Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/SoVROoOihwiI0pwGTcVbGl07RMw.roa
File: SoVROoOihwiI0pwGTcVbGl07RMw.roa (raw, json)
Hash identifier: yfIha0APU0qWCmPMNHHw3mWBvvhbGRFuSQkL5y+LACQ=
Subject key identifier: 4A:85:51:3A:83:A2:87:08:88:D2:9C:06:4D:C5:5B:1A:5D:3B:44:CC
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC801710D6C0EC38994524556D74B908E
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/SoVROoOihwiI0pwGTcVbGl07RMw.roa
Signing time: Tue 02 Jan 2024 02:29:46 +0000
ROA not before: Tue 02 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210466
IP address blocks: 2a0c:b641:5c0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:71:0d:6c:0e:c3:89:94:52:45:56:d7:4b:90:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a85513a83a2870888d29c064dc55b1a5d3b44cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:82:77:31:23:98:f6:45:55:9c:2c:b1:24:c6:
02:6f:2a:a5:92:02:7d:90:5b:fd:24:ea:53:86:1a:
e1:14:ba:1d:95:82:d4:3e:5b:2e:45:af:a5:f4:99:
aa:90:fe:d4:91:41:ee:ed:6a:ae:10:1c:c3:98:79:
b4:9f:ce:e5:4b:2d:37:ac:36:a7:3a:97:8e:4a:c7:
81:5d:67:e0:5c:8a:b8:ce:68:45:08:f3:50:47:e3:
a1:4b:bc:34:9e:8d:9f:0c:a7:55:45:49:36:a8:cc:
97:5f:08:b9:73:83:b1:d1:d5:30:1d:06:bb:2e:d7:
49:83:89:13:fc:16:5c:91:02:87:5a:d6:61:8e:5b:
83:f9:f5:7e:4e:03:8d:28:da:64:42:48:57:59:18:
ee:61:02:4d:0f:ca:e6:bb:48:a9:c3:f8:45:ab:4c:
f7:3e:d6:7e:f2:77:ad:0c:1e:66:ee:da:32:ac:03:
5c:30:88:f8:b8:43:1a:ee:dc:c0:87:b7:4b:bd:fa:
e0:79:f6:ee:06:d5:0e:ed:38:32:18:e5:6f:e3:3c:
5e:40:b8:2e:64:0a:bc:a9:cd:de:89:f4:97:e9:44:
5d:78:c5:84:52:7b:13:c4:16:9d:b9:ce:fb:1a:87:
72:cc:d9:43:f1:16:f5:81:0f:37:bc:3a:c6:d2:08:
f2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:85:51:3A:83:A2:87:08:88:D2:9C:06:4D:C5:5B:1A:5D:3B:44:CC
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/SoVROoOihwiI0pwGTcVbGl07RMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:5c0::/44
Signature Algorithm: sha256WithRSAEncryption
9b:36:66:03:6e:e4:4e:2e:21:b2:42:2c:ff:09:09:57:dd:3e:
ac:3c:53:0b:90:e9:d5:ff:a5:f3:2b:b4:cb:b7:4b:c0:b1:a0:
97:9f:44:1c:87:87:e2:1a:c7:8b:61:97:e8:a6:31:8b:bf:b9:
3f:6e:51:45:e8:07:5b:1c:6e:9e:00:43:e5:f0:d6:34:13:15:
39:fe:5d:5d:ca:9a:d1:47:4c:5a:01:a5:74:de:c8:57:41:04:
d2:7e:5c:6f:be:c3:07:4d:2b:3d:69:c1:8c:c5:c8:50:c7:b9:
17:61:56:60:3d:6d:f4:04:11:78:52:4d:aa:1e:1c:ab:52:51:
11:ec:56:ef:e6:b5:34:79:50:f3:68:08:22:52:78:35:d6:a5:
6c:34:e0:87:12:4f:dc:b6:ee:09:09:4e:36:e5:9d:bf:22:ff:
31:b2:30:ea:22:72:1b:03:3f:99:19:e4:b0:b5:73:df:40:b9:
2f:ef:76:35:2f:90:d1:89:65:32:2d:f7:27:a5:d4:77:98:86:
85:71:4e:89:aa:9d:c0:0f:ca:d7:75:9c:34:f2:a4:37:5b:34:
4d:b5:5d:f9:58:18:57:88:f7:a6:50:91:63:14:8d:2b:ef:2a:
e1:67:e3:0b:f9:82:5c:04:fc:1a:81:1f:54:21:fd:fd:62:9e:
3c:1a:03:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAXENbA7DiZRSRVbXS5COMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTg1NTEzYTgzYTI4NzA4ODhkMjljMDY0ZGM1NWIxYTVkM2I0NGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYJ3MSOY9kVVnCyxJMYCbyqlkgJ9
kFv9JOpThhrhFLodlYLUPlsuRa+l9JmqkP7UkUHu7WquEBzDmHm0n87lSy03rDan
OpeOSseBXWfgXIq4zmhFCPNQR+OhS7w0no2fDKdVRUk2qMyXXwi5c4Ox0dUwHQa7
LtdJg4kT/BZckQKHWtZhjluD+fV+TgONKNpkQkhXWRjuYQJND8rmu0ipw/hFq0z3
PtZ+8netDB5m7toyrANcMIj4uEMa7tzAh7dLvfrgefbuBtUO7TgyGOVv4zxeQLgu
ZAq8qc3eifSX6URdeMWEUnsTxBaduc77GodyzNlD8Rb1gQ83vDrG0gjyRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEqFUTqDoocIiNKcBk3FWxpdO0TMMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvU29WUk9vT2lod2lJMHB3R1RjVmJHbDA3Uk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQXA
MA0GCSqGSIb3DQEBCwUAA4IBAQCbNmYDbuROLiGyQiz/CQlX3T6sPFMLkOnV/6Xz
K7TLt0vAsaCXn0Qch4fiGseLYZfopjGLv7k/blFF6AdbHG6eAEPl8NY0ExU5/l1d
yprRR0xaAaV03shXQQTSflxvvsMHTSs9acGMxchQx7kXYVZgPW30BBF4Uk2qHhyr
UlER7Fbv5rU0eVDzaAgiUng11qVsNOCHEk/ctu4JCU425Z2/Iv8xsjDqInIbAz+Z
GeSwtXPfQLkv73Y1L5DRiWUyLfcnpdR3mIaFcU6Jqp3AD8rXdZw08qQ3WzRNtV35
WBhXiPemUJFjFI0r7yrhZ+ML+YJcBPwagR9UIf39Yp48GgPA
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:36:37 2024 by rpki-client on console-fra.rpki-client.org