Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/r-pWZtY6PHzZUtrLVHgmYVqhibs.roa
File: r-pWZtY6PHzZUtrLVHgmYVqhibs.roa (raw, json)
Hash identifier: dBntIJudF5zpzD/YcnJ5cFAEa85n70cQWOiQcj1F1cU=
Subject key identifier: AF:EA:56:66:D6:3A:3C:7C:D9:52:DA:CB:54:78:26:61:5A:A1:89:BB
Certificate issuer: /CN=f8ad543624f8d3281ec970458ee752f10a424529
Certificate serial: 018CC795306E38682F9208F2D96D00708EC5
Authority key identifier: F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/r-pWZtY6PHzZUtrLVHgmYVqhibs.roa
Signing time: Tue 02 Jan 2024 00:31:32 +0000
ROA not before: Tue 02 Jan 2024 00:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47232
IP address blocks: 2a0f:fec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:30:6e:38:68:2f:92:08:f2:d9:6d:00:70:8e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8ad543624f8d3281ec970458ee752f10a424529
Validity
Not Before: Jan 2 00:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afea5666d63a3c7cd952dacb547826615aa189bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1e:de:ea:2f:e2:f3:10:8b:e8:97:2d:4f:70:
8b:1a:4a:d2:59:e4:96:b3:ad:4b:4d:d4:40:51:04:
01:f5:d3:af:2b:b9:c9:45:90:12:a3:07:8e:cd:e6:
00:8c:de:e0:5a:e7:e6:a4:a7:fd:1a:d3:16:36:cf:
1c:f1:fe:67:68:fb:ab:c7:a1:42:f7:5b:96:f0:c0:
3b:e1:f5:51:8d:ac:4c:45:e4:5a:a0:f2:a9:c3:3f:
c7:fd:f4:06:0f:38:6a:01:15:9d:bb:cb:28:4e:b7:
0a:49:12:9b:df:7f:d2:e3:8d:38:66:8a:40:b3:ec:
ff:b2:f9:b9:1d:73:da:64:ee:4a:17:13:60:50:22:
11:56:67:68:d9:47:cd:7a:e4:32:a3:49:71:4a:a4:
44:b0:dc:0c:07:2d:f1:87:a1:17:85:df:f1:3c:55:
62:e4:36:55:0e:a3:dc:96:28:59:7f:1a:c9:63:aa:
fd:03:16:9e:48:24:82:61:fa:c7:c1:e1:1c:ee:41:
e4:f0:0a:70:fe:75:60:9a:b9:ef:5b:c3:c9:ed:92:
c3:97:7c:7e:cd:7f:40:24:f7:07:81:67:e3:1a:f8:
41:19:5c:78:cb:07:30:b7:f4:f8:f5:e4:8c:31:58:
d3:6e:90:a2:8b:34:f2:3c:d8:a2:99:87:4f:09:66:
de:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EA:56:66:D6:3A:3C:7C:D9:52:DA:CB:54:78:26:61:5A:A1:89:BB
X509v3 Authority Key Identifier:
keyid:F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/r-pWZtY6PHzZUtrLVHgmYVqhibs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:fec0::/29
Signature Algorithm: sha256WithRSAEncryption
41:c3:41:79:aa:71:41:11:61:92:fd:3c:14:d6:4b:20:6d:dd:
e0:60:ab:b9:c6:19:95:06:18:7e:11:0c:8d:a6:a0:7e:ff:ee:
2d:f6:95:46:f4:66:72:24:8b:fa:6a:c5:06:bf:ca:67:a2:07:
51:49:bf:74:d0:ec:fb:62:f6:97:d5:2a:2e:1e:47:ce:96:7c:
fa:72:a9:31:13:5a:3b:d9:80:fd:18:ad:2a:3b:cd:85:77:5d:
91:70:26:6d:6d:d0:40:27:07:46:6c:57:7f:a5:eb:c4:49:03:
e1:0b:8c:fe:a5:6c:83:04:89:e6:c9:75:ab:74:7f:02:85:41:
dc:a1:db:56:0b:4c:b1:95:d5:87:b0:7d:f4:78:0c:44:8b:89:
e3:24:75:05:af:f3:15:2b:15:5b:75:73:3e:cb:6d:ac:01:91:
c9:cd:30:f0:55:6a:30:6f:b8:8b:e8:0e:86:61:39:9a:be:1f:
4f:91:d2:59:23:2c:83:71:54:3f:70:53:09:4c:94:3f:e6:1f:
5d:50:56:2d:25:3f:71:b4:bf:b8:a9:1d:2f:1a:a4:68:46:cb:
8b:06:f6:f7:af:22:35:66:73:cb:2e:d3:fc:c0:3e:04:a1:23:
dc:6d:6b:dd:b4:7e:d4:13:8d:b2:41:48:c8:b7:12:7e:18:f3:
72:71:27:a3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHlTBuOGgvkgjy2W0AcI7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWQ1NDM2MjRmOGQzMjgxZWM5NzA0NThlZTc1MmYxMGE0
MjQ1MjkwHhcNMjQwMTAyMDAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVhNTY2NmQ2M2EzYzdjZDk1MmRhY2I1NDc4MjY2MTVhYTE4OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgB7e6i/i8xCL6JctT3CLGkrSWeSW
s61LTdRAUQQB9dOvK7nJRZASoweOzeYAjN7gWufmpKf9GtMWNs8c8f5naPurx6FC
91uW8MA74fVRjaxMReRaoPKpwz/H/fQGDzhqARWdu8soTrcKSRKb33/S4404ZopA
s+z/svm5HXPaZO5KFxNgUCIRVmdo2UfNeuQyo0lxSqREsNwMBy3xh6EXhd/xPFVi
5DZVDqPclihZfxrJY6r9AxaeSCSCYfrHweEc7kHk8Apw/nVgmrnvW8PJ7ZLDl3x+
zX9AJPcHgWfjGvhBGVx4ywcwt/T49eSMMVjTbpCiizTyPNiimYdPCWbeiQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK/qVmbWOjx82VLay1R4JmFaoYm7MB8GA1UdIwQY
MBaAFPitVDYk+NMoHslwRY7nUvEKQkUpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LMVVOaVQ0MHlnZXlYQkZqdWRTOFFwQ1JTay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5
LThhMTFiNDcxOWQ4Mi8xL3ItcFdadFk2UEh6WlV0ckxWSGdtWVZxaGlicy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5LThhMTFiNDcxOWQ4
Mi8xLzEtSzFVTmlUNDB5Z2V5WEJGanVkUzhRcENSU2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqD/7A
MA0GCSqGSIb3DQEBCwUAA4IBAQBBw0F5qnFBEWGS/TwU1ksgbd3gYKu5xhmVBhh+
EQyNpqB+/+4t9pVG9GZyJIv6asUGv8pnogdRSb900Oz7YvaX1SouHkfOlnz6cqkx
E1o72YD9GK0qO82Fd12RcCZtbdBAJwdGbFd/pevESQPhC4z+pWyDBInmyXWrdH8C
hUHcodtWC0yxldWHsH30eAxEi4njJHUFr/MVKxVbdXM+y22sAZHJzTDwVWowb7iL
6A6GYTmavh9PkdJZIyyDcVQ/cFMJTJQ/5h9dUFYtJT9xtL+4qR0vGqRoRsuLBvb3
ryI1ZnPLLtP8wD4EoSPcbWvdtH7UE42yQUjItxJ+GPNycSej
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:13 2024 by rpki-client on console-ams.rpki-client.org