Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/DhZ8VVQIAge9ec-AgHXVpbtQlRE.roa
File: DhZ8VVQIAge9ec-AgHXVpbtQlRE.roa (raw, json)
Hash identifier: sKbBdTDH1nzNbfRMHr3fR0mVX3enRPXgqVTEAdotwX0=
Subject key identifier: 0E:16:7C:55:54:08:02:07:BD:79:CF:80:80:75:D5:A5:BB:50:95:11
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 018CC500DE768729D629FF9C114EF9FFA587
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/DhZ8VVQIAge9ec-AgHXVpbtQlRE.roa
Signing time: Mon 01 Jan 2024 12:30:17 +0000
ROA not before: Mon 01 Jan 2024 12:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a05:2d07::/32 maxlen: 32
2a03:4a81::/32 maxlen: 32
2a04:a147::/32 maxlen: 32
2a06:3e87::/32 maxlen: 32
2a04:a142::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:de:76:87:29:d6:29:ff:9c:11:4e:f9:ff:a5:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 1 12:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e167c5554080207bd79cf808075d5a5bb509511
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:47:c9:c0:f6:a8:9b:0d:67:f2:77:c3:15:f1:
c8:46:a7:6f:64:af:af:01:7a:b3:3a:eb:35:51:2d:
f6:28:90:88:69:42:ff:e8:26:59:9b:0a:3d:98:9a:
f3:2a:6a:91:d2:a4:bb:a6:aa:24:de:24:38:f5:f9:
c8:4b:1e:41:a9:54:92:4e:0c:c3:be:65:e3:d6:25:
43:43:39:6f:5a:76:fa:5b:ed:80:9a:17:f1:6f:3b:
b8:93:2f:43:7d:8d:9a:d5:d9:73:67:42:8b:44:16:
c8:cf:78:e7:02:31:d3:64:2c:8d:90:b5:f3:f7:a7:
86:df:dc:14:00:16:bd:bc:28:21:dc:1c:21:bc:dc:
1f:b1:d3:68:d2:1e:f8:fa:4a:ef:82:62:62:9c:d3:
5d:93:36:84:cc:4e:42:88:aa:16:13:af:fb:58:f7:
0a:a6:ea:ff:56:27:2f:63:c1:82:ec:34:9e:c0:45:
63:be:36:b7:fc:f7:ed:c0:84:7f:ee:ef:47:05:41:
b5:fb:51:8b:6b:a1:5b:78:3e:3f:6b:53:32:d5:7d:
aa:62:35:35:a5:94:80:df:2c:50:39:c6:d3:d0:19:
87:50:0c:98:29:89:4f:7e:c9:66:c6:a8:1f:7a:1f:
4b:f0:82:04:11:ab:0e:79:ae:b1:aa:36:98:48:fe:
a7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:16:7C:55:54:08:02:07:BD:79:CF:80:80:75:D5:A5:BB:50:95:11
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/DhZ8VVQIAge9ec-AgHXVpbtQlRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:4a81::/32
2a04:a142::/32
2a04:a147::/32
2a05:2d07::/32
2a06:3e87::/32
Signature Algorithm: sha256WithRSAEncryption
3b:50:98:e4:7b:63:3a:c1:e6:f9:2d:be:73:ba:35:51:55:0e:
5f:a4:41:ed:46:12:8c:29:e3:88:a0:20:32:9e:8e:59:fd:ba:
f5:67:1c:3f:00:62:f8:0f:a9:2f:ec:81:85:cd:2a:2f:8a:b9:
15:fc:a2:fc:3c:16:f2:90:92:d8:b3:1f:dd:73:ed:f2:f1:f3:
98:7a:cd:51:cb:94:cd:bb:86:21:3e:e1:c2:e5:46:84:8a:87:
fb:a9:46:57:9b:8b:9d:61:fe:c0:b7:6b:e4:7c:b2:ae:7f:98:
73:6c:b4:53:17:5c:42:16:3a:63:77:27:6f:88:17:48:7e:cf:
0a:0c:37:c4:00:79:8f:9e:21:e4:7a:92:24:68:33:ae:9a:68:
fd:8c:72:c4:15:a4:b4:7e:e5:cf:39:d7:18:74:84:fe:23:79:
36:4c:ce:00:86:ab:05:2e:e4:50:aa:d7:11:08:eb:a9:8d:b6:
42:14:af:fe:34:db:60:ff:4a:91:56:0a:34:42:f8:56:63:2a:
5b:db:e5:a8:6d:4a:d5:62:53:62:4a:17:0f:6a:97:b9:24:51:
04:32:c0:6a:19:2b:52:6f:c4:89:7a:a3:aa:b1:9b:15:75:ad:
40:68:4f:79:33:19:5c:76:0a:f0:e9:04:99:fc:68:55:c9:3a:
7a:a5:dd:50
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzFAN52hynWKf+cEU75/6WHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjQwMTAxMTIzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTE2N2M1NTU0MDgwMjA3YmQ3OWNmODA4MDc1ZDVhNWJiNTA5NTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokfJwPaomw1n8nfDFfHIRqdvZK+v
AXqzOus1US32KJCIaUL/6CZZmwo9mJrzKmqR0qS7pqok3iQ49fnISx5BqVSSTgzD
vmXj1iVDQzlvWnb6W+2Amhfxbzu4ky9DfY2a1dlzZ0KLRBbIz3jnAjHTZCyNkLXz
96eG39wUABa9vCgh3BwhvNwfsdNo0h74+krvgmJinNNdkzaEzE5CiKoWE6/7WPcK
pur/VicvY8GC7DSewEVjvja3/PftwIR/7u9HBUG1+1GLa6FbeD4/a1My1X2qYjU1
pZSA3yxQOcbT0BmHUAyYKYlPfslmxqgfeh9L8IIEEasOea6xqjaYSP6n2QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFA4WfFVUCAIHvXnPgIB11aW7UJURMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvRGhaOFZWUUlBZ2U5ZWMtQWdIWFZwYnRRbFJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKgNKgQMF
ACoEoUIDBQAqBKFHAwUAKgUtBwMFACoGPocwDQYJKoZIhvcNAQELBQADggEBADtQ
mOR7YzrB5vktvnO6NVFVDl+kQe1GEowp44igIDKejln9uvVnHD8AYvgPqS/sgYXN
Ki+KuRX8ovw8FvKQktizH91z7fLx85h6zVHLlM27hiE+4cLlRoSKh/upRlebi51h
/sC3a+R8sq5/mHNstFMXXEIWOmN3J2+IF0h+zwoMN8QAeY+eIeR6kiRoM66aaP2M
csQVpLR+5c851xh0hP4jeTZMzgCGqwUu5FCq1xEI66mNtkIUr/4022D/SpFWCjRC
+FZjKlvb5ahtStViU2JKFw9ql7kkUQQywGoZK1JvxIl6o6qxmxV1rUBoT3kzGVx2
CvDpBJn8aFXJOnql3VA=
-----END CERTIFICATE-----
Generated at Thu May 2 17:39:18 2024 by rpki-client on console-ams.rpki-client.org