Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/5tQO4TbI2Co7lWFl4z2CAaBV8hk.roa
File: 5tQO4TbI2Co7lWFl4z2CAaBV8hk.roa (raw, json)
Hash identifier: 5iLJog3GpJaR2DOOcxM5yKT9fKA+lN1lzYI6dT4R41s=
Subject key identifier: E6:D4:0E:E1:36:C8:D8:2A:3B:95:61:65:E3:3D:82:01:A0:55:F2:19
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC4255591BA2E395E916473A7FA089C93
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/5tQO4TbI2Co7lWFl4z2CAaBV8hk.roa
Signing time: Mon 01 Jan 2024 08:30:30 +0000
ROA not before: Mon 01 Jan 2024 08:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a0b:b87:ffef::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:55:91:ba:2e:39:5e:91:64:73:a7:fa:08:9c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6d40ee136c8d82a3b956165e33d8201a055f219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d8:ad:72:19:50:fc:3b:c9:ba:25:e7:f8:6f:
0c:d1:fa:ee:82:74:6f:0f:d7:d3:17:a3:cc:02:b4:
23:56:3e:fe:18:b0:30:7b:d6:02:26:68:76:d3:dc:
c3:d2:9d:99:2b:b6:d3:f6:31:3a:6a:a1:61:80:e1:
91:54:35:c1:e1:dc:c2:ef:cf:6f:df:a5:ab:a9:22:
04:1f:96:c4:67:bc:80:3a:70:ac:89:d1:bc:f5:c0:
05:e3:b9:3c:ad:bc:cc:4b:a9:22:99:de:f1:6d:ab:
e9:41:76:fb:41:b5:e8:87:ac:b3:f2:3a:82:10:0e:
78:64:26:89:c4:59:20:aa:c4:7f:4b:17:c0:9d:7b:
08:be:b0:a0:39:27:c3:56:dc:78:e6:d9:39:dd:03:
68:3a:3b:4a:54:11:cc:42:f4:e3:91:34:e7:66:05:
9d:0d:86:3d:77:b8:b0:37:14:ac:cb:3b:08:b7:1c:
aa:03:96:9d:31:15:98:87:49:c6:7c:81:19:35:39:
d0:40:60:76:df:79:c9:c8:a3:ad:4c:4a:6e:71:2e:
9d:f1:58:73:7b:a1:25:91:65:70:3d:9e:f7:61:61:
f5:92:df:1f:e0:bd:46:a8:11:e7:ad:7a:fe:3d:aa:
f0:ca:37:d2:1b:2e:5a:80:06:18:fb:fc:8c:50:7f:
de:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D4:0E:E1:36:C8:D8:2A:3B:95:61:65:E3:3D:82:01:A0:55:F2:19
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/5tQO4TbI2Co7lWFl4z2CAaBV8hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffef::/48
Signature Algorithm: sha256WithRSAEncryption
97:a4:7c:df:34:b8:36:02:91:fe:40:55:77:29:15:fc:97:aa:
d9:fd:67:fd:f4:9c:b5:a5:d7:47:d8:63:52:78:57:11:1e:46:
44:71:9a:db:45:c2:34:67:1d:33:35:60:24:cd:aa:2b:95:80:
8b:9d:4e:52:b0:f6:04:f8:34:d2:68:8f:04:e2:df:8a:41:7e:
7a:a5:ce:e0:31:a0:98:5a:f5:3d:8d:90:7d:cd:6d:98:38:39:
64:ae:7c:ae:cb:63:7e:bf:8e:0c:41:2e:a3:63:3c:3b:ca:a1:
28:b7:cd:a6:a7:e9:4a:c6:47:d3:ae:6b:ea:9e:b6:3f:d8:0d:
4c:08:f4:a2:cc:b4:af:a8:14:32:3c:62:f2:68:a7:92:b3:68:
39:a8:2e:9e:9c:da:ea:bc:04:9b:48:93:c5:e7:be:ca:14:0f:
ec:91:cd:7e:55:ae:88:6c:51:c3:db:be:9c:91:fa:09:da:4a:
23:4d:43:41:fe:6f:2b:db:85:79:30:12:9d:c3:17:ba:7f:ea:
b3:3e:92:3f:2b:b5:f3:cf:25:28:76:66:72:34:8d:bc:3b:1e:
13:bb:65:49:aa:d7:cc:ff:e7:81:34:f0:46:44:eb:1e:65:86:
fc:64:b3:4a:70:6c:30:02:cb:c5:0f:c8:3f:fb:d4:33:b3:35:
73:d9:65:93
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJVWRui45XpFkc6f6CJyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQ0MGVlMTM2YzhkODJhM2I5NTYxNjVlMzNkODIwMWEwNTVmMjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqditchlQ/DvJuiXn+G8M0frugnRv
D9fTF6PMArQjVj7+GLAwe9YCJmh209zD0p2ZK7bT9jE6aqFhgOGRVDXB4dzC789v
36WrqSIEH5bEZ7yAOnCsidG89cAF47k8rbzMS6kimd7xbavpQXb7QbXoh6yz8jqC
EA54ZCaJxFkgqsR/SxfAnXsIvrCgOSfDVtx45tk53QNoOjtKVBHMQvTjkTTnZgWd
DYY9d7iwNxSsyzsItxyqA5adMRWYh0nGfIEZNTnQQGB233nJyKOtTEpucS6d8Vhz
e6ElkWVwPZ73YWH1kt8f4L1GqBHnrXr+ParwyjfSGy5agAYY+/yMUH/eLQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFObUDuE2yNgqO5VhZeM9ggGgVfIZMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvNXRRTzRUYkkyQ283bFdGbDR6MkNBYUJWOGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//v
MA0GCSqGSIb3DQEBCwUAA4IBAQCXpHzfNLg2ApH+QFV3KRX8l6rZ/Wf99Jy1pddH
2GNSeFcRHkZEcZrbRcI0Zx0zNWAkzaorlYCLnU5SsPYE+DTSaI8E4t+KQX56pc7g
MaCYWvU9jZB9zW2YODlkrnyuy2N+v44MQS6jYzw7yqEot82mp+lKxkfTrmvqnrY/
2A1MCPSizLSvqBQyPGLyaKeSs2g5qC6enNrqvASbSJPF577KFA/skc1+Va6IbFHD
276ckfoJ2kojTUNB/m8r24V5MBKdwxe6f+qzPpI/K7XzzyUodmZyNI28Ox4Tu2VJ
qtfM/+eBNPBGROseZYb8ZLNKcGwwAsvFD8g/+9QzszVz2WWT
-----END CERTIFICATE-----
Generated at Mon May 6 15:26:33 2024 by rpki-client on console-ams.rpki-client.org