Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ZSpOjRqSVbvxFTysP3Apo4aG-60.roa
File: ZSpOjRqSVbvxFTysP3Apo4aG-60.roa (raw, json)
Hash identifier: +2rz9BShvA07ZS8M7N/tmVg07A5JPd0L63RjNQE5ZHw=
Subject key identifier: 65:2A:4E:8D:1A:92:55:BB:F1:15:3C:AC:3F:70:29:A3:86:86:FB:AD
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 018CC8013956AD148F963881740CD98F12C0
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ZSpOjRqSVbvxFTysP3Apo4aG-60.roa
Signing time: Tue 02 Jan 2024 02:29:32 +0000
ROA not before: Tue 02 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397516
IP address blocks: 2a01:488:bb0f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:39:56:ad:14:8f:96:38:81:74:0c:d9:8f:12:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=652a4e8d1a9255bbf1153cac3f7029a38686fbad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:bb:20:53:88:e9:5a:9b:0e:5e:fb:12:d3:25:
9e:0c:3d:cf:58:8b:79:b7:f5:1b:cb:3a:f3:d5:b3:
19:47:bb:40:1b:d7:5d:19:d8:2b:be:87:fc:fc:ed:
d9:79:fb:fa:27:89:51:2e:8c:2a:57:ef:fd:88:14:
fb:b1:70:06:47:9f:d3:d9:0b:b6:c1:7b:b1:21:24:
34:a3:9f:97:28:70:89:94:9d:67:c4:c9:f3:b7:e1:
08:f1:1f:99:ce:9d:3c:a3:ec:6d:32:a3:d6:a0:17:
2a:47:7b:97:09:80:a6:17:af:a1:cb:96:80:88:d2:
3b:83:00:6f:34:85:7d:2f:ec:a1:24:40:a6:5e:6d:
1c:d0:b4:be:fb:24:08:6a:f3:d6:0f:de:70:27:21:
df:7c:98:5e:b2:ad:86:9b:d9:bb:39:06:c1:3c:2c:
a5:90:29:3d:d1:10:59:cd:0e:80:df:f8:26:0e:28:
8c:e5:33:83:57:d7:ff:8c:eb:71:50:3a:ef:58:14:
eb:90:e0:db:89:bc:bc:c1:88:31:b2:90:1b:70:39:
6f:43:e6:64:a8:d5:16:d3:c3:40:17:35:05:7e:20:
9e:67:b3:33:ed:c5:e1:97:cb:58:1f:61:58:22:da:
88:a3:36:7b:77:63:71:8d:14:d9:a6:0b:3c:dc:af:
b3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:2A:4E:8D:1A:92:55:BB:F1:15:3C:AC:3F:70:29:A3:86:86:FB:AD
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/ZSpOjRqSVbvxFTysP3Apo4aG-60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb0f::/48
Signature Algorithm: sha256WithRSAEncryption
65:4b:b8:5d:4c:71:4d:27:1b:97:11:04:ac:74:61:a2:2d:47:
a6:3f:69:f1:fd:48:8a:9c:3a:b2:c0:f8:a9:02:78:21:1b:ae:
4d:69:e6:bd:41:90:a5:b6:4d:57:3f:3d:6e:e2:c2:82:7b:4f:
e3:4c:86:6f:ea:7d:e3:64:bf:14:13:3f:df:0b:bb:96:25:30:
2c:cc:d0:3a:20:f2:01:39:9d:cb:0e:1a:3f:71:bf:ed:02:64:
b5:57:a2:fe:05:20:c1:cb:91:c8:42:56:63:61:1a:23:ff:8a:
7e:af:9d:2d:99:01:21:77:b9:0a:81:08:72:7a:61:15:f1:09:
79:5a:ad:11:62:3d:a0:7e:31:bb:34:80:bd:16:cb:b6:e0:b4:
b2:0b:11:9e:3a:fd:3c:1b:72:a5:95:94:ad:2c:e8:82:ea:04:
8c:2a:39:a1:37:f9:50:f0:ec:e0:f3:a2:1d:6a:4c:fc:65:80:
3b:f7:e3:2c:72:1f:ff:cf:6e:09:48:d0:68:cb:02:db:6e:f4:
24:c0:56:1f:da:b7:d7:0c:32:90:54:1c:b1:02:2d:e6:0b:06:
42:d3:8b:39:f1:6f:22:dc:2e:f2:18:9f:13:4b:7a:c4:93:e2:
9b:21:7e:24:71:db:81:16:d6:28:56:0f:e8:39:79:0b:7d:14:
e3:4d:02:ec
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIATlWrRSPljiBdAzZjxLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjQwMTAyMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTJhNGU4ZDFhOTI1NWJiZjExNTNjYWMzZjcwMjlhMzg2ODZmYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrsgU4jpWpsOXvsS0yWeDD3PWIt5
t/Ubyzrz1bMZR7tAG9ddGdgrvof8/O3Zefv6J4lRLowqV+/9iBT7sXAGR5/T2Qu2
wXuxISQ0o5+XKHCJlJ1nxMnzt+EI8R+Zzp08o+xtMqPWoBcqR3uXCYCmF6+hy5aA
iNI7gwBvNIV9L+yhJECmXm0c0LS++yQIavPWD95wJyHffJhesq2Gm9m7OQbBPCyl
kCk90RBZzQ6A3/gmDiiM5TODV9f/jOtxUDrvWBTrkODbiby8wYgxspAbcDlvQ+Zk
qNUW08NAFzUFfiCeZ7Mz7cXhl8tYH2FYItqIozZ7d2NxjRTZpgs83K+zMQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGUqTo0aklW78RU8rD9wKaOGhvutMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvWlNwT2pScVNWYnZ4RlR5c1AzQXBvNGFHLTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsP
MA0GCSqGSIb3DQEBCwUAA4IBAQBlS7hdTHFNJxuXEQSsdGGiLUemP2nx/UiKnDqy
wPipAnghG65Naea9QZCltk1XPz1u4sKCe0/jTIZv6n3jZL8UEz/fC7uWJTAszNA6
IPIBOZ3LDho/cb/tAmS1V6L+BSDBy5HIQlZjYRoj/4p+r50tmQEhd7kKgQhyemEV
8Ql5Wq0RYj2gfjG7NIC9Fsu24LSyCxGeOv08G3KllZStLOiC6gSMKjmhN/lQ8Ozg
86Idakz8ZYA79+Msch//z24JSNBoywLbbvQkwFYf2rfXDDKQVByxAi3mCwZC04s5
8W8i3C7yGJ8TS3rEk+KbIX4kcduBFtYoVg/oOXkLfRTjTQLs
-----END CERTIFICATE-----
Generated at Sun May 5 21:22:39 2024 by rpki-client on console-ams.rpki-client.org