Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/amjso0MQmioLfkj9pt_TQTg1lLI.roa
File: amjso0MQmioLfkj9pt_TQTg1lLI.roa (raw, json)
Hash identifier: gTOUMHapKImOSKuVmzSj5KbXTy+Qk0xWdJxDhvBmBlI=
Subject key identifier: 6A:68:EC:A3:43:10:9A:2A:0B:7E:48:FD:A6:DF:D3:41:38:35:94:B2
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 0191368BE9F7F7AE53E25CFFD2A78D3F48B9
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/amjso0MQmioLfkj9pt_TQTg1lLI.roa
Signing time: Fri 09 Aug 2024 09:50:24 +0000
ROA not before: Fri 09 Aug 2024 09:50:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:66c0::/32 maxlen: 32
2a11:66c1::/32 maxlen: 32
2a11:66c3::/32 maxlen: 32
2a12:cc02::/32 maxlen: 32
2a12:cc04::/32 maxlen: 32
2a12:cc06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:36:8b:e9:f7:f7:ae:53:e2:5c:ff:d2:a7:8d:3f:48:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Aug 9 09:50:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a68eca343109a2a0b7e48fda6dfd341383594b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6a:65:99:f5:ca:52:1e:68:ba:11:9d:0f:f6:
c3:37:59:6a:d6:ae:ef:6a:64:3c:51:54:4e:75:f6:
00:05:2d:a3:70:ec:28:2f:c4:34:f3:7f:e5:80:78:
01:bc:20:ce:a3:f6:26:1a:0a:10:99:b8:a7:93:a8:
dc:fb:61:d7:63:ab:74:a8:29:f3:df:22:e3:53:81:
f9:5f:4b:fa:50:9a:fc:d2:04:03:6f:2f:c8:c8:dd:
47:a2:7d:57:51:5d:e8:a4:95:84:6d:22:2d:7e:ce:
81:23:ea:35:b8:f0:ea:8b:9d:65:d7:11:2c:e3:b7:
d5:c8:f6:bf:b1:89:32:08:c2:0b:ec:e6:d2:06:22:
94:33:1c:ae:5e:99:f2:bd:3b:29:9f:8c:c9:bd:cd:
9b:0d:37:8b:7f:88:14:3b:2b:cc:8f:dc:32:c3:28:
29:3d:48:8a:b2:e0:1c:5b:65:82:05:22:70:cc:92:
52:fe:dc:81:30:8f:03:79:da:9c:7d:49:a6:55:21:
cb:92:86:26:95:3b:bf:8d:6f:23:4f:b3:4e:47:28:
c6:21:ac:19:b8:14:86:41:0b:27:0a:bf:0a:99:3f:
45:ea:58:f8:b2:78:41:45:85:83:68:2e:ef:47:81:
68:53:45:d1:62:be:b4:34:a7:0b:bd:57:7b:78:bf:
eb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:68:EC:A3:43:10:9A:2A:0B:7E:48:FD:A6:DF:D3:41:38:35:94:B2
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/amjso0MQmioLfkj9pt_TQTg1lLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:66c0::/31
2a11:66c3::/32
2a12:cc02::/32
2a12:cc04::/32
2a12:cc06::/32
Signature Algorithm: sha256WithRSAEncryption
2b:41:5f:e5:2a:fc:46:f6:22:a7:9a:77:9c:33:5a:9d:d0:fc:
72:67:bf:d3:33:1a:3c:80:3b:d0:21:a5:c5:ab:49:59:86:90:
f3:f8:14:a8:3b:4e:a9:3e:02:3e:6f:e1:bc:ec:3c:eb:e5:28:
02:27:ad:d7:6f:06:8c:8e:0e:07:bf:f1:c9:3f:37:6a:c3:5b:
e3:d0:73:0b:7e:22:c5:50:f7:4d:76:29:a8:2f:17:a9:5f:a6:
42:7f:cf:2c:47:6b:8f:af:a8:4b:6a:2b:0c:f5:74:e8:3b:27:
8b:e0:71:33:d9:5c:97:9b:13:95:56:ee:d6:f5:ae:a7:8d:08:
14:bb:0c:5b:6d:d0:fe:4b:85:bc:dc:24:4a:0c:5e:f9:b6:c6:
c2:b0:5b:5d:54:cd:f2:da:00:c5:67:e4:63:ab:a1:ea:8e:00:
50:38:c5:0d:48:49:37:28:d8:05:b8:f6:15:81:f4:de:0d:2d:
8e:92:a1:4e:79:32:73:51:dd:59:4f:3d:12:61:2c:dd:b5:4b:
18:5a:39:54:98:99:9b:55:d5:ee:23:60:60:ea:cc:95:56:fe:
20:e5:48:bc:c0:f0:e9:10:d0:6f:5a:d7:a6:e0:49:a1:be:42:
b5:b4:3f:af:65:b9:e0:bd:e3:e7:56:78:0f:74:19:bb:95:17:
48:59:0b:66
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZE2i+n3965T4lz/0qeNP0i5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwODA5MDk1MDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTY4ZWNhMzQzMTA5YTJhMGI3ZTQ4ZmRhNmRmZDM0MTM4MzU5NGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGplmfXKUh5ouhGdD/bDN1lq1q7v
amQ8UVROdfYABS2jcOwoL8Q083/lgHgBvCDOo/YmGgoQmbink6jc+2HXY6t0qCnz
3yLjU4H5X0v6UJr80gQDby/IyN1Hon1XUV3opJWEbSItfs6BI+o1uPDqi51l1xEs
47fVyPa/sYkyCMIL7ObSBiKUMxyuXpnyvTspn4zJvc2bDTeLf4gUOyvMj9wywygp
PUiKsuAcW2WCBSJwzJJS/tyBMI8DedqcfUmmVSHLkoYmlTu/jW8jT7NORyjGIawZ
uBSGQQsnCr8KmT9F6lj4snhBRYWDaC7vR4FoU0XRYr60NKcLvVd7eL/rfwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGpo7KNDEJoqC35I/abf00E4NZSyMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvYW1qc28wTVFtaW9MZmtqOXB0X1RRVGcxbExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUBKhFmwAMF
ACoRZsMDBQAqEswCAwUAKhLMBAMFACoSzAYwDQYJKoZIhvcNAQELBQADggEBACtB
X+Uq/Eb2Iqead5wzWp3Q/HJnv9MzGjyAO9AhpcWrSVmGkPP4FKg7Tqk+Aj5v4bzs
POvlKAInrddvBoyODge/8ck/N2rDW+PQcwt+IsVQ9012KagvF6lfpkJ/zyxHa4+v
qEtqKwz1dOg7J4vgcTPZXJebE5VW7tb1rqeNCBS7DFtt0P5LhbzcJEoMXvm2xsKw
W11UzfLaAMVn5GOroeqOAFA4xQ1ISTco2AW49hWB9N4NLY6SoU55MnNR3VlPPRJh
LN21SxhaOVSYmZtV1e4jYGDqzJVW/iDlSLzA8OkQ0G9a16bgSaG+QrW0P69lueC9
4+dWeA90GbuVF0hZC2Y=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:22:08 2024 by rpki-client on console-ams.rpki-client.org