Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/lVVIdmEZaBnf--3JOeALhdiP8vM.roa
File: lVVIdmEZaBnf--3JOeALhdiP8vM.roa (raw, json)
Hash identifier: kwVbHbWnVjRUO5SKrNUQebkJGdNOEqu0EsjsvzGuAPM=
Subject key identifier: 95:55:48:76:61:19:68:19:DF:FB:ED:C9:39:E0:0B:85:D8:8F:F2:F3
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018D08D6F24C7AF718EF7912D433F623E74D
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/lVVIdmEZaBnf--3JOeALhdiP8vM.roa
Signing time: Sun 14 Jan 2024 16:38:40 +0000
ROA not before: Sun 14 Jan 2024 16:38:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 2a0c:9a40:9c10::/44 maxlen: 48
2a0c:9a40:9cc0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:d6:f2:4c:7a:f7:18:ef:79:12:d4:33:f6:23:e7:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 14 16:38:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9555487661196819dffbedc939e00b85d88ff2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cd:80:40:b3:4a:ab:64:d7:7c:49:e5:4d:0e:
6f:d2:c3:7b:39:68:13:56:68:23:98:6b:08:e2:29:
2f:c4:92:b5:e5:eb:53:4f:96:c3:18:2b:1a:cd:4b:
c5:e0:fe:8e:39:e5:ba:8c:2b:95:a3:46:bb:5d:54:
c4:ba:ac:80:f4:b1:67:70:36:39:b4:85:8b:6b:8a:
f3:07:e4:4f:87:e4:d4:12:ad:49:04:8e:c7:60:10:
2f:71:2f:ce:b5:16:41:60:e2:5e:25:56:4d:d1:74:
39:9e:6e:ca:a5:ec:69:0b:c0:18:22:3e:b4:23:67:
e0:49:83:37:9e:c5:54:a3:f3:9d:1f:da:25:fa:78:
af:34:92:99:1f:25:ea:84:84:fd:2c:1e:34:8a:22:
25:29:7c:39:39:fc:69:05:7e:09:82:8a:9d:e2:8a:
92:84:f8:a7:8a:b2:c7:0f:8c:02:7e:d4:5c:b1:ab:
45:10:40:56:32:9c:b1:6d:70:de:de:31:54:21:13:
df:00:d1:04:e2:bf:8f:f3:45:67:86:59:3a:6b:fc:
82:85:f5:ef:90:8d:f9:93:2f:43:68:a0:24:48:91:
91:8b:b6:5c:4b:79:0e:d1:bd:f0:84:b2:03:b1:36:
de:53:a5:41:26:cb:ab:a1:bb:af:1a:ee:b4:6d:ec:
09:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:55:48:76:61:19:68:19:DF:FB:ED:C9:39:E0:0B:85:D8:8F:F2:F3
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/lVVIdmEZaBnf--3JOeALhdiP8vM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9c10::/44
2a0c:9a40:9cc0::/44
Signature Algorithm: sha256WithRSAEncryption
9e:ac:65:3d:f5:f5:b4:15:4c:51:41:12:fd:bb:ae:61:2a:09:
44:36:45:29:e5:53:72:78:38:30:59:12:ec:bb:30:ff:16:9a:
8b:cd:30:4e:fb:1f:0e:ad:93:a0:d5:47:5b:ad:bd:22:22:42:
0b:01:39:7c:2a:6e:4c:6d:b6:ee:67:77:80:72:3a:87:18:9a:
29:9f:dc:06:cc:5a:eb:c0:0c:31:10:96:07:c3:76:ee:54:4d:
5b:70:9a:1d:c3:9d:fe:89:4e:8f:a9:e8:ae:9f:32:10:21:85:
b7:2d:8f:c0:67:a2:3c:4e:66:46:da:d0:4c:4f:f6:9a:6d:bf:
6a:66:e3:ae:e3:cf:74:c6:d7:12:8d:22:82:49:ca:db:12:f7:
5d:f5:be:27:ea:04:23:dc:8a:30:d6:2d:28:6d:6d:86:42:33:
3c:ff:9f:fe:4a:97:e8:5a:3a:ee:31:88:7c:3b:90:dd:1f:d0:
11:8f:fe:4d:53:e4:a4:95:72:e5:5f:71:c7:ed:a7:23:a3:a7:
de:de:3a:5c:11:76:de:42:8b:56:2d:f4:80:48:bc:75:d2:4e:
b9:3c:5e:b5:de:35:57:65:5c:f6:43:fd:54:3c:ef:34:3d:f4:
c4:a3:97:d4:54:02:9e:ea:21:66:c8:6b:d2:56:21:e2:3f:8f:
92:28:a0:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0I1vJMevcY73kS1DP2I+dNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTE0MTYzODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTU1NDg3NjYxMTk2ODE5ZGZmYmVkYzkzOWUwMGI4NWQ4OGZmMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs2AQLNKq2TXfEnlTQ5v0sN7OWgT
VmgjmGsI4ikvxJK15etTT5bDGCsazUvF4P6OOeW6jCuVo0a7XVTEuqyA9LFncDY5
tIWLa4rzB+RPh+TUEq1JBI7HYBAvcS/OtRZBYOJeJVZN0XQ5nm7KpexpC8AYIj60
I2fgSYM3nsVUo/OdH9ol+nivNJKZHyXqhIT9LB40iiIlKXw5OfxpBX4Jgoqd4oqS
hPinirLHD4wCftRcsatFEEBWMpyxbXDe3jFUIRPfANEE4r+P80Vnhlk6a/yChfXv
kI35ky9DaKAkSJGRi7ZcS3kO0b3whLIDsTbeU6VBJsurobuvGu60bewJ+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJVVSHZhGWgZ3/vtyTngC4XYj/LzMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvbFZWSWRtRVphQm5mLS0zSk9lQUxoZGlQOHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgyaQJwQ
AwcEKgyaQJzAMA0GCSqGSIb3DQEBCwUAA4IBAQCerGU99fW0FUxRQRL9u65hKglE
NkUp5VNyeDgwWRLsuzD/FpqLzTBO+x8OrZOg1Udbrb0iIkILATl8Km5MbbbuZ3eA
cjqHGJopn9wGzFrrwAwxEJYHw3buVE1bcJodw53+iU6PqeiunzIQIYW3LY/AZ6I8
TmZG2tBMT/aabb9qZuOu4890xtcSjSKCScrbEvdd9b4n6gQj3Iow1i0obW2GQjM8
/5/+SpfoWjruMYh8O5DdH9ARj/5NU+SklXLlX3HH7acjo6fe3jpcEXbeQotWLfSA
SLx10k65PF613jVXZVz2Q/1UPO80PfTEo5fUVAKe6iFmyGvSViHiP4+SKKAA
-----END CERTIFICATE-----
Generated at Mon May 6 14:57:28 2024 by rpki-client on console-fra.rpki-client.org