Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/CzWqK2Oo6P2Lek5OpaoH88CIU4U.roa
File: CzWqK2Oo6P2Lek5OpaoH88CIU4U.roa (raw, json)
Hash identifier: 18zQpGJRpeoLN7bu4jt//B1abORbslEPpecPtoELo6k=
Subject key identifier: 0B:35:AA:2B:63:A8:E8:FD:8B:7A:4E:4E:A5:AA:07:F3:C0:88:53:85
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8F75C96FB83DC98B1480C2DA748A8
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/CzWqK2Oo6P2Lek5OpaoH88CIU4U.roa
Signing time: Mon 01 Jan 2024 20:30:59 +0000
ROA not before: Mon 01 Jan 2024 20:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216191
IP address blocks: 2a0c:9a40:8c00::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f7:5c:96:fb:83:dc:98:b1:48:0c:2d:a7:48:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b35aa2b63a8e8fd8b7a4e4ea5aa07f3c0885385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:04:d2:13:b5:20:6b:cb:5b:57:3d:fe:ac:6d:
17:bd:c5:71:4e:1b:1b:37:d5:22:a6:73:ff:cd:e5:
63:2b:49:a0:0d:12:3a:9c:a0:68:28:52:0f:89:27:
6a:46:fc:bd:c0:b6:ac:e3:84:f4:2a:11:f4:30:c2:
50:78:6d:ef:24:77:d3:f5:77:ab:37:ce:35:91:7c:
12:57:32:c2:f0:0c:38:a7:ef:d6:3b:59:a7:f9:e9:
e3:08:0d:17:13:fa:5c:4a:ba:eb:7d:26:ef:02:1f:
61:8b:62:bf:08:2c:ab:d7:dd:1d:59:0e:dc:37:16:
66:e1:ee:a0:dd:2c:bf:a4:45:b0:07:71:14:bf:88:
e7:8e:ba:49:28:c4:91:d3:2d:bd:a0:5c:42:4d:fe:
de:76:28:5b:3c:45:68:96:1b:77:f6:d2:e4:e6:ab:
b8:f3:2d:d6:09:2a:bf:af:63:b6:57:8c:44:76:96:
07:ec:ae:2a:bd:37:a2:9f:92:a3:65:43:49:df:8c:
37:f7:18:34:b9:5e:d3:e5:07:c0:ef:c9:73:86:0e:
4f:d5:de:32:ca:01:c5:2a:4d:83:88:d5:79:d1:a9:
0f:9d:88:18:2a:25:b0:17:ce:98:aa:56:34:0c:9a:
4f:cf:94:94:9b:06:bb:03:ec:15:b6:12:6e:31:f9:
fb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:35:AA:2B:63:A8:E8:FD:8B:7A:4E:4E:A5:AA:07:F3:C0:88:53:85
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/CzWqK2Oo6P2Lek5OpaoH88CIU4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8c00::/44
Signature Algorithm: sha256WithRSAEncryption
2f:55:9d:3e:d5:f0:33:e6:61:8d:be:8c:3c:28:d9:b6:58:c4:
f9:dc:91:4e:db:ce:ae:18:1b:bf:e8:c4:39:53:f7:bf:05:96:
36:3d:9d:61:cf:cd:15:1d:96:a8:ed:91:0b:4e:b8:91:15:25:
02:65:92:59:dc:8a:ad:3e:35:b4:98:ea:91:82:b1:cc:54:aa:
44:e5:5f:cb:2c:07:e8:9d:4c:19:56:b6:da:e8:cf:ba:f0:2a:
36:6e:2b:c1:95:6e:ca:98:b9:27:58:c6:4a:40:92:11:6a:32:
74:81:11:a5:27:52:56:b4:15:c2:9b:fb:f4:07:82:3c:8e:52:
9e:eb:e0:f4:48:9c:a6:21:1f:e4:5f:26:4d:ba:a7:8b:09:92:
79:49:ab:a6:35:6d:83:85:ac:9c:ef:7c:cd:f1:5d:22:02:62:
73:b7:b0:d0:e0:2a:10:01:bc:5e:41:98:8e:9a:eb:3a:62:c9:
f2:2c:48:d4:4c:70:6f:21:89:6c:42:fe:32:54:1a:f7:61:0f:
2e:6e:31:f5:6a:61:8f:b2:61:a3:21:be:37:2e:50:6b:86:e3:
b5:3a:37:13:c5:1a:8c:c7:8c:55:66:5a:d4:9a:24:55:4a:92:
03:bf:83:ae:a9:dd:be:c6:52:80:00:0f:75:5b:6b:0b:78:5e:
32:43:37:c3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuPdclvuD3JixSAwtp0ioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjM1YWEyYjYzYThlOGZkOGI3YTRlNGVhNWFhMDdmM2MwODg1Mzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQTSE7Uga8tbVz3+rG0XvcVxThsb
N9UipnP/zeVjK0mgDRI6nKBoKFIPiSdqRvy9wLas44T0KhH0MMJQeG3vJHfT9Xer
N841kXwSVzLC8Aw4p+/WO1mn+enjCA0XE/pcSrrrfSbvAh9hi2K/CCyr190dWQ7c
NxZm4e6g3Sy/pEWwB3EUv4jnjrpJKMSR0y29oFxCTf7edihbPEVolht39tLk5qu4
8y3WCSq/r2O2V4xEdpYH7K4qvTein5KjZUNJ34w39xg0uV7T5QfA78lzhg5P1d4y
ygHFKk2DiNV50akPnYgYKiWwF86YqlY0DJpPz5SUmwa7A+wVthJuMfn7/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAs1qitjqOj9i3pOTqWqB/PAiFOFMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvQ3pXcUsyT282UDJMZWs1T3Bhb0g4OENJVTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIwA
MA0GCSqGSIb3DQEBCwUAA4IBAQAvVZ0+1fAz5mGNvow8KNm2WMT53JFO286uGBu/
6MQ5U/e/BZY2PZ1hz80VHZao7ZELTriRFSUCZZJZ3IqtPjW0mOqRgrHMVKpE5V/L
LAfonUwZVrba6M+68Co2bivBlW7KmLknWMZKQJIRajJ0gRGlJ1JWtBXCm/v0B4I8
jlKe6+D0SJymIR/kXyZNuqeLCZJ5SaumNW2Dhayc73zN8V0iAmJzt7DQ4CoQAbxe
QZiOmus6YsnyLEjUTHBvIYlsQv4yVBr3YQ8ubjH1amGPsmGjIb43LlBrhuO1OjcT
xRqMx4xVZlrUmiRVSpIDv4Ouqd2+xlKAAA91W2sLeF4yQzfD
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:59:21 2024 by rpki-client on console-ams.rpki-client.org