Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/GNxOaSVhc6o5iYsH1_6BlBynwnE.roa
File: GNxOaSVhc6o5iYsH1_6BlBynwnE.roa (raw, json)
Hash identifier: olURtEeWvWN6unPvtDM9nWWNX0VWnZtGK/9BqKwAEZE=
Subject key identifier: 18:DC:4E:69:25:61:73:AA:39:89:8B:07:D7:FE:81:94:1C:A7:C2:71
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018CCA2978DF3CADF9F7D621EF615E49DACF
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/GNxOaSVhc6o5iYsH1_6BlBynwnE.roa
Signing time: Tue 02 Jan 2024 12:32:44 +0000
ROA not before: Tue 02 Jan 2024 12:32:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216204
IP address blocks: 2a0e:8f02:f05f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:78:df:3c:ad:f9:f7:d6:21:ef:61:5e:49:da:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 2 12:32:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18dc4e69256173aa39898b07d7fe81941ca7c271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ee:54:dd:a4:5e:44:7a:22:ca:0d:f2:df:b5:
9d:01:e9:31:d3:a9:c9:2c:f4:c7:2e:57:7a:dc:72:
0e:7b:79:e5:99:dd:ac:7a:0a:b0:80:a4:90:bb:ee:
62:70:e6:ab:e9:63:06:8f:4a:ad:8a:2b:9f:35:f6:
b2:f0:c5:48:e8:39:66:c4:fa:04:b0:92:11:bc:c4:
1e:a0:ea:4f:14:c3:e2:04:6f:32:ed:37:4a:ee:22:
40:66:03:d8:52:3a:6c:89:13:ce:86:3e:b2:67:fb:
ef:97:04:59:31:35:1c:9c:d0:af:51:52:fe:c0:fd:
c4:84:07:91:fb:58:8b:34:4f:61:00:87:00:00:8b:
6a:9a:23:6b:2d:e7:2e:2f:53:2a:4c:0a:22:4d:8d:
00:b7:cc:b4:bc:17:95:06:84:10:3e:60:24:e3:97:
e6:f0:00:f8:cc:fa:c8:74:29:81:f8:3c:51:a9:53:
65:66:20:e5:e8:cb:86:58:d2:f7:42:9b:11:86:92:
40:2b:18:bd:93:3f:bb:da:2b:1e:c8:55:32:75:4f:
d4:5c:04:7f:42:86:69:36:71:93:c1:b2:a9:d5:87:
4c:92:69:83:25:16:df:8c:bc:49:11:17:7b:2e:5f:
3e:02:31:a9:76:0f:60:1a:3a:b6:5b:f4:f3:87:93:
d4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:DC:4E:69:25:61:73:AA:39:89:8B:07:D7:FE:81:94:1C:A7:C2:71
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/GNxOaSVhc6o5iYsH1_6BlBynwnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f05f::/48
Signature Algorithm: sha256WithRSAEncryption
15:c0:e9:fb:33:a4:3c:72:ff:84:a4:8c:88:c1:35:50:f8:ea:
8b:89:fc:8e:24:ec:8c:07:2d:ee:56:08:cf:87:d0:c8:71:5a:
64:3e:bb:28:96:81:00:3a:55:92:54:c6:b0:63:82:61:dd:47:
93:ff:98:f7:b6:61:c4:9f:b0:21:1c:57:5b:96:b6:22:9e:20:
63:0a:a9:72:cb:89:30:28:e3:ff:84:25:24:ec:e6:ce:dc:87:
e0:3c:d2:c4:a1:1c:d8:ed:6a:b2:e6:90:da:76:b2:96:4f:9c:
6b:7b:d4:8d:2b:80:ff:1a:2d:e1:07:61:70:60:b4:25:2f:49:
0a:cd:51:3f:18:b1:a4:e5:8f:cc:3b:56:0c:df:16:ac:ee:79:
ef:60:f4:0e:eb:66:eb:d0:cc:3a:38:7c:e1:53:9d:80:f9:74:
32:86:25:40:dc:c7:6f:56:3c:71:d1:08:6d:47:69:b2:d1:2d:
bb:1c:cb:a2:24:f5:0d:68:62:c6:dc:0c:dc:df:63:20:ee:e2:
ea:38:1f:72:a0:57:58:59:87:82:ae:16:b7:5e:9e:e0:d6:bc:
53:2a:56:18:63:7b:57:55:1f:55:8f:a0:04:63:bb:aa:2d:8b:
64:a0:d1:63:70:56:52:fb:ea:e8:cb:3a:93:4a:90:99:19:e7:
01:0e:f4:fe
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKXjfPK3599Yh72FeSdrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQwMTAyMTIzMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGRjNGU2OTI1NjE3M2FhMzk4OThiMDdkN2ZlODE5NDFjYTdjMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+5U3aReRHoiyg3y37WdAekx06nJ
LPTHLld63HIOe3nlmd2segqwgKSQu+5icOar6WMGj0qtiiufNfay8MVI6DlmxPoE
sJIRvMQeoOpPFMPiBG8y7TdK7iJAZgPYUjpsiRPOhj6yZ/vvlwRZMTUcnNCvUVL+
wP3EhAeR+1iLNE9hAIcAAItqmiNrLecuL1MqTAoiTY0At8y0vBeVBoQQPmAk45fm
8AD4zPrIdCmB+DxRqVNlZiDl6MuGWNL3QpsRhpJAKxi9kz+72iseyFUydU/UXAR/
QoZpNnGTwbKp1YdMkmmDJRbfjLxJERd7Ll8+AjGpdg9gGjq2W/Tzh5PUCQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBjcTmklYXOqOYmLB9f+gZQcp8JxMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvR054T2FTVmhjNm81aVlzSDFfNkJsQnlud25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBf
MA0GCSqGSIb3DQEBCwUAA4IBAQAVwOn7M6Q8cv+EpIyIwTVQ+OqLifyOJOyMBy3u
VgjPh9DIcVpkPrsoloEAOlWSVMawY4Jh3UeT/5j3tmHEn7AhHFdblrYiniBjCqly
y4kwKOP/hCUk7ObO3IfgPNLEoRzY7Wqy5pDadrKWT5xre9SNK4D/Gi3hB2FwYLQl
L0kKzVE/GLGk5Y/MO1YM3xas7nnvYPQO62br0Mw6OHzhU52A+XQyhiVA3MdvVjxx
0QhtR2my0S27HMuiJPUNaGLG3Azc32Mg7uLqOB9yoFdYWYeCrha3Xp7g1rxTKlYY
Y3tXVR9Vj6AEY7uqLYtkoNFjcFZS++royzqTSpCZGecBDvT+
-----END CERTIFICATE-----
Generated at Tue May 21 19:01:56 2024 by rpki-client on console-fra.rpki-client.org