Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/fcOZrsQdNAZNPjzuV6-pnOKNwEI.roa
File: fcOZrsQdNAZNPjzuV6-pnOKNwEI.roa (raw, json)
Hash identifier: 8ViOAIcslnlzDsfhAL3pZAa61EXBUCo2ayW001xkWxw=
Subject key identifier: 7D:C3:99:AE:C4:1D:34:06:4D:3E:3C:EE:57:AF:A9:9C:E2:8D:C0:42
Certificate issuer: /CN=27d8640c305107766a646fbf8ec81db45ce1f249
Certificate serial: 018CC5DC5AB7AD1142DB1C3C41BB7BD72B9E
Authority key identifier: 27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/fcOZrsQdNAZNPjzuV6-pnOKNwEI.roa
Signing time: Mon 01 Jan 2024 16:30:01 +0000
ROA not before: Mon 01 Jan 2024 16:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8399
IP address blocks: 2a0c:10c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5a:b7:ad:11:42:db:1c:3c:41:bb:7b:d7:2b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27d8640c305107766a646fbf8ec81db45ce1f249
Validity
Not Before: Jan 1 16:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dc399aec41d34064d3e3cee57afa99ce28dc042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f2:d9:de:c2:e9:37:49:29:05:51:9e:b2:bd:
ef:65:57:ba:f2:29:84:54:b6:e3:e6:87:76:85:b0:
26:9c:4d:10:86:53:58:c7:60:b2:c8:d8:58:2e:3d:
a5:7b:9b:6c:da:f0:f5:ff:4a:fe:74:00:56:29:5e:
78:69:2c:9f:af:a7:87:02:25:bb:f1:5d:86:47:8d:
97:3b:26:85:cc:f9:a3:e1:cb:05:7e:dd:1f:c4:66:
02:e6:8c:d1:2a:9d:58:f8:4f:43:7c:51:3e:34:05:
77:b0:bd:3c:67:65:3e:2b:df:bc:21:51:1a:fb:26:
fe:90:81:19:03:e5:5f:e4:43:ac:09:6f:a2:6b:12:
dc:92:ac:36:af:1d:9a:45:b8:f2:0b:ea:8a:e0:05:
ef:a4:c8:af:cb:0d:ee:be:ae:86:60:1e:e4:f8:51:
49:08:35:df:68:f5:5a:b9:8d:df:ed:d0:51:6e:45:
4a:08:db:0a:db:56:69:7d:08:57:f6:dc:60:fa:d5:
dc:33:49:52:d5:d7:98:6f:f3:50:b7:4c:10:52:07:
43:f5:5c:cd:93:f7:66:3e:69:80:3e:b8:39:cb:cc:
e8:1c:00:63:75:44:e0:41:8c:88:57:75:25:f4:11:
42:f5:4b:23:54:3e:39:f0:c9:d1:91:40:34:c4:8c:
e6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C3:99:AE:C4:1D:34:06:4D:3E:3C:EE:57:AF:A9:9C:E2:8D:C0:42
X509v3 Authority Key Identifier:
keyid:27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/fcOZrsQdNAZNPjzuV6-pnOKNwEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:56:69:61:17:7f:40:9c:ad:ce:51:97:d5:b5:b0:38:39:81:
21:56:68:a5:88:be:9e:74:30:31:d8:84:cb:b5:53:ba:60:5e:
1a:fb:a1:d9:5c:b3:3a:34:50:b5:e2:a3:79:71:d3:65:d7:2f:
e8:43:d8:c0:db:23:66:88:25:1e:7a:26:90:47:dd:d2:7a:4e:
76:e2:62:88:fd:d4:09:d8:45:fa:66:68:76:14:d2:e7:77:8d:
3c:40:71:16:88:d0:d3:f4:a4:a7:5b:ab:ca:c4:10:5a:1e:18:
bc:60:c7:ef:8b:85:f2:17:d0:a3:55:6b:7d:40:d4:84:c7:03:
66:c6:d2:55:88:c8:12:84:ab:a4:25:58:ad:df:3b:2d:e4:78:
a4:ab:20:ed:cf:a0:95:2b:43:bc:1a:2f:8a:0d:83:3d:d5:e5:
7e:5e:8a:28:f1:54:21:fe:dd:13:15:66:43:d4:5e:13:29:e4:
df:79:be:4d:5e:3c:80:9a:85:05:a9:19:b0:2d:3f:99:d3:57:
4b:37:e4:25:13:dc:55:2a:2c:a6:b4:2c:8f:b8:cb:e9:11:fe:
e9:4c:05:b5:5b:3b:5d:bb:b6:74:f4:63:8c:6e:80:01:95:4d:
59:e6:de:ef:55:33:ae:c3:bf:b3:92:0b:51:48:69:11:9b:eb:
3d:09:20:c0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzF3Fq3rRFC2xw8Qbt71yueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDg2NDBjMzA1MTA3NzY2YTY0NmZiZjhlYzgxZGI0NWNl
MWYyNDkwHhcNMjQwMTAxMTYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGMzOTlhZWM0MWQzNDA2NGQzZTNjZWU1N2FmYTk5Y2UyOGRjMDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfLZ3sLpN0kpBVGesr3vZVe68imE
VLbj5od2hbAmnE0QhlNYx2CyyNhYLj2le5ts2vD1/0r+dABWKV54aSyfr6eHAiW7
8V2GR42XOyaFzPmj4csFft0fxGYC5ozRKp1Y+E9DfFE+NAV3sL08Z2U+K9+8IVEa
+yb+kIEZA+Vf5EOsCW+iaxLckqw2rx2aRbjyC+qK4AXvpMivyw3uvq6GYB7k+FFJ
CDXfaPVauY3f7dBRbkVKCNsK21ZpfQhX9txg+tXcM0lS1deYb/NQt0wQUgdD9VzN
k/dmPmmAPrg5y8zoHABjdUTgQYyIV3Ul9BFC9UsjVD458MnRkUA0xIzmlwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH3Dma7EHTQGTT487levqZzijcBCMB8GA1UdIwQY
MBaAFCfYZAwwUQd2amRvv47IHbRc4fJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjloa0REQlJCM1pxWkctX2pzZ2R0RnpoOGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ODE3NWEtMTJjOC00NTkwLTgyZTAt
M2M2Zjg4YzkxNGIxLzEvZmNPWnJzUWROQVpOUGp6dVY2LXBuT0tOd0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ODE3NWEtMTJjOC00NTkwLTgyZTAtM2M2Zjg4YzkxNGIx
LzEvSjloa0REQlJCM1pxWkctX2pzZ2R0RnpoOGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgwQwDAN
BgkqhkiG9w0BAQsFAAOCAQEAolZpYRd/QJytzlGX1bWwODmBIVZopYi+nnQwMdiE
y7VTumBeGvuh2VyzOjRQteKjeXHTZdcv6EPYwNsjZoglHnomkEfd0npOduJiiP3U
CdhF+mZodhTS53eNPEBxFojQ0/Skp1urysQQWh4YvGDH74uF8hfQo1VrfUDUhMcD
ZsbSVYjIEoSrpCVYrd87LeR4pKsg7c+glStDvBovig2DPdXlfl6KKPFUIf7dExVm
Q9ReEynk33m+TV48gJqFBakZsC0/mdNXSzfkJRPcVSosprQsj7jL6RH+6UwFtVs7
Xbu2dPRjjG6AAZVNWebe71UzrsO/s5ILUUhpEZvrPQkgwA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:26 2024 by rpki-client on console-fra.rpki-client.org