Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/LFwjcjQgQ0zzELp2jR4rbgN-6wk.roa
File: LFwjcjQgQ0zzELp2jR4rbgN-6wk.roa (raw, json)
Hash identifier: DTwpD18kbULJQGViCXox5sEQsIJgau28xpSHqjwiPB8=
Subject key identifier: 2C:5C:23:72:34:20:43:4C:F3:10:BA:76:8D:1E:2B:6E:03:7E:EB:09
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CD07B4401EBAB57F18594507D12A202AE
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/LFwjcjQgQ0zzELp2jR4rbgN-6wk.roa
Signing time: Wed 03 Jan 2024 17:59:48 +0000
ROA not before: Wed 03 Jan 2024 17:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215789
IP address blocks: 2a0c:b641:b90::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:7b:44:01:eb:ab:57:f1:85:94:50:7d:12:a2:02:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 3 17:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c5c23723420434cf310ba768d1e2b6e037eeb09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:db:af:37:56:2d:f8:e1:c1:48:b1:63:e6:c1:
87:36:03:98:b6:1d:44:73:4a:30:0a:d1:8e:6e:88:
09:f8:20:83:06:e9:aa:78:05:43:f7:7d:d7:fc:a3:
b6:9a:00:c0:72:70:31:96:d8:b7:fc:c7:ce:b5:57:
e7:5b:24:b8:29:49:cc:f3:7f:d0:85:f7:38:ea:85:
5e:ac:37:29:d6:86:a3:4a:b9:e3:2f:da:50:31:20:
63:c6:ca:0b:1c:b2:bf:e3:1c:00:c6:91:06:62:1d:
e6:c7:da:9a:5d:74:31:46:0a:b6:85:cc:04:a4:b9:
e4:af:d3:b3:ae:01:5c:79:e0:cc:56:9e:8a:62:47:
51:4c:bd:cd:0d:db:2d:aa:c7:79:77:38:dd:12:bf:
47:bc:c8:9b:db:c7:0b:e1:d5:bd:d5:7b:06:d9:62:
45:53:f9:23:9d:71:56:46:72:56:61:ba:72:24:17:
ca:bf:97:2b:c1:cf:03:9a:cd:15:ac:5c:d8:2b:03:
99:e5:69:79:09:9d:b0:58:09:57:6a:56:da:0a:d7:
1c:75:0c:03:46:2e:16:68:18:94:2d:a5:86:76:e5:
56:19:50:77:6b:c5:32:b4:01:56:96:54:88:01:f2:
96:22:b8:3b:77:73:01:84:7b:05:75:e7:fe:64:05:
f5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5C:23:72:34:20:43:4C:F3:10:BA:76:8D:1E:2B:6E:03:7E:EB:09
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/LFwjcjQgQ0zzELp2jR4rbgN-6wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:b90::/44
Signature Algorithm: sha256WithRSAEncryption
2a:3b:da:67:fe:7c:c7:2f:fc:04:b4:47:1c:8a:31:bd:cb:a2:
d4:57:ce:c0:87:50:36:7d:a6:90:18:d6:84:9f:d6:f5:f9:29:
af:f7:dc:3b:a5:9c:6c:0d:53:39:5d:7e:22:9b:e2:5f:b1:46:
3e:b7:27:eb:40:75:0b:5f:e5:6b:a8:a8:58:14:e1:51:cf:70:
3e:da:7e:e7:24:08:7d:c3:c6:7b:02:ad:74:38:c0:3b:35:ed:
ef:c5:80:c3:a6:ea:df:47:0a:58:11:fb:70:18:ac:86:91:eb:
cc:fe:5c:cf:c2:25:48:93:b8:15:b8:5f:29:5d:09:c5:95:c4:
0d:46:c7:89:9f:3d:bb:eb:0a:fb:c5:c5:1a:8a:5f:fa:8b:32:
bf:c9:97:17:0c:f4:d3:b9:cb:52:5b:3c:2d:67:c1:6e:31:a2:
1f:8c:9e:2f:65:c0:6f:4d:5d:b2:8d:b7:a6:18:4a:17:b4:21:
07:88:c3:80:af:2d:31:e4:6e:80:59:7c:0a:0b:ea:18:6f:8d:
f0:a7:31:3e:13:8e:b5:23:a3:55:26:a2:e7:a6:43:bf:3f:ed:
58:82:7e:5c:e4:af:5e:e2:d7:d3:12:95:20:bb:e2:e4:59:67:
ef:16:02:ba:fc:db:f0:97:de:d3:d8:65:e7:e3:7f:e3:b6:f2:
a1:21:ab:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzQe0QB66tX8YWUUH0SogKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAzMTc1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzVjMjM3MjM0MjA0MzRjZjMxMGJhNzY4ZDFlMmI2ZTAzN2VlYjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtuvN1Yt+OHBSLFj5sGHNgOYth1E
c0owCtGObogJ+CCDBumqeAVD933X/KO2mgDAcnAxlti3/MfOtVfnWyS4KUnM83/Q
hfc46oVerDcp1oajSrnjL9pQMSBjxsoLHLK/4xwAxpEGYh3mx9qaXXQxRgq2hcwE
pLnkr9OzrgFceeDMVp6KYkdRTL3NDdstqsd5dzjdEr9HvMib28cL4dW91XsG2WJF
U/kjnXFWRnJWYbpyJBfKv5crwc8Dms0VrFzYKwOZ5Wl5CZ2wWAlXalbaCtccdQwD
Ri4WaBiULaWGduVWGVB3a8UytAFWllSIAfKWIrg7d3MBhHsFdef+ZAX1TwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCxcI3I0IENM8xC6do0eK24DfusJMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvTEZ3amNqUWdRMHp6RUxwMmpSNHJiZ04tNndrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQuQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAqO9pn/nzHL/wEtEccijG9y6LUV87Ah1A2faaQ
GNaEn9b1+Smv99w7pZxsDVM5XX4im+JfsUY+tyfrQHULX+VrqKhYFOFRz3A+2n7n
JAh9w8Z7Aq10OMA7Ne3vxYDDpurfRwpYEftwGKyGkevM/lzPwiVIk7gVuF8pXQnF
lcQNRseJnz276wr7xcUail/6izK/yZcXDPTTuctSWzwtZ8FuMaIfjJ4vZcBvTV2y
jbemGEoXtCEHiMOAry0x5G6AWXwKC+oYb43wpzE+E461I6NVJqLnpkO/P+1Ygn5c
5K9e4tfTEpUgu+LkWWfvFgK6/Nvwl97T2GXn43/jtvKhIau7
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:17 2024 by rpki-client on console-ams.rpki-client.org