Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/19b008-b6f9-4271-b130-0b7e38a122fe/1/s18d2DfVg2tuXgeI9Lzj83paPKM.roa
File: s18d2DfVg2tuXgeI9Lzj83paPKM.roa (raw, json)
Hash identifier: yZIog1NH0ROthJvxGZq2+SWoRxKk/qizXdssQ5en6s0=
Subject key identifier: B3:5F:1D:D8:37:D5:83:6B:6E:5E:07:88:F4:BC:E3:F3:7A:5A:3C:A3
Certificate issuer: /CN=9dabc626ac264066b1c5c709a48477f3788361de
Certificate serial: 018CC801786EDDFA310CC502189B7075E635
Authority key identifier: 9D:AB:C6:26:AC:26:40:66:B1:C5:C7:09:A4:84:77:F3:78:83:61:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/navGJqwmQGaxxccJpIR383iDYd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/19b008-b6f9-4271-b130-0b7e38a122fe/1/s18d2DfVg2tuXgeI9Lzj83paPKM.roa
Signing time: Tue 02 Jan 2024 02:29:48 +0000
ROA not before: Tue 02 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212746
IP address blocks: 2001:678:c2c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/19b008-b6f9-4271-b130-0b7e38a122fe/1/navGJqwmQGaxxccJpIR383iDYd4.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/19b008-b6f9-4271-b130-0b7e38a122fe/1/navGJqwmQGaxxccJpIR383iDYd4.mft
rsync://rpki.ripe.net/repository/DEFAULT/navGJqwmQGaxxccJpIR383iDYd4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:78:6e:dd:fa:31:0c:c5:02:18:9b:70:75:e6:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dabc626ac264066b1c5c709a48477f3788361de
Validity
Not Before: Jan 2 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b35f1dd837d5836b6e5e0788f4bce3f37a5a3ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:d4:7f:27:19:89:ab:23:6a:82:3f:b4:b8:
92:43:91:c6:47:8c:53:76:61:2f:ef:eb:4b:bf:0c:
f4:86:6d:c7:b7:e0:67:87:30:9a:92:fc:cf:7f:58:
8a:aa:29:c0:6c:cf:77:fc:1b:ea:26:f1:32:96:01:
2a:ce:1c:e7:07:a8:46:a0:b1:51:9e:b4:3d:a5:0b:
ed:b8:6c:04:a1:6c:a1:08:7b:0c:4c:48:e2:da:1c:
16:24:44:04:e7:63:27:e9:bd:82:13:30:8a:27:80:
1b:41:b3:44:fd:de:04:aa:bc:15:ed:47:e0:bb:d4:
2f:62:28:b9:1b:6b:2c:a5:30:c7:74:0a:f3:1d:91:
46:f0:ed:18:e5:a8:a7:9d:24:42:2a:a8:d9:68:1a:
a1:95:72:68:e9:c4:c3:3a:7a:d6:7e:33:73:0b:0d:
c0:6d:4e:ac:23:dd:31:1e:dc:aa:6f:1e:27:56:e2:
d0:0c:c4:39:3e:14:b8:b6:2b:60:f1:7b:b0:39:8b:
93:ab:11:b0:04:27:79:17:b7:44:83:6a:fd:8d:c4:
73:93:d3:de:1f:18:ef:ab:c4:33:2f:4e:65:22:48:
ff:36:f5:5f:64:7a:6f:56:ed:ae:99:a2:8b:5a:43:
cf:41:ee:aa:44:61:a2:32:3a:cd:99:dd:df:80:89:
a5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5F:1D:D8:37:D5:83:6B:6E:5E:07:88:F4:BC:E3:F3:7A:5A:3C:A3
X509v3 Authority Key Identifier:
keyid:9D:AB:C6:26:AC:26:40:66:B1:C5:C7:09:A4:84:77:F3:78:83:61:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/navGJqwmQGaxxccJpIR383iDYd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/19b008-b6f9-4271-b130-0b7e38a122fe/1/s18d2DfVg2tuXgeI9Lzj83paPKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/19b008-b6f9-4271-b130-0b7e38a122fe/1/navGJqwmQGaxxccJpIR383iDYd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c2c::/48
Signature Algorithm: sha256WithRSAEncryption
72:4a:c3:43:8e:65:7a:1e:e7:cd:6a:1e:25:7d:4e:47:c7:37:
2b:b1:2e:3d:a5:2c:47:1a:61:13:50:c4:6a:c7:3f:aa:32:c1:
7f:31:2b:27:23:be:85:f4:33:d6:9f:07:2d:f4:5c:02:2a:a1:
7c:2d:56:a2:e8:6f:4b:53:3f:6f:e2:52:52:5d:9c:e2:ce:ac:
8d:af:de:09:c3:b7:43:00:d5:b6:d9:f8:24:96:b1:82:ea:ab:
92:99:ae:7d:04:0b:8d:7e:3b:35:2f:35:3b:1c:44:ab:2e:4a:
d2:00:3b:c7:3f:ef:ee:92:b9:c2:20:92:33:23:d8:a9:7c:1b:
ed:3e:86:af:c2:db:2e:63:e1:c4:4e:12:ae:d0:31:df:31:fe:
97:d4:a8:21:ae:eb:ba:c9:83:41:2e:f5:8f:eb:cc:64:04:08:
a7:99:1f:9b:41:24:3b:28:dc:30:0f:1a:2f:75:28:6c:09:e2:
b5:b9:9a:f9:6e:a4:ed:2e:84:84:3f:43:15:dc:b5:ec:bd:e7:
45:19:fc:5c:ac:a9:26:07:58:b7:47:65:23:ee:ba:38:04:b7:
6a:8b:5a:8d:d2:13:09:73:29:8d:3d:85:e8:6e:c2:98:6f:b9:
95:c3:bf:6f:19:c0:cb:ea:ac:f7:cb:ee:10:ae:e9:4b:f0:fd:
a2:1f:08:7c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAXhu3foxDMUCGJtwdeY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYWJjNjI2YWMyNjQwNjZiMWM1YzcwOWE0ODQ3N2YzNzg4
MzYxZGUwHhcNMjQwMTAyMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzVmMWRkODM3ZDU4MzZiNmU1ZTA3ODhmNGJjZTNmMzdhNWEzY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYTUfycZiasjaoI/tLiSQ5HGR4xT
dmEv7+tLvwz0hm3Ht+BnhzCakvzPf1iKqinAbM93/BvqJvEylgEqzhznB6hGoLFR
nrQ9pQvtuGwEoWyhCHsMTEji2hwWJEQE52Mn6b2CEzCKJ4AbQbNE/d4EqrwV7Ufg
u9QvYii5G2sspTDHdArzHZFG8O0Y5ainnSRCKqjZaBqhlXJo6cTDOnrWfjNzCw3A
bU6sI90xHtyqbx4nVuLQDMQ5PhS4titg8XuwOYuTqxGwBCd5F7dEg2r9jcRzk9Pe
Hxjvq8QzL05lIkj/NvVfZHpvVu2umaKLWkPPQe6qRGGiMjrNmd3fgImlxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLNfHdg31YNrbl4HiPS84/N6WjyjMB8GA1UdIwQY
MBaAFJ2rxiasJkBmscXHCaSEd/N4g2HeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmF2R0pxd21RR2F4eGNjSnBJUjM4M2lEWWQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8xOWIwMDgtYjZmOS00MjcxLWIxMzAt
MGI3ZTM4YTEyMmZlLzEvczE4ZDJEZlZnMnR1WGdlSTlMemo4M3BhUEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8xOWIwMDgtYjZmOS00MjcxLWIxMzAtMGI3ZTM4YTEyMmZl
LzEvbmF2R0pxd21RR2F4eGNjSnBJUjM4M2lEWWQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAws
MA0GCSqGSIb3DQEBCwUAA4IBAQBySsNDjmV6HufNah4lfU5HxzcrsS49pSxHGmET
UMRqxz+qMsF/MSsnI76F9DPWnwct9FwCKqF8LVai6G9LUz9v4lJSXZzizqyNr94J
w7dDANW22fgklrGC6quSma59BAuNfjs1LzU7HESrLkrSADvHP+/ukrnCIJIzI9ip
fBvtPoavwtsuY+HEThKu0DHfMf6X1Kghruu6yYNBLvWP68xkBAinmR+bQSQ7KNww
DxovdShsCeK1uZr5bqTtLoSEP0MV3LXsvedFGfxcrKkmB1i3R2Uj7ro4BLdqi1qN
0hMJcymNPYXobsKYb7mVw79vGcDL6qz3y+4QrulL8P2iHwh8
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:25:58 2024 by rpki-client on console-ams.rpki-client.org