Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0OgcExP-7lEsqp39CfNMTIzZ3SI.roa
File: 0OgcExP-7lEsqp39CfNMTIzZ3SI.roa (raw, json)
Hash identifier: Wx3mc3a6sKL7BVMUtqh+yVPQSNuTxU0/zIZfxyvkQKY=
Subject key identifier: D0:E8:1C:13:13:FE:EE:51:2C:AA:9D:FD:09:F3:4C:4C:8C:D9:DD:22
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018F4C89985BAAD2A40C5F3C7A307742452E
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0OgcExP-7lEsqp39CfNMTIzZ3SI.roa
Signing time: Mon 06 May 2024 06:13:56 +0000
ROA not before: Mon 06 May 2024 06:13:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214999
IP address blocks: 2a0e:8f02:f06d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:89:98:5b:aa:d2:a4:0c:5f:3c:7a:30:77:42:45:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: May 6 06:13:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0e81c1313feee512caa9dfd09f34c4c8cd9dd22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1d:f0:b9:57:ed:f6:ff:4e:54:60:9d:90:e5:
6a:cb:05:91:ba:10:30:77:b9:36:2a:8a:4a:7e:b9:
7e:bc:9b:1a:ed:e5:82:c4:44:90:87:e3:2b:16:64:
0a:b7:ad:5e:ee:c8:d8:19:91:50:97:89:0f:f2:16:
c9:71:7a:8a:19:da:2a:32:dd:66:d6:58:0c:ec:a2:
91:66:5b:94:be:36:f7:e7:c5:17:ac:96:e8:68:3e:
c1:3c:c9:5c:7d:59:63:07:ad:bf:61:b6:dd:5e:b1:
fc:ad:17:7c:48:fa:22:75:af:ce:1e:94:96:47:34:
9c:9a:b8:a3:36:9d:b9:ef:ea:69:21:ab:f8:d7:80:
db:2e:be:4f:0d:da:61:c6:f9:1f:67:14:05:e8:55:
41:56:c5:40:8f:1d:b1:28:f5:95:05:89:9b:73:82:
bc:89:fc:eb:b3:74:7b:96:6c:d9:c0:a3:9b:89:14:
32:b3:90:c8:9e:b0:ba:0b:18:ab:bf:c2:b9:06:c6:
79:28:05:40:cc:fc:74:47:16:61:7e:01:57:4a:00:
28:5b:9a:2f:d1:77:e3:02:f2:00:74:5d:19:d8:a7:
6a:46:61:4f:60:42:e0:ab:aa:c1:41:71:a4:b0:29:
7f:0c:42:3e:dc:2f:66:33:af:c2:09:16:8e:0d:4c:
cf:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E8:1C:13:13:FE:EE:51:2C:AA:9D:FD:09:F3:4C:4C:8C:D9:DD:22
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0OgcExP-7lEsqp39CfNMTIzZ3SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f06d::/48
Signature Algorithm: sha256WithRSAEncryption
26:90:fd:b3:10:c6:73:54:0b:58:16:82:89:dc:a6:5f:d7:9b:
bb:be:37:4a:36:7d:33:a3:c2:e3:c0:77:57:c6:d5:ca:e7:87:
8c:20:cb:ab:5f:37:19:ee:08:8d:a6:2c:01:81:da:10:a3:bc:
f9:70:54:80:dd:e1:cd:31:ea:2d:45:11:82:b8:67:c8:c4:ca:
88:35:a0:c1:c7:42:61:34:0c:84:7d:82:2e:d0:9c:ec:7a:4b:
44:cd:f4:e1:88:19:1e:24:a0:0d:bd:71:74:a5:88:32:0b:6a:
54:31:73:7b:2e:22:fd:94:8d:76:a1:17:28:14:97:1f:fa:18:
22:c7:24:e8:a4:18:df:34:1b:db:ca:56:9e:33:90:b9:99:05:
d7:fe:c6:4e:19:c9:2b:93:54:19:c4:cd:3f:33:f8:7b:ef:cf:
c7:51:27:35:41:7e:68:8a:99:98:60:28:50:81:b4:ca:01:40:
55:ce:28:f8:1b:7a:4e:1e:1a:7f:a2:70:b0:93:a3:3f:13:0e:
25:21:8a:da:cd:3a:a8:36:3b:97:bd:65:dc:01:97:59:36:cc:
63:d0:07:90:f5:38:db:73:5c:5a:2e:fe:82:e4:38:8f:ba:0a:
b0:e1:a5:a8:34:09:e8:e0:30:d7:94:ad:69:c3:21:41:05:20:
b4:45:84:02
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY9MiZhbqtKkDF88ejB3QkUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQwNTA2MDYxMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGU4MWMxMzEzZmVlZTUxMmNhYTlkZmQwOWYzNGM0YzhjZDlkZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR3wuVft9v9OVGCdkOVqywWRuhAw
d7k2KopKfrl+vJsa7eWCxESQh+MrFmQKt61e7sjYGZFQl4kP8hbJcXqKGdoqMt1m
1lgM7KKRZluUvjb358UXrJboaD7BPMlcfVljB62/YbbdXrH8rRd8SPoida/OHpSW
RzScmrijNp257+ppIav414DbLr5PDdphxvkfZxQF6FVBVsVAjx2xKPWVBYmbc4K8
ifzrs3R7lmzZwKObiRQys5DInrC6Cxirv8K5BsZ5KAVAzPx0RxZhfgFXSgAoW5ov
0XfjAvIAdF0Z2KdqRmFPYELgq6rBQXGksCl/DEI+3C9mM6/CCRaODUzPUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNDoHBMT/u5RLKqd/QnzTEyM2d0iMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvME9nY0V4UC03bEVzcXAzOUNmTk1USXpaM1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBt
MA0GCSqGSIb3DQEBCwUAA4IBAQAmkP2zEMZzVAtYFoKJ3KZf15u7vjdKNn0zo8Lj
wHdXxtXK54eMIMurXzcZ7giNpiwBgdoQo7z5cFSA3eHNMeotRRGCuGfIxMqINaDB
x0JhNAyEfYIu0JzsektEzfThiBkeJKANvXF0pYgyC2pUMXN7LiL9lI12oRcoFJcf
+hgixyTopBjfNBvbylaeM5C5mQXX/sZOGckrk1QZxM0/M/h778/HUSc1QX5oipmY
YChQgbTKAUBVzij4G3pOHhp/onCwk6M/Ew4lIYrazTqoNjuXvWXcAZdZNsxj0AeQ
9Tjbc1xaLv6C5DiPugqw4aWoNAno4DDXlK1pwyFBBSC0RYQC
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:03:15 2024 by rpki-client on console-ams.rpki-client.org