Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/uQEz2-rNbxgytpXCNU0x5qfSjhg.roa
File: uQEz2-rNbxgytpXCNU0x5qfSjhg.roa (raw, json)
Hash identifier: dPfchWycWktpLuqDYThh/D1FXRf2dL13u18nlfbxJ80=
Subject key identifier: B9:01:33:DB:EA:CD:6F:18:32:B6:95:C2:35:4D:31:E6:A7:D2:8E:18
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 018CC80137561762D79ABB5F583BB447BEDF
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/uQEz2-rNbxgytpXCNU0x5qfSjhg.roa
Signing time: Tue 02 Jan 2024 02:29:32 +0000
ROA not before: Tue 02 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39779
IP address blocks: 2a01:488:bb06::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:37:56:17:62:d7:9a:bb:5f:58:3b:b4:47:be:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b90133dbeacd6f1832b695c2354d31e6a7d28e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f8:55:f2:e5:b7:62:5e:62:35:47:f7:be:63:
0e:5e:ae:35:e8:c0:c2:cd:aa:df:3d:e9:2f:98:18:
0e:37:16:88:43:8f:f8:06:14:f5:84:e5:ca:1c:c1:
83:d1:75:a2:31:1c:ea:2f:1a:20:27:71:1a:16:d6:
ce:7c:ca:02:de:38:05:20:d4:e0:42:ca:d9:b0:b3:
3f:eb:5b:b9:7a:4f:ed:8d:7b:5f:83:c7:53:0d:f8:
4f:08:4f:3a:0b:52:94:50:ea:06:1f:48:45:71:74:
9d:85:ac:2d:fc:7a:2a:af:98:ef:3b:3b:39:5c:d5:
2f:44:43:06:93:db:28:f1:f9:68:fc:73:de:3a:48:
0f:96:17:fc:f9:8b:9c:23:00:e4:96:2b:94:5a:f9:
97:93:d6:af:5b:24:31:fe:15:00:32:70:66:35:b0:
b4:fa:47:e7:d4:3c:96:44:fc:32:d7:90:27:1e:c0:
33:d4:23:a5:8d:e7:09:9c:ac:47:58:ee:4a:d4:ad:
82:e3:b2:76:e7:f0:8b:20:97:b3:c4:34:46:02:ed:
25:17:c7:e1:c7:d3:24:a3:38:1f:0d:56:0f:6f:94:
03:6b:11:f6:0a:72:f1:c9:f6:ce:38:0d:bc:86:c3:
45:1e:b4:62:98:b5:d0:cb:09:ce:09:ee:d1:a8:52:
9f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:01:33:DB:EA:CD:6F:18:32:B6:95:C2:35:4D:31:E6:A7:D2:8E:18
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/uQEz2-rNbxgytpXCNU0x5qfSjhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb06::/48
Signature Algorithm: sha256WithRSAEncryption
15:59:3d:8b:b3:fe:f1:08:dc:0e:4e:1f:03:a3:b4:02:f7:52:
ff:6e:25:bb:ec:40:32:21:e1:46:e8:51:37:45:77:13:23:0f:
f1:c8:44:7f:28:6e:80:e7:44:7f:fd:a8:b4:82:49:2f:e1:00:
8a:39:c1:fa:fe:18:16:af:b2:11:bc:2f:e1:9b:b2:e2:6f:b2:
d9:96:3c:54:aa:62:5f:0a:99:20:15:03:4c:57:ad:cc:a9:ca:
a3:d8:b5:df:21:83:5c:80:a5:d7:3d:a5:f9:6e:31:80:b8:60:
48:35:db:34:7a:db:1f:75:f6:20:d8:4f:40:5d:27:4f:92:8e:
b9:a1:51:87:17:b2:9c:b3:53:68:f9:fc:4f:60:12:0b:31:08:
41:57:82:47:8a:45:a8:d9:52:5e:9a:e1:3a:4e:83:2a:af:35:
03:1a:4e:19:dd:e1:32:5a:19:e5:f1:f9:ec:bd:04:05:a8:3a:
e3:7c:3e:7d:ac:ba:9a:e4:d7:c5:2b:b9:db:4b:af:3a:fa:f2:
98:89:07:ac:89:99:04:15:95:a5:b1:58:9a:e1:a8:76:b9:ee:
21:3b:6a:64:30:98:7c:59:dd:50:5a:a9:ef:dd:46:14:a1:e1:
16:07:39:3b:b6:a6:6e:e9:b0:58:80:16:c0:21:20:b8:78:7c:
c4:d4:ea:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIATdWF2LXmrtfWDu0R77fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjQwMTAyMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTAxMzNkYmVhY2Q2ZjE4MzJiNjk1YzIzNTRkMzFlNmE3ZDI4ZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/hV8uW3Yl5iNUf3vmMOXq416MDC
zarfPekvmBgONxaIQ4/4BhT1hOXKHMGD0XWiMRzqLxogJ3EaFtbOfMoC3jgFINTg
QsrZsLM/61u5ek/tjXtfg8dTDfhPCE86C1KUUOoGH0hFcXSdhawt/Hoqr5jvOzs5
XNUvREMGk9so8flo/HPeOkgPlhf8+YucIwDkliuUWvmXk9avWyQx/hUAMnBmNbC0
+kfn1DyWRPwy15AnHsAz1COljecJnKxHWO5K1K2C47J25/CLIJezxDRGAu0lF8fh
x9MkozgfDVYPb5QDaxH2CnLxyfbOOA28hsNFHrRimLXQywnOCe7RqFKf8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLkBM9vqzW8YMraVwjVNMean0o4YMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvdVFFejItck5ieGd5dHBYQ05VMHg1cWZTamhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsG
MA0GCSqGSIb3DQEBCwUAA4IBAQAVWT2Ls/7xCNwOTh8Do7QC91L/biW77EAyIeFG
6FE3RXcTIw/xyER/KG6A50R//ai0gkkv4QCKOcH6/hgWr7IRvC/hm7Lib7LZljxU
qmJfCpkgFQNMV63Mqcqj2LXfIYNcgKXXPaX5bjGAuGBINds0etsfdfYg2E9AXSdP
ko65oVGHF7Kcs1No+fxPYBILMQhBV4JHikWo2VJemuE6ToMqrzUDGk4Z3eEyWhnl
8fnsvQQFqDrjfD59rLqa5NfFK7nbS686+vKYiQesiZkEFZWlsVia4ah2ue4hO2pk
MJh8Wd1QWqnv3UYUoeEWBzk7tqZu6bBYgBbAISC4eHzE1Oq+
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:19:59 2024 by rpki-client on console-ams.rpki-client.org