF8iYTM.roa
File: a64qO5K7CkjoIWqRpzRQHF8iYTM.roa (raw, json)
Hash identifier: wjpH5mPzar8pksuo+XMnDQMWUAtHY+k71/jOAmx0wVg=
Subject key identifier: 6B:AE:2A:3B:92:BB:0A:48:E8:21:6A:91:A7:34:50:1C:5F:22:61:33
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 018F76E9356044310A08B98A9F3A1E206C80
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/a64qO5K7CkjoIWqRpzRQHF8iYTM.roa
Signing time: Tue 14 May 2024 11:42:25 +0000
ROA not before: Tue 14 May 2024 11:42:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 2a05:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:e9:35:60:44:31:0a:08:b9:8a:9f:3a:1e:20:6c:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: May 14 11:42:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bae2a3b92bb0a48e8216a91a734501c5f226133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d5:3e:c0:e3:ce:35:9b:23:5c:73:c8:d4:c6:
00:7d:88:9d:50:b8:63:85:d6:bb:50:9d:02:4f:e0:
80:2f:a5:af:64:2f:be:c5:80:98:a2:a8:e0:59:bc:
44:f8:cc:e2:8a:4c:59:72:25:9d:66:d4:7c:68:c4:
69:78:be:79:03:fc:f2:e7:c7:be:a7:77:53:bb:7f:
5f:c9:29:df:47:53:a8:c5:b8:9e:25:4a:07:53:a9:
a3:e9:7a:3d:f9:72:df:23:e2:94:b8:15:32:6d:23:
0f:8f:34:f4:da:80:2c:be:bd:ef:ab:18:2a:ae:61:
61:54:a4:9a:f3:aa:58:63:2f:52:ea:6d:2a:39:cb:
13:eb:0c:06:19:5c:90:37:b3:ea:18:6c:15:cf:b3:
70:81:1a:a3:24:6b:ed:5b:d1:cb:d7:45:88:3a:c3:
95:bf:a8:fe:b1:5d:d6:e8:53:a0:58:92:d2:15:bd:
38:33:ea:05:f4:8f:66:4f:5b:89:42:bd:83:71:0c:
19:17:86:b9:ac:57:cd:fb:c9:0e:0f:e7:c0:52:01:
dd:57:f1:f4:67:ee:19:bc:5a:3c:37:1e:c8:2a:32:
3d:26:6c:ee:e4:bc:66:28:b1:30:93:15:af:ba:5c:
5d:31:ab:1b:a6:74:65:9f:b6:53:d1:6d:46:38:c9:
f6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AE:2A:3B:92:BB:0A:48:E8:21:6A:91:A7:34:50:1C:5F:22:61:33
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/a64qO5K7CkjoIWqRpzRQHF8iYTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9080::/48
Signature Algorithm: sha256WithRSAEncryption
b1:db:27:8a:41:cb:69:97:e8:53:e2:7f:80:8d:f0:7b:55:27:
ce:bc:b0:c5:91:70:26:8f:ce:26:2e:6e:98:8f:09:2d:48:c7:
89:ef:7f:c1:d8:a5:9d:d2:d4:cf:f3:9a:8a:86:62:75:e9:82:
f5:46:44:84:cf:af:5f:d5:d9:3e:a3:36:e4:98:53:67:35:0b:
32:07:d3:7b:ed:d6:fe:b9:96:da:8f:0f:5b:03:e2:db:d8:3b:
8d:c6:83:dd:c7:d6:10:c8:7c:ee:3a:c7:cc:0e:44:c2:88:0b:
68:ed:ff:da:cb:16:1f:e5:03:a7:e9:b4:64:f9:ef:13:bb:ce:
20:e2:af:44:c1:a9:95:58:6b:40:f2:77:0b:03:c0:2e:ea:e1:
e1:a4:bd:86:7e:56:d0:5e:9a:26:a2:97:c0:74:99:56:1f:8f:
52:ad:8d:0e:a3:b9:89:7e:0b:75:64:c8:29:a5:26:d7:ca:d5:
14:8f:f8:88:a1:21:d7:71:32:29:23:af:e4:56:6c:dd:c9:8c:
14:b1:cf:e6:4e:db:3e:88:3e:ca:9e:41:a9:3f:e4:e4:ff:06:
bc:7b:2f:3b:54:e1:6f:72:6b:54:48:c6:4c:d0:36:ec:75:5b:
2a:51:94:59:8e:06:e9:74:4f:71:ae:53:9c:23:71:2e:d3:be:
1c:65:a2:ff
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY926TVgRDEKCLmKnzoeIGyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjQwNTE0MTE0MjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmFlMmEzYjkyYmIwYTQ4ZTgyMTZhOTFhNzM0NTAxYzVmMjI2MTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdU+wOPONZsjXHPI1MYAfYidULhj
hda7UJ0CT+CAL6WvZC++xYCYoqjgWbxE+MziikxZciWdZtR8aMRpeL55A/zy58e+
p3dTu39fySnfR1OoxbieJUoHU6mj6Xo9+XLfI+KUuBUybSMPjzT02oAsvr3vqxgq
rmFhVKSa86pYYy9S6m0qOcsT6wwGGVyQN7PqGGwVz7NwgRqjJGvtW9HL10WIOsOV
v6j+sV3W6FOgWJLSFb04M+oF9I9mT1uJQr2DcQwZF4a5rFfN+8kOD+fAUgHdV/H0
Z+4ZvFo8Nx7IKjI9Jmzu5LxmKLEwkxWvulxdMasbpnRln7ZT0W1GOMn2MwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGuuKjuSuwpI6CFqkac0UBxfImEzMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvYTY0cU81SzdDa2pvSVdxUnB6UlFIRjhpWVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWQgAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCx2yeKQctpl+hT4n+AjfB7VSfOvLDFkXAmj84m
Lm6YjwktSMeJ73/B2KWd0tTP85qKhmJ16YL1RkSEz69f1dk+ozbkmFNnNQsyB9N7
7db+uZbajw9bA+Lb2DuNxoPdx9YQyHzuOsfMDkTCiAto7f/ayxYf5QOn6bRk+e8T
u84g4q9EwamVWGtA8ncLA8Au6uHhpL2GflbQXpomopfAdJlWH49SrY0Oo7mJfgt1
ZMgppSbXytUUj/iIoSHXcTIpI6/kVmzdyYwUsc/mTts+iD7KnkGpP+Tk/wa8ey87
VOFvcmtUSMZM0DbsdVsqUZRZjgbpdE9xrlOcI3Eu074cZaL/
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:48:20 2024 by rpki-client on console-ams.rpki-client.org