Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OLdQNQAw6k9a16DWFM2QSt9gK2A.roa
File: OLdQNQAw6k9a16DWFM2QSt9gK2A.roa (raw, json)
Hash identifier: CS65jN6MDfM5rzkgHd2ytSMBGC3D/OQ07jT0B/m4T30=
Subject key identifier: 38:B7:50:35:00:30:EA:4F:5A:D7:A0:D6:14:CD:90:4A:DF:60:2B:60
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018D22E6DDB5D79D646E97B0492C377A1F2A
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OLdQNQAw6k9a16DWFM2QSt9gK2A.roa
Signing time: Fri 19 Jan 2024 18:06:11 +0000
ROA not before: Fri 19 Jan 2024 18:06:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a0c:9a40:83c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:22:e6:dd:b5:d7:9d:64:6e:97:b0:49:2c:37:7a:1f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 19 18:06:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38b750350030ea4f5ad7a0d614cd904adf602b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:98:5d:77:dc:8d:5d:ae:62:08:bf:94:e9:48:
9f:1f:db:26:e9:91:a9:29:5f:3f:0c:ba:7c:ca:20:
9e:9a:af:3a:25:6e:8c:b0:d7:b3:95:79:12:25:7e:
9e:91:5d:df:14:97:f9:4c:5d:8c:4d:43:2c:12:8a:
7d:cf:d9:e9:b7:3d:04:71:9f:f9:59:69:de:43:b6:
85:a5:13:98:3a:dd:88:44:58:66:52:71:3a:49:7c:
d1:1f:4f:87:35:c3:ab:86:2f:6c:0b:ca:97:d3:17:
bb:9b:43:d0:27:9e:10:92:35:08:ca:4b:a6:73:9e:
8c:19:9a:a2:01:0d:04:6e:95:23:c1:c3:2f:be:a4:
39:ac:9a:64:59:66:26:c4:5c:c5:1c:3a:49:1a:5e:
91:88:60:77:ba:d0:a4:e9:88:e2:72:94:d0:9c:fb:
78:9f:68:3f:a8:3b:f9:c2:9a:d3:e2:62:03:08:92:
28:6d:b5:c2:9d:d5:7d:87:4b:b7:91:42:09:09:3a:
ce:a7:a1:23:b1:b8:69:13:3e:6c:c8:c8:25:a9:2b:
0a:c3:5f:5b:8e:9b:b9:f7:4e:28:b5:04:bf:5b:33:
9a:f7:ef:7e:9a:ff:53:55:c8:84:98:6d:d2:ec:93:
46:d2:cf:97:47:f5:de:9a:d0:13:61:d2:b0:57:e5:
63:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B7:50:35:00:30:EA:4F:5A:D7:A0:D6:14:CD:90:4A:DF:60:2B:60
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OLdQNQAw6k9a16DWFM2QSt9gK2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:83c0::/48
Signature Algorithm: sha256WithRSAEncryption
59:07:8f:5e:7d:0c:b2:de:b3:47:27:85:fe:98:0b:87:ab:c7:
b9:04:80:4e:f7:6a:07:29:c2:49:2d:35:51:2b:2c:95:aa:36:
77:c5:57:24:f1:25:bb:db:ae:16:2b:38:54:76:ac:ed:29:75:
f7:3c:70:9f:63:22:91:fa:04:62:85:25:b3:b4:f8:82:45:09:
05:90:a9:2c:55:c1:b7:45:64:73:9a:99:9f:bd:95:7d:2b:fb:
14:8e:7e:f6:38:af:ed:11:47:22:82:65:52:f2:ed:c5:0f:54:
0d:4a:a4:2e:67:70:d3:e3:88:59:c6:ac:80:21:0c:dc:44:96:
87:20:76:98:25:ce:a2:2a:09:2a:57:ed:2d:74:c9:65:67:be:
d2:92:e6:73:aa:d4:59:f1:45:d7:9e:45:a3:8c:98:27:03:40:
18:95:68:0f:a8:1c:44:eb:07:f2:21:8e:db:34:3e:e1:9e:09:
1b:61:17:bc:02:45:51:73:6b:b0:fc:8e:84:24:e4:e9:fd:ba:
78:21:ee:79:8d:19:54:15:19:56:61:6b:bd:80:73:52:da:6d:
c9:04:66:8e:ca:f1:40:7a:3a:8e:e5:1b:af:9f:b1:bb:b8:c1:
cc:05:30:31:c2:78:dc:07:50:b2:75:b3:b0:33:d8:05:bf:2d:
5d:cc:63:00
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0i5t21151kbpewSSw3eh8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTE5MTgwNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGI3NTAzNTAwMzBlYTRmNWFkN2EwZDYxNGNkOTA0YWRmNjAyYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5hdd9yNXa5iCL+U6UifH9sm6ZGp
KV8/DLp8yiCemq86JW6MsNezlXkSJX6ekV3fFJf5TF2MTUMsEop9z9nptz0EcZ/5
WWneQ7aFpROYOt2IRFhmUnE6SXzRH0+HNcOrhi9sC8qX0xe7m0PQJ54QkjUIykum
c56MGZqiAQ0EbpUjwcMvvqQ5rJpkWWYmxFzFHDpJGl6RiGB3utCk6YjicpTQnPt4
n2g/qDv5wprT4mIDCJIobbXCndV9h0u3kUIJCTrOp6EjsbhpEz5syMglqSsKw19b
jpu5904otQS/WzOa9+9+mv9TVciEmG3S7JNG0s+XR/XemtATYdKwV+VjNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDi3UDUAMOpPWteg1hTNkErfYCtgMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvT0xkUU5RQXc2azlhMTZEV0ZNMlFTdDlnSzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIPA
MA0GCSqGSIb3DQEBCwUAA4IBAQBZB49efQyy3rNHJ4X+mAuHq8e5BIBO92oHKcJJ
LTVRKyyVqjZ3xVck8SW7264WKzhUdqztKXX3PHCfYyKR+gRihSWztPiCRQkFkKks
VcG3RWRzmpmfvZV9K/sUjn72OK/tEUcigmVS8u3FD1QNSqQuZ3DT44hZxqyAIQzc
RJaHIHaYJc6iKgkqV+0tdMllZ77SkuZzqtRZ8UXXnkWjjJgnA0AYlWgPqBxE6wfy
IY7bND7hngkbYRe8AkVRc2uw/I6EJOTp/bp4Ie55jRlUFRlWYWu9gHNS2m3JBGaO
yvFAejqO5Ruvn7G7uMHMBTAxwnjcB1CydbOwM9gFvy1dzGMA
-----END CERTIFICATE-----
Generated at Thu May 2 10:21:32 2024 by rpki-client on console-ams.rpki-client.org