Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/holeVz9L9Sx63XZa19-XPbOp3sM.roa
File: holeVz9L9Sx63XZa19-XPbOp3sM.roa (raw, json)
Hash identifier: uBrMoLllnNhk4oLHool7IkCVSY5Z/iXmUE7tPLKHEi4=
Subject key identifier: 86:89:5E:57:3F:4B:F5:2C:7A:DD:76:5A:D7:DF:97:3D:B3:A9:DE:C3
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018CCA297012D2D82F62AF32A7C27A84105B
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/holeVz9L9Sx63XZa19-XPbOp3sM.roa
Signing time: Tue 02 Jan 2024 12:32:42 +0000
ROA not before: Tue 02 Jan 2024 12:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212357
IP address blocks: 2a0e:8f02:f011::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 13:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:70:12:d2:d8:2f:62:af:32:a7:c2:7a:84:10:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 2 12:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86895e573f4bf52c7add765ad7df973db3a9dec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:18:f5:a2:43:5c:76:39:31:40:c6:49:9d:19:
e5:9f:c5:bc:09:8e:8f:5a:37:f1:d9:c1:96:50:80:
68:fa:b5:6e:a7:84:c1:57:fd:d2:df:7a:a4:72:5e:
c9:83:ac:3e:65:a3:9b:17:3b:ab:17:7a:b0:1d:41:
a3:d7:20:d4:37:49:08:cc:90:84:42:93:81:42:91:
fd:eb:ac:f4:45:30:b5:ad:c2:a3:93:30:69:f2:0e:
05:aa:6f:43:e7:b8:18:d2:80:54:a7:23:15:5c:1d:
97:6e:e7:49:21:ae:32:69:8d:02:5c:1b:16:1d:06:
fe:5b:1c:ed:fc:77:da:7d:4d:75:73:bc:a1:ec:b5:
6b:dd:2c:f6:af:7a:d9:91:ec:23:3d:fe:e5:ea:d3:
89:88:26:b9:0d:4a:35:34:2c:a2:e3:a7:fc:f7:59:
54:95:97:b6:30:83:01:e9:85:64:8b:17:3c:e1:91:
2c:2f:3e:4f:e0:00:c0:06:48:42:a5:7c:dd:dc:e5:
a7:ff:67:5a:df:c6:ee:e6:0f:b4:34:d8:37:07:13:
f7:42:64:d5:f2:68:60:d1:c4:ef:f0:59:31:b1:7d:
6f:8d:b8:4d:69:2c:7c:58:e1:7e:e9:ef:9a:d6:b6:
1f:1e:29:40:a3:17:e6:f2:30:c3:8d:0d:7e:96:4f:
fc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:89:5E:57:3F:4B:F5:2C:7A:DD:76:5A:D7:DF:97:3D:B3:A9:DE:C3
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/holeVz9L9Sx63XZa19-XPbOp3sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f011::/48
Signature Algorithm: sha256WithRSAEncryption
4d:18:51:86:6b:50:e3:8a:4d:eb:de:d3:4d:ba:e3:f2:bb:2e:
2f:76:b5:84:13:23:b0:77:91:94:41:f4:22:7d:c6:54:16:05:
f7:ca:42:71:f8:ba:33:9c:54:ec:d6:f7:dd:e3:34:69:da:94:
9d:52:e1:68:be:b3:f7:c5:37:a7:69:54:3a:f5:f0:50:07:d9:
b2:0e:88:e6:ff:a5:e5:88:88:1d:8b:b2:1a:e6:68:20:b5:d8:
07:97:b7:bd:4c:7b:8e:fd:32:65:7d:f0:7a:0e:ff:a7:f9:ce:
7f:d3:35:0d:a4:d9:b4:d6:db:cf:92:ba:81:5a:91:95:9f:8f:
ef:63:ea:f6:66:1d:75:8b:6c:cc:46:00:3f:c6:fe:e9:00:d5:
72:4f:38:2e:a5:77:c7:9c:8b:31:5f:57:99:1f:a7:c8:12:b1:
8c:2f:7c:dd:27:c6:3d:be:83:29:a3:10:bf:87:2b:e6:2d:ca:
bf:8f:ab:1a:79:ce:a5:27:9b:78:15:e3:4a:cd:41:74:6a:eb:
01:d4:fc:69:b3:fc:4b:b2:44:18:64:6f:1c:5c:03:07:72:95:
e1:49:34:26:4b:c3:e2:58:4e:03:a5:ca:b4:3a:c0:75:06:e0:
8e:f1:04:c4:37:4d:bb:93:53:fb:6a:6e:8e:0f:33:37:a6:79:
a1:be:73:5c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKXAS0tgvYq8yp8J6hBBbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQwMTAyMTIzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njg5NWU1NzNmNGJmNTJjN2FkZDc2NWFkN2RmOTczZGIzYTlkZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxj1okNcdjkxQMZJnRnln8W8CY6P
Wjfx2cGWUIBo+rVup4TBV/3S33qkcl7Jg6w+ZaObFzurF3qwHUGj1yDUN0kIzJCE
QpOBQpH966z0RTC1rcKjkzBp8g4Fqm9D57gY0oBUpyMVXB2XbudJIa4yaY0CXBsW
HQb+Wxzt/HfafU11c7yh7LVr3Sz2r3rZkewjPf7l6tOJiCa5DUo1NCyi46f891lU
lZe2MIMB6YVkixc84ZEsLz5P4ADABkhCpXzd3OWn/2da38bu5g+0NNg3BxP3QmTV
8mhg0cTv8FkxsX1vjbhNaSx8WOF+6e+a1rYfHilAoxfm8jDDjQ1+lk/8SQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIaJXlc/S/Uset12Wtfflz2zqd7DMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvaG9sZVZ6OUw5U3g2M1haYTE5LVhQYk9wM3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAR
MA0GCSqGSIb3DQEBCwUAA4IBAQBNGFGGa1Djik3r3tNNuuPyuy4vdrWEEyOwd5GU
QfQifcZUFgX3ykJx+LoznFTs1vfd4zRp2pSdUuFovrP3xTenaVQ69fBQB9myDojm
/6XliIgdi7Ia5mggtdgHl7e9THuO/TJlffB6Dv+n+c5/0zUNpNm01tvPkrqBWpGV
n4/vY+r2Zh11i2zMRgA/xv7pANVyTzgupXfHnIsxX1eZH6fIErGML3zdJ8Y9voMp
oxC/hyvmLcq/j6saec6lJ5t4FeNKzUF0ausB1Pxps/xLskQYZG8cXAMHcpXhSTQm
S8PiWE4Dpcq0OsB1BuCO8QTEN027k1P7am6ODzM3pnmhvnNc
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:20:43 2024 by rpki-client on console-fra.rpki-client.org