Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/X-iCnqmNG6j885gxiyPbYDqPEtc.roa
File: X-iCnqmNG6j885gxiyPbYDqPEtc.roa (raw, json)
Hash identifier: cB3ZnO+ne1w3OWuzgaqgeTrJOUkZQMqe2HjvqHud/S0=
Subject key identifier: 5F:E8:82:9E:A9:8D:1B:A8:FC:F3:98:31:8B:23:DB:60:3A:8F:12:D7
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018CC6B94E5079BDACC4EEE20E35B7AACBF6
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/X-iCnqmNG6j885gxiyPbYDqPEtc.roa
Signing time: Mon 01 Jan 2024 20:31:22 +0000
ROA not before: Mon 01 Jan 2024 20:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61163
IP address blocks: 2a03:f87:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 20:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:4e:50:79:bd:ac:c4:ee:e2:0e:35:b7:aa:cb:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 20:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fe8829ea98d1ba8fcf398318b23db603a8f12d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d2:66:32:e4:ff:d1:73:a3:96:7e:3d:e3:30:
24:52:31:84:f2:db:32:27:a7:5d:d7:12:a1:a0:99:
a6:92:c3:83:76:27:8a:ce:ff:1a:a0:75:2e:45:12:
f7:61:d5:43:8e:6b:3a:e4:20:10:a1:fe:ad:da:7d:
72:4c:06:48:da:67:93:82:a3:b3:1a:b9:e8:48:b5:
69:52:22:5b:7a:24:92:ba:20:ed:20:b1:7e:c6:57:
08:87:2a:7f:52:4e:4b:3e:9e:18:ab:5a:26:50:f3:
48:15:f6:15:a1:a2:d0:bc:41:e5:4d:c9:63:a2:4b:
be:62:58:da:05:0e:66:20:f6:e5:ee:86:f0:e7:7f:
03:df:15:f3:9f:43:28:bb:e7:ac:ee:93:3d:c8:8e:
e7:d9:dc:16:c7:7a:39:f3:9f:a0:d3:6c:b7:63:60:
ce:2a:10:e8:3a:ed:81:3a:34:41:c0:0c:6e:9d:a1:
02:92:54:fa:34:fd:0f:95:21:2d:27:44:7e:b8:0e:
04:db:61:89:32:42:2c:d2:90:c9:a3:37:f9:a2:36:
b3:79:43:7c:eb:ac:f7:59:19:c3:a3:0b:ef:ac:cd:
74:0a:b5:d8:d5:b0:a3:d3:9a:1e:ba:80:3e:d7:bd:
6d:26:4a:c4:d8:3c:20:0c:56:f4:f6:7d:b8:6b:2f:
6d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E8:82:9E:A9:8D:1B:A8:FC:F3:98:31:8B:23:DB:60:3A:8F:12:D7
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/X-iCnqmNG6j885gxiyPbYDqPEtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f87:3::/48
Signature Algorithm: sha256WithRSAEncryption
56:62:a9:d2:a7:c2:1a:e1:c2:58:b6:09:3c:98:13:2b:a8:f1:
54:86:72:58:cf:f0:ed:48:7e:1e:c3:2f:54:14:21:ab:d6:9f:
15:ad:5d:07:8e:db:e9:c8:66:74:a5:4f:0a:c8:77:e5:d8:55:
70:55:95:92:ff:14:63:42:99:15:69:45:a9:29:67:89:b7:6b:
0a:1c:bc:9d:55:ae:56:82:30:a8:c6:d7:02:55:1b:2c:a5:f3:
0f:ba:51:c6:90:19:bd:c8:26:13:49:19:bf:13:48:b6:9c:fb:
a1:c9:2f:8f:54:90:f1:b6:38:55:9c:b7:d5:8f:78:1e:a7:3f:
d6:11:8a:55:33:08:a8:bc:a2:12:5a:e0:9e:1a:f1:3f:b0:b3:
d0:a9:96:0b:c2:66:d7:fe:26:fb:18:d5:ec:8c:87:c3:34:dc:
4f:2e:7e:4e:ff:03:8d:20:38:1f:74:90:2c:07:e8:67:fa:9d:
82:43:1a:1b:95:31:71:05:8a:e0:03:25:c2:0d:d1:f4:41:bc:
64:cd:a1:41:70:45:f1:be:54:1c:d0:9a:39:f6:f1:02:a1:16:
5f:aa:aa:75:5c:96:dd:1f:24:2a:33:2e:a8:a3:d6:7f:73:1b:
e0:04:ab:81:ba:27:47:e1:a6:7e:1e:30:fe:b8:d3:c2:bb:21:
cd:87:52:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuU5Qeb2sxO7iDjW3qsv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwMTAxMjAzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmU4ODI5ZWE5OGQxYmE4ZmNmMzk4MzE4YjIzZGI2MDNhOGYxMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltJmMuT/0XOjln494zAkUjGE8tsy
J6dd1xKhoJmmksODdieKzv8aoHUuRRL3YdVDjms65CAQof6t2n1yTAZI2meTgqOz
GrnoSLVpUiJbeiSSuiDtILF+xlcIhyp/Uk5LPp4Yq1omUPNIFfYVoaLQvEHlTclj
oku+YljaBQ5mIPbl7obw538D3xXzn0Mou+es7pM9yI7n2dwWx3o585+g02y3Y2DO
KhDoOu2BOjRBwAxunaECklT6NP0PlSEtJ0R+uA4E22GJMkIs0pDJozf5ojazeUN8
66z3WRnDowvvrM10CrXY1bCj05oeuoA+171tJkrE2DwgDFb09n24ay9t+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF/ogp6pjRuo/POYMYsj22A6jxLXMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvWC1pQ25xbU5HNmo4ODVneGl5UGJZRHFQRXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMPhwAD
MA0GCSqGSIb3DQEBCwUAA4IBAQBWYqnSp8Ia4cJYtgk8mBMrqPFUhnJYz/DtSH4e
wy9UFCGr1p8VrV0HjtvpyGZ0pU8KyHfl2FVwVZWS/xRjQpkVaUWpKWeJt2sKHLyd
Va5WgjCoxtcCVRsspfMPulHGkBm9yCYTSRm/E0i2nPuhyS+PVJDxtjhVnLfVj3ge
pz/WEYpVMwiovKISWuCeGvE/sLPQqZYLwmbX/ib7GNXsjIfDNNxPLn5O/wONIDgf
dJAsB+hn+p2CQxoblTFxBYrgAyXCDdH0QbxkzaFBcEXxvlQc0Jo59vECoRZfqqp1
XJbdHyQqMy6oo9Z/cxvgBKuBuidH4aZ+HjD+uNPCuyHNh1Kq
-----END CERTIFICATE-----
Generated at Wed May 22 02:45:01 2024 by rpki-client on console-fra.rpki-client.org