Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cd2f41-59e0-4b8b-8206-bed55c47a578/1/unZQZgi0VsnG2ND5sq4TexiiXQg.roa
File: unZQZgi0VsnG2ND5sq4TexiiXQg.roa (raw, json)
Hash identifier: Jn32CjA5LHOciX9Ns7L7NTRV0wJSPFg4yAlNiII76yg=
Subject key identifier: BA:76:50:66:08:B4:56:C9:C6:D8:D0:F9:B2:AE:13:7B:18:A2:5D:08
Certificate issuer: /CN=54718af6a36f66a91939364aafc86445ab8a6e0e
Certificate serial: 018CC64AE65FD0C58E9E6480ABF6326332A3
Authority key identifier: 54:71:8A:F6:A3:6F:66:A9:19:39:36:4A:AF:C8:64:45:AB:8A:6E:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHGK9qNvZqkZOTZKr8hkRauKbg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/cd2f41-59e0-4b8b-8206-bed55c47a578/1/unZQZgi0VsnG2ND5sq4TexiiXQg.roa
Signing time: Mon 01 Jan 2024 18:30:46 +0000
ROA not before: Mon 01 Jan 2024 18:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57763
IP address blocks: 2001:67c:2c2c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/cd2f41-59e0-4b8b-8206-bed55c47a578/1/VHGK9qNvZqkZOTZKr8hkRauKbg4.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/cd2f41-59e0-4b8b-8206-bed55c47a578/1/VHGK9qNvZqkZOTZKr8hkRauKbg4.mft
rsync://rpki.ripe.net/repository/DEFAULT/VHGK9qNvZqkZOTZKr8hkRauKbg4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e6:5f:d0:c5:8e:9e:64:80:ab:f6:32:63:32:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54718af6a36f66a91939364aafc86445ab8a6e0e
Validity
Not Before: Jan 1 18:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba76506608b456c9c6d8d0f9b2ae137b18a25d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:54:9a:78:0f:f7:75:26:a7:e9:95:54:b7:67:
2a:7e:d3:36:69:32:4c:cf:44:fe:96:22:3b:19:d8:
87:9b:20:4e:d2:77:e2:dc:71:7e:48:f1:46:64:9b:
b7:e2:22:6d:05:f1:7f:64:44:38:64:57:72:a9:b0:
48:1c:45:f9:5b:33:ef:51:58:a4:60:9b:ed:61:04:
ba:66:b6:f8:aa:ce:04:84:89:11:67:da:6f:b6:56:
81:4d:2b:30:63:3b:0c:04:89:b0:ed:d8:ff:76:03:
38:58:35:49:a9:93:32:cb:25:0d:75:35:b5:d5:bb:
bc:b1:72:59:0f:66:37:61:0e:53:4f:99:13:c1:1d:
d9:ba:32:d5:85:d4:8b:c1:5b:2f:87:26:a2:fc:74:
ee:55:0b:45:ec:2b:bc:8e:94:74:ee:3f:20:21:b3:
41:d2:7b:18:f1:5a:5b:15:f1:d8:61:ac:7c:4b:ad:
8f:55:cc:23:81:e6:40:63:e0:34:a5:1e:c7:e8:4d:
f3:34:e8:d6:02:b8:27:31:0f:24:eb:8d:51:a3:4a:
7f:27:05:e8:84:fc:b5:b5:f3:1d:cd:85:85:f1:70:
b8:a1:36:d3:f1:ee:9c:fa:04:32:2b:73:2c:df:51:
ce:ae:ee:b0:70:74:72:c5:6f:e4:d9:9a:d9:58:44:
86:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:76:50:66:08:B4:56:C9:C6:D8:D0:F9:B2:AE:13:7B:18:A2:5D:08
X509v3 Authority Key Identifier:
keyid:54:71:8A:F6:A3:6F:66:A9:19:39:36:4A:AF:C8:64:45:AB:8A:6E:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHGK9qNvZqkZOTZKr8hkRauKbg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cd2f41-59e0-4b8b-8206-bed55c47a578/1/unZQZgi0VsnG2ND5sq4TexiiXQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cd2f41-59e0-4b8b-8206-bed55c47a578/1/VHGK9qNvZqkZOTZKr8hkRauKbg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2c2c::/48
Signature Algorithm: sha256WithRSAEncryption
36:c1:5a:2e:d7:23:51:60:53:9e:23:27:26:7d:fb:18:75:99:
f3:47:10:cb:e0:66:2a:5a:b4:fd:61:18:c6:ff:e3:29:4d:89:
f5:c0:5c:6d:b3:a8:3d:4b:9c:90:f3:64:ad:b1:f4:d0:a3:f3:
bb:ef:41:6c:67:8c:26:c1:9b:f0:b6:43:1d:8f:d5:7e:8d:fb:
17:7e:a0:cf:fb:45:c1:1e:60:8f:92:98:20:27:4f:25:19:0f:
7c:02:2a:34:6a:a4:b6:5c:33:d9:79:c6:03:7f:5c:99:b3:47:
f3:82:c2:ea:9e:90:db:e4:5a:b7:01:64:6b:ad:b8:c3:9f:5b:
bc:a8:84:c9:d5:e5:c5:cc:b8:ce:af:39:4f:32:d7:73:be:15:
77:13:fa:f0:3a:d9:00:9a:70:e5:90:14:4d:a2:e6:d1:8d:fa:
b1:6f:96:eb:3f:00:23:8d:c6:ac:27:29:8e:a6:12:99:85:df:
1e:78:7c:0b:f6:3e:10:de:77:cb:99:cc:74:9e:e3:f9:33:d2:
38:bf:31:d5:10:66:88:0d:60:3d:6a:8c:cb:83:2d:35:7c:3e:
39:33:ce:0b:90:19:ae:53:d5:cf:2d:94:54:63:4e:80:a8:b2:
bc:89:fe:40:6c:f2:b0:d2:66:3a:3e:7c:c1:dd:88:83:9d:b9:
af:61:0d:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGSuZf0MWOnmSAq/YyYzKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzE4YWY2YTM2ZjY2YTkxOTM5MzY0YWFmYzg2NDQ1YWI4
YTZlMGUwHhcNMjQwMTAxMTgzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTc2NTA2NjA4YjQ1NmM5YzZkOGQwZjliMmFlMTM3YjE4YTI1ZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFSaeA/3dSan6ZVUt2cqftM2aTJM
z0T+liI7GdiHmyBO0nfi3HF+SPFGZJu34iJtBfF/ZEQ4ZFdyqbBIHEX5WzPvUVik
YJvtYQS6Zrb4qs4EhIkRZ9pvtlaBTSswYzsMBImw7dj/dgM4WDVJqZMyyyUNdTW1
1bu8sXJZD2Y3YQ5TT5kTwR3ZujLVhdSLwVsvhyai/HTuVQtF7Cu8jpR07j8gIbNB
0nsY8VpbFfHYYax8S62PVcwjgeZAY+A0pR7H6E3zNOjWArgnMQ8k641Ro0p/JwXo
hPy1tfMdzYWF8XC4oTbT8e6c+gQyK3Ms31HOru6wcHRyxW/k2ZrZWESG0QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLp2UGYItFbJxtjQ+bKuE3sYol0IMB8GA1UdIwQY
MBaAFFRxivajb2apGTk2Sq/IZEWrim4OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhHSzlxTnZacWtaT1RaS3I4aGtSYXVLYmc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jZDJmNDEtNTllMC00YjhiLTgyMDYt
YmVkNTVjNDdhNTc4LzEvdW5aUVpnaTBWc25HMk5ENXNxNFRleGlpWFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jZDJmNDEtNTllMC00YjhiLTgyMDYtYmVkNTVjNDdhNTc4
LzEvVkhHSzlxTnZacWtaT1RaS3I4aGtSYXVLYmc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCws
MA0GCSqGSIb3DQEBCwUAA4IBAQA2wVou1yNRYFOeIycmffsYdZnzRxDL4GYqWrT9
YRjG/+MpTYn1wFxts6g9S5yQ82StsfTQo/O770FsZ4wmwZvwtkMdj9V+jfsXfqDP
+0XBHmCPkpggJ08lGQ98Aio0aqS2XDPZecYDf1yZs0fzgsLqnpDb5Fq3AWRrrbjD
n1u8qITJ1eXFzLjOrzlPMtdzvhV3E/rwOtkAmnDlkBRNoubRjfqxb5brPwAjjcas
JymOphKZhd8eeHwL9j4Q3nfLmcx0nuP5M9I4vzHVEGaIDWA9aozLgy01fD45M84L
kBmuU9XPLZRUY06AqLK8if5AbPKw0mY6PnzB3YiDnbmvYQ0g
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:31:03 2024 by rpki-client on console-ams.rpki-client.org