Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/O_iNqFHnA_i5pSryIXQuaGnlnDU.roa
File: O_iNqFHnA_i5pSryIXQuaGnlnDU.roa (raw, json)
Hash identifier: VvE1DhhSJ+CNqLzglh5MVMn2wkOYvEr4tm+51vWTHJA=
Subject key identifier: 3B:F8:8D:A8:51:E7:03:F8:B9:A5:2A:F2:21:74:2E:68:69:E5:9C:35
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC8014736EA91FDE9A4DD0842DB59FFEB
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/O_iNqFHnA_i5pSryIXQuaGnlnDU.roa
Signing time: Tue 02 Jan 2024 02:29:36 +0000
ROA not before: Tue 02 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24239
IP address blocks: 2a0c:b641:570::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:47:36:ea:91:fd:e9:a4:dd:08:42:db:59:ff:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bf88da851e703f8b9a52af221742e6869e59c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:84:5c:63:f8:85:24:19:6a:c0:87:06:64:69:
f5:e0:bf:c2:56:c0:4f:e1:61:5a:49:28:5e:27:fc:
ba:14:88:44:d4:40:11:52:7f:02:e3:99:9e:33:11:
81:4c:f8:60:7c:d6:a2:ce:eb:59:ef:67:23:6a:25:
5f:2e:c1:1b:28:cd:20:fb:71:f3:28:05:db:ad:96:
ea:49:6d:29:52:8c:d5:1b:7e:78:d5:e1:f3:ad:be:
94:a5:2e:6c:37:47:84:dd:97:79:66:db:02:ee:e6:
1d:c0:d0:a4:7e:9d:99:32:55:a3:91:23:cb:d8:63:
e8:8e:0b:22:2b:ef:cb:48:90:3f:81:81:46:9d:4e:
c1:c0:66:37:c9:71:d2:51:98:1b:4a:13:15:5b:c6:
ea:b1:c6:66:fa:ff:e6:80:ac:4c:9c:57:7e:88:a2:
68:96:7e:29:1c:22:a3:f0:50:ab:3c:5f:14:b3:59:
99:db:53:36:70:0b:7a:23:0a:eb:c4:08:66:ff:a3:
bf:04:3a:2a:4f:af:37:56:88:2c:3f:47:f4:45:4f:
08:a3:af:86:d0:5e:73:14:b4:24:a5:e9:89:84:6e:
b4:fa:48:a7:77:b7:67:5e:05:7b:b0:03:33:95:ae:
b9:07:2e:6b:f3:b7:c7:3c:6b:78:9b:c6:5c:d6:a5:
ca:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F8:8D:A8:51:E7:03:F8:B9:A5:2A:F2:21:74:2E:68:69:E5:9C:35
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/O_iNqFHnA_i5pSryIXQuaGnlnDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:570::/44
Signature Algorithm: sha256WithRSAEncryption
75:23:bc:0a:db:33:97:94:59:fd:82:f7:d7:a9:fe:d1:cd:e3:
09:ea:a5:ca:37:a9:b6:22:69:14:39:44:6f:ce:93:e6:f9:b1:
11:cb:93:57:fb:eb:45:da:15:bf:48:c4:87:86:cf:aa:1f:80:
ed:d0:e5:fb:ee:d9:2d:f2:55:d0:2d:6f:cb:32:86:fe:0e:93:
90:4b:cf:ab:c4:f9:0f:ab:6d:62:48:45:bf:1d:48:19:fa:3b:
7c:e8:d2:ef:d4:3c:c7:e1:bf:19:45:88:d8:57:a5:47:12:cb:
31:e6:1e:ce:60:05:16:eb:16:95:6f:dd:3c:b9:3a:dd:9e:56:
22:b9:3d:ed:61:54:f4:ed:6d:02:2c:fb:a3:b2:60:7b:c8:4e:
88:70:87:ef:fd:82:a1:57:a1:33:e6:8d:57:3d:24:d3:84:2b:
26:9f:2b:3e:1c:36:55:1f:a6:ef:65:16:38:b4:9e:c9:61:93:
e3:c8:79:e9:65:d8:78:63:aa:56:91:ef:78:9a:6f:d7:48:0b:
9c:ac:41:31:55:e0:0a:8c:77:d9:a9:d6:fa:f6:f2:6b:9f:c9:
aa:7e:09:97:82:9f:61:a1:50:70:2f:73:ae:7b:1d:8a:be:b5:
a4:74:69:dc:0c:fa:11:50:87:68:8e:36:55:74:48:a6:25:6e:
5f:ae:c6:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAUc26pH96aTdCELbWf/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY4OGRhODUxZTcwM2Y4YjlhNTJhZjIyMTc0MmU2ODY5ZTU5YzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4RcY/iFJBlqwIcGZGn14L/CVsBP
4WFaSSheJ/y6FIhE1EARUn8C45meMxGBTPhgfNaizutZ72cjaiVfLsEbKM0g+3Hz
KAXbrZbqSW0pUozVG3541eHzrb6UpS5sN0eE3Zd5ZtsC7uYdwNCkfp2ZMlWjkSPL
2GPojgsiK+/LSJA/gYFGnU7BwGY3yXHSUZgbShMVW8bqscZm+v/mgKxMnFd+iKJo
ln4pHCKj8FCrPF8Us1mZ21M2cAt6IwrrxAhm/6O/BDoqT683VogsP0f0RU8Io6+G
0F5zFLQkpemJhG60+kind7dnXgV7sAMzla65By5r87fHPGt4m8Zc1qXKowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDv4jahR5wP4uaUq8iF0Lmhp5Zw1MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvT19pTnFGSG5BX2k1cFNyeUlYUXVhR25sbkRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQVw
MA0GCSqGSIb3DQEBCwUAA4IBAQB1I7wK2zOXlFn9gvfXqf7RzeMJ6qXKN6m2ImkU
OURvzpPm+bERy5NX++tF2hW/SMSHhs+qH4Dt0OX77tkt8lXQLW/LMob+DpOQS8+r
xPkPq21iSEW/HUgZ+jt86NLv1DzH4b8ZRYjYV6VHEssx5h7OYAUW6xaVb908uTrd
nlYiuT3tYVT07W0CLPujsmB7yE6IcIfv/YKhV6Ez5o1XPSTThCsmnys+HDZVH6bv
ZRY4tJ7JYZPjyHnpZdh4Y6pWke94mm/XSAucrEExVeAKjHfZqdb69vJrn8mqfgmX
gp9hoVBwL3Ouex2KvrWkdGncDPoRUIdojjZVdEimJW5frsaX
-----END CERTIFICATE-----
Generated at Sat May 4 08:45:26 2024 by rpki-client on console-fra.rpki-client.org