Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ig8TthVcyaR5PWjNPbWoKkljwVc.roa
File: ig8TthVcyaR5PWjNPbWoKkljwVc.roa (raw, json)
Hash identifier: gB0xV9GyeVfzQrXj5g6pOogqCEo8waGjs9nCZQ1W+DU=
Subject key identifier: 8A:0F:13:B6:15:5C:C9:A4:79:3D:68:CD:3D:B5:A8:2A:49:63:C1:57
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8D7F6BC205A9979BC2DE169A19971
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ig8TthVcyaR5PWjNPbWoKkljwVc.roa
Signing time: Mon 01 Jan 2024 20:30:51 +0000
ROA not before: Mon 01 Jan 2024 20:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51861
IP address blocks: 2a0c:9a40:80a3::/48 maxlen: 48
2a0c:9a40:80ae::/48 maxlen: 48
2a0c:9a40:80a9::/48 maxlen: 48
2a0c:9a40:80a4::/48 maxlen: 48
2a0c:9a40:80a7::/48 maxlen: 48
2a0c:9a40:80a2::/48 maxlen: 48
2a0c:9a40:80ad::/48 maxlen: 48
2a0c:9a40:80a0::/44 maxlen: 48
2a0c:9a40:80a8::/48 maxlen: 48
2a0c:9a40:80ab::/48 maxlen: 48
2a0c:9a40:80a6::/48 maxlen: 48
2a0c:9a40:80a1::/48 maxlen: 48
2a0c:9a40:80ac::/48 maxlen: 48
2a0c:9a40:80af::/48 maxlen: 48
2a0c:9a40:80aa::/48 maxlen: 48
2a0c:9a40:80a5::/48 maxlen: 48
2a0c:9a40:80a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 13:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:d7:f6:bc:20:5a:99:79:bc:2d:e1:69:a1:99:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a0f13b6155cc9a4793d68cd3db5a82a4963c157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b3:90:a9:8d:21:1a:d8:4c:5f:f6:71:13:ca:
68:f3:73:c6:70:c5:85:76:a6:b6:c2:e6:53:50:44:
0e:f3:8b:28:1d:17:06:a0:71:36:f2:dd:12:e3:dd:
e8:c8:fe:9a:e9:5f:2a:83:8d:da:6f:fd:34:f3:31:
01:aa:df:99:35:89:61:9f:25:4d:7f:92:ee:b7:fb:
eb:99:ae:a0:5d:a3:9d:ce:ef:08:08:4a:93:62:88:
ec:65:f0:07:a3:16:ee:f7:8a:0a:ee:6a:78:0e:b1:
93:17:39:ef:da:46:ce:5e:df:8e:a6:24:c5:59:10:
c3:8e:f2:77:01:28:7b:31:41:6c:db:e2:0c:74:6c:
d8:b6:a4:f8:8b:51:cd:15:3c:72:b3:1c:6d:82:1f:
2b:7e:e2:47:37:56:e9:2f:5e:57:7f:0c:22:54:4e:
b0:46:0e:6d:f8:cf:06:46:ca:6b:5b:27:9f:95:b1:
7b:87:8b:33:0c:73:e3:e0:ee:9f:c8:d0:34:be:2d:
35:83:85:85:b6:34:6f:ca:21:9c:37:75:0f:5f:5b:
e0:17:ab:32:fb:32:35:bc:c3:8e:98:d1:93:59:f9:
c2:54:83:e7:4e:ec:02:75:25:7f:78:09:d7:da:37:
5d:b4:3a:f2:a7:99:0d:65:99:ea:07:d6:ed:f4:76:
38:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0F:13:B6:15:5C:C9:A4:79:3D:68:CD:3D:B5:A8:2A:49:63:C1:57
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ig8TthVcyaR5PWjNPbWoKkljwVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:80a0::/44
Signature Algorithm: sha256WithRSAEncryption
8b:5c:ea:24:03:5a:b4:dc:df:a7:2f:47:06:01:a6:f1:12:ec:
62:77:df:ef:cc:89:73:e8:5e:c5:1b:83:cb:ed:be:fd:b6:0f:
61:1b:2d:fb:98:09:b4:0e:d7:ce:c7:66:e1:73:f2:b5:5b:2a:
08:a9:31:a3:75:55:ea:32:b1:90:55:f6:cf:e5:35:4d:17:03:
0c:47:b1:34:d4:7b:2f:cc:19:14:bb:c7:c9:7f:61:26:bb:fe:
6d:e5:c5:87:e3:5b:8b:45:7e:06:fa:8b:55:f6:6a:e4:69:cd:
06:90:f0:7a:4e:f0:2e:8b:5a:ae:c9:fb:ea:fe:b8:f9:db:8b:
93:0e:c0:85:05:ba:01:00:00:83:40:03:44:e8:77:f6:43:d9:
3f:39:41:ad:f0:af:dc:7e:a5:8d:6f:6b:81:d9:15:bd:d1:80:
d2:b3:d3:34:d9:2d:0b:25:1e:b8:bc:c5:b3:11:ba:78:e2:40:
2a:f3:70:8e:fb:22:d6:8f:65:98:bd:40:22:78:b3:ab:fe:80:
b4:a9:84:62:c7:6c:b5:7e:0a:d7:6b:55:71:22:8e:ca:51:8b:
35:be:6e:5e:78:ac:28:9c:52:f5:92:32:a0:0c:7d:26:08:ff:
fb:18:ab:63:f0:51:a5:1e:0a:df:16:7d:3e:11:df:98:68:40:
dc:37:7c:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuNf2vCBamXm8LeFpoZlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTBmMTNiNjE1NWNjOWE0NzkzZDY4Y2QzZGI1YTgyYTQ5NjNjMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbOQqY0hGthMX/ZxE8po83PGcMWF
dqa2wuZTUEQO84soHRcGoHE28t0S493oyP6a6V8qg43ab/008zEBqt+ZNYlhnyVN
f5Lut/vrma6gXaOdzu8ICEqTYojsZfAHoxbu94oK7mp4DrGTFznv2kbOXt+OpiTF
WRDDjvJ3ASh7MUFs2+IMdGzYtqT4i1HNFTxysxxtgh8rfuJHN1bpL15XfwwiVE6w
Rg5t+M8GRsprWyeflbF7h4szDHPj4O6fyNA0vi01g4WFtjRvyiGcN3UPX1vgF6sy
+zI1vMOOmNGTWfnCVIPnTuwCdSV/eAnX2jddtDryp5kNZZnqB9bt9HY4pQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIoPE7YVXMmkeT1ozT21qCpJY8FXMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvaWc4VHRoVmN5YVI1UFdqTlBiV29La2xqd1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQICg
MA0GCSqGSIb3DQEBCwUAA4IBAQCLXOokA1q03N+nL0cGAabxEuxid9/vzIlz6F7F
G4PL7b79tg9hGy37mAm0DtfOx2bhc/K1WyoIqTGjdVXqMrGQVfbP5TVNFwMMR7E0
1HsvzBkUu8fJf2Emu/5t5cWH41uLRX4G+otV9mrkac0GkPB6TvAui1quyfvq/rj5
24uTDsCFBboBAACDQANE6Hf2Q9k/OUGt8K/cfqWNb2uB2RW90YDSs9M02S0LJR64
vMWzEbp44kAq83CO+yLWj2WYvUAieLOr/oC0qYRix2y1fgrXa1VxIo7KUYs1vm5e
eKwonFL1kjKgDH0mCP/7GKtj8FGlHgrfFn0+Ed+YaEDcN3yL
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:41:16 2024 by rpki-client on console-fra.rpki-client.org