Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/fgOHtBS_gDI1bjwSlaZ8_RyikXs.roa
File: fgOHtBS_gDI1bjwSlaZ8_RyikXs.roa (raw, json)
Hash identifier: kfPk5UUU1tWjtPHgJOOd7ORduYcocVtHMm3T0UaZK3Q=
Subject key identifier: 7E:03:87:B4:14:BF:80:32:35:6E:3C:12:95:A6:7C:FD:1C:A2:91:7B
Certificate issuer: /CN=4a6376ce92087e4c7ce536686537769e2cc34059
Certificate serial: 018CC3B725F728F3F76A3406851E16C3D373
Authority key identifier: 4A:63:76:CE:92:08:7E:4C:7C:E5:36:68:65:37:76:9E:2C:C3:40:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmN2zpIIfkx85TZoZTd2nizDQFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/fgOHtBS_gDI1bjwSlaZ8_RyikXs.roa
Signing time: Mon 01 Jan 2024 06:30:09 +0000
ROA not before: Mon 01 Jan 2024 06:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12843
IP address blocks: 2001:678:490::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/SmN2zpIIfkx85TZoZTd2nizDQFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/SmN2zpIIfkx85TZoZTd2nizDQFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/SmN2zpIIfkx85TZoZTd2nizDQFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:25:f7:28:f3:f7:6a:34:06:85:1e:16:c3:d3:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6376ce92087e4c7ce536686537769e2cc34059
Validity
Not Before: Jan 1 06:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e0387b414bf8032356e3c1295a67cfd1ca2917b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:76:5e:77:ee:c0:d3:67:f1:26:c3:9c:f8:4a:
a9:8f:ff:52:45:04:6d:a8:d2:4f:dd:6b:08:b3:b7:
8b:90:5f:d4:b2:a1:bb:fe:03:e4:12:e8:00:d0:f1:
e3:57:12:86:1b:2d:ed:41:3a:1f:af:43:a9:bb:6e:
fa:11:c0:9c:da:d6:36:ad:5e:63:d8:56:f6:e8:27:
58:82:07:f9:9a:50:6a:d3:29:45:72:c9:ac:bc:da:
cc:ca:63:52:fd:30:0f:15:4c:c0:5f:7d:44:33:a7:
94:e8:90:8f:84:5e:fe:51:dd:7c:c5:09:5c:43:88:
8d:a2:a4:42:b6:89:84:d4:d9:2d:67:a3:4e:d1:10:
7b:66:32:92:e0:ba:10:e7:dc:c6:0d:90:45:1d:86:
47:58:8f:48:69:5a:ae:57:25:07:85:d8:7b:aa:2c:
3c:b2:8b:d3:f8:f4:39:6b:51:23:00:15:53:d1:8e:
c8:da:3d:16:6c:bb:0f:7b:af:d8:ee:83:3d:9e:11:
c9:c1:12:92:48:ae:9d:70:02:e3:14:f9:d1:1a:22:
a7:79:1d:18:9e:07:a5:a7:a1:bb:61:be:98:ef:17:
22:41:54:b9:31:19:56:15:e9:89:66:0e:ad:f2:a2:
1c:3f:5f:45:85:57:24:7c:0c:2f:58:2f:99:0a:c1:
2d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:03:87:B4:14:BF:80:32:35:6E:3C:12:95:A6:7C:FD:1C:A2:91:7B
X509v3 Authority Key Identifier:
keyid:4A:63:76:CE:92:08:7E:4C:7C:E5:36:68:65:37:76:9E:2C:C3:40:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmN2zpIIfkx85TZoZTd2nizDQFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/fgOHtBS_gDI1bjwSlaZ8_RyikXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7cf42e-2ae8-4f13-a0c4-4e1fb76c847a/1/SmN2zpIIfkx85TZoZTd2nizDQFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:490::/48
Signature Algorithm: sha256WithRSAEncryption
78:d7:b7:48:03:5b:3a:43:27:4e:d8:5c:1e:48:9b:a2:47:a3:
42:f9:ef:a6:44:07:6b:47:e5:31:60:b3:fa:f9:5e:09:8d:ce:
2b:90:d5:a6:09:11:15:b1:c4:68:0d:ca:04:f3:3c:0a:09:38:
ad:8d:98:85:30:03:8d:17:98:51:26:a2:fe:28:8b:41:a9:b4:
e6:ca:50:38:62:18:9f:a6:9c:b7:9b:e8:be:c2:96:f8:cf:40:
6d:4a:9a:26:ac:92:e4:f5:5e:98:f8:b4:83:e7:1c:17:a8:87:
eb:a8:f4:0e:96:46:50:4b:67:e2:6a:21:e9:bf:88:50:2e:f3:
e9:82:e6:d7:58:6d:60:4e:00:0c:63:5c:ca:a5:4d:95:5f:61:
07:b7:57:a2:35:cb:51:cb:79:71:67:b3:56:a8:64:66:6d:c2:
94:17:86:dd:6c:10:cb:65:06:17:71:54:46:d2:2e:92:b2:a2:
6b:c3:60:7b:3c:44:8d:4a:7d:dd:52:fa:e9:a2:e3:e1:b3:29:
f1:24:44:da:b6:ab:d3:48:8e:3d:6d:83:96:17:cc:dc:7a:5d:
5f:5c:0f:e3:24:0c:89:2d:80:dd:ab:14:90:28:b2:fa:f6:33:
c0:41:fb:f0:51:34:28:45:b9:64:42:e1:00:41:e8:08:09:f1:
c5:55:ce:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDtyX3KPP3ajQGhR4Ww9NzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjM3NmNlOTIwODdlNGM3Y2U1MzY2ODY1Mzc3NjllMmNj
MzQwNTkwHhcNMjQwMTAxMDYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTAzODdiNDE0YmY4MDMyMzU2ZTNjMTI5NWE2N2NmZDFjYTI5MTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3Zed+7A02fxJsOc+Eqpj/9SRQRt
qNJP3WsIs7eLkF/UsqG7/gPkEugA0PHjVxKGGy3tQTofr0Opu276EcCc2tY2rV5j
2Fb26CdYggf5mlBq0ylFcsmsvNrMymNS/TAPFUzAX31EM6eU6JCPhF7+Ud18xQlc
Q4iNoqRCtomE1NktZ6NO0RB7ZjKS4LoQ59zGDZBFHYZHWI9IaVquVyUHhdh7qiw8
sovT+PQ5a1EjABVT0Y7I2j0WbLsPe6/Y7oM9nhHJwRKSSK6dcALjFPnRGiKneR0Y
ngelp6G7Yb6Y7xciQVS5MRlWFemJZg6t8qIcP19FhVckfAwvWC+ZCsEtyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH4Dh7QUv4AyNW48EpWmfP0copF7MB8GA1UdIwQY
MBaAFEpjds6SCH5MfOU2aGU3dp4sw0BZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21OMnpwSUlma3g4NVRab1pUZDJuaXpEUUZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS83Y2Y0MmUtMmFlOC00ZjEzLWEwYzQt
NGUxZmI3NmM4NDdhLzEvZmdPSHRCU19nREkxYmp3U2xhWjhfUnlpa1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS83Y2Y0MmUtMmFlOC00ZjEzLWEwYzQtNGUxZmI3NmM4NDdh
LzEvU21OMnpwSUlma3g4NVRab1pUZDJuaXpEUUZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeASQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB417dIA1s6QydO2FweSJuiR6NC+e+mRAdrR+Ux
YLP6+V4Jjc4rkNWmCREVscRoDcoE8zwKCTitjZiFMAONF5hRJqL+KItBqbTmylA4
Yhifppy3m+i+wpb4z0BtSpomrJLk9V6Y+LSD5xwXqIfrqPQOlkZQS2fiaiHpv4hQ
LvPpgubXWG1gTgAMY1zKpU2VX2EHt1eiNctRy3lxZ7NWqGRmbcKUF4bdbBDLZQYX
cVRG0i6SsqJrw2B7PESNSn3dUvrpouPhsynxJETatqvTSI49bYOWF8zcel1fXA/j
JAyJLYDdqxSQKLL69jPAQfvwUTQoRblkQuEAQegICfHFVc7A
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:02:05 2024 by rpki-client on console-ams.rpki-client.org