Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/haVVYfLxBVjZ9tuhq2VdlHJHHaI.roa
File: haVVYfLxBVjZ9tuhq2VdlHJHHaI.roa (raw, json)
Hash identifier: VYCRFn42O8WBrMeJsxOLs/saB5lZ0w/yDvSl6b1Y+Xc=
Subject key identifier: 85:A5:55:61:F2:F1:05:58:D9:F6:DB:A1:AB:65:5D:94:72:47:1D:A2
Certificate issuer: /CN=375a064f301026bc3cf87666d6a820128212a811
Certificate serial: 018CC5014CC33236A8B93A53D554F97E510A
Authority key identifier: 37:5A:06:4F:30:10:26:BC:3C:F8:76:66:D6:A8:20:12:82:12:A8:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1oGTzAQJrw8-HZm1qggEoISqBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/haVVYfLxBVjZ9tuhq2VdlHJHHaI.roa
Signing time: Mon 01 Jan 2024 12:30:45 +0000
ROA not before: Mon 01 Jan 2024 12:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33660
IP address blocks: 2a03:2887:ff47::/48 maxlen: 48
2a03:2887:ff46::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/N1oGTzAQJrw8-HZm1qggEoISqBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/N1oGTzAQJrw8-HZm1qggEoISqBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1oGTzAQJrw8-HZm1qggEoISqBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4c:c3:32:36:a8:b9:3a:53:d5:54:f9:7e:51:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=375a064f301026bc3cf87666d6a820128212a811
Validity
Not Before: Jan 1 12:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85a55561f2f10558d9f6dba1ab655d9472471da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:32:84:1b:47:f0:9b:ab:73:80:71:70:04:17:
d9:6b:54:81:f5:b7:d7:9c:1b:d6:05:d5:8b:fc:07:
bd:d4:b5:61:95:df:77:20:ae:31:22:b3:83:b7:ed:
ba:68:e9:5f:1f:0f:9b:fc:f5:b4:0b:1a:10:fa:b9:
9b:3c:65:e1:d9:cb:fa:f5:96:86:03:d3:29:8f:a2:
24:37:7e:62:76:8e:70:1f:34:fe:83:fb:1f:68:75:
64:db:e4:73:a3:6d:5d:48:eb:7b:bf:f8:86:b2:f7:
d5:0f:07:78:21:7d:ae:8a:2d:4e:48:f8:0f:0b:34:
31:62:2e:16:ac:e4:86:ee:45:20:52:94:b1:0e:e2:
0a:8e:34:be:5e:0e:07:e4:e5:8a:71:0c:65:e8:15:
31:c6:52:a4:0c:4e:a7:72:42:e3:1c:51:d6:01:03:
e4:ef:f2:1f:ba:4a:48:2f:d7:40:0e:ac:ad:51:36:
16:70:27:06:db:62:5d:21:24:96:f0:9a:47:14:18:
f9:d8:df:92:10:7d:54:52:46:88:9e:a6:21:4f:68:
4e:b2:36:36:75:65:a0:dd:4c:25:18:83:bc:2c:aa:
40:64:d6:c0:14:d3:c1:93:84:dd:a8:11:17:e2:ee:
e9:a4:ad:70:c6:4d:1b:e5:27:00:c6:8f:83:44:07:
84:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A5:55:61:F2:F1:05:58:D9:F6:DB:A1:AB:65:5D:94:72:47:1D:A2
X509v3 Authority Key Identifier:
keyid:37:5A:06:4F:30:10:26:BC:3C:F8:76:66:D6:A8:20:12:82:12:A8:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1oGTzAQJrw8-HZm1qggEoISqBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/haVVYfLxBVjZ9tuhq2VdlHJHHaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/N1oGTzAQJrw8-HZm1qggEoISqBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:2887:ff46::/47
Signature Algorithm: sha256WithRSAEncryption
65:39:46:5a:72:70:3c:ee:dc:25:57:9e:1d:6c:df:b5:be:a7:
49:a1:b6:f8:fa:5b:38:7b:5e:28:5e:74:20:24:6d:9d:0a:b6:
e7:8a:7d:e9:da:77:92:d8:8b:b6:6e:24:f7:10:a9:e1:74:e7:
6a:9d:43:18:4f:69:d9:5d:6b:ee:71:1f:8a:3a:8c:1f:66:52:
db:72:eb:87:d4:47:8d:56:04:ea:69:fd:d2:08:f3:cb:fb:63:
f2:24:81:24:48:ee:b4:ef:a6:b8:19:c3:10:13:b3:b7:da:f4:
70:83:3b:43:ed:e1:b2:c9:89:e6:d8:3e:64:8a:01:d3:de:d0:
a6:6b:06:fb:42:7b:83:10:b2:2c:e5:e6:d0:a5:b0:40:ab:3a:
ab:49:2e:d9:ff:31:d7:ce:8c:ac:69:84:99:5d:25:ed:ef:86:
10:76:63:c9:3d:d8:a1:b0:0f:82:53:ac:5a:ce:61:8e:bb:ab:
cc:b5:28:61:85:aa:b3:51:15:b3:25:e1:47:2a:cd:3d:d4:38:
dc:06:5a:63:48:c1:5c:e2:b3:63:98:be:f1:c2:4b:f5:98:03:
a3:e6:17:24:ef:67:82:8a:86:2b:08:43:f7:e4:bd:e3:34:5c:
ae:b9:3a:74:cb:61:05:9e:b4:ea:69:85:a6:78:f0:fc:a0:ec:
24:99:eb:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFAUzDMjaouTpT1VT5flEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NWEwNjRmMzAxMDI2YmMzY2Y4NzY2NmQ2YTgyMDEyODIx
MmE4MTEwHhcNMjQwMTAxMTIzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWE1NTU2MWYyZjEwNTU4ZDlmNmRiYTFhYjY1NWQ5NDcyNDcxZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDKEG0fwm6tzgHFwBBfZa1SB9bfX
nBvWBdWL/Ae91LVhld93IK4xIrODt+26aOlfHw+b/PW0CxoQ+rmbPGXh2cv69ZaG
A9Mpj6IkN35ido5wHzT+g/sfaHVk2+Rzo21dSOt7v/iGsvfVDwd4IX2uii1OSPgP
CzQxYi4WrOSG7kUgUpSxDuIKjjS+Xg4H5OWKcQxl6BUxxlKkDE6nckLjHFHWAQPk
7/IfukpIL9dADqytUTYWcCcG22JdISSW8JpHFBj52N+SEH1UUkaInqYhT2hOsjY2
dWWg3UwlGIO8LKpAZNbAFNPBk4TdqBEX4u7ppK1wxk0b5ScAxo+DRAeEPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIWlVWHy8QVY2fbboatlXZRyRx2iMB8GA1UdIwQY
MBaAFDdaBk8wECa8PPh2ZtaoIBKCEqgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFvR1R6QVFKcnc4LUhabTFxZ2dFb0lTcUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9kYzU4ODEtMzYzMi00NWFmLWJmNTkt
ZjQ0YTU3Y2VkNzNkLzEvaGFWVllmTHhCVmpaOXR1aHEyVmRsSEpISGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9kYzU4ODEtMzYzMi00NWFmLWJmNTktZjQ0YTU3Y2VkNzNk
LzEvTjFvR1R6QVFKcnc4LUhabTFxZ2dFb0lTcUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgMoh/9G
MA0GCSqGSIb3DQEBCwUAA4IBAQBlOUZacnA87twlV54dbN+1vqdJobb4+ls4e14o
XnQgJG2dCrbnin3p2neS2Iu2biT3EKnhdOdqnUMYT2nZXWvucR+KOowfZlLbcuuH
1EeNVgTqaf3SCPPL+2PyJIEkSO6076a4GcMQE7O32vRwgztD7eGyyYnm2D5kigHT
3tCmawb7QnuDELIs5ebQpbBAqzqrSS7Z/zHXzoysaYSZXSXt74YQdmPJPdihsA+C
U6xazmGOu6vMtShhhaqzURWzJeFHKs091DjcBlpjSMFc4rNjmL7xwkv1mAOj5hck
72eCioYrCEP35L3jNFyuuTp0y2EFnrTqaYWmePD8oOwkmeui
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:28:25 2024 by rpki-client on console-ams.rpki-client.org