Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/uF1jsuriIYbh5vcaVGeXr4PG3q8.roa
File: uF1jsuriIYbh5vcaVGeXr4PG3q8.roa (raw, json)
Hash identifier: 4nMoUKhTq8uHcYcAyqtR7+6VdDJauT/0N9+OZuKgL+4=
Subject key identifier: B8:5D:63:B2:EA:E2:21:86:E1:E6:F7:1A:54:67:97:AF:83:C6:DE:AF
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8E6A5B017AD724FC8AAA960E64BDA
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/uF1jsuriIYbh5vcaVGeXr4PG3q8.roa
Signing time: Mon 01 Jan 2024 20:30:55 +0000
ROA not before: Mon 01 Jan 2024 20:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203333
IP address blocks: 2a0c:9a40:8340::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 13:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:e6:a5:b0:17:ad:72:4f:c8:aa:a9:60:e6:4b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b85d63b2eae22186e1e6f71a546797af83c6deaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:91:01:86:26:95:3c:cb:ca:a0:34:dd:31:fd:
bd:8c:11:fc:86:37:ee:34:b7:da:c7:b8:01:cd:c5:
fe:aa:14:15:04:22:38:b0:d5:5c:e0:cc:6d:39:75:
e2:8d:cd:19:bd:28:de:7d:c3:e6:5d:69:84:9e:e8:
38:64:c6:01:3a:f6:ac:8e:56:31:3e:2c:65:06:0e:
ee:34:cf:72:ff:ee:20:22:f4:42:4c:77:e9:a1:ac:
ae:da:09:45:27:f5:7c:8f:02:2a:f9:f8:f8:b4:31:
53:a2:bc:71:a0:b1:3c:c8:35:a0:82:0a:9d:25:ea:
3d:0a:f0:3e:f9:0a:dc:05:23:69:f0:e4:d7:d0:42:
bc:a9:59:7b:3f:e0:ee:fd:8f:db:96:07:b7:b4:6f:
f5:af:2c:1a:ab:02:70:4c:54:7b:1e:8b:17:96:7a:
6d:57:2a:7b:31:9f:d7:c4:37:31:77:23:cf:cc:36:
9d:4a:18:65:69:5e:c8:34:c3:cb:b8:97:90:86:d8:
78:a0:4c:20:64:f0:0d:1e:7d:36:03:4b:45:d8:c0:
7a:d9:78:af:23:c9:34:0a:77:cb:49:fc:05:74:0d:
97:14:bf:7c:02:69:56:c9:7d:10:a2:1b:86:a8:d7:
17:09:86:fd:5f:85:5f:20:d5:5d:99:21:40:0e:0c:
6a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5D:63:B2:EA:E2:21:86:E1:E6:F7:1A:54:67:97:AF:83:C6:DE:AF
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/uF1jsuriIYbh5vcaVGeXr4PG3q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8340::/48
Signature Algorithm: sha256WithRSAEncryption
48:fb:58:a1:2a:ba:8a:33:98:69:fc:a1:d2:cc:01:83:4e:36:
84:94:ae:c1:db:ba:d4:8c:6b:d0:71:15:bf:f4:2c:44:c4:38:
89:40:02:c4:4a:0d:09:a1:8a:de:7e:44:2f:55:49:8a:ae:19:
e3:e8:e1:1b:ee:54:9b:55:fe:7b:d3:21:15:ae:35:68:76:25:
ac:d1:36:ea:57:97:ea:10:3d:62:d0:c8:f3:7f:95:a8:d7:dd:
57:04:49:c8:55:1e:3d:71:89:49:70:3b:3b:d3:f0:95:56:98:
92:86:fa:ff:da:88:a9:98:af:dd:1b:2c:a2:d6:55:77:9e:1d:
0a:3b:4f:7d:e6:c8:80:a7:5c:38:23:8b:1d:f5:9b:bb:26:ec:
bc:78:fb:6e:5a:e3:30:72:20:9b:2d:21:87:be:67:c9:79:6e:
24:7a:5c:17:0b:21:5e:09:c5:df:38:ac:2d:a8:c7:60:39:b6:
24:a7:82:d7:58:b1:54:f5:58:e9:5c:60:cc:15:aa:10:e3:f5:
7c:ed:75:e0:ae:ee:01:6c:79:20:06:34:ff:36:85:e5:df:73:
0c:fd:f4:40:c4:47:9a:62:68:cf:c6:d3:a7:bd:3a:4a:49:98:
49:a6:bc:9c:cd:53:df:4e:4e:37:e0:13:83:9c:3c:f1:7f:38:
3c:26:bb:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuOalsBetck/Iqqlg5kvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODVkNjNiMmVhZTIyMTg2ZTFlNmY3MWE1NDY3OTdhZjgzYzZkZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZEBhiaVPMvKoDTdMf29jBH8hjfu
NLfax7gBzcX+qhQVBCI4sNVc4MxtOXXijc0ZvSjefcPmXWmEnug4ZMYBOvasjlYx
PixlBg7uNM9y/+4gIvRCTHfpoayu2glFJ/V8jwIq+fj4tDFTorxxoLE8yDWgggqd
Jeo9CvA++QrcBSNp8OTX0EK8qVl7P+Du/Y/blge3tG/1rywaqwJwTFR7HosXlnpt
Vyp7MZ/XxDcxdyPPzDadShhlaV7INMPLuJeQhth4oEwgZPANHn02A0tF2MB62Xiv
I8k0CnfLSfwFdA2XFL98AmlWyX0QohuGqNcXCYb9X4VfINVdmSFADgxqPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLhdY7Lq4iGG4eb3GlRnl6+Dxt6vMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvdUYxanN1cmlJWWJoNXZjYVZHZVhyNFBHM3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQINA
MA0GCSqGSIb3DQEBCwUAA4IBAQBI+1ihKrqKM5hp/KHSzAGDTjaElK7B27rUjGvQ
cRW/9CxExDiJQALESg0JoYrefkQvVUmKrhnj6OEb7lSbVf570yEVrjVodiWs0Tbq
V5fqED1i0Mjzf5Wo191XBEnIVR49cYlJcDs70/CVVpiShvr/2oipmK/dGyyi1lV3
nh0KO0995siAp1w4I4sd9Zu7Juy8ePtuWuMwciCbLSGHvmfJeW4kelwXCyFeCcXf
OKwtqMdgObYkp4LXWLFU9VjpXGDMFaoQ4/V87XXgru4BbHkgBjT/NoXl33MM/fRA
xEeaYmjPxtOnvTpKSZhJpryczVPfTk434BODnDzxfzg8Jrt/
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:17:24 2024 by rpki-client on console-fra.rpki-client.org