Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/e2067c-5366-49f7-ac93-c2cf453c3e2e/1/_-7mHcARqf9Dg3mVeiSV4nHe03M.roa
File: _-7mHcARqf9Dg3mVeiSV4nHe03M.roa (raw, json)
Hash identifier: POmYefgDxh7F6DjjsnkU7nLvwMFzMVAV0us0B4BeOXA=
Subject key identifier: FF:EE:E6:1D:C0:11:A9:FF:43:83:79:95:7A:24:95:E2:71:DE:D3:73
Certificate issuer: /CN=732944a8538355b2aec76645fd9494488ae702e7
Certificate serial: 018CC5010F239694B16333F99DA5C69E4F6A
Authority key identifier: 73:29:44:A8:53:83:55:B2:AE:C7:66:45:FD:94:94:48:8A:E7:02:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cylEqFODVbKux2ZF_ZSUSIrnAuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/e2067c-5366-49f7-ac93-c2cf453c3e2e/1/_-7mHcARqf9Dg3mVeiSV4nHe03M.roa
Signing time: Mon 01 Jan 2024 12:30:30 +0000
ROA not before: Mon 01 Jan 2024 12:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200559
IP address blocks: 2001:67c:2edc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/e2067c-5366-49f7-ac93-c2cf453c3e2e/1/cylEqFODVbKux2ZF_ZSUSIrnAuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/e2067c-5366-49f7-ac93-c2cf453c3e2e/1/cylEqFODVbKux2ZF_ZSUSIrnAuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/cylEqFODVbKux2ZF_ZSUSIrnAuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0f:23:96:94:b1:63:33:f9:9d:a5:c6:9e:4f:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=732944a8538355b2aec76645fd9494488ae702e7
Validity
Not Before: Jan 1 12:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffeee61dc011a9ff438379957a2495e271ded373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5e:98:d6:8d:20:61:b5:40:56:c0:9c:97:0d:
f7:f4:b4:34:b5:39:78:b9:6f:6a:af:a0:90:86:51:
b2:dd:c0:78:ad:62:73:b3:9a:be:38:80:67:d4:4c:
49:66:ea:12:12:65:ea:25:37:3e:19:03:f3:f8:13:
52:3c:5d:d7:75:82:c1:6b:9b:6c:ef:41:39:34:41:
04:52:66:de:ce:6e:a3:45:d0:bc:4f:7d:9b:23:bb:
ab:2a:31:7a:91:43:df:4a:ed:3c:fa:e5:59:04:a6:
f5:5d:0a:97:33:41:6f:4c:78:df:d3:c9:34:fd:84:
8e:aa:3d:ae:19:ad:28:c4:6f:3c:69:76:74:63:96:
8f:22:25:ab:59:f3:51:9c:7f:f4:62:c4:49:43:d0:
5e:83:09:9d:68:40:d3:77:17:11:3e:10:d4:6e:21:
7a:ea:da:43:2c:f4:10:95:86:cc:08:1f:87:c0:7b:
70:d8:05:c8:90:6f:4e:68:01:7a:74:4f:56:03:2a:
bb:59:02:b5:41:ad:af:b0:f5:dd:2b:e4:93:c3:9d:
5e:d0:0d:d0:70:f7:d1:01:b3:d9:08:ea:a8:2d:14:
1c:94:11:f9:72:1c:9b:09:4b:52:2e:18:00:41:e3:
b1:7a:1e:48:74:cd:43:c8:bd:2a:d7:52:66:d8:94:
83:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:EE:E6:1D:C0:11:A9:FF:43:83:79:95:7A:24:95:E2:71:DE:D3:73
X509v3 Authority Key Identifier:
keyid:73:29:44:A8:53:83:55:B2:AE:C7:66:45:FD:94:94:48:8A:E7:02:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cylEqFODVbKux2ZF_ZSUSIrnAuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/e2067c-5366-49f7-ac93-c2cf453c3e2e/1/_-7mHcARqf9Dg3mVeiSV4nHe03M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/e2067c-5366-49f7-ac93-c2cf453c3e2e/1/cylEqFODVbKux2ZF_ZSUSIrnAuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2edc::/48
Signature Algorithm: sha256WithRSAEncryption
95:4b:a0:c7:5f:23:f9:26:00:a1:b6:84:1b:ae:51:f1:2e:ce:
62:73:25:fc:80:3e:20:b2:37:23:a3:8b:41:74:67:02:32:63:
20:a9:ad:da:51:af:11:62:6e:32:65:3a:f4:2e:00:90:4f:29:
84:6b:2d:42:60:bf:08:f2:ec:c3:5d:04:41:18:63:99:e2:95:
bb:c7:b2:ba:1c:67:d5:e0:09:66:f9:ad:c3:37:12:8b:0c:d6:
4d:0b:77:27:c5:04:c2:eb:bb:64:83:61:4c:0f:28:59:99:77:
01:b9:09:f8:ff:15:58:8e:cd:f6:54:f3:20:bb:5a:fd:01:ed:
d5:d5:41:92:b8:89:0c:69:b8:59:92:d0:dc:3d:4f:8c:c2:80:
fb:b1:39:db:d9:fd:87:6d:59:49:01:2b:01:92:38:08:65:fe:
a7:46:a4:41:f2:8c:51:1a:9f:3f:8a:29:d8:98:49:53:b2:94:
6d:c9:1c:d6:f3:aa:ba:52:4e:d6:e9:bf:cf:53:13:ce:57:7f:
a5:91:ae:4c:0c:29:1c:b6:f8:82:1c:ea:4c:3d:f0:35:53:08:
ff:c4:34:11:33:47:ea:2d:35:5c:28:b6:1c:ca:60:1f:af:e7:
21:00:88:24:f0:3d:fa:e4:ca:41:f2:82:05:cc:08:ef:b1:9d:
fd:85:34:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFAQ8jlpSxYzP5naXGnk9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMjk0NGE4NTM4MzU1YjJhZWM3NjY0NWZkOTQ5NDQ4OGFl
NzAyZTcwHhcNMjQwMTAxMTIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmVlZTYxZGMwMTFhOWZmNDM4Mzc5OTU3YTI0OTVlMjcxZGVkMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl6Y1o0gYbVAVsCclw339LQ0tTl4
uW9qr6CQhlGy3cB4rWJzs5q+OIBn1ExJZuoSEmXqJTc+GQPz+BNSPF3XdYLBa5ts
70E5NEEEUmbezm6jRdC8T32bI7urKjF6kUPfSu08+uVZBKb1XQqXM0FvTHjf08k0
/YSOqj2uGa0oxG88aXZ0Y5aPIiWrWfNRnH/0YsRJQ9BegwmdaEDTdxcRPhDUbiF6
6tpDLPQQlYbMCB+HwHtw2AXIkG9OaAF6dE9WAyq7WQK1Qa2vsPXdK+STw51e0A3Q
cPfRAbPZCOqoLRQclBH5chybCUtSLhgAQeOxeh5IdM1DyL0q11Jm2JSD2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP/u5h3AEan/Q4N5lXokleJx3tNzMB8GA1UdIwQY
MBaAFHMpRKhTg1WyrsdmRf2UlEiK5wLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3lsRXFGT0RWYkt1eDJaRl9aU1VTSXJuQXVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lMjA2N2MtNTM2Ni00OWY3LWFjOTMt
YzJjZjQ1M2MzZTJlLzEvXy03bUhjQVJxZjlEZzNtVmVpU1Y0bkhlMDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lMjA2N2MtNTM2Ni00OWY3LWFjOTMtYzJjZjQ1M2MzZTJl
LzEvY3lsRXFGT0RWYkt1eDJaRl9aU1VTSXJuQXVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC7c
MA0GCSqGSIb3DQEBCwUAA4IBAQCVS6DHXyP5JgChtoQbrlHxLs5icyX8gD4gsjcj
o4tBdGcCMmMgqa3aUa8RYm4yZTr0LgCQTymEay1CYL8I8uzDXQRBGGOZ4pW7x7K6
HGfV4Alm+a3DNxKLDNZNC3cnxQTC67tkg2FMDyhZmXcBuQn4/xVYjs32VPMgu1r9
Ae3V1UGSuIkMabhZktDcPU+MwoD7sTnb2f2HbVlJASsBkjgIZf6nRqRB8oxRGp8/
iinYmElTspRtyRzW86q6Uk7W6b/PUxPOV3+lka5MDCkctviCHOpMPfA1Uwj/xDQR
M0fqLTVcKLYcymAfr+chAIgk8D365MpB8oIFzAjvsZ39hTSX
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:59:03 2024 by rpki-client on console-ams.rpki-client.org