Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/g8E6nErANNOUu3zFuCImX4OHMFQ.roa
File: g8E6nErANNOUu3zFuCImX4OHMFQ.roa (raw, json)
Hash identifier: Qx+o29Kf/5W5ubysbP+/hceGLSrgaenb+Zcrc0AFyhM=
Subject key identifier: 83:C1:3A:9C:4A:C0:34:D3:94:BB:7C:C5:B8:22:26:5F:83:87:30:54
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8D3103A99E8207C01802D989CEB93
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/g8E6nErANNOUu3zFuCImX4OHMFQ.roa
Signing time: Mon 01 Jan 2024 20:30:50 +0000
ROA not before: Mon 01 Jan 2024 20:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32167
IP address blocks: 2a0c:9a40:9d00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 06:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:d3:10:3a:99:e8:20:7c:01:80:2d:98:9c:eb:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83c13a9c4ac034d394bb7cc5b822265f83873054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ab:08:8d:23:15:12:34:55:78:9d:c0:cc:83:
50:96:dd:ec:8e:d2:cc:43:12:69:bf:93:2f:56:79:
93:80:e6:86:7c:61:be:96:01:00:b2:f0:7b:2f:77:
c6:21:f5:d3:9f:a2:e2:f3:e1:b8:20:0d:58:6a:74:
16:cc:74:bd:88:1d:fd:7a:9f:ce:9f:a4:33:56:4f:
4a:b8:a9:dd:db:50:a0:9e:c8:a7:8e:41:24:0c:b8:
b0:a4:bc:88:7f:e9:03:56:e4:9c:31:37:4d:75:73:
1b:43:ef:cc:2a:3b:cc:ec:db:05:55:45:5e:75:38:
74:1c:cb:a7:5a:f1:b3:b5:f7:5c:a0:30:44:93:da:
f6:35:e5:c7:15:10:e8:23:19:01:52:f8:49:ee:d2:
75:fe:cb:28:92:3c:e0:74:55:86:bf:d0:bd:7b:54:
38:0b:03:f9:3c:58:71:83:41:e8:d1:b7:88:44:63:
93:1e:fd:99:73:12:2e:84:e6:79:05:a6:70:fe:83:
1c:49:76:b8:58:4b:e4:9c:e8:ff:5d:37:31:46:bd:
9e:2e:07:e5:c2:04:69:c4:26:83:cf:78:71:4a:70:
f8:68:49:9b:de:8c:9a:c2:d6:97:33:18:c8:9a:b6:
f2:f1:be:4e:dc:90:30:76:e1:80:63:f2:55:15:db:
7f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C1:3A:9C:4A:C0:34:D3:94:BB:7C:C5:B8:22:26:5F:83:87:30:54
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/g8E6nErANNOUu3zFuCImX4OHMFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9d00::/40
Signature Algorithm: sha256WithRSAEncryption
7f:d0:36:d3:4b:7f:ce:41:f3:bd:f3:a2:f1:80:c5:d3:b9:56:
8e:6f:8a:fd:a7:09:23:d7:8d:da:a2:7e:ce:45:46:b0:f9:0d:
3b:e7:64:b5:af:06:4c:a7:aa:cf:8f:1d:25:04:f1:91:19:b6:
cc:2d:50:63:9b:18:6b:bf:d3:f8:bd:e7:aa:17:1d:ff:a1:12:
ed:42:3d:61:27:8b:3e:d8:f3:c2:f9:b1:47:d1:74:e3:c8:19:
4f:d8:c5:b0:6d:40:37:83:7e:1f:8e:23:f9:b9:d7:42:0a:c8:
12:2d:e0:68:69:ce:36:1a:6d:ed:b4:b3:8e:f4:6c:7a:d3:30:
a3:81:75:c4:0e:f0:80:ac:19:aa:f7:fd:4e:fb:51:a0:c1:8b:
f4:59:67:00:3a:f9:0d:bc:e7:38:f2:eb:34:c4:10:f1:c6:73:
b0:b2:d0:d5:79:82:6a:81:f8:83:18:c9:c1:cb:97:45:ef:e5:
c3:56:11:5c:22:2f:8f:0a:8b:25:34:ef:3b:7f:d6:4c:9a:ad:
76:5d:3b:7d:bc:c5:31:d1:26:08:ab:73:45:91:0a:b3:a6:5f:
f7:22:08:26:18:7a:5b:be:11:10:d3:d7:a2:b8:c3:a2:e5:2e:
66:77:fc:ec:96:0b:b1:56:4c:92:62:e2:c6:97:0b:7d:7e:f7:
54:a1:59:c8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzGuNMQOpnoIHwBgC2YnOuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2MxM2E5YzRhYzAzNGQzOTRiYjdjYzViODIyMjY1ZjgzODczMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqsIjSMVEjRVeJ3AzINQlt3sjtLM
QxJpv5MvVnmTgOaGfGG+lgEAsvB7L3fGIfXTn6Li8+G4IA1YanQWzHS9iB39ep/O
n6QzVk9KuKnd21CgnsinjkEkDLiwpLyIf+kDVuScMTdNdXMbQ+/MKjvM7NsFVUVe
dTh0HMunWvGztfdcoDBEk9r2NeXHFRDoIxkBUvhJ7tJ1/ssokjzgdFWGv9C9e1Q4
CwP5PFhxg0Ho0beIRGOTHv2ZcxIuhOZ5BaZw/oMcSXa4WEvknOj/XTcxRr2eLgfl
wgRpxCaDz3hxSnD4aEmb3oyawtaXMxjImrby8b5O3JAwduGAY/JVFdt/GQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIPBOpxKwDTTlLt8xbgiJl+DhzBUMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZzhFNm5FckFOTk9VdTN6RnVDSW1YNE9ITUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQJ0w
DQYJKoZIhvcNAQELBQADggEBAH/QNtNLf85B873zovGAxdO5Vo5viv2nCSPXjdqi
fs5FRrD5DTvnZLWvBkynqs+PHSUE8ZEZtswtUGObGGu/0/i956oXHf+hEu1CPWEn
iz7Y88L5sUfRdOPIGU/YxbBtQDeDfh+OI/m510IKyBIt4GhpzjYabe20s470bHrT
MKOBdcQO8ICsGar3/U77UaDBi/RZZwA6+Q285zjy6zTEEPHGc7Cy0NV5gmqB+IMY
ycHLl0Xv5cNWEVwiL48KiyU07zt/1kyarXZdO328xTHRJgirc0WRCrOmX/ciCCYY
elu+ERDT16K4w6LlLmZ3/OyWC7FWTJJi4saXC31+91ShWcg=
-----END CERTIFICATE-----
Generated at Fri May 17 11:09:02 2024 by rpki-client on console-ams.rpki-client.org