Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/p_b6iVMu6BN4UVVm9z8IonBaH9E.roa
File: p_b6iVMu6BN4UVVm9z8IonBaH9E.roa (raw, json)
Hash identifier: 0v8VOFf10Xj+RwwxyKLaUyHBKTl+m/Xj/RENiPpV/ZA=
Subject key identifier: A7:F6:FA:89:53:2E:E8:13:78:51:55:66:F7:3F:08:A2:70:5A:1F:D1
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018CC501179C9137C45B5D9B0D6FDCB649CF
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/p_b6iVMu6BN4UVVm9z8IonBaH9E.roa
Signing time: Mon 01 Jan 2024 12:30:32 +0000
ROA not before: Mon 01 Jan 2024 12:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 2a0c:9e04::/32 maxlen: 32
2a0c:fe02::/32 maxlen: 32
2a0c:9e03::/32 maxlen: 32
2a0c:fe05::/32 maxlen: 32
2a0c:fe04::/32 maxlen: 32
2a0c:9e07::/32 maxlen: 32
2a0c:fe03::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:17:9c:91:37:c4:5b:5d:9b:0d:6f:dc:b6:49:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 12:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7f6fa89532ee81378515566f73f08a2705a1fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f7:f3:0a:3a:e7:ac:a8:fa:1b:01:06:b1:40:
ea:2f:f3:18:8f:96:02:d0:11:4c:fe:5e:d0:db:76:
9a:fc:87:3a:51:38:4a:48:3d:3b:0c:77:59:53:61:
90:14:2b:e6:89:e2:f4:26:db:25:45:b9:aa:5d:0b:
68:9d:47:4e:fc:52:42:bb:35:cb:08:d2:67:d6:d0:
cc:7d:34:b2:95:b0:af:1c:16:ad:05:60:a5:06:57:
51:c8:36:92:0b:3c:32:77:70:46:79:38:f0:38:4f:
e6:7c:7b:9f:58:01:88:5c:09:4a:06:00:2e:d6:b4:
42:5c:f6:6d:df:1b:df:5e:80:a7:b9:cb:a5:4f:42:
ac:00:5d:90:57:54:fd:55:04:e2:6b:e2:c6:2f:7c:
b0:f9:2a:be:92:f6:e0:66:6d:89:eb:d7:24:08:ab:
23:10:b9:95:31:2c:8a:c7:fa:03:26:df:a5:a1:af:
56:ac:18:ba:d8:c0:f5:69:1d:dc:fa:70:c8:11:5a:
c5:85:86:56:de:65:b6:4a:1e:18:3f:dc:6d:f0:f3:
bf:ba:db:fc:c1:9d:20:0b:db:9c:15:ac:16:13:f0:
31:e3:f7:c2:dd:0a:8f:a1:12:84:94:00:86:54:f7:
b3:75:2c:12:d0:de:0e:c4:19:dd:bd:a6:47:d2:a9:
ff:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F6:FA:89:53:2E:E8:13:78:51:55:66:F7:3F:08:A2:70:5A:1F:D1
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/p_b6iVMu6BN4UVVm9z8IonBaH9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9e03::-2a0c:9e04:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:9e07::/32
2a0c:fe02::-2a0c:fe05:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
42:56:6e:b5:4f:4a:00:27:ff:d5:38:db:35:36:db:0f:be:5d:
4c:94:7c:bb:a0:cd:e7:3e:73:f5:d1:bd:65:41:a7:9b:a1:04:
87:11:c3:13:bb:8e:e7:31:ab:ae:63:ac:cf:f8:48:33:b9:a4:
03:50:55:88:21:b5:c7:70:ef:3e:b2:44:2c:51:41:c3:c0:7c:
93:d8:e5:44:93:c3:d1:a9:96:f2:e7:4c:18:c6:dc:ab:77:87:
1c:f6:dd:10:91:85:42:2d:46:34:55:0c:bb:9c:51:15:1d:9e:
7d:d8:fe:2c:88:45:a6:4f:83:22:a1:17:52:08:3f:05:aa:6a:
78:71:83:39:f9:56:98:3c:cd:40:28:f8:69:43:8f:61:4d:e0:
04:62:c0:70:40:d3:0f:64:a7:20:48:ae:19:dc:36:2f:84:a3:
26:54:1a:a1:10:b3:60:87:49:21:40:57:94:c2:74:6b:0a:8a:
96:61:10:41:d4:5e:ad:a6:d2:c4:c0:c0:e4:0a:44:57:69:c1:
4b:8c:77:2b:59:9c:0c:de:1f:6b:47:47:8c:4d:53:62:03:7f:
44:a4:d4:55:a5:ec:10:07:ff:1f:46:34:7c:c5:cc:7f:79:5e:
1f:47:f5:f2:93:d0:39:4d:37:21:2a:98:0d:64:ee:92:c0:eb:
fd:0e:d8:fa
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAReckTfEW12bDW/ctknPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwMTAxMTIzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Y2ZmE4OTUzMmVlODEzNzg1MTU1NjZmNzNmMDhhMjcwNWExZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvffzCjrnrKj6GwEGsUDqL/MYj5YC
0BFM/l7Q23aa/Ic6UThKSD07DHdZU2GQFCvmieL0JtslRbmqXQtonUdO/FJCuzXL
CNJn1tDMfTSylbCvHBatBWClBldRyDaSCzwyd3BGeTjwOE/mfHufWAGIXAlKBgAu
1rRCXPZt3xvfXoCnuculT0KsAF2QV1T9VQTia+LGL3yw+Sq+kvbgZm2J69ckCKsj
ELmVMSyKx/oDJt+loa9WrBi62MD1aR3c+nDIEVrFhYZW3mW2Sh4YP9xt8PO/utv8
wZ0gC9ucFawWE/Ax4/fC3QqPoRKElACGVPezdSwS0N4OxBndvaZH0qn/jQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKf2+olTLugTeFFVZvc/CKJwWh/RMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvcF9iNmlWTXU2Qk40VVZWbTl6OElvbkJhSDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAAjAnMA4DBQAqDJ4D
AwUAKgyeBAMFACoMngcwDgMFASoM/gIDBQEqDP4EMA0GCSqGSIb3DQEBCwUAA4IB
AQBCVm61T0oAJ//VONs1NtsPvl1MlHy7oM3nPnP10b1lQaeboQSHEcMTu47nMauu
Y6zP+EgzuaQDUFWIIbXHcO8+skQsUUHDwHyT2OVEk8PRqZby50wYxtyrd4cc9t0Q
kYVCLUY0VQy7nFEVHZ592P4siEWmT4MioRdSCD8Fqmp4cYM5+VaYPM1AKPhpQ49h
TeAEYsBwQNMPZKcgSK4Z3DYvhKMmVBqhELNgh0khQFeUwnRrCoqWYRBB1F6tptLE
wMDkCkRXacFLjHcrWZwM3h9rR0eMTVNiA39EpNRVpewQB/8fRjR8xcx/eV4fR/Xy
k9A5TTchKpgNZO6SwOv9Dtj6
-----END CERTIFICATE-----
Generated at Thu May 2 17:36:49 2024 by rpki-client on console-ams.rpki-client.org