Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/AfiwHuz1_fE3uWHyqmYCo7emZ3I.roa
File: AfiwHuz1_fE3uWHyqmYCo7emZ3I.roa (raw, json)
Hash identifier: N0wU3ONbWhNXpsxuJEOndCoXX/06wSPyuJ2YS0JuIVs=
Subject key identifier: 01:F8:B0:1E:EC:F5:FD:F1:37:B9:61:F2:AA:66:02:A3:B7:A6:67:72
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 018DEA34D87A6F39DAD82F1F5792CDDFC4D4
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/AfiwHuz1_fE3uWHyqmYCo7emZ3I.roa
Signing time: Tue 27 Feb 2024 10:55:48 +0000
ROA not before: Tue 27 Feb 2024 10:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34224
IP address blocks: 2a01:3e0:2004::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ea:34:d8:7a:6f:39:da:d8:2f:1f:57:92:cd:df:c4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Feb 27 10:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01f8b01eecf5fdf137b961f2aa6602a3b7a66772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2f:fa:66:75:8e:e7:5b:cc:7c:3b:5f:1a:82:
7a:f9:3d:33:df:a8:d6:f5:9e:85:9c:d7:e0:21:16:
ba:56:41:28:56:ec:69:e1:9c:5a:9b:45:3f:c6:1c:
aa:93:71:0c:11:ef:ef:d0:c8:c7:ac:ed:ef:ed:72:
85:fd:b3:e5:5f:4b:b6:80:90:fd:ab:38:ae:9a:6c:
e8:76:76:78:94:59:d6:52:9f:64:17:8e:70:f8:52:
bc:87:36:b8:08:9b:9b:74:29:2a:9c:7a:70:d1:8b:
17:20:9b:cc:26:a5:8c:d9:48:14:f9:4e:dd:b2:ca:
03:3f:06:49:83:c3:16:d2:fa:7a:f4:2b:3c:f5:80:
0d:e9:3f:ea:ec:0b:b8:52:e9:bf:5a:2e:be:3f:5b:
2f:5d:c4:4e:0a:d8:6f:66:63:b4:1a:84:47:d7:8e:
5f:da:23:d6:b2:9e:01:3c:87:5f:d4:2b:08:bf:bf:
30:f9:22:79:1f:8a:38:46:34:b3:6f:10:f7:34:0a:
0f:7e:f7:7e:68:1c:59:ec:55:36:70:8e:2c:71:b5:
33:0f:38:b3:83:b9:9b:b8:a2:dc:90:c9:25:f5:1e:
6e:59:f9:2a:3e:a2:61:f2:6e:f9:c7:65:6f:51:a4:
b1:9d:e4:e9:4c:93:20:19:cf:95:c0:f0:f5:d7:02:
a0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F8:B0:1E:EC:F5:FD:F1:37:B9:61:F2:AA:66:02:A3:B7:A6:67:72
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/AfiwHuz1_fE3uWHyqmYCo7emZ3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:3e0:2004::/48
Signature Algorithm: sha256WithRSAEncryption
5f:f0:e6:f2:fb:35:06:b1:0d:33:51:b1:c0:01:a6:d3:a3:5d:
ef:b6:1c:63:dc:45:32:a8:81:a4:e7:c2:87:4c:3e:0e:99:d6:
3d:34:3b:8b:55:ba:2d:7b:a5:22:07:e8:6b:21:99:86:80:7a:
f5:e7:7c:d1:c1:c5:55:8c:5f:26:94:1d:5b:b1:60:af:24:15:
65:3d:4a:75:9a:e0:58:7b:fe:6c:28:e1:c8:af:a2:78:4b:df:
3c:b9:05:a5:c4:b1:87:6b:0f:5a:5c:37:c9:f1:9c:c4:cc:ca:
14:16:ce:e5:f6:29:c4:b9:b9:58:87:16:50:6f:0e:c6:1d:51:
64:db:0f:fb:25:9f:1a:86:54:bd:ef:99:d6:84:b4:b7:c9:53:
ef:72:10:c1:cf:d7:0b:b5:85:f3:82:92:bb:8f:28:cd:17:09:
3a:99:86:e0:13:98:e3:c6:33:2a:8f:30:c7:73:1f:40:46:72:
1e:ee:41:14:a9:b6:33:a8:27:34:66:aa:3f:5d:f0:9d:ed:84:
f0:fb:c6:b4:0e:7f:2d:e9:9a:37:63:55:f3:52:6a:fa:b2:e6:
8d:d0:ec:c5:c6:92:14:0d:ec:3b:7b:7b:1b:21:c3:2b:52:d7:
df:53:b1:88:ae:c9:23:a6:f8:05:ee:cf:18:e5:cc:91:8f:45:
6d:b8:1c:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY3qNNh6bzna2C8fV5LN38TUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjQwMjI3MTA1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY4YjAxZWVjZjVmZGYxMzdiOTYxZjJhYTY2MDJhM2I3YTY2NzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli/6ZnWO51vMfDtfGoJ6+T0z36jW
9Z6FnNfgIRa6VkEoVuxp4Zxam0U/xhyqk3EMEe/v0MjHrO3v7XKF/bPlX0u2gJD9
qziummzodnZ4lFnWUp9kF45w+FK8hza4CJubdCkqnHpw0YsXIJvMJqWM2UgU+U7d
ssoDPwZJg8MW0vp69Cs89YAN6T/q7Au4Uum/Wi6+P1svXcROCthvZmO0GoRH145f
2iPWsp4BPIdf1CsIv78w+SJ5H4o4RjSzbxD3NAoPfvd+aBxZ7FU2cI4scbUzDziz
g7mbuKLckMkl9R5uWfkqPqJh8m75x2VvUaSxneTpTJMgGc+VwPD11wKgYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAH4sB7s9f3xN7lh8qpmAqO3pmdyMB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvQWZpd0h1ejFfZkUzdVdIeXFtWUNvN2VtWjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgED4CAE
MA0GCSqGSIb3DQEBCwUAA4IBAQBf8Oby+zUGsQ0zUbHAAabTo13vthxj3EUyqIGk
58KHTD4OmdY9NDuLVbote6UiB+hrIZmGgHr153zRwcVVjF8mlB1bsWCvJBVlPUp1
muBYe/5sKOHIr6J4S988uQWlxLGHaw9aXDfJ8ZzEzMoUFs7l9inEublYhxZQbw7G
HVFk2w/7JZ8ahlS975nWhLS3yVPvchDBz9cLtYXzgpK7jyjNFwk6mYbgE5jjxjMq
jzDHcx9ARnIe7kEUqbYzqCc0Zqo/XfCd7YTw+8a0Dn8t6Zo3Y1XzUmr6suaN0OzF
xpIUDew7e3sbIcMrUtffU7GIrskjpvgF7s8Y5cyRj0VtuBwn
-----END CERTIFICATE-----
Generated at Mon May 13 05:24:03 2024 by rpki-client on console-ams.rpki-client.org