Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/uqCL7AvodbzcII8nFKoDTl0BtSI.roa
File: uqCL7AvodbzcII8nFKoDTl0BtSI.roa (raw, json)
Hash identifier: mu6dcxkGK57yfs3t4cHMxx1lvmY4FBebbD0tv29vQjk=
Subject key identifier: BA:A0:8B:EC:0B:E8:75:BC:DC:20:8F:27:14:AA:03:4E:5D:01:B5:22
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018EE292ACF757EC60A3A17899311572DBAB
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/uqCL7AvodbzcII8nFKoDTl0BtSI.roa
Signing time: Mon 15 Apr 2024 16:24:07 +0000
ROA not before: Mon 15 Apr 2024 16:24:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215097
IP address blocks: 2a0c:b641:c30::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e2:92:ac:f7:57:ec:60:a3:a1:78:99:31:15:72:db:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Apr 15 16:24:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=baa08bec0be875bcdc208f2714aa034e5d01b522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cb:33:6b:78:f6:b4:13:fb:65:c2:1a:71:d8:
0a:c6:bd:20:ce:72:7f:e7:69:6a:fd:f8:82:1f:02:
e4:93:0e:d1:b5:2d:ec:38:ee:5d:29:1c:91:04:6e:
2a:e5:e8:de:bd:10:3c:07:e3:02:41:1c:ee:a1:76:
57:5a:6f:7c:36:59:1a:7f:e7:9f:97:95:40:c5:00:
84:f0:b6:f1:17:85:7a:58:3a:a6:75:67:88:63:70:
74:bf:b7:79:22:da:b8:0a:92:9c:d2:41:44:72:7a:
70:1c:d5:e5:a7:b3:d4:14:9d:71:3e:ea:1d:c6:ed:
7f:36:bf:87:b3:94:17:ca:b0:ed:42:cb:a6:e9:3f:
ab:98:0c:cd:78:d6:ee:9c:da:00:05:a6:95:96:df:
f8:13:d7:52:9d:14:51:5c:57:13:13:13:9a:12:fc:
9c:2b:68:ed:b3:f5:94:e5:21:d3:c7:3b:8c:38:19:
95:f6:3c:84:6b:c8:aa:a6:e2:6f:18:99:20:15:3a:
6e:d6:d8:fe:45:54:53:00:de:59:2f:88:27:02:85:
f9:05:2e:06:b9:48:96:0d:b7:4e:3a:69:9e:4b:d1:
8b:59:64:93:1f:45:78:10:dc:53:ea:49:54:bc:98:
66:9a:99:67:dc:fd:e6:f1:10:a7:3d:de:56:a4:97:
8e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:A0:8B:EC:0B:E8:75:BC:DC:20:8F:27:14:AA:03:4E:5D:01:B5:22
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/uqCL7AvodbzcII8nFKoDTl0BtSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:c30::/44
Signature Algorithm: sha256WithRSAEncryption
7b:cf:49:be:6a:cc:66:e7:30:ac:6a:6b:b4:47:d2:ae:1f:1a:
83:e5:8a:56:cd:b9:0a:09:49:29:9b:d4:5f:54:94:78:43:13:
e0:ed:e1:22:ea:6d:6c:10:59:c2:55:15:eb:2e:27:1b:8f:e0:
e5:da:03:14:7e:9a:53:c8:c5:e2:f2:fc:d0:b0:d8:2b:cd:c3:
0f:37:b5:8a:25:16:50:7c:e7:de:6a:1c:c2:2a:18:54:78:9a:
40:a3:e0:9f:b4:59:42:6a:cf:83:2c:97:33:59:b1:a6:c7:4b:
cd:12:64:e1:a8:b0:fb:55:3c:99:6a:38:e6:c9:ba:54:03:e5:
4a:e2:9b:27:e8:ac:f6:57:e9:33:23:4a:ac:4c:fb:3b:05:a4:
52:37:66:4a:9c:24:fd:28:00:34:07:0e:25:e0:6e:24:45:de:
34:ce:06:be:e0:a8:c3:26:1d:62:98:09:e9:05:7c:ac:e9:0e:
5e:bd:34:44:12:e2:28:69:ea:a1:13:80:ef:16:b5:b0:83:15:
05:89:fb:aa:87:ba:17:6a:5c:55:4b:8b:1a:d9:90:60:34:74:
eb:bb:3e:71:c5:16:4d:a6:90:08:87:88:4e:85:8d:8a:fb:b5:
35:d6:de:bd:06:0e:d4:80:00:da:df:1d:07:4c:6c:13:ae:15:
e5:ce:48:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY7ikqz3V+xgo6F4mTEVcturMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwNDE1MTYyNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWEwOGJlYzBiZTg3NWJjZGMyMDhmMjcxNGFhMDM0ZTVkMDFiNTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMsza3j2tBP7ZcIacdgKxr0gznJ/
52lq/fiCHwLkkw7RtS3sOO5dKRyRBG4q5ejevRA8B+MCQRzuoXZXWm98Nlkaf+ef
l5VAxQCE8LbxF4V6WDqmdWeIY3B0v7d5Itq4CpKc0kFEcnpwHNXlp7PUFJ1xPuod
xu1/Nr+Hs5QXyrDtQsum6T+rmAzNeNbunNoABaaVlt/4E9dSnRRRXFcTExOaEvyc
K2jts/WU5SHTxzuMOBmV9jyEa8iqpuJvGJkgFTpu1tj+RVRTAN5ZL4gnAoX5BS4G
uUiWDbdOOmmeS9GLWWSTH0V4ENxT6klUvJhmmpln3P3m8RCnPd5WpJeOBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLqgi+wL6HW83CCPJxSqA05dAbUiMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvdXFDTDdBdm9kYnpjSUk4bkZLb0RUbDBCdFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQww
MA0GCSqGSIb3DQEBCwUAA4IBAQB7z0m+asxm5zCsamu0R9KuHxqD5YpWzbkKCUkp
m9RfVJR4QxPg7eEi6m1sEFnCVRXrLicbj+Dl2gMUfppTyMXi8vzQsNgrzcMPN7WK
JRZQfOfeahzCKhhUeJpAo+CftFlCas+DLJczWbGmx0vNEmThqLD7VTyZajjmybpU
A+VK4psn6Kz2V+kzI0qsTPs7BaRSN2ZKnCT9KAA0Bw4l4G4kRd40zga+4KjDJh1i
mAnpBXys6Q5evTREEuIoaeqhE4DvFrWwgxUFifuqh7oXalxVS4sa2ZBgNHTruz5x
xRZNppAIh4hOhY2K+7U11t69Bg7UgADa3x0HTGwTrhXlzkgL
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:17 2024 by rpki-client on console-ams.rpki-client.org