Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/kWDyOzGS4Z8Z3enAqy04JHNm0Ys.roa
File: kWDyOzGS4Z8Z3enAqy04JHNm0Ys.roa (raw, json)
Hash identifier: 8f5gjQrDaxb5UnADa3nYDIdDeUsML6TMbLJl+2MsiuM=
Subject key identifier: 91:60:F2:3B:31:92:E1:9F:19:DD:E9:C0:AB:2D:38:24:73:66:D1:8B
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018D11C41AB53F01701FB5E280AB5BD2D6A0
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/kWDyOzGS4Z8Z3enAqy04JHNm0Ys.roa
Signing time: Tue 16 Jan 2024 10:14:40 +0000
ROA not before: Tue 16 Jan 2024 10:14:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151338
IP address blocks: 2a0c:9a40:9600::/40 maxlen: 48
2a0c:9a40:9f00::/40 maxlen: 48
2a0c:9a40:9200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:c4:1a:b5:3f:01:70:1f:b5:e2:80:ab:5b:d2:d6:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 16 10:14:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9160f23b3192e19f19dde9c0ab2d38247366d18b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c9:a1:24:58:24:50:35:dc:f3:25:23:ea:13:
e7:8e:ae:00:d4:8a:bd:46:e2:dc:97:b5:90:93:a6:
db:02:e5:4d:25:81:23:4a:9f:58:1b:28:01:bc:7b:
c8:ff:fc:7d:57:25:d1:f1:e0:2b:d7:6e:e9:b3:e1:
fc:63:b4:50:3c:3f:51:95:a1:b1:78:ee:90:e7:be:
54:52:85:b0:d7:89:aa:02:b7:71:45:f2:dc:1a:65:
6f:da:c1:00:7f:58:b9:51:c0:b8:4e:96:23:76:8b:
42:a2:37:4b:10:27:9f:74:07:cc:e7:8e:0f:9a:03:
86:50:16:b3:96:f0:58:e7:ce:2c:f6:a7:bd:9e:0d:
47:02:a5:f9:b0:ad:52:1e:b5:cf:e4:17:e2:1a:d8:
44:f2:ab:58:ef:ec:89:6b:0c:e1:1d:11:82:e8:eb:
71:05:5e:48:96:21:d6:9f:47:84:31:d2:84:96:22:
76:f4:f1:ba:c4:73:be:1c:17:ea:44:75:d8:ff:04:
b8:52:9b:07:fc:a6:1a:aa:e8:ab:69:5f:42:6a:36:
cb:b3:59:df:ef:09:e5:e9:b4:ed:87:7c:6f:3d:bf:
fd:e2:ae:43:1f:91:aa:b6:06:39:55:26:2e:e4:c3:
ed:e4:23:50:be:0f:35:e3:8b:ca:64:8c:89:73:bc:
e7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:60:F2:3B:31:92:E1:9F:19:DD:E9:C0:AB:2D:38:24:73:66:D1:8B
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/kWDyOzGS4Z8Z3enAqy04JHNm0Ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9200::/40
2a0c:9a40:9600::/40
2a0c:9a40:9f00::/40
Signature Algorithm: sha256WithRSAEncryption
5d:93:68:55:3b:5b:c9:98:c1:52:5f:14:a7:e5:41:63:e2:7d:
77:63:19:ed:3d:c1:67:3e:40:9d:86:05:67:b7:54:66:17:54:
41:5e:61:fa:43:14:2d:1d:1f:36:1c:ff:32:66:91:88:82:3b:
cf:6c:14:c0:c5:f1:6b:d4:a0:99:2a:7c:a7:48:28:69:e9:55:
03:d7:a7:b1:96:00:29:81:f1:73:01:03:47:d5:f1:6e:e0:71:
73:ac:32:72:36:5e:87:63:ac:57:d0:27:0c:9f:9a:6f:63:a3:
90:78:ca:90:ed:35:53:85:03:7e:5c:5d:ea:70:c0:42:ba:02:
a8:98:4f:a7:e6:63:64:10:55:ce:09:8a:e1:4a:39:65:4e:b1:
2d:2c:e5:5a:de:c8:c7:ae:27:0c:b4:f1:1b:ea:f8:00:34:d6:
e4:57:a5:4b:17:8d:eb:99:38:c0:2e:ac:a6:48:d5:f1:81:a1:
4f:b8:31:d5:c9:90:be:3b:8a:34:8d:55:5c:85:18:bc:bc:cc:
8d:d4:ff:ae:d8:ec:33:e7:42:30:2d:ed:28:44:0d:d0:80:92:
78:6a:58:98:c4:26:65:ac:45:f6:85:f4:b3:19:b5:c0:1e:69:
de:3c:96:58:e2:2e:60:1b:2a:3e:19:e8:c8:40:79:1e:63:c1:
80:dd:26:74
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0RxBq1PwFwH7XigKtb0tagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTE2MTAxNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTYwZjIzYjMxOTJlMTlmMTlkZGU5YzBhYjJkMzgyNDczNjZkMThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8mhJFgkUDXc8yUj6hPnjq4A1Iq9
RuLcl7WQk6bbAuVNJYEjSp9YGygBvHvI//x9VyXR8eAr127ps+H8Y7RQPD9RlaGx
eO6Q575UUoWw14mqArdxRfLcGmVv2sEAf1i5UcC4TpYjdotCojdLECefdAfM544P
mgOGUBazlvBY584s9qe9ng1HAqX5sK1SHrXP5BfiGthE8qtY7+yJawzhHRGC6Otx
BV5IliHWn0eEMdKEliJ29PG6xHO+HBfqRHXY/wS4UpsH/KYaquiraV9CajbLs1nf
7wnl6bTth3xvPb/94q5DH5GqtgY5VSYu5MPt5CNQvg8144vKZIyJc7znoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJFg8jsxkuGfGd3pwKstOCRzZtGLMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEva1dEeU96R1M0WjhaM2VuQXF5MDRKSE5tMFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYAKgyaQJID
BgAqDJpAlgMGACoMmkCfMA0GCSqGSIb3DQEBCwUAA4IBAQBdk2hVO1vJmMFSXxSn
5UFj4n13YxntPcFnPkCdhgVnt1RmF1RBXmH6QxQtHR82HP8yZpGIgjvPbBTAxfFr
1KCZKnynSChp6VUD16exlgApgfFzAQNH1fFu4HFzrDJyNl6HY6xX0CcMn5pvY6OQ
eMqQ7TVThQN+XF3qcMBCugKomE+n5mNkEFXOCYrhSjllTrEtLOVa3sjHricMtPEb
6vgANNbkV6VLF43rmTjALqymSNXxgaFPuDHVyZC+O4o0jVVchRi8vMyN1P+u2Owz
50IwLe0oRA3QgJJ4aliYxCZlrEX2hfSzGbXAHmnePJZY4i5gGyo+GejIQHkeY8GA
3SZ0
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:59:22 2024 by rpki-client on console-ams.rpki-client.org