Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OtbpO2YLG7P4bFvFPzExRyfOECg.roa
File: OtbpO2YLG7P4bFvFPzExRyfOECg.roa (raw, json)
Hash identifier: whAscITfpXflic9ZB83DyDvJ29pUVwf40U4NS0ISGp4=
Subject key identifier: 3A:D6:E9:3B:66:0B:1B:B3:F8:6C:5B:C5:3F:31:31:47:27:CE:10:28
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8F237226DE89CF669B018C8D40911
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OtbpO2YLG7P4bFvFPzExRyfOECg.roa
Signing time: Mon 01 Jan 2024 20:30:58 +0000
ROA not before: Mon 01 Jan 2024 20:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213253
IP address blocks: 2a0c:9a40:81fb::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f2:37:22:6d:e8:9c:f6:69:b0:18:c8:d4:09:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ad6e93b660b1bb3f86c5bc53f31314727ce1028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1d:9a:bb:19:fa:e3:6c:4c:25:94:88:09:b4:
38:51:56:db:50:01:da:c9:0d:d3:93:5d:4f:18:d3:
89:bc:85:4d:1f:fb:04:a6:b6:cb:63:0a:0a:b1:a8:
4e:71:84:b1:e7:83:81:30:4f:e4:70:68:02:6b:03:
d7:88:81:20:06:7d:7a:f8:cc:da:b7:a0:5a:ad:e5:
e0:81:aa:c8:87:fa:6f:5b:9b:9a:e5:a0:42:1e:7c:
3e:3c:ba:66:59:1f:c2:73:9e:f7:3a:47:54:06:db:
e3:ab:a5:80:d7:73:e2:5c:b3:99:dc:b3:dc:ce:bf:
03:53:45:d3:ed:95:c4:f8:0e:1f:0d:bf:66:0d:7b:
c8:25:56:5d:5e:96:06:8c:9c:a6:48:d0:9c:38:f4:
c2:c8:4c:07:ca:fe:30:d6:b9:e5:99:26:b3:f2:1a:
43:11:b6:1f:37:ee:34:2b:10:6f:45:a3:84:92:ff:
86:17:33:da:9a:9b:95:75:20:3e:6e:dd:c5:0e:ab:
c4:77:c0:0f:f8:9a:83:26:c4:e5:7f:a2:08:21:ea:
11:09:54:2c:21:f7:53:79:57:bf:bb:43:e7:58:56:
71:ed:c2:7c:8f:d3:e8:a9:6f:47:bf:b5:ef:c5:be:
6d:0a:5d:c6:88:74:7f:7b:53:ff:33:de:3f:56:1a:
5d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D6:E9:3B:66:0B:1B:B3:F8:6C:5B:C5:3F:31:31:47:27:CE:10:28
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/OtbpO2YLG7P4bFvFPzExRyfOECg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:81fb::/48
Signature Algorithm: sha256WithRSAEncryption
33:12:f8:5b:80:fb:79:41:3a:b4:13:bd:79:d6:ce:d0:63:00:
85:7e:00:a5:23:87:bf:8f:df:4c:ec:12:cd:26:c8:48:19:6b:
3b:44:80:f2:9e:ab:92:04:bd:a4:24:f7:d4:08:60:32:aa:f5:
cc:cf:d5:b3:e8:f5:09:54:f8:17:97:f9:69:48:ad:ff:e5:07:
8a:32:da:8c:81:a9:30:fc:35:c1:cb:03:d7:63:15:d2:29:78:
78:df:17:4e:97:93:8f:37:a8:61:97:1f:29:3f:0a:05:72:21:
08:f8:70:37:89:06:83:15:c1:a3:d1:0a:bb:8f:2e:3b:6c:99:
a7:7c:f9:c7:50:85:b0:f0:51:31:21:49:90:8c:3c:30:c1:c3:
bb:89:84:42:b6:a4:03:ae:d2:1f:d3:26:de:ef:81:5b:c2:bc:
94:1a:e0:7d:ef:98:f2:6f:92:1a:70:3e:c1:a2:be:2f:64:ac:
99:ee:d0:e7:79:8b:a6:22:b6:51:d4:df:e5:d1:0b:89:ba:12:
63:13:48:29:d4:95:f6:78:37:d5:77:06:db:36:41:7c:f3:fc:
57:6c:db:2c:92:da:55:4a:3d:cf:8e:fd:9b:6f:b3:33:26:2e:
32:bf:9c:06:86:67:7e:0c:b1:4c:43:1d:7a:ff:02:76:d0:25:
75:9e:fc:ee
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuPI3Im3onPZpsBjI1AkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWQ2ZTkzYjY2MGIxYmIzZjg2YzViYzUzZjMxMzE0NzI3Y2UxMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB2auxn642xMJZSICbQ4UVbbUAHa
yQ3Tk11PGNOJvIVNH/sEprbLYwoKsahOcYSx54OBME/kcGgCawPXiIEgBn16+Mza
t6BareXggarIh/pvW5ua5aBCHnw+PLpmWR/Cc573OkdUBtvjq6WA13PiXLOZ3LPc
zr8DU0XT7ZXE+A4fDb9mDXvIJVZdXpYGjJymSNCcOPTCyEwHyv4w1rnlmSaz8hpD
EbYfN+40KxBvRaOEkv+GFzPampuVdSA+bt3FDqvEd8AP+JqDJsTlf6IIIeoRCVQs
IfdTeVe/u0PnWFZx7cJ8j9PoqW9Hv7Xvxb5tCl3GiHR/e1P/M94/VhpdzQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDrW6TtmCxuz+GxbxT8xMUcnzhAoMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvT3RicE8yWUxHN1A0YkZ2RlB6RXhSeWZPRUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIH7
MA0GCSqGSIb3DQEBCwUAA4IBAQAzEvhbgPt5QTq0E7151s7QYwCFfgClI4e/j99M
7BLNJshIGWs7RIDynquSBL2kJPfUCGAyqvXMz9Wz6PUJVPgXl/lpSK3/5QeKMtqM
gakw/DXBywPXYxXSKXh43xdOl5OPN6hhlx8pPwoFciEI+HA3iQaDFcGj0Qq7jy47
bJmnfPnHUIWw8FExIUmQjDwwwcO7iYRCtqQDrtIf0ybe74FbwryUGuB975jyb5Ia
cD7Bor4vZKyZ7tDneYumIrZR1N/l0QuJuhJjE0gp1JX2eDfVdwbbNkF88/xXbNss
ktpVSj3Pjv2bb7MzJi4yv5wGhmd+DLFMQx16/wJ20CV1nvzu
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:59:22 2024 by rpki-client on console-ams.rpki-client.org