Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/_RVWq8tjuX6ITOL1ShScFqXa5gQ.roa
File: _RVWq8tjuX6ITOL1ShScFqXa5gQ.roa (raw, json)
Hash identifier: cFz8+GjjK3P9mzmvEHtIjce20UtBnrApXbADjHqOTU8=
Subject key identifier: FD:15:56:AB:CB:63:B9:7E:88:4C:E2:F5:4A:14:9C:16:A5:DA:E6:04
Certificate issuer: /CN=8452b03e1b01709638940d9592983cde77ecab77
Certificate serial: 018CC5DBE891FCF5AD5924EEBB7B37FD86BA
Authority key identifier: 84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/_RVWq8tjuX6ITOL1ShScFqXa5gQ.roa
Signing time: Mon 01 Jan 2024 16:29:32 +0000
ROA not before: Mon 01 Jan 2024 16:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197490
IP address blocks: 2a02:2000:3c6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.mft
rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 05:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e8:91:fc:f5:ad:59:24:ee:bb:7b:37:fd:86:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8452b03e1b01709638940d9592983cde77ecab77
Validity
Not Before: Jan 1 16:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd1556abcb63b97e884ce2f54a149c16a5dae604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:62:af:c4:34:75:16:0e:c3:ac:70:7c:dd:25:
a5:76:d6:b3:b7:bc:23:43:dd:07:62:8a:11:4b:84:
ec:e6:96:d7:9b:89:79:08:d3:ed:cf:bb:94:a5:68:
88:12:1b:fd:ca:9b:9c:6f:b0:31:24:6e:da:65:8d:
f6:aa:ad:31:f0:25:95:1f:1b:a7:ce:76:6d:ed:62:
ca:23:3f:60:22:38:e7:cc:f7:83:bd:9b:8d:4d:6b:
ed:39:ee:aa:dd:03:4c:1a:01:c8:e8:a3:94:83:b4:
bb:18:01:1c:83:53:20:0f:63:0a:7a:41:d2:7c:83:
b3:85:f1:d1:d6:00:c1:22:63:3f:72:52:02:38:7c:
47:65:e5:2a:67:0d:19:b7:3b:7d:6e:3b:d5:e1:8b:
c9:58:b1:dc:79:ce:04:4a:bb:86:a6:f5:d4:e9:91:
21:c1:33:a7:6d:42:93:dc:2c:76:4c:5b:c2:de:4d:
20:af:15:52:6f:9e:a2:0a:a2:b0:3d:49:ce:61:f9:
55:4e:b3:e3:19:ae:74:37:0f:77:0e:6c:45:c9:f6:
09:46:1d:16:ab:0c:2e:89:24:ee:01:46:84:b8:ea:
60:7c:2e:8b:67:a3:e2:d7:7e:da:bb:70:88:d9:6d:
f7:88:ba:bc:44:ef:27:a8:87:26:37:08:19:10:7c:
e5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:15:56:AB:CB:63:B9:7E:88:4C:E2:F5:4A:14:9C:16:A5:DA:E6:04
X509v3 Authority Key Identifier:
keyid:84:52:B0:3E:1B:01:70:96:38:94:0D:95:92:98:3C:DE:77:EC:AB:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFKwPhsBcJY4lA2Vkpg83nfsq3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/_RVWq8tjuX6ITOL1ShScFqXa5gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/011f6e-e928-4f2b-aa24-200fc274cb01/1/hFKwPhsBcJY4lA2Vkpg83nfsq3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2000:3c6::/48
Signature Algorithm: sha256WithRSAEncryption
a6:59:e4:74:13:b7:92:45:fa:5a:5d:2d:5c:2d:87:1b:82:bd:
db:bd:64:29:b1:04:2e:e1:f0:80:e8:34:3c:63:7d:1f:40:94:
1e:a9:42:57:3f:94:5f:8c:27:5d:44:06:31:8f:77:89:cd:5d:
2f:e7:60:9d:06:dd:d4:52:3e:d9:90:8a:fd:a8:29:c5:4a:c3:
d3:7a:07:82:38:c1:70:6b:04:c4:4f:35:7d:71:c6:e3:ee:95:
18:c5:cc:83:78:b6:03:6b:c9:07:0c:c1:7f:eb:43:8a:20:98:
16:92:77:3a:0e:38:b4:c4:9a:31:d2:b5:c6:7e:c4:fe:c7:7f:
af:0b:7b:de:ea:4c:4d:94:06:4a:db:1f:17:7f:ad:68:16:02:
41:fa:22:02:8d:69:de:09:cf:38:06:16:5c:70:44:72:5b:51:
a5:13:10:e1:82:3d:32:bb:e0:82:a9:5e:db:ff:79:37:29:2c:
3f:98:86:2a:ca:85:56:e3:7c:7a:23:ca:67:a5:d2:b1:bb:f3:
e7:f6:bb:c9:5d:28:d9:19:56:e4:a0:ac:56:40:4c:7c:a7:cc:
5c:b4:fc:a7:91:d6:15:ab:ea:4d:97:38:3c:5c:cd:99:d7:7d:
dc:57:87:d2:54:b1:d8:1a:0f:d7:97:c7:92:24:36:1a:67:ae:
8a:47:5f:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzF2+iR/PWtWSTuu3s3/Ya6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTJiMDNlMWIwMTcwOTYzODk0MGQ5NTkyOTgzY2RlNzdl
Y2FiNzcwHhcNMjQwMTAxMTYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDE1NTZhYmNiNjNiOTdlODg0Y2UyZjU0YTE0OWMxNmE1ZGFlNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWKvxDR1Fg7DrHB83SWldtazt7wj
Q90HYooRS4Ts5pbXm4l5CNPtz7uUpWiIEhv9ypucb7AxJG7aZY32qq0x8CWVHxun
znZt7WLKIz9gIjjnzPeDvZuNTWvtOe6q3QNMGgHI6KOUg7S7GAEcg1MgD2MKekHS
fIOzhfHR1gDBImM/clICOHxHZeUqZw0Ztzt9bjvV4YvJWLHcec4ESruGpvXU6ZEh
wTOnbUKT3Cx2TFvC3k0grxVSb56iCqKwPUnOYflVTrPjGa50Nw93DmxFyfYJRh0W
qwwuiSTuAUaEuOpgfC6LZ6Pi137au3CI2W33iLq8RO8nqIcmNwgZEHzluwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP0VVqvLY7l+iEzi9UoUnBal2uYEMB8GA1UdIwQY
MBaAFIRSsD4bAXCWOJQNlZKYPN537Kt3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQt
MjAwZmMyNzRjYjAxLzEvX1JWV3E4dGp1WDZJVE9MMVNoU2NGcVhhNWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8wMTFmNmUtZTkyOC00ZjJiLWFhMjQtMjAwZmMyNzRjYjAx
LzEvaEZLd1Boc0JjSlk0bEEyVmtwZzgzbmZzcTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIgAAPG
MA0GCSqGSIb3DQEBCwUAA4IBAQCmWeR0E7eSRfpaXS1cLYcbgr3bvWQpsQQu4fCA
6DQ8Y30fQJQeqUJXP5RfjCddRAYxj3eJzV0v52CdBt3UUj7ZkIr9qCnFSsPTegeC
OMFwawTETzV9ccbj7pUYxcyDeLYDa8kHDMF/60OKIJgWknc6Dji0xJox0rXGfsT+
x3+vC3ve6kxNlAZK2x8Xf61oFgJB+iICjWneCc84BhZccERyW1GlExDhgj0yu+CC
qV7b/3k3KSw/mIYqyoVW43x6I8pnpdKxu/Pn9rvJXSjZGVbkoKxWQEx8p8xctPyn
kdYVq+pNlzg8XM2Z133cV4fSVLHYGg/Xl8eSJDYaZ66KR1/2
-----END CERTIFICATE-----
Generated at Sun Jun 30 10:19:42 2024 by rpki-client on console-fra.rpki-client.org