Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/h0fmKlLMX0YCPblcchJNscq7l4g.roa
File: h0fmKlLMX0YCPblcchJNscq7l4g.roa (raw, json)
Hash identifier: +P3s7wWeG4bquQHmisgegU5qyq0nRnYgIeiNe8WVYAo=
Subject key identifier: 87:47:E6:2A:52:CC:5F:46:02:3D:B9:5C:72:12:4D:B1:CA:BB:97:88
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 01933EEFE71996B496ADBBDEEA1F87B7DCF1
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/h0fmKlLMX0YCPblcchJNscq7l4g.roa
Signing time: Mon 18 Nov 2024 11:02:09 +0000
ROA not before: Mon 18 Nov 2024 11:02:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197962
IP address blocks: 2a06:cac0::/29 maxlen: 48
2a11:f140::/29 maxlen: 48
2a12:ec0::/29 maxlen: 48
2a12:1900::/29 maxlen: 48
2a12:28c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:ef:e7:19:96:b4:96:ad:bb:de:ea:1f:87:b7:dc:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Nov 18 11:02:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8747e62a52cc5f46023db95c72124db1cabb9788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ef:ac:fa:f5:b9:44:3b:3a:de:c0:6e:96:ec:
6d:a5:51:3a:4b:b4:73:7c:8a:cd:28:2d:9a:fe:55:
07:8c:17:66:4d:ef:0b:b7:fa:cf:bf:78:93:05:fb:
5b:cc:f6:e7:f7:cc:e1:c8:c4:0b:23:38:0d:b6:5f:
dc:e0:ca:7a:68:b7:01:93:1e:73:a1:5d:08:71:dd:
bd:96:2c:ff:ae:66:a2:e0:81:85:d9:a8:1a:a8:5d:
1e:fc:fd:95:05:0d:c7:c2:6a:ce:2d:79:e3:db:b4:
b7:95:31:be:3d:28:3f:61:cf:d4:c1:49:37:60:e2:
a4:d1:07:26:b9:15:2c:07:4b:2a:d3:bb:8c:89:9f:
19:3d:34:18:45:44:15:85:8b:6f:4f:59:ef:64:03:
ec:f6:7d:8a:7c:ac:a5:74:3d:1b:f3:bf:e3:86:17:
fc:e3:b2:59:e8:1e:97:4d:a7:e4:69:97:b8:35:90:
ee:de:38:34:eb:82:1f:4e:45:94:28:15:92:c2:98:
dd:79:da:f9:4a:e8:a9:05:21:24:69:7b:4b:1f:13:
55:11:5d:d4:60:42:96:45:1e:c7:92:26:53:8f:7c:
72:e5:7e:51:d1:c7:dd:95:92:4e:f2:fe:66:04:5c:
c9:33:91:59:c2:62:84:d4:7c:14:29:e8:cc:4d:a0:
e8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:47:E6:2A:52:CC:5F:46:02:3D:B9:5C:72:12:4D:B1:CA:BB:97:88
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/h0fmKlLMX0YCPblcchJNscq7l4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:cac0::/29
2a11:f140::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:ea:24:21:87:0b:4b:e5:89:5b:08:72:95:d0:7a:9a:91:c6:
85:f4:ea:f6:bb:65:a8:06:4c:80:fc:cc:79:3f:db:46:1f:79:
40:56:e1:08:89:c5:f2:6f:af:de:fd:6c:9f:c8:1a:98:a6:17:
7e:5b:d2:6b:48:15:ff:78:de:43:7e:93:39:9c:11:fd:28:13:
a6:bb:1d:8f:26:90:fc:23:33:92:9b:a2:ca:21:2d:c0:29:53:
0d:a3:fd:37:15:8d:b0:69:37:36:30:24:30:99:82:ef:8e:05:
dd:39:95:76:fc:d7:4d:da:b3:31:cb:c7:b4:40:58:fb:6b:3d:
e0:a7:f0:2f:56:f7:39:db:ea:30:65:10:dd:93:e1:7a:9c:2b:
1c:f1:de:cd:6d:f8:01:a1:bf:d1:9c:62:c8:ea:a6:fc:4c:af:
df:14:61:f6:fb:97:3f:bc:44:71:d1:b3:f2:31:2b:df:0f:71:
70:b5:ad:8f:50:4f:87:6b:29:88:5d:2d:f2:08:60:e7:b2:d5:
96:4b:14:f8:21:a9:44:3d:2b:af:3f:8a:d7:16:47:d7:57:32:
8a:c7:b5:96:48:df:50:b5:c4:72:f1:b8:6c:44:7b:53:3a:1f:
49:f3:af:24:0f:29:74:71:b5:12:3b:70:0d:41:5d:cb:7a:fb:
31:cd:43:98
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZM+7+cZlrSWrbve6h+Ht9zxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQxMTE4MTEwMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQ3ZTYyYTUyY2M1ZjQ2MDIzZGI5NWM3MjEyNGRiMWNhYmI5Nzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6e+s+vW5RDs63sBuluxtpVE6S7Rz
fIrNKC2a/lUHjBdmTe8Lt/rPv3iTBftbzPbn98zhyMQLIzgNtl/c4Mp6aLcBkx5z
oV0Icd29liz/rmai4IGF2agaqF0e/P2VBQ3HwmrOLXnj27S3lTG+PSg/Yc/UwUk3
YOKk0QcmuRUsB0sq07uMiZ8ZPTQYRUQVhYtvT1nvZAPs9n2KfKyldD0b87/jhhf8
47JZ6B6XTafkaZe4NZDu3jg064IfTkWUKBWSwpjdedr5SuipBSEkaXtLHxNVEV3U
YEKWRR7HkiZTj3xy5X5R0cfdlZJO8v5mBFzJM5FZwmKE1HwUKejMTaDoGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIdH5ipSzF9GAj25XHISTbHKu5eIMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvaDBmbUtsTE1YMFlDUGJsY2NoSk5zY3E3bDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgbKwAMF
AyoR8UADBQMqEg7AAwUDKhIZAAMFAyoSKMAwDQYJKoZIhvcNAQELBQADggEBAEvq
JCGHC0vliVsIcpXQepqRxoX06va7ZagGTID8zHk/20YfeUBW4QiJxfJvr979bJ/I
GpimF35b0mtIFf943kN+kzmcEf0oE6a7HY8mkPwjM5KbosohLcApUw2j/TcVjbBp
NzYwJDCZgu+OBd05lXb8103aszHLx7RAWPtrPeCn8C9W9znb6jBlEN2T4XqcKxzx
3s1t+AGhv9GcYsjqpvxMr98UYfb7lz+8RHHRs/IxK98PcXC1rY9QT4drKYhdLfII
YOey1ZZLFPghqUQ9K68/itcWR9dXMorHtZZI31C1xHLxuGxEe1M6H0nzryQPKXRx
tRI7cA1BXct6+zHNQ5g=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:53:22 2024 by rpki-client on console-ams.rpki-client.org