Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ODFnpVX1750dTcDx5lakCY5hzMA.roa
File: ODFnpVX1750dTcDx5lakCY5hzMA.roa (raw, json)
Hash identifier: R9G0rI3ganz/ySmhWG//B/s3/8OdCZCrDskLI4vxMj4=
Subject key identifier: 38:31:67:A5:55:F5:EF:9D:1D:4D:C0:F1:E6:56:A4:09:8E:61:CC:C0
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 018CC8013DA1DDEE0636D64D417E5E2F5A4D
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ODFnpVX1750dTcDx5lakCY5hzMA.roa
Signing time: Tue 02 Jan 2024 02:29:33 +0000
ROA not before: Tue 02 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398104
IP address blocks: 2a01:488:bb1b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 10:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3d:a1:dd:ee:06:36:d6:4d:41:7e:5e:2f:5a:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=383167a555f5ef9d1d4dc0f1e656a4098e61ccc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:21:66:c2:29:52:7c:9e:b0:3d:65:ca:a4:09:
d5:c0:65:95:63:6e:03:36:83:b7:d8:d8:a3:63:a6:
95:05:fb:1e:80:52:58:76:d3:9a:b1:5c:a2:40:a8:
28:10:e9:8e:56:e3:2a:a3:2d:62:8b:4b:72:da:a0:
da:bb:f3:0f:7f:82:08:9d:be:5e:8b:5a:bc:5c:c6:
93:a5:89:a2:af:d0:82:49:b7:f5:ea:24:84:b9:75:
68:bf:8f:ac:d1:79:a2:1e:bc:29:fd:c1:ae:9c:41:
80:20:88:ef:b9:55:6d:ff:13:32:4d:eb:0f:7d:e7:
3d:36:71:a1:29:03:e3:66:94:17:42:81:e7:c0:70:
e7:68:be:ee:05:4e:a9:16:69:d4:18:25:77:10:8c:
30:a8:91:f9:d3:e9:4d:8e:65:95:32:b8:c7:d0:bf:
98:28:f9:5d:fb:86:5e:84:3b:9e:f7:a5:0f:ef:af:
e7:ad:d8:e4:c2:cb:2b:f4:a9:e7:91:a6:80:8e:c8:
1d:dd:ef:ee:bd:ce:7a:90:40:d1:7d:0e:8b:d1:ec:
b2:57:01:a6:95:86:68:08:25:a5:54:66:1a:9d:b7:
a1:33:f9:79:90:c9:f4:e2:1b:28:0d:ff:dc:92:bb:
b8:cd:be:6e:5d:3a:54:7e:80:02:ca:6b:7e:b2:5c:
3c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:31:67:A5:55:F5:EF:9D:1D:4D:C0:F1:E6:56:A4:09:8E:61:CC:C0
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ODFnpVX1750dTcDx5lakCY5hzMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb1b::/48
Signature Algorithm: sha256WithRSAEncryption
5c:17:7a:3a:1e:72:d1:51:46:8c:dc:21:88:77:d1:84:1a:91:
2e:b2:51:28:db:dc:c1:42:83:8b:7c:4b:39:2f:84:60:75:1e:
90:56:03:2f:a8:fd:f7:36:88:4e:56:29:49:24:62:a1:21:eb:
91:cc:b8:31:01:49:b7:1b:c3:89:d2:92:d3:ce:39:e4:91:5a:
75:02:db:cc:9a:da:fc:13:64:0b:bf:1a:83:23:36:17:b1:6c:
2b:4e:8d:a5:5b:2b:c5:00:41:e8:86:0c:b2:5f:64:a8:d2:b5:
4b:fc:18:5a:93:e7:1a:8f:45:c1:bb:42:d5:3f:47:4e:b6:3e:
0c:16:a0:44:16:e1:af:03:f0:c3:c8:d9:f8:9b:1d:96:ed:19:
d0:9d:04:46:64:58:48:df:0e:4a:17:fc:b2:7f:76:76:85:cd:
c3:91:00:e6:df:53:d9:21:b5:21:7c:7b:dd:70:f0:e9:e0:37:
6b:88:38:63:ef:e5:f8:fa:59:a2:c3:c6:19:27:cc:fc:37:41:
c6:e2:86:37:d2:52:7d:ce:03:53:f7:e1:b1:ab:96:b7:f9:b5:
6a:d8:53:a0:9b:1b:26:29:d7:eb:72:a2:8f:a1:6f:0a:2b:ca:
c3:d5:61:52:57:cd:31:7e:a0:44:d0:00:37:0d:c7:d6:7d:ac:
ef:6a:ee:11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAT2h3e4GNtZNQX5eL1pNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjQwMTAyMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODMxNjdhNTU1ZjVlZjlkMWQ0ZGMwZjFlNjU2YTQwOThlNjFjY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yFmwilSfJ6wPWXKpAnVwGWVY24D
NoO32NijY6aVBfsegFJYdtOasVyiQKgoEOmOVuMqoy1ii0ty2qDau/MPf4IInb5e
i1q8XMaTpYmir9CCSbf16iSEuXVov4+s0XmiHrwp/cGunEGAIIjvuVVt/xMyTesP
fec9NnGhKQPjZpQXQoHnwHDnaL7uBU6pFmnUGCV3EIwwqJH50+lNjmWVMrjH0L+Y
KPld+4ZehDue96UP76/nrdjkwssr9KnnkaaAjsgd3e/uvc56kEDRfQ6L0eyyVwGm
lYZoCCWlVGYanbehM/l5kMn04hsoDf/ckru4zb5uXTpUfoACymt+slw8bwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDgxZ6VV9e+dHU3A8eZWpAmOYczAMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvT0RGbnBWWDE3NTBkVGNEeDVsYWtDWTVoek1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsb
MA0GCSqGSIb3DQEBCwUAA4IBAQBcF3o6HnLRUUaM3CGId9GEGpEuslEo29zBQoOL
fEs5L4RgdR6QVgMvqP33NohOVilJJGKhIeuRzLgxAUm3G8OJ0pLTzjnkkVp1AtvM
mtr8E2QLvxqDIzYXsWwrTo2lWyvFAEHohgyyX2So0rVL/Bhak+caj0XBu0LVP0dO
tj4MFqBEFuGvA/DDyNn4mx2W7RnQnQRGZFhI3w5KF/yyf3Z2hc3DkQDm31PZIbUh
fHvdcPDp4DdriDhj7+X4+lmiw8YZJ8z8N0HG4oY30lJ9zgNT9+Gxq5a3+bVq2FOg
mxsmKdfrcqKPoW8KK8rD1WFSV80xfqBE0AA3DcfWfazvau4R
-----END CERTIFICATE-----
Generated at Thu May 2 18:16:01 2024 by rpki-client on console-fra.rpki-client.org