Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/k8pllPAfLSZFMo0ir6vc0uEP2bw.roa
File: k8pllPAfLSZFMo0ir6vc0uEP2bw.roa (raw, json)
Hash identifier: moyEBugUBMU0Hc2OjuTgqEgPQFzZ2FO7MEVYUP60adc=
Subject key identifier: 93:CA:65:94:F0:1F:2D:26:45:32:8D:22:AF:AB:DC:D2:E1:0F:D9:BC
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC8015BE5F895129FBA7642FB1847AFB3
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/k8pllPAfLSZFMo0ir6vc0uEP2bw.roa
Signing time: Tue 02 Jan 2024 02:29:41 +0000
ROA not before: Tue 02 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204210
IP address blocks: 2a0c:b641:300::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5b:e5:f8:95:12:9f:ba:76:42:fb:18:47:af:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93ca6594f01f2d2645328d22afabdcd2e10fd9bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:36:a3:70:d5:e1:46:ec:98:07:83:7a:6b:cb:
3f:52:23:6d:e0:51:fb:b0:28:1c:cb:d3:6b:af:a1:
de:27:7a:be:99:f5:d9:ab:e2:9b:d6:7e:1b:0b:27:
10:48:d4:cf:87:e5:d9:f8:c2:31:53:cc:28:c8:e8:
86:e4:f2:75:ed:90:5a:07:d8:c1:d2:08:e8:86:6d:
96:3c:b1:52:49:6d:bd:8f:a0:8e:4e:b8:43:a5:7b:
cf:14:32:9b:c2:03:5c:53:69:1a:52:fe:db:e6:03:
b7:ff:3f:2f:cc:a7:17:66:1b:fc:26:f9:ff:9a:f0:
0f:ff:a3:06:65:6d:53:8d:23:a8:b1:58:d3:38:20:
1f:53:66:95:63:ac:0b:2e:0c:ab:00:f1:33:1c:17:
8e:a1:de:d3:b3:10:fb:59:24:05:2e:cf:83:73:d0:
ce:13:cb:ba:f1:a0:ae:2c:4a:40:9b:0e:94:0a:64:
be:49:80:df:fb:66:74:58:70:8f:88:d9:ed:b7:94:
57:8e:21:f3:8c:7a:f4:6c:93:15:a4:1d:68:a2:11:
98:7c:a2:ee:63:2f:de:56:b0:a4:d1:eb:04:3d:0c:
88:8f:c8:8c:38:a1:83:08:09:89:50:06:17:0e:fc:
0f:5c:7b:14:76:87:95:fc:ec:52:b5:5a:f9:8e:51:
2b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:CA:65:94:F0:1F:2D:26:45:32:8D:22:AF:AB:DC:D2:E1:0F:D9:BC
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/k8pllPAfLSZFMo0ir6vc0uEP2bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:300::/44
Signature Algorithm: sha256WithRSAEncryption
90:4b:d6:9c:a1:36:d7:c2:9a:dc:d4:03:de:a9:36:54:10:29:
1c:4f:db:87:80:18:b8:83:6d:bc:e5:cf:ef:48:90:49:7a:5c:
58:6d:15:62:2d:c7:77:5c:14:6d:ae:f1:c8:04:0d:f9:b3:0d:
cc:4b:49:46:8c:02:55:e4:96:f0:eb:87:f6:61:85:bf:b9:7b:
70:e9:73:d6:8e:99:18:4f:30:13:8b:a3:7c:b8:88:2b:43:88:
c0:ec:9f:c4:aa:96:f0:e4:91:57:4d:9c:25:a1:50:dc:17:9f:
3b:bb:d1:7a:e8:76:c1:d7:55:5d:2c:a9:a7:eb:53:b2:c5:09:
72:b6:d4:e0:f1:d4:e1:ce:e7:b9:80:8c:c3:16:fe:19:72:a9:
fc:a6:2a:84:71:f7:8c:65:46:16:73:41:9a:e7:f1:a8:d0:42:
50:a1:89:50:5c:f5:98:a2:a6:2d:48:b0:03:47:71:f2:0a:51:
48:7b:92:c6:12:be:21:03:ef:8b:35:e6:57:9c:dc:9b:31:19:
13:26:9f:0b:f7:07:13:6c:aa:1a:25:2b:f6:db:44:b2:df:52:
37:e7:df:18:ec:a4:ea:f7:bf:3e:a5:69:0b:88:ed:4f:f3:9c:
fe:11:96:4d:84:c8:a9:90:b9:9e:15:b6:27:31:8b:40:0c:b1:
77:d3:21:3a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAVvl+JUSn7p2QvsYR6+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2NhNjU5NGYwMWYyZDI2NDUzMjhkMjJhZmFiZGNkMmUxMGZkOWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzajcNXhRuyYB4N6a8s/UiNt4FH7
sCgcy9Nrr6HeJ3q+mfXZq+Kb1n4bCycQSNTPh+XZ+MIxU8woyOiG5PJ17ZBaB9jB
0gjohm2WPLFSSW29j6COTrhDpXvPFDKbwgNcU2kaUv7b5gO3/z8vzKcXZhv8Jvn/
mvAP/6MGZW1TjSOosVjTOCAfU2aVY6wLLgyrAPEzHBeOod7TsxD7WSQFLs+Dc9DO
E8u68aCuLEpAmw6UCmS+SYDf+2Z0WHCPiNntt5RXjiHzjHr0bJMVpB1oohGYfKLu
Yy/eVrCk0esEPQyIj8iMOKGDCAmJUAYXDvwPXHsUdoeV/OxStVr5jlErFwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJPKZZTwHy0mRTKNIq+r3NLhD9m8MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvazhwbGxQQWZMU1pGTW8waXI2dmMwdUVQMmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQMA
MA0GCSqGSIb3DQEBCwUAA4IBAQCQS9acoTbXwprc1APeqTZUECkcT9uHgBi4g228
5c/vSJBJelxYbRViLcd3XBRtrvHIBA35sw3MS0lGjAJV5Jbw64f2YYW/uXtw6XPW
jpkYTzATi6N8uIgrQ4jA7J/Eqpbw5JFXTZwloVDcF587u9F66HbB11VdLKmn61Oy
xQlyttTg8dThzue5gIzDFv4Zcqn8piqEcfeMZUYWc0Ga5/Go0EJQoYlQXPWYoqYt
SLADR3HyClFIe5LGEr4hA++LNeZXnNybMRkTJp8L9wcTbKoaJSv220Sy31I3598Y
7KTq978+pWkLiO1P85z+EZZNhMipkLmeFbYnMYtADLF30yE6
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:36:37 2024 by rpki-client on console-fra.rpki-client.org