Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/oxv3v3IQiwueU35CfnmHxsgQxl0.roa
File: oxv3v3IQiwueU35CfnmHxsgQxl0.roa (raw, json)
Hash identifier: OgSE8K4Kpz2O8B8PQI1DPC7l+/lsVJ91aNslqFXuRlk=
Subject key identifier: A3:1B:F7:BF:72:10:8B:0B:9E:53:7E:42:7E:79:87:C6:C8:10:C6:5D
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 0193251FA0E6B18B819A7F7AC0DE1212EA3A
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/oxv3v3IQiwueU35CfnmHxsgQxl0.roa
Signing time: Wed 13 Nov 2024 10:44:10 +0000
ROA not before: Wed 13 Nov 2024 10:44:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:dfc3::/32 maxlen: 32
2a0e:dfc5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:1f:a0:e6:b1:8b:81:9a:7f:7a:c0:de:12:12:ea:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Nov 13 10:44:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a31bf7bf72108b0b9e537e427e7987c6c810c65d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6a:90:b0:3f:27:5a:76:2e:f9:46:a9:71:84:
e1:06:ea:4c:d4:04:8f:e0:6d:8d:57:be:9f:a2:12:
81:cc:3f:98:ff:49:58:0f:4e:93:fe:6e:f3:19:9d:
e5:55:4a:24:db:68:bb:cb:92:2d:5a:f3:c4:94:79:
7c:be:ea:bb:74:2d:c5:42:ab:0b:f2:e0:03:7b:ab:
b7:ff:2e:08:6f:bc:12:58:00:b3:d4:7d:d5:eb:f8:
ff:02:6a:7b:74:6b:c6:c0:74:80:0f:0f:65:0b:78:
68:77:29:18:22:a6:6d:47:af:1b:2b:5d:b3:f0:8e:
cf:1f:e3:75:d6:d3:e0:24:cf:a6:e7:cf:85:5b:18:
eb:67:ee:23:d7:fd:25:6f:ee:68:ef:68:75:33:7a:
f2:35:86:15:0c:1f:23:38:f4:2d:53:08:48:dd:88:
0d:7a:0e:d2:d0:84:4a:ef:50:9c:bc:96:b1:ab:46:
d7:f8:d4:1e:d5:ff:a2:4a:70:3b:9d:a1:a5:32:d4:
3d:15:19:4e:ae:1b:53:df:e1:80:1f:8e:88:c7:5c:
f2:15:04:8f:bf:87:fe:bf:8f:67:f9:0a:de:e8:47:
03:23:32:3e:0d:79:a4:2c:c4:df:87:c2:76:92:67:
b2:d8:3e:bc:d6:69:46:7e:41:3c:79:5d:78:90:00:
d9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:1B:F7:BF:72:10:8B:0B:9E:53:7E:42:7E:79:87:C6:C8:10:C6:5D
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/oxv3v3IQiwueU35CfnmHxsgQxl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dfc3::/32
2a0e:dfc5::/32
Signature Algorithm: sha256WithRSAEncryption
71:ac:86:02:d4:97:d9:88:53:42:c9:8f:54:10:8a:bf:92:2e:
6f:7d:4c:c5:bf:a8:b6:68:e2:97:62:28:b5:97:18:9d:eb:65:
5b:92:4d:cf:6b:ce:78:51:4c:78:1b:ad:98:7a:0c:96:12:b8:
b5:69:f4:29:52:b0:35:7f:71:4b:b0:3c:8c:de:f0:2a:cb:a5:
91:7c:4a:80:77:16:77:18:ca:a1:25:0d:4d:37:60:d3:aa:55:
2e:e5:6d:41:b9:0b:e2:e2:b6:35:06:9a:da:b8:6f:5b:33:e5:
a9:b9:05:a6:0c:bd:e5:ad:81:2c:02:8b:c1:9f:5f:bd:68:d5:
45:fa:00:7a:7e:c9:70:03:cd:27:be:e2:bd:71:ff:0c:f7:d1:
eb:98:92:0c:e4:27:91:24:1c:c8:ce:65:ed:8c:bb:c4:33:6c:
df:62:92:45:37:e7:bb:02:4e:04:63:3a:c5:c2:f9:fc:9f:3e:
06:7a:0f:cf:bd:f5:77:fe:fa:67:45:c6:47:c3:20:55:54:26:
21:b8:64:bd:19:2d:2b:e0:50:89:71:b5:8b:b8:64:73:29:ce:
fc:71:69:ae:1d:f6:57:39:04:2c:25:04:de:0a:5b:58:a3:17:
df:3b:7e:2b:86:3c:2d:2b:05:cb:77:d6:23:a6:ce:19:07:6f:
13:cf:52:9a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZMlH6DmsYuBmn96wN4SEuo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQxMTEzMTA0NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzFiZjdiZjcyMTA4YjBiOWU1MzdlNDI3ZTc5ODdjNmM4MTBjNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGqQsD8nWnYu+UapcYThBupM1ASP
4G2NV76fohKBzD+Y/0lYD06T/m7zGZ3lVUok22i7y5ItWvPElHl8vuq7dC3FQqsL
8uADe6u3/y4Ib7wSWACz1H3V6/j/Amp7dGvGwHSADw9lC3hodykYIqZtR68bK12z
8I7PH+N11tPgJM+m58+FWxjrZ+4j1/0lb+5o72h1M3ryNYYVDB8jOPQtUwhI3YgN
eg7S0IRK71CcvJaxq0bX+NQe1f+iSnA7naGlMtQ9FRlOrhtT3+GAH46Ix1zyFQSP
v4f+v49n+Qre6EcDIzI+DXmkLMTfh8J2kmey2D681mlGfkE8eV14kADZxwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKMb979yEIsLnlN+Qn55h8bIEMZdMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvb3h2M3YzSVFpd3VlVTM1Q2ZubUh4c2dReGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg7fwwMF
ACoO38UwDQYJKoZIhvcNAQELBQADggEBAHGshgLUl9mIU0LJj1QQir+SLm99TMW/
qLZo4pdiKLWXGJ3rZVuSTc9rznhRTHgbrZh6DJYSuLVp9ClSsDV/cUuwPIze8CrL
pZF8SoB3FncYyqElDU03YNOqVS7lbUG5C+LitjUGmtq4b1sz5am5BaYMveWtgSwC
i8GfX71o1UX6AHp+yXADzSe+4r1x/wz30euYkgzkJ5EkHMjOZe2Mu8QzbN9ikkU3
57sCTgRjOsXC+fyfPgZ6D8+99Xf++mdFxkfDIFVUJiG4ZL0ZLSvgUIlxtYu4ZHMp
zvxxaa4d9lc5BCwlBN4KW1ijF987fiuGPC0rBct31iOmzhkHbxPPUpo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:36 2024 by rpki-client on console-fra.rpki-client.org