Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gqg5m9QIAmBwUF5KLiNiQGXxEn0.roa
File: gqg5m9QIAmBwUF5KLiNiQGXxEn0.roa (raw, json)
Hash identifier: AAHe72sGg03cIdxNutnXzheue6mHYCQ21jTzJ/c+ZHU=
Subject key identifier: 82:A8:39:9B:D4:08:02:60:70:50:5E:4A:2E:23:62:40:65:F1:12:7D
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8EE503565F61D9CF7DAF55DB99735
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gqg5m9QIAmBwUF5KLiNiQGXxEn0.roa
Signing time: Mon 01 Jan 2024 20:30:57 +0000
ROA not before: Mon 01 Jan 2024 20:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211758
IP address blocks: 2a0c:9a40:8260::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ee:50:35:65:f6:1d:9c:f7:da:f5:5d:b9:97:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82a8399bd408026070505e4a2e23624065f1127d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e5:ec:e8:12:59:24:e9:52:a6:c4:5c:c5:1a:
b7:3f:fc:40:f6:63:cf:4c:e1:13:3e:a1:81:b5:9b:
b0:77:e9:60:77:ac:3d:db:66:ce:0d:65:80:e3:19:
a3:fc:0a:3b:7e:ae:12:4f:99:57:3f:b5:3d:68:94:
12:ce:30:38:4e:24:be:27:8e:43:c7:d0:f8:d0:4b:
12:bf:97:e1:67:4e:ab:19:ba:41:39:05:c3:b0:a2:
25:78:24:0a:5e:a8:ee:b0:52:83:70:39:05:81:74:
67:40:b8:4f:df:2a:2f:a6:16:6e:b6:ed:97:0b:e1:
2d:d7:40:c7:93:e4:61:ec:6c:a1:6a:e0:9b:04:82:
a8:b4:7f:be:be:79:ca:d2:a6:5d:b6:1b:ef:96:62:
c0:9a:c5:31:86:a9:1d:6c:d9:60:af:f8:b9:de:54:
4a:73:bd:e9:85:ee:8d:d0:4c:cb:a1:37:47:6a:26:
fa:7f:92:b6:f3:75:38:f8:83:50:f6:6f:37:b9:bc:
9d:c1:34:23:29:25:d7:8a:a2:80:eb:50:c6:f2:39:
a4:9d:40:2b:ce:f1:98:e8:bc:f0:54:28:24:93:93:
b7:7b:b4:99:99:17:91:a8:da:54:09:72:18:30:17:
63:5e:7a:17:b0:88:77:7c:29:06:43:52:b8:dd:04:
55:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A8:39:9B:D4:08:02:60:70:50:5E:4A:2E:23:62:40:65:F1:12:7D
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gqg5m9QIAmBwUF5KLiNiQGXxEn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8260::/44
Signature Algorithm: sha256WithRSAEncryption
19:46:7e:0f:6a:69:c4:7d:2b:ad:d5:16:7c:ac:54:2b:e6:f3:
81:4c:5d:74:e3:a9:15:83:98:00:5e:e1:bb:6a:07:4f:c3:3a:
fb:50:91:99:bf:03:65:16:8d:bc:4f:23:73:02:63:ac:78:e2:
51:f8:c8:64:79:c6:df:7e:c1:92:75:57:5f:df:03:79:97:28:
ce:2c:83:19:68:f0:48:50:0e:93:da:28:cf:a0:84:55:12:b4:
de:32:c6:62:46:8f:40:bf:db:c9:c4:86:66:82:ab:4a:8f:fe:
7d:41:79:91:07:f6:d0:c8:a3:08:94:ee:af:d2:6a:59:f4:a7:
17:6c:64:4e:23:95:0c:57:0d:d2:19:b7:a7:d3:10:2f:bd:a3:
db:8c:b8:ce:40:b5:41:26:24:95:67:99:6f:c9:73:6d:3a:42:
07:1b:85:7e:64:9d:3c:c1:59:2a:5a:2f:90:0c:80:d7:5d:28:
5d:cb:e6:c9:1e:44:59:d8:a1:d7:58:de:9a:7c:6b:65:66:aa:
6e:93:ca:f0:5e:d4:35:b4:12:3d:d4:88:0b:2c:89:6a:43:49:
e4:91:09:f5:66:01:e0:7c:a6:f5:eb:51:c0:14:fa:be:76:e2:
9e:3d:9d:fe:01:f5:ff:8b:ee:8f:b8:2d:64:2c:0f:bd:f0:58:
cc:dd:d1:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuO5QNWX2HZz32vVduZc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmE4Mzk5YmQ0MDgwMjYwNzA1MDVlNGEyZTIzNjI0MDY1ZjExMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+Xs6BJZJOlSpsRcxRq3P/xA9mPP
TOETPqGBtZuwd+lgd6w922bODWWA4xmj/Ao7fq4ST5lXP7U9aJQSzjA4TiS+J45D
x9D40EsSv5fhZ06rGbpBOQXDsKIleCQKXqjusFKDcDkFgXRnQLhP3yovphZutu2X
C+Et10DHk+Rh7GyhauCbBIKotH++vnnK0qZdthvvlmLAmsUxhqkdbNlgr/i53lRK
c73phe6N0EzLoTdHaib6f5K283U4+INQ9m83ubydwTQjKSXXiqKA61DG8jmknUAr
zvGY6LzwVCgkk5O3e7SZmReRqNpUCXIYMBdjXnoXsIh3fCkGQ1K43QRVFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIKoOZvUCAJgcFBeSi4jYkBl8RJ9MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZ3FnNW05UUlBbUJ3VUY1S0xpTmlRR1h4RW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIJg
MA0GCSqGSIb3DQEBCwUAA4IBAQAZRn4PamnEfSut1RZ8rFQr5vOBTF1046kVg5gA
XuG7agdPwzr7UJGZvwNlFo28TyNzAmOseOJR+MhkecbffsGSdVdf3wN5lyjOLIMZ
aPBIUA6T2ijPoIRVErTeMsZiRo9Av9vJxIZmgqtKj/59QXmRB/bQyKMIlO6v0mpZ
9KcXbGROI5UMVw3SGben0xAvvaPbjLjOQLVBJiSVZ5lvyXNtOkIHG4V+ZJ08wVkq
Wi+QDIDXXShdy+bJHkRZ2KHXWN6afGtlZqpuk8rwXtQ1tBI91IgLLIlqQ0nkkQn1
ZgHgfKb161HAFPq+duKePZ3+AfX/i+6PuC1kLA+98FjM3dEr
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:59:22 2024 by rpki-client on console-ams.rpki-client.org