Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/fE1F4iCVr-BCDlA2jvtPchtRleY.roa
File: fE1F4iCVr-BCDlA2jvtPchtRleY.roa (raw, json)
Hash identifier: HBshkp4kzIPRuvJG8KHWTxa+5cqtrjGTkXp9ekKsnhw=
Subject key identifier: 7C:4D:45:E2:20:95:AF:E0:42:0E:50:36:8E:FB:4F:72:1B:51:95:E6
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC8017E06D5591B49F02A15C192991C16
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/fE1F4iCVr-BCDlA2jvtPchtRleY.roa
Signing time: Tue 02 Jan 2024 02:29:50 +0000
ROA not before: Tue 02 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212832
IP address blocks: 2a0c:b641:5f0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:7e:06:d5:59:1b:49:f0:2a:15:c1:92:99:1c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c4d45e22095afe0420e50368efb4f721b5195e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4e:3f:22:15:49:25:76:03:e6:44:79:92:58:
e0:0a:6c:f3:1a:99:45:97:b6:8f:56:c0:00:d5:68:
16:64:1d:4d:6e:11:76:d0:97:bd:40:b4:54:d0:52:
76:76:e6:e3:30:40:85:8c:78:f0:67:b2:6b:25:8b:
b2:ef:55:d4:f6:dd:ab:9e:4c:1e:76:bf:cc:6f:65:
5e:18:89:b7:da:8c:86:05:f9:30:85:db:d8:e4:0a:
db:ef:18:8e:4e:f9:6d:e8:77:09:ef:24:87:07:f1:
90:97:00:5b:85:3b:88:82:70:6e:4c:ed:5a:c0:aa:
5c:4e:19:5f:1c:84:1e:a9:d8:59:39:d8:79:22:e1:
46:8b:c1:7b:89:75:e2:64:27:5d:e3:19:b3:d5:3a:
e0:0d:f7:51:ea:fe:04:99:9f:71:d7:d3:77:71:7f:
34:c8:5c:ec:9b:a9:9a:05:d6:ee:94:24:97:03:10:
ab:b8:46:5e:c5:d2:87:a2:c9:21:a2:ac:39:00:e7:
60:2d:fa:65:b3:ae:0c:91:50:52:aa:c8:29:2e:ad:
11:86:d2:a2:ae:9a:3f:07:b1:6b:fe:36:3a:29:36:
2d:41:97:66:e5:07:49:78:19:f4:30:01:43:4c:da:
0c:9f:df:c0:16:ca:45:01:f1:2f:48:f5:ce:ae:0f:
4a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:4D:45:E2:20:95:AF:E0:42:0E:50:36:8E:FB:4F:72:1B:51:95:E6
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/fE1F4iCVr-BCDlA2jvtPchtRleY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:5f0::/44
Signature Algorithm: sha256WithRSAEncryption
83:f5:85:ad:e2:10:59:29:8e:e5:38:16:9f:26:c3:68:0e:e6:
bb:df:68:1d:5d:68:84:78:09:cc:26:96:fa:74:ba:dd:a4:dc:
e7:12:7d:54:ca:cd:57:bd:cc:e6:41:d3:03:bd:38:bc:7b:77:
c2:db:6d:9d:10:ae:e8:07:95:0d:9b:5f:ee:44:39:ad:14:66:
25:bb:b9:56:fa:e7:1d:2b:18:dc:b6:7e:60:26:41:04:65:50:
72:99:6e:78:9d:60:51:30:14:15:0d:a6:23:5b:a0:aa:ac:0e:
53:3b:6f:fb:d1:c2:7c:ed:bc:87:20:3b:64:f2:e1:46:82:c5:
a0:09:03:8f:e2:37:d0:b5:7e:26:cd:f4:87:22:42:eb:d0:e4:
4f:79:53:ec:a0:15:4b:e2:41:b3:05:cb:6f:d1:14:16:b6:59:
bb:c3:83:40:96:01:db:bb:7c:cb:7f:72:f0:13:cf:c7:49:f6:
da:e5:94:2a:57:03:37:0b:d1:ce:94:40:d9:15:55:ad:e5:bb:
68:99:0d:ec:22:01:b0:6d:d3:82:f1:9d:59:37:11:46:db:d4:
05:7d:9d:cd:2d:0d:90:5f:e4:61:3b:db:e7:7a:a5:66:57:7d:
af:b1:9b:1f:d9:fc:2e:25:b8:8a:e9:0d:4b:28:cd:f7:ac:58:
04:96:ec:4e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAX4G1VkbSfAqFcGSmRwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzRkNDVlMjIwOTVhZmUwNDIwZTUwMzY4ZWZiNGY3MjFiNTE5NWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU4/IhVJJXYD5kR5kljgCmzzGplF
l7aPVsAA1WgWZB1NbhF20Je9QLRU0FJ2dubjMECFjHjwZ7JrJYuy71XU9t2rnkwe
dr/Mb2VeGIm32oyGBfkwhdvY5Arb7xiOTvlt6HcJ7ySHB/GQlwBbhTuIgnBuTO1a
wKpcThlfHIQeqdhZOdh5IuFGi8F7iXXiZCdd4xmz1TrgDfdR6v4EmZ9x19N3cX80
yFzsm6maBdbulCSXAxCruEZexdKHoskhoqw5AOdgLfpls64MkVBSqsgpLq0RhtKi
rpo/B7Fr/jY6KTYtQZdm5QdJeBn0MAFDTNoMn9/AFspFAfEvSPXOrg9K+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHxNReIgla/gQg5QNo77T3IbUZXmMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvZkUxRjRpQ1ZyLUJDRGxBMmp2dFBjaHRSbGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQXw
MA0GCSqGSIb3DQEBCwUAA4IBAQCD9YWt4hBZKY7lOBafJsNoDua732gdXWiEeAnM
Jpb6dLrdpNznEn1Uys1XvczmQdMDvTi8e3fC222dEK7oB5UNm1/uRDmtFGYlu7lW
+ucdKxjctn5gJkEEZVBymW54nWBRMBQVDaYjW6CqrA5TO2/70cJ87byHIDtk8uFG
gsWgCQOP4jfQtX4mzfSHIkLr0ORPeVPsoBVL4kGzBctv0RQWtlm7w4NAlgHbu3zL
f3LwE8/HSfba5ZQqVwM3C9HOlEDZFVWt5btomQ3sIgGwbdOC8Z1ZNxFG29QFfZ3N
LQ2QX+RhO9vneqVmV32vsZsf2fwuJbiK6Q1LKM33rFgEluxO
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:36:37 2024 by rpki-client on console-fra.rpki-client.org