Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2Ogx1ODn7HS8T9lompj-8PZGQsE.roa
File: 2Ogx1ODn7HS8T9lompj-8PZGQsE.roa (raw, json)
Hash identifier: 99dYUWjttpt0h/XwiPXS4+23p0G0c5Hrm4SiCPZRwbQ=
Subject key identifier: D8:E8:31:D4:E0:E7:EC:74:BC:4F:D9:68:9A:98:FE:F0:F6:46:42:C1
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC8014C60E3AEF514460D7DDC58E72E54
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2Ogx1ODn7HS8T9lompj-8PZGQsE.roa
Signing time: Tue 02 Jan 2024 02:29:37 +0000
ROA not before: Tue 02 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49519
IP address blocks: 2a0c:b642:5000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:4c:60:e3:ae:f5:14:46:0d:7d:dc:58:e7:2e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8e831d4e0e7ec74bc4fd9689a98fef0f64642c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a3:f8:88:a8:8b:54:ad:6a:e1:41:d1:0d:77:
8f:0b:20:d4:18:c3:fa:f0:8e:c4:67:b8:a0:d8:c7:
47:af:e5:61:b4:8a:a7:2e:a0:cd:36:54:a9:ae:5e:
46:b0:ba:32:eb:66:dc:92:49:48:03:7f:cd:27:82:
8b:dd:64:01:43:2f:69:54:d0:11:a4:47:e2:44:78:
5d:b1:a6:b4:1e:03:c0:87:3a:9d:c6:b0:4e:2d:67:
20:28:43:5c:b5:50:a0:4b:5d:48:77:a9:69:b6:c3:
8d:eb:56:e4:ae:ac:06:27:d1:f3:da:2a:49:ae:99:
9b:85:23:2e:fc:5d:29:1f:b4:79:1b:08:2b:ac:94:
68:24:72:e8:78:2a:b6:8a:ff:0f:08:46:c7:d0:39:
89:c1:e1:ec:2e:a5:bd:86:99:31:19:46:a7:cf:27:
99:21:ae:fd:c8:ae:5f:9c:98:45:9a:a9:f0:05:4e:
43:f5:95:fd:56:f0:a7:64:70:bb:47:75:d5:d7:5a:
d2:1d:25:d4:e8:b3:4f:23:d8:40:1f:6f:54:1b:7e:
0d:18:75:24:9e:1f:b5:96:7c:2a:0f:14:8b:2b:dd:
60:73:6d:d8:fd:48:e9:8c:f9:62:fa:61:97:df:c3:
15:a2:09:3f:09:e2:bb:6b:4d:e3:7d:e3:98:d3:c4:
23:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E8:31:D4:E0:E7:EC:74:BC:4F:D9:68:9A:98:FE:F0:F6:46:42:C1
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2Ogx1ODn7HS8T9lompj-8PZGQsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:5000::/36
Signature Algorithm: sha256WithRSAEncryption
50:c3:4b:02:8a:be:98:de:aa:42:25:85:63:d5:f7:ea:b9:d7:
7d:f5:18:e1:54:72:e7:c0:ac:46:1b:42:91:40:5f:b3:67:9d:
8f:13:f7:8a:65:f8:c0:43:e6:de:a0:e4:95:bd:65:20:14:cd:
3c:a0:20:ff:62:18:f4:59:99:b8:81:63:7b:13:60:85:57:94:
9b:66:21:07:89:48:d2:72:3f:0b:eb:33:64:aa:82:68:be:b1:
38:f9:ec:8b:d0:c4:2e:77:31:c3:18:80:cd:a4:08:6e:c4:a4:
63:9c:71:07:c7:54:a4:66:1a:5d:0b:ab:74:ec:81:16:d9:94:
77:23:b6:71:44:46:19:e8:cd:57:36:a4:ed:65:32:d8:bb:85:
dd:c3:64:a4:dd:c9:46:67:8b:10:1f:b4:92:f2:a1:98:a3:77:
b3:5b:03:e5:ba:84:56:2e:87:95:9f:66:6d:b1:ea:3d:30:f5:
7f:e4:a2:9f:1c:05:53:f3:f6:98:70:19:27:d4:f0:1a:fc:93:
c4:a2:8c:2c:4f:08:0e:dc:bc:11:59:e9:5a:68:4d:ae:de:a0:
1e:36:92:99:4f:3e:32:7e:bf:ed:90:19:ca:5c:9d:73:fe:80:
87:f1:ba:23:3f:d2:57:38:96:03:37:05:d8:d2:69:27:88:9c:
e9:a6:ae:e2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzIAUxg4671FEYNfdxY5y5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU4MzFkNGUwZTdlYzc0YmM0ZmQ5Njg5YTk4ZmVmMGY2NDY0MmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqP4iKiLVK1q4UHRDXePCyDUGMP6
8I7EZ7ig2MdHr+VhtIqnLqDNNlSprl5GsLoy62bckklIA3/NJ4KL3WQBQy9pVNAR
pEfiRHhdsaa0HgPAhzqdxrBOLWcgKENctVCgS11Id6lptsON61bkrqwGJ9Hz2ipJ
rpmbhSMu/F0pH7R5GwgrrJRoJHLoeCq2iv8PCEbH0DmJweHsLqW9hpkxGUanzyeZ
Ia79yK5fnJhFmqnwBU5D9ZX9VvCnZHC7R3XV11rSHSXU6LNPI9hAH29UG34NGHUk
nh+1lnwqDxSLK91gc23Y/UjpjPli+mGX38MVogk/CeK7a03jfeOY08Qj4QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNjoMdTg5+x0vE/ZaJqY/vD2RkLBMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvMk9neDFPRG43SFM4VDlsb21wai04UFpHUXNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgy2QlAw
DQYJKoZIhvcNAQELBQADggEBAFDDSwKKvpjeqkIlhWPV9+q51331GOFUcufArEYb
QpFAX7NnnY8T94pl+MBD5t6g5JW9ZSAUzTygIP9iGPRZmbiBY3sTYIVXlJtmIQeJ
SNJyPwvrM2Sqgmi+sTj57IvQxC53McMYgM2kCG7EpGOccQfHVKRmGl0Lq3TsgRbZ
lHcjtnFERhnozVc2pO1lMti7hd3DZKTdyUZnixAftJLyoZijd7NbA+W6hFYuh5Wf
Zm2x6j0w9X/kop8cBVPz9phwGSfU8Br8k8SijCxPCA7cvBFZ6VpoTa7eoB42kplP
PjJ+v+2QGcpcnXP+gIfxuiM/0lc4lgM3BdjSaSeInOmmruI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:16 2024 by rpki-client on console-ams.rpki-client.org