Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/Qux0hPVv-xzMSJ5outSHuYBEW2Y.roa
File: Qux0hPVv-xzMSJ5outSHuYBEW2Y.roa (raw, json)
Hash identifier: bjJpLsfsOykPYg4bkp6w0I84a2swkHS6a3DbLprPZ7E=
Subject key identifier: 42:EC:74:84:F5:6F:FB:1C:CC:48:9E:68:BA:D4:87:B9:80:44:5B:66
Certificate issuer: /CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Certificate serial: 018CC4252FD07616421A081C8774AF8665FA
Authority key identifier: B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/Qux0hPVv-xzMSJ5outSHuYBEW2Y.roa
Signing time: Mon 01 Jan 2024 08:30:20 +0000
ROA not before: Mon 01 Jan 2024 08:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 128.0.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:2f:d0:76:16:42:1a:08:1c:87:74:af:86:65:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Validity
Not Before: Jan 1 08:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42ec7484f56ffb1ccc489e68bad487b980445b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a1:bd:d0:c9:4d:56:ac:0e:17:7c:a7:2f:1e:
e3:58:72:17:e0:f4:e3:41:dd:5d:f6:22:c9:b1:d9:
5e:4d:00:3d:0d:48:63:5a:3b:8d:1e:cf:11:47:54:
2e:15:4d:5f:01:6f:dd:bc:0c:e3:8b:94:3a:6f:93:
3b:78:13:06:28:48:d4:17:f7:5c:0b:c1:9b:be:b3:
2b:f7:6e:2d:9d:01:6e:78:f1:e4:f5:8d:b3:98:c1:
48:70:0a:17:a3:5f:fb:c0:2f:6a:1f:e4:0f:c6:b6:
1e:fe:b4:28:61:f0:3e:61:c5:9d:2b:1d:f7:2d:d9:
e1:9a:98:96:5a:12:8f:a6:4c:8a:d9:bb:0d:5f:4a:
02:28:97:d0:0c:60:cd:bd:53:b4:36:4e:f3:16:26:
5c:4c:e4:61:2d:96:75:2b:e9:07:e1:b6:d9:09:dd:
3a:e9:8f:40:e0:9f:7c:87:9f:51:e0:23:c2:00:6b:
d4:58:4e:76:44:5e:41:64:e8:50:1b:9d:14:26:ad:
c6:4c:c7:02:6d:cc:df:de:62:89:a0:47:8b:58:f3:
e2:74:07:e5:79:5c:48:32:ee:67:26:af:5d:f1:44:
a1:19:74:fd:6f:eb:5a:36:4e:49:d3:2d:ca:84:5c:
4e:7b:3b:d6:fd:d6:ff:67:0e:3f:79:77:20:7c:65:
63:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:EC:74:84:F5:6F:FB:1C:CC:48:9E:68:BA:D4:87:B9:80:44:5B:66
X509v3 Authority Key Identifier:
keyid:B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/Qux0hPVv-xzMSJ5outSHuYBEW2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.45.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:88:49:84:2b:2b:07:33:d0:3b:f4:89:96:b8:0e:78:30:18:
a2:13:fd:c9:9c:19:25:51:d0:46:3e:d5:1f:99:70:03:eb:0f:
05:1c:fb:d8:70:91:30:b9:bf:00:a9:f2:98:30:b2:1e:db:cb:
0a:ec:a6:77:cb:f6:e9:1f:53:45:0c:db:8c:c9:24:47:98:a2:
bc:cc:e0:54:46:44:45:e4:e5:ba:36:fb:11:62:73:77:1d:e4:
ea:6c:9e:3d:73:78:14:fe:f6:8f:ba:a8:6a:aa:c0:bd:a4:67:
e9:95:6c:59:b7:65:83:43:54:d3:8b:9f:8c:46:a7:e4:15:fe:
f3:32:ea:29:da:f5:30:86:7a:ce:b9:85:f6:66:ce:20:16:93:
a7:5b:8f:fa:96:f6:b2:f6:43:0b:4a:38:4a:f0:83:f5:0c:6a:
44:1a:3b:d3:3c:b6:ee:84:47:e8:64:21:53:fd:cf:38:91:fa:
45:c0:32:94:aa:13:f6:7a:5c:3e:9a:44:33:6b:a3:e9:61:2e:
c0:e9:8d:b7:a9:2d:5a:89:28:6c:f7:28:33:95:67:47:83:91:
30:d7:e7:ee:41:ea:f6:55:3b:bb:5c:77:52:fa:f3:b5:4a:bc:
d2:78:86:fe:4c:72:36:b3:4e:ee:2c:0c:e0:b6:71:c2:a3:a9:
e8:5c:c9:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJS/QdhZCGggch3SvhmX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMDdjODdlN2I2ZTI5NGYyNzAwNzkwZWVmMTllODI5Mzlk
ODVjZDYwHhcNMjQwMTAxMDgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmVjNzQ4NGY1NmZmYjFjY2M0ODllNjhiYWQ0ODdiOTgwNDQ1YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaG90MlNVqwOF3ynLx7jWHIX4PTj
Qd1d9iLJsdleTQA9DUhjWjuNHs8RR1QuFU1fAW/dvAzji5Q6b5M7eBMGKEjUF/dc
C8GbvrMr924tnQFuePHk9Y2zmMFIcAoXo1/7wC9qH+QPxrYe/rQoYfA+YcWdKx33
LdnhmpiWWhKPpkyK2bsNX0oCKJfQDGDNvVO0Nk7zFiZcTORhLZZ1K+kH4bbZCd06
6Y9A4J98h59R4CPCAGvUWE52RF5BZOhQG50UJq3GTMcCbczf3mKJoEeLWPPidAfl
eVxIMu5nJq9d8UShGXT9b+taNk5J0y3KhFxOezvW/db/Zw4/eXcgfGVjjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELsdIT1b/sczEieaLrUh7mARFtmMB8GA1UdIwQY
MBaAFLMHyH57bilPJwB5Du8Z6Ck52FzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODct
NjQ5NDVhNGY4ZTEyLzEvUXV4MGhQVnYteHpNU0o1b3V0U0h1WUJFVzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODctNjQ5NDVhNGY4ZTEy
LzEvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgAAtMA0G
CSqGSIb3DQEBCwUAA4IBAQDCiEmEKysHM9A79ImWuA54MBiiE/3JnBklUdBGPtUf
mXAD6w8FHPvYcJEwub8AqfKYMLIe28sK7KZ3y/bpH1NFDNuMySRHmKK8zOBURkRF
5OW6NvsRYnN3HeTqbJ49c3gU/vaPuqhqqsC9pGfplWxZt2WDQ1TTi5+MRqfkFf7z
Muop2vUwhnrOuYX2Zs4gFpOnW4/6lvay9kMLSjhK8IP1DGpEGjvTPLbuhEfoZCFT
/c84kfpFwDKUqhP2elw+mkQza6PpYS7A6Y23qS1aiShs9ygzlWdHg5Ew1+fuQer2
VTu7XHdS+vO1SrzSeIb+THI2s07uLAzgtnHCo6noXMnk
-----END CERTIFICATE-----
Generated at Sat May 4 00:58:58 2024 by rpki-client on console-ams.rpki-client.org