Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/R5m-IPWZGFhk9F4xL7yOUpHXIlg.roa
File: R5m-IPWZGFhk9F4xL7yOUpHXIlg.roa (raw, json)
Hash identifier: YfJfS6tUcbN7Gc6J5MT9Z9QQvAEPU5Gb2uHD6LYy4oY=
Subject key identifier: 47:99:BE:20:F5:99:18:58:64:F4:5E:31:2F:BC:8E:52:91:D7:22:58
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8F86FF5A0376C9371F85DF0E236B3
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/R5m-IPWZGFhk9F4xL7yOUpHXIlg.roa
Signing time: Mon 01 Jan 2024 20:31:00 +0000
ROA not before: Mon 01 Jan 2024 20:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216469
IP address blocks: 2a0c:9a40:8cc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f8:6f:f5:a0:37:6c:93:71:f8:5d:f0:e2:36:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4799be20f599185864f45e312fbc8e5291d72258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ca:cc:a7:16:b8:0f:1b:05:9c:9f:0b:f4:4d:
bc:fa:c7:68:ad:e0:6b:06:4a:6b:37:1e:9f:d1:71:
06:8c:ef:25:44:f7:63:2a:5a:87:6d:7f:10:2e:9f:
79:ca:68:06:7f:d5:2e:87:33:12:3c:d7:90:4c:8f:
3d:4e:de:48:6c:64:c2:30:93:f2:a2:01:1a:b4:03:
45:ee:db:f6:59:8d:f5:63:44:46:c8:81:2a:40:09:
0d:f3:dc:74:79:95:4d:d9:c8:d6:48:1d:19:c2:8a:
8e:e0:a0:68:82:ba:44:4c:cd:51:cd:30:9e:1a:83:
46:b8:c3:da:76:de:f1:e4:5f:24:ea:ed:8f:73:72:
14:3d:cc:f0:23:1a:28:64:3a:2c:1d:87:bb:da:f0:
9a:0d:c6:61:04:ad:91:40:f0:2b:ae:7a:88:27:cf:
74:05:e1:b6:27:f1:96:e8:91:52:d9:bf:10:94:c2:
42:c4:0f:b7:63:85:6a:36:2e:92:b2:0d:ab:0c:5b:
93:56:bf:f5:ba:de:c5:6c:65:82:dd:a4:fc:47:7f:
a8:56:6b:09:64:91:04:5c:82:08:31:26:de:07:a8:
a5:1c:62:50:b7:2e:24:4a:d5:f5:14:bf:8b:99:3d:
02:f2:38:5c:4a:7d:bd:cc:6b:43:80:ff:16:56:0f:
15:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:99:BE:20:F5:99:18:58:64:F4:5E:31:2F:BC:8E:52:91:D7:22:58
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/R5m-IPWZGFhk9F4xL7yOUpHXIlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8cc0::/48
Signature Algorithm: sha256WithRSAEncryption
d1:2f:2f:76:45:e9:30:08:67:09:4b:44:c1:1e:a1:35:36:e9:
8c:06:d3:0c:a3:19:b2:08:18:8e:6b:ad:59:9c:77:e7:78:b0:
ef:f8:76:19:34:c4:3d:4c:c9:db:8d:98:bd:70:93:4d:e8:12:
8b:06:4a:2d:eb:af:50:d6:45:f5:e2:aa:7e:80:8a:91:6d:03:
ca:64:f3:5c:05:a6:02:d5:94:f2:8f:1e:e7:71:d8:37:5a:09:
4d:3a:d7:28:46:bb:79:33:0c:e8:25:dd:0e:71:8b:cf:49:68:
8b:9c:d8:c6:ca:9e:c2:f5:50:fc:df:9c:07:a3:19:19:3f:63:
ea:6b:92:b0:dd:7c:bb:f1:29:98:c1:b3:88:0e:53:32:d7:2e:
de:e9:ad:62:26:0c:42:e6:2b:17:11:c0:d5:df:d8:41:44:00:
9a:42:08:f1:78:ba:02:7f:fb:13:ec:29:fe:45:0b:48:dc:14:
dc:c0:e3:74:5a:4c:04:34:42:c5:59:0f:54:00:bb:6b:87:97:
cc:19:04:2f:3f:c9:a8:ae:b0:1c:61:16:47:85:2d:ae:3d:ce:
35:0c:75:b3:f3:3e:98:4a:94:d5:38:72:a0:63:c6:89:bc:01:
a4:63:3d:ec:f6:4b:3c:d1:0f:db:8f:22:8a:dc:ff:3f:6e:4e:
13:3c:65:5e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuPhv9aA3bJNx+F3w4jazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzk5YmUyMGY1OTkxODU4NjRmNDVlMzEyZmJjOGU1MjkxZDcyMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsrMpxa4DxsFnJ8L9E28+sdoreBr
BkprNx6f0XEGjO8lRPdjKlqHbX8QLp95ymgGf9UuhzMSPNeQTI89Tt5IbGTCMJPy
ogEatANF7tv2WY31Y0RGyIEqQAkN89x0eZVN2cjWSB0ZwoqO4KBogrpETM1RzTCe
GoNGuMPadt7x5F8k6u2Pc3IUPczwIxooZDosHYe72vCaDcZhBK2RQPArrnqIJ890
BeG2J/GW6JFS2b8QlMJCxA+3Y4VqNi6Ssg2rDFuTVr/1ut7FbGWC3aT8R3+oVmsJ
ZJEEXIIIMSbeB6ilHGJQty4kStX1FL+LmT0C8jhcSn29zGtDgP8WVg8VEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEeZviD1mRhYZPReMS+8jlKR1yJYMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvUjVtLUlQV1pHRmhrOUY0eEw3eU9VcEhYSWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIzA
MA0GCSqGSIb3DQEBCwUAA4IBAQDRLy92RekwCGcJS0TBHqE1NumMBtMMoxmyCBiO
a61ZnHfneLDv+HYZNMQ9TMnbjZi9cJNN6BKLBkot669Q1kX14qp+gIqRbQPKZPNc
BaYC1ZTyjx7ncdg3WglNOtcoRrt5MwzoJd0OcYvPSWiLnNjGyp7C9VD835wHoxkZ
P2Pqa5Kw3Xy78SmYwbOIDlMy1y7e6a1iJgxC5isXEcDV39hBRACaQgjxeLoCf/sT
7Cn+RQtI3BTcwON0WkwENELFWQ9UALtrh5fMGQQvP8morrAcYRZHhS2uPc41DHWz
8z6YSpTVOHKgY8aJvAGkYz3s9ks80Q/bjyKK3P8/bk4TPGVe
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:59:22 2024 by rpki-client on console-ams.rpki-client.org