Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/VF-X0GbopjDhEsHXaVu-91_6x0o.roa
File: VF-X0GbopjDhEsHXaVu-91_6x0o.roa (raw, json)
Hash identifier: uAyTAjjs6+sMwsdstrgVnDlKZv+ui4c9UKneHXIpII8=
Subject key identifier: 54:5F:97:D0:66:E8:A6:30:E1:12:C1:D7:69:5B:BE:F7:5F:FA:C7:4A
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018CCA2973443CFC8ACB6AE7FD421C3F2357
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/VF-X0GbopjDhEsHXaVu-91_6x0o.roa
Signing time: Tue 02 Jan 2024 12:32:43 +0000
ROA not before: Tue 02 Jan 2024 12:32:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212666
IP address blocks: 2a0e:8f02:f009::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:73:44:3c:fc:8a:cb:6a:e7:fd:42:1c:3f:23:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 2 12:32:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=545f97d066e8a630e112c1d7695bbef75ffac74a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6b:1e:22:37:b0:51:6f:14:02:67:04:1e:1c:
e5:fc:eb:b5:89:ec:0b:22:f7:98:9f:82:72:18:68:
90:52:a8:d1:18:8d:e7:c7:78:9a:84:f7:f4:15:96:
2a:ad:8f:78:51:6f:33:a6:ba:0b:b9:33:93:bc:fc:
79:19:65:2c:57:25:3b:a5:85:e2:a0:fd:89:56:6e:
8b:9a:e9:73:18:a6:fa:b8:4b:13:8c:f4:4b:02:f1:
2a:98:18:00:d6:34:c1:41:e6:d1:cc:91:d5:e6:d1:
7e:c8:d9:85:f7:5e:8f:59:93:fa:ec:00:cc:a0:ee:
66:51:aa:30:29:e1:46:32:24:7b:1d:a1:91:30:59:
29:35:72:5a:ef:e8:0a:7c:91:75:eb:64:27:05:99:
b4:a1:d7:d4:e7:bb:6c:7e:13:19:32:23:9d:95:ff:
92:4e:0f:25:6c:7b:a7:0e:6a:8c:eb:39:02:be:50:
c4:5d:d1:20:6d:b0:cd:23:d7:b4:38:4a:b8:83:9c:
3a:dc:20:b9:9e:2f:b4:6c:48:f2:05:8b:41:6f:63:
0d:6d:7a:52:77:97:85:f8:c9:66:8d:09:c0:5f:7e:
8b:7f:ba:e5:49:10:61:b4:c1:b6:7c:c3:b5:35:b4:
84:ce:00:8e:00:ac:d4:47:2f:06:ae:5b:7d:d0:32:
d6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:5F:97:D0:66:E8:A6:30:E1:12:C1:D7:69:5B:BE:F7:5F:FA:C7:4A
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/VF-X0GbopjDhEsHXaVu-91_6x0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f009::/48
Signature Algorithm: sha256WithRSAEncryption
86:20:02:ef:c1:7f:db:34:3d:63:92:f2:2a:98:49:a1:71:fc:
96:19:c5:e2:a9:cc:ef:b0:94:8e:32:32:63:2f:eb:ed:c7:ca:
35:d4:8d:ad:bb:11:82:64:44:6c:a1:2c:5f:72:87:d6:8e:61:
0a:d6:48:78:32:18:83:44:39:5e:63:9f:b6:3a:7f:44:a6:36:
bc:7a:79:7b:d9:0b:10:67:0b:79:66:bc:d2:66:93:15:f2:d6:
6b:88:74:ab:85:e2:54:59:bf:b6:29:11:76:1f:17:33:20:63:
a0:88:f4:5c:5b:16:ad:0f:3c:cd:a4:6d:11:17:63:d7:4f:79:
6e:88:4e:19:96:cb:ab:3d:3d:6d:ae:4b:d9:54:06:e5:b9:6e:
c9:1a:bf:e6:52:0b:b0:86:4d:c7:72:6e:3f:2d:5c:e3:f3:7b:
dd:1a:6c:12:19:68:db:72:86:b9:31:aa:05:2e:83:81:d6:ed:
d9:86:84:45:ca:cb:24:70:2d:dd:c0:23:29:bc:5f:06:4b:d5:
d8:9c:d7:2d:67:cf:06:17:3f:79:4f:37:2a:dd:62:13:5e:cc:
15:7b:7a:aa:60:8b:de:0f:76:89:14:b0:97:22:59:b1:61:c4:
7a:ac:af:1e:6e:72:eb:a0:8c:b5:18:96:c2:10:f1:2e:40:45:
84:e0:60:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKXNEPPyKy2rn/UIcPyNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQwMTAyMTIzMjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDVmOTdkMDY2ZThhNjMwZTExMmMxZDc2OTViYmVmNzVmZmFjNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomseIjewUW8UAmcEHhzl/Ou1iewL
IveYn4JyGGiQUqjRGI3nx3iahPf0FZYqrY94UW8zproLuTOTvPx5GWUsVyU7pYXi
oP2JVm6LmulzGKb6uEsTjPRLAvEqmBgA1jTBQebRzJHV5tF+yNmF916PWZP67ADM
oO5mUaowKeFGMiR7HaGRMFkpNXJa7+gKfJF162QnBZm0odfU57tsfhMZMiOdlf+S
Tg8lbHunDmqM6zkCvlDEXdEgbbDNI9e0OEq4g5w63CC5ni+0bEjyBYtBb2MNbXpS
d5eF+MlmjQnAX36Lf7rlSRBhtMG2fMO1NbSEzgCOAKzURy8Grlt90DLWKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFRfl9Bm6KYw4RLB12lbvvdf+sdKMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvVkYtWDBHYm9wakRoRXNIWGFWdS05MV82eDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAJ
MA0GCSqGSIb3DQEBCwUAA4IBAQCGIALvwX/bND1jkvIqmEmhcfyWGcXiqczvsJSO
MjJjL+vtx8o11I2tuxGCZERsoSxfcofWjmEK1kh4MhiDRDleY5+2On9Epja8enl7
2QsQZwt5ZrzSZpMV8tZriHSrheJUWb+2KRF2HxczIGOgiPRcWxatDzzNpG0RF2PX
T3luiE4ZlsurPT1trkvZVAbluW7JGr/mUguwhk3Hcm4/LVzj83vdGmwSGWjbcoa5
MaoFLoOB1u3ZhoRFysskcC3dwCMpvF8GS9XYnNctZ88GFz95Tzcq3WITXswVe3qq
YIveD3aJFLCXIlmxYcR6rK8ebnLroIy1GJbCEPEuQEWE4GBj
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:03:16 2024 by rpki-client on console-ams.rpki-client.org