Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/TJpRf4VjTvVZ97ojGmOnP-N2u1I.roa
File: TJpRf4VjTvVZ97ojGmOnP-N2u1I.roa (raw, json)
Hash identifier: bkTi+K7rMkPuqNp2adpGE0kXjDOSnzMkyYoFck08jBI=
Subject key identifier: 4C:9A:51:7F:85:63:4E:F5:59:F7:BA:23:1A:63:A7:3F:E3:76:BB:52
Certificate issuer: /CN=b689299bc49584a645940c1dd87df0afc8aaa0fd
Certificate serial: 018CC3B70E5B048D4E7DDF8970C622DBAE6A
Authority key identifier: B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/TJpRf4VjTvVZ97ojGmOnP-N2u1I.roa
Signing time: Mon 01 Jan 2024 06:30:02 +0000
ROA not before: Mon 01 Jan 2024 06:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212465
IP address blocks: 2a0c:93c0:c002::/48 maxlen: 48
2a0c:93c0:8002::/48 maxlen: 48
2a0c:93c0:8000::/48 maxlen: 48
2a0c:93c0:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0e:5b:04:8d:4e:7d:df:89:70:c6:22:db:ae:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b689299bc49584a645940c1dd87df0afc8aaa0fd
Validity
Not Before: Jan 1 06:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c9a517f85634ef559f7ba231a63a73fe376bb52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1f:89:dd:34:65:02:86:89:ce:cb:aa:44:07:
29:99:d4:f9:ab:79:a6:90:06:94:1e:7b:17:77:0d:
98:73:f2:53:49:31:18:7d:4f:ee:3b:25:50:5c:7b:
4f:2f:54:4f:f1:38:90:9c:45:cb:72:5f:15:55:c2:
d2:3e:54:df:21:3e:37:2d:7b:fa:17:2d:30:e6:c4:
ff:6e:b0:93:81:8f:eb:d1:7c:30:1a:68:ee:6a:17:
b7:8e:5e:28:24:21:50:5b:42:28:6b:a8:f3:4f:a6:
6a:ec:33:26:6a:cb:c9:95:07:28:8c:57:67:36:02:
b8:be:4b:c4:23:84:ce:14:d5:56:14:aa:dc:e9:d3:
a6:33:55:a2:c6:1e:ae:08:59:a3:ce:36:cd:c2:a1:
77:f8:6f:4b:61:f4:a6:16:8a:d5:ee:87:ee:b1:39:
51:74:5f:3b:01:90:02:bb:4c:07:97:04:1d:cc:84:
cd:16:ad:6c:a2:e9:fb:46:f7:01:2f:44:1b:24:31:
97:8c:2b:9b:e6:15:68:88:6a:b2:8d:71:68:30:58:
ed:96:cf:05:9d:56:60:40:c5:28:58:99:0e:38:06:
71:4f:39:de:68:b8:89:a4:3f:58:a4:62:70:d4:93:
f5:15:60:51:c6:49:46:c1:45:c2:d3:d6:a5:61:54:
17:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:9A:51:7F:85:63:4E:F5:59:F7:BA:23:1A:63:A7:3F:E3:76:BB:52
X509v3 Authority Key Identifier:
keyid:B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/TJpRf4VjTvVZ97ojGmOnP-N2u1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:93c0:8000::/48
2a0c:93c0:8002::/48
2a0c:93c0:c000::/48
2a0c:93c0:c002::/48
Signature Algorithm: sha256WithRSAEncryption
7c:71:93:77:24:df:fe:6f:38:4c:39:80:76:1c:b0:2d:89:db:
73:02:1c:a4:08:e7:3f:5a:05:ea:85:7d:8a:ea:bc:51:81:7f:
18:49:d4:b5:f0:1d:39:22:5b:3a:dc:47:d3:29:62:eb:5a:d9:
0b:e0:8f:1e:2a:49:e5:7a:65:23:5a:15:3e:e7:93:67:d7:f1:
52:ad:f6:58:51:35:76:9d:53:33:d0:bd:58:9a:c8:59:f4:f3:
98:95:18:07:d1:2a:92:4c:14:59:59:d4:72:43:71:14:f0:8e:
c5:db:dd:f7:4e:bb:9b:1e:62:bd:1d:21:41:73:89:37:ea:7b:
fb:e2:22:06:8d:13:fa:ff:80:7a:b6:86:77:2d:ce:0d:8b:ce:
f3:7a:c4:84:eb:2b:08:e5:0c:53:6e:f4:42:16:d5:3b:ae:19:
95:c6:9f:6c:4f:ab:d5:a8:7d:57:45:1f:91:32:dd:a8:a1:86:
e6:90:c7:e5:9a:1b:f3:1a:e9:bb:54:81:fd:17:04:17:7d:2f:
95:f2:3b:6c:05:37:a2:68:79:32:33:4a:a5:f4:4e:6e:38:e4:
ad:33:40:25:50:76:99:04:83:b9:fc:e6:67:b6:9a:4a:56:bd:
2c:7b:bd:4e:f1:8c:0f:83:46:10:a6:5c:b3:7a:d7:76:46:bf:
02:23:65:b4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzDtw5bBI1Ofd+JcMYi265qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ODkyOTliYzQ5NTg0YTY0NTk0MGMxZGQ4N2RmMGFmYzhh
YWEwZmQwHhcNMjQwMTAxMDYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzlhNTE3Zjg1NjM0ZWY1NTlmN2JhMjMxYTYzYTczZmUzNzZiYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB+J3TRlAoaJzsuqRAcpmdT5q3mm
kAaUHnsXdw2Yc/JTSTEYfU/uOyVQXHtPL1RP8TiQnEXLcl8VVcLSPlTfIT43LXv6
Fy0w5sT/brCTgY/r0XwwGmjuahe3jl4oJCFQW0Ioa6jzT6Zq7DMmasvJlQcojFdn
NgK4vkvEI4TOFNVWFKrc6dOmM1Wixh6uCFmjzjbNwqF3+G9LYfSmForV7ofusTlR
dF87AZACu0wHlwQdzITNFq1soun7RvcBL0QbJDGXjCub5hVoiGqyjXFoMFjtls8F
nVZgQMUoWJkOOAZxTzneaLiJpD9YpGJw1JP1FWBRxklGwUXC09alYVQXGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEyaUX+FY071Wfe6Ixpjpz/jdrtSMB8GA1UdIwQY
MBaAFLaJKZvElYSmRZQMHdh98K/IqqD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAt
YzBmM2JhZDk5YTQwLzEvVEpwUmY0VmpUdlZaOTdvakdtT25QLU4ydTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAtYzBmM2JhZDk5YTQw
LzEvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgyTwIAA
AwcAKgyTwIACAwcAKgyTwMAAAwcAKgyTwMACMA0GCSqGSIb3DQEBCwUAA4IBAQB8
cZN3JN/+bzhMOYB2HLAtidtzAhykCOc/WgXqhX2K6rxRgX8YSdS18B05Ils63EfT
KWLrWtkL4I8eKknlemUjWhU+55Nn1/FSrfZYUTV2nVMz0L1YmshZ9POYlRgH0SqS
TBRZWdRyQ3EU8I7F2933TrubHmK9HSFBc4k36nv74iIGjRP6/4B6toZ3Lc4Ni87z
esSE6ysI5QxTbvRCFtU7rhmVxp9sT6vVqH1XRR+RMt2ooYbmkMflmhvzGum7VIH9
FwQXfS+V8jtsBTeiaHkyM0ql9E5uOOStM0AlUHaZBIO5/OZntppKVr0se71O8YwP
g0YQplyzetd2Rr8CI2W0
-----END CERTIFICATE-----
Generated at Sun Jun 2 09:36:16 2024 by rpki-client on console-ams.rpki-client.org