Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/STNXW1yU6JbBbtMzs6FgCvUsc_A.roa
File: STNXW1yU6JbBbtMzs6FgCvUsc_A.roa (raw, json)
Hash identifier: jHhb6Pt7XksXoFpn902Zk/gC7p1/xfg4WQ1cUnvFVmg=
Subject key identifier: 49:33:57:5B:5C:94:E8:96:C1:6E:D3:33:B3:A1:60:0A:F5:2C:73:F0
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018CCA295A8CF20745F9F5E78271C5770563
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/STNXW1yU6JbBbtMzs6FgCvUsc_A.roa
Signing time: Tue 02 Jan 2024 12:32:36 +0000
ROA not before: Tue 02 Jan 2024 12:32:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201733
IP address blocks: 2a0e:8f02:f051::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:5a:8c:f2:07:45:f9:f5:e7:82:71:c5:77:05:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 2 12:32:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4933575b5c94e896c16ed333b3a1600af52c73f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f2:5a:fc:65:75:44:ac:57:fa:e6:6f:21:ba:
04:2f:50:9b:bb:28:7d:38:99:99:f6:f9:37:4e:96:
c7:ef:1e:7e:a8:42:9c:ea:0f:cd:4a:b3:b6:b8:47:
6d:a1:f3:2b:59:a5:37:c3:66:ca:d3:8a:21:ea:55:
b0:d8:67:ad:6f:e0:8c:17:bf:04:58:26:66:47:db:
ca:65:a5:88:01:d3:65:72:e3:ed:59:66:d5:ff:f7:
fa:c1:af:99:cd:44:bd:c7:b6:15:e8:aa:e9:b8:20:
38:50:d0:bb:cf:df:7d:05:de:05:a2:53:c4:1f:b4:
9f:57:19:41:cb:10:a1:21:87:d0:51:94:ea:ff:89:
16:76:8a:0e:de:da:be:50:45:1b:bf:16:10:bc:16:
2b:bb:93:3f:13:27:69:32:0e:9f:0b:57:1c:c0:2a:
71:c7:d7:fd:17:cb:47:9a:c8:9a:73:60:96:61:60:
69:91:e7:d6:53:03:83:b4:33:e6:15:0f:12:fc:f9:
fb:a3:c1:7b:72:46:bb:15:db:13:6d:6e:d0:c1:68:
39:3a:9c:b5:c2:9e:6c:95:5d:da:b8:eb:4c:fa:d8:
15:f0:50:a3:bc:b3:2a:80:c7:4d:85:00:8e:b4:d2:
e2:07:54:1d:c2:45:c1:f8:29:d0:21:99:0c:d7:76:
13:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:33:57:5B:5C:94:E8:96:C1:6E:D3:33:B3:A1:60:0A:F5:2C:73:F0
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/STNXW1yU6JbBbtMzs6FgCvUsc_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f051::/48
Signature Algorithm: sha256WithRSAEncryption
2c:ff:fd:cc:4a:f0:1b:30:c6:93:c3:9a:ef:1a:ac:f0:12:f3:
29:f2:70:fe:8c:2d:09:bf:cf:f2:ef:f2:6d:e2:36:bc:c9:e4:
a3:90:ed:47:ee:45:e9:6c:89:6b:2b:9a:30:58:9f:da:7a:cc:
1c:07:10:54:d7:9f:15:f8:10:35:dd:60:71:29:24:f3:2b:6e:
de:47:ee:6e:b2:26:c7:1d:0c:63:f1:d6:fd:b5:dc:e9:36:d7:
d3:c0:61:8e:15:09:e4:6d:96:f3:a0:43:92:7c:29:92:90:82:
dc:dd:3c:64:a2:a3:f9:20:d5:37:ca:5a:9a:54:a9:82:18:46:
21:86:df:cf:05:93:3b:46:98:8e:7c:ba:e5:fd:f1:b8:dc:57:
a3:8c:ce:aa:a0:c3:cb:a5:1a:d7:19:2e:48:4e:d0:ba:e6:c8:
c9:97:0f:0b:02:ee:5c:58:9e:d5:d5:e1:ed:32:51:f0:81:9c:
47:c4:c4:ab:67:4c:f2:be:40:79:f5:a9:dd:1b:1f:93:41:d4:
c4:04:94:2f:ab:a0:e4:6a:8e:34:cc:48:c1:9f:d2:93:02:e7:
03:2b:df:ef:aa:2a:23:42:b4:08:6d:99:90:85:09:c2:9c:6d:
57:fd:39:12:e7:88:49:46:64:f1:b0:7a:21:70:6d:ed:17:b1:
3b:08:38:d5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKVqM8gdF+fXngnHFdwVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQwMTAyMTIzMjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTMzNTc1YjVjOTRlODk2YzE2ZWQzMzNiM2ExNjAwYWY1MmM3M2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfJa/GV1RKxX+uZvIboEL1Cbuyh9
OJmZ9vk3TpbH7x5+qEKc6g/NSrO2uEdtofMrWaU3w2bK04oh6lWw2Getb+CMF78E
WCZmR9vKZaWIAdNlcuPtWWbV//f6wa+ZzUS9x7YV6KrpuCA4UNC7z999Bd4FolPE
H7SfVxlByxChIYfQUZTq/4kWdooO3tq+UEUbvxYQvBYru5M/EydpMg6fC1ccwCpx
x9f9F8tHmsiac2CWYWBpkefWUwODtDPmFQ8S/Pn7o8F7cka7FdsTbW7QwWg5Opy1
wp5slV3auOtM+tgV8FCjvLMqgMdNhQCOtNLiB1QdwkXB+CnQIZkM13YTKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEkzV1tclOiWwW7TM7OhYAr1LHPwMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvU1ROWFcxeVU2SmJCYnRNenM2RmdDdlVzY19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBR
MA0GCSqGSIb3DQEBCwUAA4IBAQAs//3MSvAbMMaTw5rvGqzwEvMp8nD+jC0Jv8/y
7/Jt4ja8yeSjkO1H7kXpbIlrK5owWJ/aeswcBxBU158V+BA13WBxKSTzK27eR+5u
sibHHQxj8db9tdzpNtfTwGGOFQnkbZbzoEOSfCmSkILc3TxkoqP5INU3ylqaVKmC
GEYhht/PBZM7RpiOfLrl/fG43FejjM6qoMPLpRrXGS5ITtC65sjJlw8LAu5cWJ7V
1eHtMlHwgZxHxMSrZ0zyvkB59andGx+TQdTEBJQvq6Dkao40zEjBn9KTAucDK9/v
qiojQrQIbZmQhQnCnG1X/TkS54hJRmTxsHohcG3tF7E7CDjV
-----END CERTIFICATE-----
Generated at Tue May 21 23:17:50 2024 by rpki-client on console-ams.rpki-client.org