Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zKuqNPyeRkWnDQbOGPvhBclMyB4.roa
File: zKuqNPyeRkWnDQbOGPvhBclMyB4.roa (raw, json)
Hash identifier: qBCI4CBHjvdithSqClwEG6TYcyAY8xL0XFBgTS7+J70=
Subject key identifier: CC:AB:AA:34:FC:9E:46:45:A7:0D:06:CE:18:FB:E1:05:C9:4C:C8:1E
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018E4755210B352257AA00CB833FCFFDA9D4
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zKuqNPyeRkWnDQbOGPvhBclMyB4.roa
Signing time: Sat 16 Mar 2024 12:55:45 +0000
ROA not before: Sat 16 Mar 2024 12:55:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63150
IP address blocks: 2a0c:9a40:d000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 14:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:47:55:21:0b:35:22:57:aa:00:cb:83:3f:cf:fd:a9:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Mar 16 12:55:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccabaa34fc9e4645a70d06ce18fbe105c94cc81e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:33:80:03:3c:a9:0f:90:53:df:22:ac:13:c1:
59:fc:ee:b9:fc:11:bc:f3:fb:37:ed:d3:50:69:05:
10:65:02:e7:b6:8e:8a:f1:f2:b2:31:04:c7:ee:3d:
c3:57:9d:8d:56:c7:00:39:11:c9:23:69:c7:7c:3b:
0e:cf:e7:e7:78:51:9b:f5:f4:6a:4d:bf:df:b9:76:
97:9b:fa:28:19:6d:c5:b5:83:8b:6c:87:25:c3:d9:
85:0b:48:f6:2a:d8:76:90:cd:83:e3:dd:cb:29:9c:
ff:78:d6:9c:7b:95:64:b5:03:78:e7:64:7b:d5:99:
22:eb:20:34:ca:c1:3a:46:b7:11:f2:f8:35:b6:a5:
d2:75:0d:33:48:31:2c:47:bf:bc:9e:78:e5:64:c6:
ec:5b:0d:c6:74:9b:c6:22:f5:3d:2d:e1:c2:61:1d:
7b:d3:b7:c3:55:99:dc:69:12:d8:52:3e:c8:6f:32:
7a:8e:db:d8:15:4b:b3:2f:98:dc:47:57:66:83:72:
31:4a:d9:c7:82:1a:b8:89:54:d6:ce:85:e8:5a:89:
1d:38:58:d0:fc:62:40:36:d9:de:18:28:14:0b:5f:
ea:c4:85:5a:3f:83:fa:40:8f:81:87:b8:b5:fa:b7:
19:1b:62:20:ee:bb:59:8a:0b:74:86:d1:b9:17:9a:
85:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AB:AA:34:FC:9E:46:45:A7:0D:06:CE:18:FB:E1:05:C9:4C:C8:1E
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zKuqNPyeRkWnDQbOGPvhBclMyB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:d000::/40
Signature Algorithm: sha256WithRSAEncryption
68:c2:04:7b:b1:1d:d3:e0:c6:83:32:2d:1a:1c:db:a8:bc:9a:
79:e4:2e:a2:02:ac:a3:dc:d6:58:3a:38:b8:67:e8:0f:f6:ed:
b6:01:8a:81:34:b2:c6:5b:52:62:17:91:a0:34:59:03:e2:a6:
93:9a:ba:2f:ca:bf:bd:ca:b0:cf:13:5c:42:47:a0:3e:3b:b8:
7b:b7:28:43:ad:f7:2b:1f:9f:0d:d4:b5:b6:43:1d:5d:f0:15:
32:2c:c4:26:8f:b7:c3:d0:ea:9e:16:f1:36:d5:ec:e2:84:ad:
32:2f:d9:02:51:bf:2b:0b:a1:a8:8b:72:81:47:fc:e0:9c:97:
73:21:d6:ec:4c:3b:54:57:43:c2:a7:c5:b4:c2:b2:ee:e0:24:
f1:60:09:59:29:13:bd:43:58:97:88:a2:73:bc:af:f6:80:14:
2c:97:5e:80:7a:79:60:16:0c:d6:9c:ed:8f:72:49:98:ea:7b:
5e:5f:90:ca:1c:c3:75:77:df:a4:b9:cb:72:bb:02:60:5c:b4:
fd:6e:40:2d:9a:10:b8:c4:91:f5:13:8b:bb:3c:03:92:70:15:
ff:8e:df:63:6a:0a:d4:9c:1a:75:5e:3b:46:a3:77:6a:0b:41:
c7:7d:96:07:f9:3d:1b:f5:98:14:33:10:67:82:93:da:eb:ed:
70:f7:33:a2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY5HVSELNSJXqgDLgz/P/anUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMzE2MTI1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2FiYWEzNGZjOWU0NjQ1YTcwZDA2Y2UxOGZiZTEwNWM5NGNjODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDOAAzypD5BT3yKsE8FZ/O65/BG8
8/s37dNQaQUQZQLnto6K8fKyMQTH7j3DV52NVscAORHJI2nHfDsOz+fneFGb9fRq
Tb/fuXaXm/ooGW3FtYOLbIclw9mFC0j2Kth2kM2D493LKZz/eNace5VktQN452R7
1Zki6yA0ysE6RrcR8vg1tqXSdQ0zSDEsR7+8nnjlZMbsWw3GdJvGIvU9LeHCYR17
07fDVZncaRLYUj7IbzJ6jtvYFUuzL5jcR1dmg3IxStnHghq4iVTWzoXoWokdOFjQ
/GJANtneGCgUC1/qxIVaP4P6QI+Bh7i1+rcZG2Ig7rtZigt0htG5F5qFtQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMyrqjT8nkZFpw0Gzhj74QXJTMgeMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvekt1cU5QeWVSa1duRFFiT0dQdmhCY2xNeUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQNAw
DQYJKoZIhvcNAQELBQADggEBAGjCBHuxHdPgxoMyLRoc26i8mnnkLqICrKPc1lg6
OLhn6A/27bYBioE0ssZbUmIXkaA0WQPippOaui/Kv73KsM8TXEJHoD47uHu3KEOt
9ysfnw3UtbZDHV3wFTIsxCaPt8PQ6p4W8TbV7OKErTIv2QJRvysLoaiLcoFH/OCc
l3Mh1uxMO1RXQ8KnxbTCsu7gJPFgCVkpE71DWJeIonO8r/aAFCyXXoB6eWAWDNac
7Y9ySZjqe15fkMocw3V336S5y3K7AmBctP1uQC2aELjEkfUTi7s8A5JwFf+O32Nq
CtScGnVeO0ajd2oLQcd9lgf5PRv1mBQzEGeCk9rr7XD3M6I=
-----END CERTIFICATE-----
Generated at Thu May 16 22:38:46 2024 by rpki-client on console-ams.rpki-client.org