Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/oSMYRpUCk8n_gGZpZp6CAA5puVk.roa
File: oSMYRpUCk8n_gGZpZp6CAA5puVk.roa (raw, json)
Hash identifier: xRhxtRaECBcuRw8sVxRD6bXyXN5fHLLA9zakzpscbAc=
Subject key identifier: A1:23:18:46:95:02:93:C9:FF:80:66:69:66:9E:82:00:0E:69:B9:59
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8DF18AB513AFE229CDE5F3CA338EA
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/oSMYRpUCk8n_gGZpZp6CAA5puVk.roa
Signing time: Mon 01 Jan 2024 20:30:53 +0000
ROA not before: Mon 01 Jan 2024 20:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198510
IP address blocks: 2a0c:9a40:8c80::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:df:18:ab:51:3a:fe:22:9c:de:5f:3c:a3:38:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1231846950293c9ff806669669e82000e69b959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b4:5b:4b:1a:33:c3:7c:05:d6:e2:76:2f:ac:
b2:be:0e:01:11:47:78:53:3d:aa:52:ba:47:1d:cc:
f2:e6:83:c2:21:5f:fe:23:93:37:f2:b6:fb:77:ac:
29:db:24:49:e8:96:ff:57:05:71:65:05:cc:50:c4:
6e:1e:39:87:92:c3:8b:3b:5f:12:15:1a:f4:a0:6e:
ba:25:df:ed:4e:45:c4:dd:34:33:9b:9b:f4:67:1c:
e4:f4:e6:0f:e0:dc:66:28:af:eb:b7:5b:ea:95:f2:
87:63:24:b2:df:db:f6:8e:cf:8d:3a:7a:dd:3a:e6:
51:21:c2:c5:32:59:d2:2e:6f:65:44:2c:ea:3e:b1:
eb:f9:4b:b6:05:56:a4:4b:d8:f4:04:03:60:94:aa:
87:41:c9:9b:5c:70:eb:9a:64:c4:23:5d:65:f2:00:
b1:c8:06:cc:07:af:3b:ae:99:29:8f:c3:09:c4:0e:
0b:a1:86:b2:32:a6:49:dd:6b:8f:03:ee:d9:25:26:
61:4a:70:99:3c:69:c9:8e:83:13:9c:7d:67:4b:96:
c1:ee:86:99:7a:b4:99:db:d4:12:e2:86:5a:dd:9e:
02:fe:c1:e1:fe:e1:a7:60:13:90:4c:1b:d8:ef:6f:
34:09:d6:86:12:0d:08:12:7e:58:76:1c:e2:74:99:
7f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:23:18:46:95:02:93:C9:FF:80:66:69:66:9E:82:00:0E:69:B9:59
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/oSMYRpUCk8n_gGZpZp6CAA5puVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8c80::/44
Signature Algorithm: sha256WithRSAEncryption
5e:cf:9d:db:a5:79:fa:f2:19:72:92:20:a6:aa:7f:2b:0e:fb:
05:77:db:7a:1c:d3:c1:90:c4:10:8c:d0:f2:c8:6e:6b:03:14:
ea:a9:81:59:9a:e5:31:c5:ae:e8:02:b1:34:82:40:20:b2:3f:
93:e6:65:f4:5a:50:f0:7b:2f:99:e3:dd:77:85:07:02:65:01:
9b:de:55:f8:2d:01:68:09:70:33:87:99:2f:24:17:6f:54:f7:
f3:85:39:09:9d:dd:3b:37:de:00:b3:90:d2:cb:57:74:44:03:
f7:8d:80:c9:ce:8d:a6:22:44:fc:d5:f1:6f:e9:58:f2:41:5d:
33:04:71:ca:f9:aa:c1:30:2a:c0:4b:57:e1:79:e9:9b:b9:cc:
a1:95:88:9b:50:55:e9:83:07:03:cb:72:b2:ba:e6:9a:45:8e:
07:0f:65:ed:4c:94:37:90:64:e5:00:84:b8:43:cd:cf:08:33:
27:11:f0:3d:8f:65:c5:aa:fc:6a:a1:0b:9a:b1:f4:2a:31:57:
d1:29:5d:77:9b:3e:85:f7:3d:b3:64:72:53:c9:75:0b:66:78:
5e:4f:95:f6:86:e7:c8:4f:55:29:a2:ae:30:99:55:6a:f9:55:
30:4e:be:90:38:92:b2:f6:b3:76:1f:7b:41:d1:a5:37:f8:dd:
1a:6c:da:e4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuN8Yq1E6/iKc3l88ozjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTIzMTg0Njk1MDI5M2M5ZmY4MDY2Njk2NjllODIwMDBlNjliOTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLRbSxozw3wF1uJ2L6yyvg4BEUd4
Uz2qUrpHHczy5oPCIV/+I5M38rb7d6wp2yRJ6Jb/VwVxZQXMUMRuHjmHksOLO18S
FRr0oG66Jd/tTkXE3TQzm5v0Zxzk9OYP4NxmKK/rt1vqlfKHYySy39v2js+NOnrd
OuZRIcLFMlnSLm9lRCzqPrHr+Uu2BVakS9j0BANglKqHQcmbXHDrmmTEI11l8gCx
yAbMB687rpkpj8MJxA4LoYayMqZJ3WuPA+7ZJSZhSnCZPGnJjoMTnH1nS5bB7oaZ
erSZ29QS4oZa3Z4C/sHh/uGnYBOQTBvY7280CdaGEg0IEn5YdhzidJl/HQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKEjGEaVApPJ/4BmaWaeggAOablZMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvb1NNWVJwVUNrOG5fZ0dacFpwNkNBQTVwdVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIyA
MA0GCSqGSIb3DQEBCwUAA4IBAQBez53bpXn68hlykiCmqn8rDvsFd9t6HNPBkMQQ
jNDyyG5rAxTqqYFZmuUxxa7oArE0gkAgsj+T5mX0WlDwey+Z4913hQcCZQGb3lX4
LQFoCXAzh5kvJBdvVPfzhTkJnd07N94As5DSy1d0RAP3jYDJzo2mIkT81fFv6Vjy
QV0zBHHK+arBMCrAS1fheembucyhlYibUFXpgwcDy3KyuuaaRY4HD2XtTJQ3kGTl
AIS4Q83PCDMnEfA9j2XFqvxqoQuasfQqMVfRKV13mz6F9z2zZHJTyXULZnheT5X2
hufIT1Upoq4wmVVq+VUwTr6QOJKy9rN2H3tB0aU3+N0abNrk
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:59:22 2024 by rpki-client on console-ams.rpki-client.org