Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/F1cfinQaCToQ0BcRHAPARScLdRA.roa
File: F1cfinQaCToQ0BcRHAPARScLdRA.roa (raw, json)
Hash identifier: NFHhKAH5vo4ic9BnW8CIDg19ToUjpuyrhtiuaqksZkM=
Subject key identifier: 17:57:1F:8A:74:1A:09:3A:10:D0:17:11:1C:03:C0:45:27:0B:75:10
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018CC501171338127C508571218A17E4A782
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/F1cfinQaCToQ0BcRHAPARScLdRA.roa
Signing time: Mon 01 Jan 2024 12:30:32 +0000
ROA not before: Mon 01 Jan 2024 12:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4826
IP address blocks: 2a0e:eb44::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:17:13:38:12:7c:50:85:71:21:8a:17:e4:a7:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 12:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17571f8a741a093a10d017111c03c045270b7510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:29:e2:ca:04:35:f6:75:6f:4d:7d:07:00:6d:
46:12:99:42:2e:c2:3b:5f:26:c2:d0:b5:99:6e:50:
73:ea:c6:9a:b6:15:4d:2c:bc:68:9a:20:58:85:82:
31:a6:32:b3:87:a2:9b:9d:bc:13:cf:67:65:42:b1:
d9:f1:04:9d:b2:c4:29:eb:c3:b9:43:ce:7f:ff:51:
a2:9b:7e:93:06:0b:70:bb:24:8b:1c:ff:92:e9:a7:
19:c2:05:f3:46:28:b1:a1:cd:30:77:3b:90:c8:06:
3c:c8:3b:97:01:c4:f6:cd:5a:a4:1d:c1:ef:fa:f1:
b2:48:b5:7b:28:84:7d:88:a7:77:7f:3a:32:26:3d:
f8:d2:0a:99:f4:3d:e6:cf:1c:3b:a5:07:ef:62:72:
c0:ed:17:48:9a:33:6b:5d:3a:84:32:d5:d3:bc:a9:
df:2c:c9:c6:d9:a2:15:78:87:4c:69:81:e3:3b:da:
de:e3:db:b2:34:55:fb:8a:58:c1:31:45:d1:d5:12:
10:df:b8:3a:4d:4b:f6:0c:62:ca:46:07:4c:41:d3:
78:ed:a0:63:3f:05:c1:df:f3:aa:cc:e8:60:96:34:
18:25:71:38:07:8c:f7:3c:b7:7d:a5:78:e3:62:d1:
5e:ae:04:31:41:31:77:b8:95:8f:0d:42:f8:da:be:
f8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:57:1F:8A:74:1A:09:3A:10:D0:17:11:1C:03:C0:45:27:0B:75:10
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/F1cfinQaCToQ0BcRHAPARScLdRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:eb44::/32
Signature Algorithm: sha256WithRSAEncryption
6b:f9:6d:c6:6b:0d:e2:8c:62:c8:5b:9d:07:22:22:e7:d1:d9:
c5:e7:a4:0a:9b:73:63:42:e2:d3:04:37:b7:0e:39:b0:85:e9:
5f:09:3f:ec:f5:81:e1:92:29:f1:15:ed:7f:89:8e:9d:c3:88:
09:1b:7f:11:86:4a:b9:19:dc:7a:7d:f5:cc:16:25:b7:9d:08:
42:ed:72:da:c0:aa:43:50:99:73:23:be:16:8e:7c:78:4f:b3:
01:09:51:b1:fb:9a:79:3c:f2:81:90:eb:fa:e7:ee:64:bd:fe:
b4:ba:f7:93:59:f8:31:26:54:1b:63:e0:70:2a:eb:57:95:3d:
20:09:62:e6:5b:84:73:a6:78:96:a5:de:93:d1:a0:dc:b4:f2:
9c:39:3e:5e:e2:21:64:e2:06:86:be:1b:d4:30:fb:c1:15:79:
4e:f1:1f:11:65:b5:51:f7:07:c7:e8:c4:67:e3:c6:a9:78:3f:
30:74:68:48:90:f7:46:1c:33:51:02:d5:11:5e:9a:8e:6b:2b:
ed:55:58:86:c9:81:e2:6c:96:1a:4c:22:ea:03:4f:3a:19:e4:
4a:b7:3d:9f:62:81:b4:bd:32:2d:4b:f1:4e:7a:1d:6a:c3:ae:
fb:80:20:e1:68:35:d8:f4:07:b9:02:2d:94:99:06:10:11:8a:
65:9c:c1:32
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFARcTOBJ8UIVxIYoX5KeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwMTAxMTIzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzU3MWY4YTc0MWEwOTNhMTBkMDE3MTExYzAzYzA0NTI3MGI3NTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SniygQ19nVvTX0HAG1GEplCLsI7
XybC0LWZblBz6saathVNLLxomiBYhYIxpjKzh6KbnbwTz2dlQrHZ8QSdssQp68O5
Q85//1Gim36TBgtwuySLHP+S6acZwgXzRiixoc0wdzuQyAY8yDuXAcT2zVqkHcHv
+vGySLV7KIR9iKd3fzoyJj340gqZ9D3mzxw7pQfvYnLA7RdImjNrXTqEMtXTvKnf
LMnG2aIVeIdMaYHjO9re49uyNFX7iljBMUXR1RIQ37g6TUv2DGLKRgdMQdN47aBj
PwXB3/OqzOhgljQYJXE4B4z3PLd9pXjjYtFergQxQTF3uJWPDUL42r74HwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBdXH4p0Ggk6ENAXERwDwEUnC3UQMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvRjFjZmluUWFDVG9RMEJjUkhBUEFSU2NMZFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7rRDAN
BgkqhkiG9w0BAQsFAAOCAQEAa/ltxmsN4oxiyFudByIi59HZxeekCptzY0Li0wQ3
tw45sIXpXwk/7PWB4ZIp8RXtf4mOncOICRt/EYZKuRncen31zBYlt50IQu1y2sCq
Q1CZcyO+Fo58eE+zAQlRsfuaeTzygZDr+ufuZL3+tLr3k1n4MSZUG2PgcCrrV5U9
IAli5luEc6Z4lqXek9Gg3LTynDk+XuIhZOIGhr4b1DD7wRV5TvEfEWW1UfcHx+jE
Z+PGqXg/MHRoSJD3RhwzUQLVEV6ajmsr7VVYhsmB4myWGkwi6gNPOhnkSrc9n2KB
tL0yLUvxTnodasOu+4Ag4Wg12PQHuQItlJkGEBGKZZzBMg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:32:02 2024 by rpki-client on console-ams.rpki-client.org