Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/RA7o9VaOmk4c7C0N34vxYqd8HLU.roa
File: RA7o9VaOmk4c7C0N34vxYqd8HLU.roa (raw, json)
Hash identifier: 8GkDsvnLbjWCWhtW2LiWmvGGjXBq+aX67xT40WiyzDc=
Subject key identifier: 44:0E:E8:F5:56:8E:9A:4E:1C:EC:2D:0D:DF:8B:F1:62:A7:7C:1C:B5
Certificate issuer: /CN=5aa67ff34f94aefc3a54d5487c0b48b4dfba0c82
Certificate serial: 018CC727157332DE08234A4244F322571CB9
Authority key identifier: 5A:A6:7F:F3:4F:94:AE:FC:3A:54:D5:48:7C:0B:48:B4:DF:BA:0C:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WqZ_80-Urvw6VNVIfAtItN-6DII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/RA7o9VaOmk4c7C0N34vxYqd8HLU.roa
Signing time: Mon 01 Jan 2024 22:31:16 +0000
ROA not before: Mon 01 Jan 2024 22:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210833
IP address blocks: 2001:67c:828::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/WqZ_80-Urvw6VNVIfAtItN-6DII.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/WqZ_80-Urvw6VNVIfAtItN-6DII.mft
rsync://rpki.ripe.net/repository/DEFAULT/WqZ_80-Urvw6VNVIfAtItN-6DII.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:15:73:32:de:08:23:4a:42:44:f3:22:57:1c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aa67ff34f94aefc3a54d5487c0b48b4dfba0c82
Validity
Not Before: Jan 1 22:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=440ee8f5568e9a4e1cec2d0ddf8bf162a77c1cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4f:6b:36:3f:f5:c7:e4:35:b1:c3:22:b1:af:
a9:dc:0d:b0:4e:cb:23:7c:67:91:bd:b6:b5:cb:bc:
79:dd:ed:fd:c2:cb:c9:4d:e0:b3:1e:d8:2d:19:68:
f7:53:53:e2:c6:07:40:2a:40:65:5d:49:e8:f7:f2:
1d:02:81:e0:3c:ce:91:39:65:48:03:0d:ae:0f:48:
b3:85:5a:aa:dd:2a:07:f7:23:e6:55:b6:29:a0:e6:
39:35:f5:b0:40:ae:06:67:43:29:d0:b8:9b:cd:0b:
fa:5f:e3:77:17:78:f4:1f:a9:d4:fa:60:7e:06:0d:
27:ae:a1:77:c2:bf:2e:38:d5:14:d7:38:19:b6:d7:
5b:fa:e6:9e:54:c2:3b:76:f7:38:1c:0b:82:5f:af:
f8:1f:71:3a:47:45:7f:fc:74:fc:40:45:51:1c:ab:
ea:96:aa:99:49:64:88:7e:43:4f:8e:47:3c:6b:9d:
07:19:a2:87:cd:3d:14:cf:94:22:99:16:1a:5a:45:
1b:82:4e:0c:80:a7:01:39:30:69:5a:6d:b5:95:c3:
33:84:7f:2b:23:cb:a9:72:80:01:2d:08:52:a6:b0:
ae:fd:50:be:ef:b2:d9:6d:d7:c4:54:01:4f:1d:c0:
4b:7c:44:57:d8:a8:a1:22:ab:7f:58:80:72:1c:d6:
41:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:0E:E8:F5:56:8E:9A:4E:1C:EC:2D:0D:DF:8B:F1:62:A7:7C:1C:B5
X509v3 Authority Key Identifier:
keyid:5A:A6:7F:F3:4F:94:AE:FC:3A:54:D5:48:7C:0B:48:B4:DF:BA:0C:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WqZ_80-Urvw6VNVIfAtItN-6DII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/RA7o9VaOmk4c7C0N34vxYqd8HLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/fabba9-eeaa-42e3-8776-851a1f8bf180/1/WqZ_80-Urvw6VNVIfAtItN-6DII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:828::/48
Signature Algorithm: sha256WithRSAEncryption
3f:6c:8e:35:72:a8:f8:ac:28:30:d6:f2:22:1f:27:6d:28:85:
42:21:29:98:a3:eb:75:28:1f:18:c5:e6:82:17:79:67:34:ba:
26:ba:fd:38:e7:14:2a:a7:30:a0:40:e6:11:14:53:3e:52:4e:
5c:c2:22:04:70:d1:8c:95:dd:00:e0:9d:ff:c1:f7:86:9e:f3:
b1:a4:d5:20:a0:87:d4:07:04:58:2f:21:56:ac:ad:9a:b2:dc:
ec:51:4f:ab:1e:14:1b:74:9b:e7:3d:41:73:aa:e4:58:c7:44:
cf:93:81:11:6d:a3:7b:8a:71:74:7d:0f:4d:82:75:1e:1a:8a:
dd:cf:ef:cc:9a:7f:34:e8:9b:ad:bc:43:e4:b8:50:36:46:ef:
b3:f7:62:c7:1b:e6:96:bf:79:49:22:35:6a:ae:46:bc:89:7a:
b9:4a:0d:f4:3b:5c:d9:76:02:bb:a5:27:b0:d4:6d:f9:b1:71:
ab:e3:c3:a9:88:d0:3e:b8:d3:6b:a9:ce:db:b3:76:4c:4a:54:
02:f0:4a:3b:c7:46:a3:fd:48:a8:df:20:88:6d:48:56:4b:41:
3b:24:58:fa:44:e2:d1:c9:0f:9f:42:0e:37:45:b7:ec:de:39:
05:86:c5:a9:4e:b2:e3:4b:83:22:b0:e8:29:2a:4a:8e:1d:24:
e2:84:54:d8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJxVzMt4II0pCRPMiVxy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYTY3ZmYzNGY5NGFlZmMzYTU0ZDU0ODdjMGI0OGI0ZGZi
YTBjODIwHhcNMjQwMTAxMjIzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDBlZThmNTU2OGU5YTRlMWNlYzJkMGRkZjhiZjE2MmE3N2MxY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2U9rNj/1x+Q1scMisa+p3A2wTssj
fGeRvba1y7x53e39wsvJTeCzHtgtGWj3U1PixgdAKkBlXUno9/IdAoHgPM6ROWVI
Aw2uD0izhVqq3SoH9yPmVbYpoOY5NfWwQK4GZ0Mp0LibzQv6X+N3F3j0H6nU+mB+
Bg0nrqF3wr8uONUU1zgZttdb+uaeVMI7dvc4HAuCX6/4H3E6R0V//HT8QEVRHKvq
lqqZSWSIfkNPjkc8a50HGaKHzT0Uz5QimRYaWkUbgk4MgKcBOTBpWm21lcMzhH8r
I8upcoABLQhSprCu/VC+77LZbdfEVAFPHcBLfERX2KihIqt/WIByHNZBrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEQO6PVWjppOHOwtDd+L8WKnfBy1MB8GA1UdIwQY
MBaAFFqmf/NPlK78OlTVSHwLSLTfugyCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3FaXzgwLVVydnc2Vk5WSWZBdEl0Ti02RElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9mYWJiYTktZWVhYS00MmUzLTg3NzYt
ODUxYTFmOGJmMTgwLzEvUkE3bzlWYU9tazRjN0MwTjM0dnhZcWQ4SExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9mYWJiYTktZWVhYS00MmUzLTg3NzYtODUxYTFmOGJmMTgw
LzEvV3FaXzgwLVVydnc2Vk5WSWZBdEl0Ti02RElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAgo
MA0GCSqGSIb3DQEBCwUAA4IBAQA/bI41cqj4rCgw1vIiHydtKIVCISmYo+t1KB8Y
xeaCF3lnNLomuv045xQqpzCgQOYRFFM+Uk5cwiIEcNGMld0A4J3/wfeGnvOxpNUg
oIfUBwRYLyFWrK2astzsUU+rHhQbdJvnPUFzquRYx0TPk4ERbaN7inF0fQ9NgnUe
Gordz+/Mmn806JutvEPkuFA2Ru+z92LHG+aWv3lJIjVqrka8iXq5Sg30O1zZdgK7
pSew1G35sXGr48OpiNA+uNNrqc7bs3ZMSlQC8Eo7x0aj/Uio3yCIbUhWS0E7JFj6
ROLRyQ+fQg43Rbfs3jkFhsWpTrLjS4MisOgpKkqOHSTihFTY
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:20:22 2024 by rpki-client on console-fra.rpki-client.org