Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/0FCf-SIwjyhfDHFXQ2CC02ZN9jU.roa
File: 0FCf-SIwjyhfDHFXQ2CC02ZN9jU.roa (raw, json)
Hash identifier: oJaiEVA9lbMqA554Uf4vTyDqfJFpHVepd5tKojeryZs=
Subject key identifier: D0:50:9F:F9:22:30:8F:28:5F:0C:71:57:43:60:82:D3:66:4D:F6:35
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018CC94D009279D7312D2D4DC7EC436D37AF
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/0FCf-SIwjyhfDHFXQ2CC02ZN9jU.roa
Signing time: Tue 02 Jan 2024 08:31:56 +0000
ROA not before: Tue 02 Jan 2024 08:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150249
IP address blocks: 2a0a:280:2a00::/40 maxlen: 48
2a0a:280:2e00::/39 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.mft
rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:00:92:79:d7:31:2d:2d:4d:c7:ec:43:6d:37:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 08:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0509ff922308f285f0c7157436082d3664df635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:47:5d:d7:da:90:aa:ab:1d:6a:71:df:c5:12:
7e:a2:79:c5:86:b9:8a:16:67:98:50:6a:d3:20:d3:
48:0a:81:03:fc:17:aa:1f:54:6c:bd:2d:a1:ff:2a:
a6:e8:7c:79:be:84:38:ae:60:9e:26:82:58:93:39:
84:56:b2:d0:18:21:9f:ea:78:fc:26:87:7b:21:55:
77:3c:eb:fe:a4:df:08:7c:f1:3e:23:97:4b:1d:eb:
b6:59:05:bb:b7:6a:6e:68:71:3f:71:16:c1:98:0a:
5c:ac:75:2f:33:69:6f:ab:3e:54:71:05:e2:e7:23:
e4:27:5e:ab:24:b5:bd:4f:f7:25:a1:33:ff:63:0e:
9f:09:bd:61:ad:59:00:0b:9b:46:15:07:80:c2:60:
01:87:93:98:8a:41:9e:ee:b0:41:57:a6:d3:00:01:
a7:fc:3a:80:39:cc:fb:c5:fd:19:22:6c:ac:20:a8:
80:c2:ea:89:20:f3:8c:12:a1:1a:e5:2b:ee:91:7f:
d3:61:2e:b5:b7:f6:9c:4b:d9:3d:1e:33:db:57:b5:
80:00:9e:38:28:f2:38:4c:ad:fa:b2:2c:02:fe:27:
0a:62:4e:68:14:81:7e:f5:4a:f7:68:68:5a:9d:a6:
aa:9b:dd:87:77:21:51:25:c8:b5:8f:44:c6:93:d3:
14:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:50:9F:F9:22:30:8F:28:5F:0C:71:57:43:60:82:D3:66:4D:F6:35
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/0FCf-SIwjyhfDHFXQ2CC02ZN9jU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2a00::/40
2a0a:280:2e00::/39
Signature Algorithm: sha256WithRSAEncryption
67:2c:a6:4d:50:dd:3a:23:39:6d:40:0d:cb:8a:08:7b:aa:0e:
3e:33:8b:5a:9f:56:83:5a:d9:b4:62:04:d8:ab:71:1c:d3:33:
8d:30:02:ca:df:2f:3f:47:ba:dd:30:51:dc:bd:eb:ca:8b:e0:
05:d9:c2:80:96:e2:22:6e:01:33:ca:3d:43:19:dd:32:67:f9:
a1:92:9d:3d:fe:69:86:a1:7e:84:ff:7a:8e:c2:b2:07:36:55:
57:90:e6:67:2b:01:22:89:dc:1c:0a:6f:a1:8f:75:5b:69:0a:
b8:cc:1e:ba:2e:69:a6:bd:2e:12:cc:b1:09:57:12:9d:e9:f3:
0e:5b:3e:7f:33:72:b6:a5:c7:1d:3d:a1:94:b1:5d:98:59:51:
f6:1b:7f:2c:b1:8e:8c:43:71:01:2d:b8:76:1d:b4:41:40:11:
51:61:3b:7c:c7:a9:d2:2b:31:ae:1b:80:c4:f0:7a:65:6e:b0:
3c:63:cf:58:a2:c0:8b:ec:84:a5:78:13:48:30:fb:a3:5d:1e:
7f:1e:ee:9e:11:f3:0b:73:7e:fe:3a:14:fb:aa:25:bf:d2:d8:
5f:ac:80:4f:ad:b0:e3:1c:8d:dc:53:16:11:9f:a3:d4:c3:03:
fe:da:4b:f9:14:cb:72:6b:f5:a1:2d:78:c1:36:94:94:1f:bf:
9d:13:0a:e7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzJTQCSedcxLS1Nx+xDbTevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjQwMTAyMDgzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDUwOWZmOTIyMzA4ZjI4NWYwYzcxNTc0MzYwODJkMzY2NGRmNjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUdd19qQqqsdanHfxRJ+onnFhrmK
FmeYUGrTINNICoED/BeqH1RsvS2h/yqm6Hx5voQ4rmCeJoJYkzmEVrLQGCGf6nj8
Jod7IVV3POv+pN8IfPE+I5dLHeu2WQW7t2puaHE/cRbBmApcrHUvM2lvqz5UcQXi
5yPkJ16rJLW9T/cloTP/Yw6fCb1hrVkAC5tGFQeAwmABh5OYikGe7rBBV6bTAAGn
/DqAOcz7xf0ZImysIKiAwuqJIPOMEqEa5SvukX/TYS61t/acS9k9HjPbV7WAAJ44
KPI4TK36siwC/icKYk5oFIF+9Ur3aGhanaaqm92HdyFRJci1j0TGk9MU8QIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNBQn/kiMI8oXwxxV0NggtNmTfY1MB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvMEZDZi1TSXdqeWhmREhGWFEyQ0MwMlpOOWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgoCgCoD
BgEqCgKALjANBgkqhkiG9w0BAQsFAAOCAQEAZyymTVDdOiM5bUANy4oIe6oOPjOL
Wp9Wg1rZtGIE2KtxHNMzjTACyt8vP0e63TBR3L3ryovgBdnCgJbiIm4BM8o9Qxnd
Mmf5oZKdPf5phqF+hP96jsKyBzZVV5DmZysBIoncHApvoY91W2kKuMweui5ppr0u
EsyxCVcSnenzDls+fzNytqXHHT2hlLFdmFlR9ht/LLGOjENxAS24dh20QUARUWE7
fMep0isxrhuAxPB6ZW6wPGPPWKLAi+yEpXgTSDD7o10efx7unhHzC3N+/joU+6ol
v9LYX6yAT62w4xyN3FMWEZ+j1MMD/tpL+RTLcmv1oS14wTaUlB+/nRMK5w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:22 2024 by rpki-client on console-fra.rpki-client.org