Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/0TaXDBJ8t47l7wu1pCzYJt2z6WY.roa
File: 0TaXDBJ8t47l7wu1pCzYJt2z6WY.roa (raw, json)
Hash identifier: MUWeI+3WSydI9StaBCw5Nh4jBtcurd2qtiZ3+cpDgLc=
Subject key identifier: D1:36:97:0C:12:7C:B7:8E:E5:EF:0B:B5:A4:2C:D8:26:DD:B3:E9:66
Certificate issuer: /CN=56d641486bdc98d4a7de0928a42d7d68e6015f30
Certificate serial: 01920EA6D999290CB1A92C7664FB781DBD9A
Authority key identifier: 56:D6:41:48:6B:DC:98:D4:A7:DE:09:28:A4:2D:7D:68:E6:01:5F:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtZBSGvcmNSn3gkopC19aOYBXzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/0TaXDBJ8t47l7wu1pCzYJt2z6WY.roa
Signing time: Fri 20 Sep 2024 08:57:48 +0000
ROA not before: Fri 20 Sep 2024 08:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48282
IP address blocks: 2a0d:8480::/48 maxlen: 48
2a0d:8480:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/VtZBSGvcmNSn3gkopC19aOYBXzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/VtZBSGvcmNSn3gkopC19aOYBXzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/VtZBSGvcmNSn3gkopC19aOYBXzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:a6:d9:99:29:0c:b1:a9:2c:76:64:fb:78:1d:bd:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d641486bdc98d4a7de0928a42d7d68e6015f30
Validity
Not Before: Sep 20 08:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d136970c127cb78ee5ef0bb5a42cd826ddb3e966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a6:73:25:81:ea:8a:01:90:bf:65:8c:68:f9:
ec:58:c7:a2:60:ca:9b:98:7a:69:d0:5f:f6:e1:69:
1a:73:25:aa:fe:67:3d:f6:6c:e6:26:c8:72:c9:02:
f4:0c:34:76:9c:bb:cd:73:06:26:6b:39:fc:65:af:
b0:3f:12:7b:5f:fd:2e:5f:10:b1:8c:49:25:a1:58:
c5:fb:ee:91:c2:56:ec:f8:d8:1c:ef:b7:c5:dc:be:
8d:b2:77:48:0c:06:14:c8:47:e2:b8:a3:0c:c5:93:
98:f1:59:eb:99:d0:a5:68:39:9b:f8:46:d6:f8:7a:
c1:7c:97:07:9e:37:52:0c:e2:8b:f6:a8:3a:83:e0:
57:09:79:74:c3:3a:18:05:f7:44:e4:55:26:42:df:
8d:31:20:b3:f8:e0:a7:ae:1e:52:6e:42:4e:96:af:
d9:aa:9a:37:e7:9a:ca:c9:a6:07:a4:03:31:79:f3:
c3:67:2d:8f:e2:6f:4e:dd:be:cf:13:9f:39:13:f7:
5c:a1:5c:7f:d0:e5:bc:b0:95:63:50:c5:ad:1b:62:
5a:ea:3a:48:65:fb:c0:af:6f:2f:c6:bb:75:11:f1:
2f:77:19:12:25:ec:89:36:7e:8c:31:56:1c:99:31:
f8:67:ef:24:3f:6b:d0:ef:79:dc:38:ce:00:d2:a2:
76:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:36:97:0C:12:7C:B7:8E:E5:EF:0B:B5:A4:2C:D8:26:DD:B3:E9:66
X509v3 Authority Key Identifier:
keyid:56:D6:41:48:6B:DC:98:D4:A7:DE:09:28:A4:2D:7D:68:E6:01:5F:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtZBSGvcmNSn3gkopC19aOYBXzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/0TaXDBJ8t47l7wu1pCzYJt2z6WY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b65126-31cb-4ae6-beca-e3e04bd4f242/1/VtZBSGvcmNSn3gkopC19aOYBXzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8480::/48
2a0d:8480:2::/48
Signature Algorithm: sha256WithRSAEncryption
6b:f9:4f:d9:88:ab:fe:cc:3d:a3:2c:5a:bb:c2:df:fa:a4:76:
b4:09:6e:45:95:3e:df:8c:5a:0b:40:fc:d6:59:e6:55:8e:9b:
52:a4:f2:37:0c:cb:fc:3b:32:35:6a:a6:cc:be:70:95:9f:57:
5e:ab:cd:c4:ee:b9:93:c9:ef:98:bb:62:8c:99:54:97:38:30:
97:4f:d5:9e:70:0d:61:19:f1:2c:b1:a4:08:43:c5:fe:84:86:
ad:ee:e2:14:06:b7:94:24:b3:85:9b:0d:ad:07:0f:a3:2b:30:
ea:92:85:85:ea:8a:9b:08:be:0b:de:70:56:a0:37:90:64:e0:
6c:63:f9:e1:82:d6:1c:a6:8e:bb:06:98:09:43:6e:d2:62:e3:
ca:59:ba:27:6f:5a:e3:c3:30:3f:dd:2d:80:d5:85:ca:db:e4:
55:96:62:07:c5:4c:d2:e8:77:99:67:3f:79:91:9c:36:17:0d:
7c:33:4d:b7:74:82:7b:23:a3:bd:24:33:3f:82:cd:53:04:49:
15:be:e4:85:4d:3f:aa:5e:37:8f:cb:fd:07:70:98:89:30:1b:
ad:d1:58:b6:e4:65:7f:a5:08:2f:c8:2e:06:83:9f:63:dd:2c:
5c:0b:c9:cd:6e:61:1d:38:e1:c9:24:40:a1:69:59:f3:45:ff:
8b:2e:b9:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIOptmZKQyxqSx2ZPt4Hb2aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDY0MTQ4NmJkYzk4ZDRhN2RlMDkyOGE0MmQ3ZDY4ZTYw
MTVmMzAwHhcNMjQwOTIwMDg1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTM2OTcwYzEyN2NiNzhlZTVlZjBiYjVhNDJjZDgyNmRkYjNlOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6ZzJYHqigGQv2WMaPnsWMeiYMqb
mHpp0F/24WkacyWq/mc99mzmJshyyQL0DDR2nLvNcwYmazn8Za+wPxJ7X/0uXxCx
jEkloVjF++6Rwlbs+Ngc77fF3L6NsndIDAYUyEfiuKMMxZOY8VnrmdClaDmb+EbW
+HrBfJcHnjdSDOKL9qg6g+BXCXl0wzoYBfdE5FUmQt+NMSCz+OCnrh5SbkJOlq/Z
qpo355rKyaYHpAMxefPDZy2P4m9O3b7PE585E/dcoVx/0OW8sJVjUMWtG2Ja6jpI
ZfvAr28vxrt1EfEvdxkSJeyJNn6MMVYcmTH4Z+8kP2vQ73ncOM4A0qJ28wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNE2lwwSfLeO5e8LtaQs2Cbds+lmMB8GA1UdIwQY
MBaAFFbWQUhr3JjUp94JKKQtfWjmAV8wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnRaQlNHdmNtTlNuM2drb3BDMTlhT1lCWHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iNjUxMjYtMzFjYi00YWU2LWJlY2Et
ZTNlMDRiZDRmMjQyLzEvMFRhWERCSjh0NDdsN3d1MXBDellKdDJ6NldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iNjUxMjYtMzFjYi00YWU2LWJlY2EtZTNlMDRiZDRmMjQy
LzEvVnRaQlNHdmNtTlNuM2drb3BDMTlhT1lCWHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg2EgAAA
AwcAKg2EgAACMA0GCSqGSIb3DQEBCwUAA4IBAQBr+U/ZiKv+zD2jLFq7wt/6pHa0
CW5FlT7fjFoLQPzWWeZVjptSpPI3DMv8OzI1aqbMvnCVn1deq83E7rmTye+Yu2KM
mVSXODCXT9WecA1hGfEssaQIQ8X+hIat7uIUBreUJLOFmw2tBw+jKzDqkoWF6oqb
CL4L3nBWoDeQZOBsY/nhgtYcpo67BpgJQ27SYuPKWbonb1rjwzA/3S2A1YXK2+RV
lmIHxUzS6HeZZz95kZw2Fw18M023dIJ7I6O9JDM/gs1TBEkVvuSFTT+qXjePy/0H
cJiJMBut0Vi25GV/pQgvyC4Gg59j3SxcC8nNbmEdOOHJJEChaVnzRf+LLrlr
-----END CERTIFICATE-----
Generated at Sat Sep 28 19:25:12 2024 by rpki-client on console-ams.rpki-client.org