Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/pZu-bDgPhxJkVqbPXwJnJtXjBek.roa
File: pZu-bDgPhxJkVqbPXwJnJtXjBek.roa (raw, json)
Hash identifier: f8ukUibkOhBcM06gkY2OuwEuwu9xUUCAKHqpGAI4B3g=
Subject key identifier: A5:9B:BE:6C:38:0F:87:12:64:56:A6:CF:5F:02:67:26:D5:E3:05:E9
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018CC94D096C25E601372A1B029C1045274D
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/pZu-bDgPhxJkVqbPXwJnJtXjBek.roa
Signing time: Tue 02 Jan 2024 08:31:58 +0000
ROA not before: Tue 02 Jan 2024 08:31:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203236
IP address blocks: 2a0a:280:1500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.mft
rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:09:6c:25:e6:01:37:2a:1b:02:9c:10:45:27:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 08:31:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a59bbe6c380f87126456a6cf5f026726d5e305e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:00:39:9a:5f:ab:c9:6f:15:56:dd:62:c5:7a:
65:01:2f:c5:37:2b:79:79:0e:ff:d8:e5:11:70:a2:
0b:25:d6:80:bf:6f:e2:fd:4f:4d:60:c2:04:e5:e8:
6a:a8:94:a3:79:87:43:1a:d6:e1:48:63:09:90:51:
84:aa:fb:44:5d:e4:aa:4a:02:43:e0:6a:b4:bf:05:
c7:c6:2a:45:c4:bd:15:5a:3b:e9:3e:a1:17:d0:87:
f4:4f:14:6a:56:62:38:69:6b:88:ac:ab:73:9e:fe:
c4:ec:c0:ef:0f:ab:1e:b1:5e:f5:f8:fd:e3:f9:7f:
b9:53:a8:a1:af:99:71:86:92:1d:33:8b:d9:8f:fd:
a8:0e:93:3c:aa:28:6c:19:68:c9:df:4b:1e:63:d7:
27:14:6d:a6:cc:d5:ff:e2:8c:28:a9:cb:3c:d6:ec:
a6:b3:fd:6f:e5:9c:6e:da:5b:c6:2d:26:0b:74:fe:
c3:23:f8:c7:e8:3e:92:50:6e:d7:df:ad:62:83:99:
83:b7:af:af:7e:10:9f:23:9a:93:8f:e8:59:b6:3d:
70:14:6f:11:fe:3f:26:f4:60:cf:64:de:92:ba:ba:
2e:2d:87:93:c4:14:e6:52:f8:81:fa:94:0a:8a:a8:
23:17:b7:61:6d:ce:67:e2:00:91:de:33:55:e5:a2:
2f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:9B:BE:6C:38:0F:87:12:64:56:A6:CF:5F:02:67:26:D5:E3:05:E9
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/pZu-bDgPhxJkVqbPXwJnJtXjBek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1500::/40
Signature Algorithm: sha256WithRSAEncryption
1a:d6:cc:f4:e2:10:7b:11:3a:1d:57:31:48:6e:35:f3:9f:9b:
0e:8d:3e:44:f6:42:01:7e:8b:5c:3b:6f:fb:bc:ba:d2:39:a8:
81:b4:3e:c1:7c:f8:b7:5f:eb:11:18:65:63:0b:49:7c:5e:a7:
c1:9b:08:71:b8:f3:e0:10:49:73:a2:8d:40:f5:9e:a3:5b:dd:
e5:e7:4f:e7:5f:c5:af:8a:90:ab:da:89:f6:72:f5:be:b6:55:
b3:5d:40:00:9b:e7:61:e0:72:02:35:91:ea:55:cf:99:1f:24:
67:70:68:f1:75:04:0a:0a:7c:28:f6:90:0b:41:24:ca:9d:90:
fd:aa:da:1b:bd:2f:0b:96:03:36:03:d0:4f:8a:22:6c:1d:43:
48:ee:10:60:be:8e:d0:b3:d7:ed:ad:13:bd:f1:db:d2:6b:1c:
ec:9b:14:be:72:19:76:79:b7:14:0b:8d:1c:c6:d4:f6:15:54:
b0:50:e3:6e:89:89:b7:db:e6:19:ff:79:e7:b9:63:0c:df:9d:
c2:4a:a7:46:48:c3:86:17:ce:d3:2b:86:c9:e9:97:6f:d8:3c:
a2:22:cc:f6:aa:5e:7b:ae:7a:97:d1:00:89:0a:cb:c7:c6:b9:
ea:f7:bd:84:c1:c3:63:b5:a6:fd:df:72:c9:fd:89:f5:5e:79:
7a:8d:88:f5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJTQlsJeYBNyobApwQRSdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjQwMTAyMDgzMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTliYmU2YzM4MGY4NzEyNjQ1NmE2Y2Y1ZjAyNjcyNmQ1ZTMwNWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQA5ml+ryW8VVt1ixXplAS/FNyt5
eQ7/2OURcKILJdaAv2/i/U9NYMIE5ehqqJSjeYdDGtbhSGMJkFGEqvtEXeSqSgJD
4Gq0vwXHxipFxL0VWjvpPqEX0If0TxRqVmI4aWuIrKtznv7E7MDvD6sesV71+P3j
+X+5U6ihr5lxhpIdM4vZj/2oDpM8qihsGWjJ30seY9cnFG2mzNX/4owoqcs81uym
s/1v5Zxu2lvGLSYLdP7DI/jH6D6SUG7X361ig5mDt6+vfhCfI5qTj+hZtj1wFG8R
/j8m9GDPZN6SurouLYeTxBTmUviB+pQKiqgjF7dhbc5n4gCR3jNV5aIvewIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKWbvmw4D4cSZFamz18CZybV4wXpMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvcFp1LWJEZ1BoeEprVnFiUFh3Sm5KdFhqQmVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBUw
DQYJKoZIhvcNAQELBQADggEBABrWzPTiEHsROh1XMUhuNfOfmw6NPkT2QgF+i1w7
b/u8utI5qIG0PsF8+Ldf6xEYZWMLSXxep8GbCHG48+AQSXOijUD1nqNb3eXnT+df
xa+KkKvaifZy9b62VbNdQACb52HgcgI1kepVz5kfJGdwaPF1BAoKfCj2kAtBJMqd
kP2q2hu9LwuWAzYD0E+KImwdQ0juEGC+jtCz1+2tE73x29JrHOybFL5yGXZ5txQL
jRzG1PYVVLBQ426Jibfb5hn/eee5YwzfncJKp0ZIw4YXztMrhsnpl2/YPKIizPaq
XnuuepfRAIkKy8fGuer3vYTBw2O1pv3fcsn9ifVeeXqNiPU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:52:53 2024 by rpki-client on console-ams.rpki-client.org