Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zf8vqJBFnda4lfK0sBCb-VlDUek.roa
File: zf8vqJBFnda4lfK0sBCb-VlDUek.roa (raw, json)
Hash identifier: KCHKdgG9vbG1yXsR4ISI2ExDFX/3Boh0Cn7+rzf9kO8=
Subject key identifier: CD:FF:2F:A8:90:45:9D:D6:B8:95:F2:B4:B0:10:9B:F9:59:43:51:E9
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01917C5667F38FCA8D14F1BBC47A5E534F9D
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zf8vqJBFnda4lfK0sBCb-VlDUek.roa
Signing time: Thu 22 Aug 2024 23:05:22 +0000
ROA not before: Thu 22 Aug 2024 23:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1764
IP address blocks: 2a0c:9a40:8071::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 13:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7c:56:67:f3:8f:ca:8d:14:f1:bb:c4:7a:5e:53:4f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Aug 22 23:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdff2fa890459dd6b895f2b4b0109bf9594351e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6e:79:dd:cd:39:41:0c:84:83:b7:5d:c7:8c:
02:33:cc:c6:70:1f:27:4c:dc:a8:d6:e3:10:2e:c2:
7e:b7:28:dc:a1:86:41:8c:24:65:85:e1:a7:fb:82:
de:a1:4f:2c:84:4e:14:fb:f4:94:12:08:56:f5:37:
b2:be:c9:35:ca:0e:62:f1:f0:af:7b:60:b3:29:8b:
7d:d7:2f:b0:84:45:46:14:74:c3:8b:8f:9c:ef:48:
b0:5f:3b:38:cb:50:3b:48:0e:c1:41:d3:89:f4:24:
8c:e1:1a:d5:69:48:19:51:46:f9:40:3c:4d:3e:8d:
8c:67:4e:c4:2f:2d:46:6b:da:da:13:f9:8c:a4:14:
d5:e1:c8:93:e1:1a:63:28:7e:a6:d4:3e:c2:93:cb:
24:57:9a:95:15:ca:15:4c:be:b4:79:55:3f:e0:69:
1e:ba:5a:c0:9f:d3:31:53:99:c4:6a:de:b9:6f:87:
cb:8c:69:cc:7f:95:df:ce:a9:2d:11:9a:42:1c:f4:
3c:ad:d3:aa:69:db:00:49:9b:45:60:33:ce:0b:4a:
57:3e:fa:c5:fc:ec:fa:db:1b:15:2e:9e:f8:d0:a1:
80:40:ba:96:86:4d:81:ba:79:8f:0d:74:c2:43:c0:
07:39:1b:8f:3e:50:17:f1:5f:d2:2d:84:c7:5d:01:
9e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FF:2F:A8:90:45:9D:D6:B8:95:F2:B4:B0:10:9B:F9:59:43:51:E9
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zf8vqJBFnda4lfK0sBCb-VlDUek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8071::/48
Signature Algorithm: sha256WithRSAEncryption
bc:23:61:75:98:7e:ac:0a:50:01:94:e8:15:55:fa:ca:f5:4c:
99:eb:72:53:ec:2e:bd:1c:e1:e6:70:c9:05:75:80:01:73:92:
c0:79:6b:5c:71:9c:f7:8c:ea:9c:b1:29:ac:82:c4:2e:02:a7:
69:86:d8:9d:6c:7e:f5:56:73:fd:94:ea:95:1c:25:61:d6:e7:
6e:66:91:36:d5:33:64:d1:4f:d2:49:5e:0d:ea:ca:ac:1d:6a:
f0:86:6e:98:8a:82:18:41:75:04:be:f4:11:b5:cb:50:42:ca:
8d:c7:b4:92:c5:b6:d1:46:9e:1c:79:95:05:36:3d:fc:eb:b8:
a1:fb:15:a4:a0:65:e4:8f:53:20:e7:6d:92:fa:42:37:01:56:
29:5c:8d:d0:32:44:33:da:68:7e:b9:3f:f6:35:61:74:83:07:
4d:68:0b:f9:4f:4c:09:c7:3b:e8:bb:9d:8e:48:3a:d5:ce:e4:
cc:13:33:1d:14:2a:4b:dc:2c:5e:7e:72:4e:25:01:16:34:c2:
56:08:bc:59:16:00:38:53:3f:24:ff:55:47:fe:eb:13:1c:3d:
f3:df:fd:19:50:e2:5a:97:c1:e6:0a:9c:cb:d2:04:6c:c2:6c:
6a:2d:4e:af:ca:b3:4a:49:fc:dc:a7:5b:8a:d2:7b:7a:c4:fd:
ff:a5:b8:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZF8Vmfzj8qNFPG7xHpeU0+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwODIyMjMwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGZmMmZhODkwNDU5ZGQ2Yjg5NWYyYjRiMDEwOWJmOTU5NDM1MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjG553c05QQyEg7ddx4wCM8zGcB8n
TNyo1uMQLsJ+tyjcoYZBjCRlheGn+4LeoU8shE4U+/SUEghW9Teyvsk1yg5i8fCv
e2CzKYt91y+whEVGFHTDi4+c70iwXzs4y1A7SA7BQdOJ9CSM4RrVaUgZUUb5QDxN
Po2MZ07ELy1Ga9raE/mMpBTV4ciT4RpjKH6m1D7Ck8skV5qVFcoVTL60eVU/4Gke
ulrAn9MxU5nEat65b4fLjGnMf5XfzqktEZpCHPQ8rdOqadsASZtFYDPOC0pXPvrF
/Oz62xsVLp740KGAQLqWhk2BunmPDXTCQ8AHORuPPlAX8V/SLYTHXQGeVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFM3/L6iQRZ3WuJXytLAQm/lZQ1HpMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvemY4dnFKQkZuZGE0bGZLMHNCQ2ItVmxEVWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIBx
MA0GCSqGSIb3DQEBCwUAA4IBAQC8I2F1mH6sClABlOgVVfrK9UyZ63JT7C69HOHm
cMkFdYABc5LAeWtccZz3jOqcsSmsgsQuAqdphtidbH71VnP9lOqVHCVh1uduZpE2
1TNk0U/SSV4N6sqsHWrwhm6YioIYQXUEvvQRtctQQsqNx7SSxbbRRp4ceZUFNj38
67ih+xWkoGXkj1Mg522S+kI3AVYpXI3QMkQz2mh+uT/2NWF0gwdNaAv5T0wJxzvo
u52OSDrVzuTMEzMdFCpL3CxefnJOJQEWNMJWCLxZFgA4Uz8k/1VH/usTHD3z3/0Z
UOJal8HmCpzL0gRswmxqLU6vyrNKSfzcp1uK0nt6xP3/pbim
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:17:24 2024 by rpki-client on console-fra.rpki-client.org