Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/b5lZAJf7gPGrk4Nfy0qDXplHyLA.roa
File: b5lZAJf7gPGrk4Nfy0qDXplHyLA.roa (raw, json)
Hash identifier: dKR60CndKmUx6Wavsvf9yuWCFXBIbzLzC1zX4kjaouQ=
Subject key identifier: 6F:99:59:00:97:FB:80:F1:AB:93:83:5F:CB:4A:83:5E:99:47:C8:B0
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 018CC79444BD67AA523FB8A6ADEC1132EBB1
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/b5lZAJf7gPGrk4Nfy0qDXplHyLA.roa
Signing time: Tue 02 Jan 2024 00:30:32 +0000
ROA not before: Tue 02 Jan 2024 00:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30371
IP address blocks: 2001:668:1f8::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:44:bd:67:aa:52:3f:b8:a6:ad:ec:11:32:eb:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 2 00:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f99590097fb80f1ab93835fcb4a835e9947c8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:71:b8:d5:ba:5a:d2:27:bf:ec:fa:ec:8f:d9:
d6:dd:7f:93:9a:db:38:d3:75:f9:91:9f:e1:6e:e1:
6a:c5:c9:2e:66:16:e5:8d:3d:2b:b2:56:22:6f:39:
28:36:47:79:1b:ed:4c:97:51:a7:33:c5:cb:5b:1b:
c6:74:34:60:57:89:38:8b:77:cd:41:2e:fe:09:bc:
b7:2f:52:ed:13:d1:88:2d:30:42:ae:66:7d:cc:a6:
e5:6c:9b:24:02:bf:f3:5a:f3:f7:c4:d3:ec:79:94:
71:4b:88:e0:28:63:48:a4:eb:65:b8:59:60:d8:7c:
4e:9a:e2:fb:2d:1e:9b:32:41:e0:58:d8:b1:01:50:
fc:1c:b3:7f:db:d6:2d:60:ce:1d:79:1b:d1:b5:ca:
5b:84:01:a4:36:ef:27:01:9e:6b:45:aa:84:2b:19:
9f:99:8f:9d:de:98:cd:d0:2c:94:5d:3a:18:39:5f:
5d:06:4b:50:2f:74:84:f1:da:68:15:72:92:f1:b5:
12:74:d9:37:7c:47:b1:17:14:06:b7:d7:f0:6c:e9:
41:13:77:e2:d9:6a:69:85:7b:cd:86:f0:f7:9e:eb:
dc:f5:ab:be:b2:e2:bd:2b:27:2f:e9:ff:8b:dd:a4:
84:95:83:92:ce:05:f5:a0:63:b3:cf:0b:ba:ce:37:
94:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:99:59:00:97:FB:80:F1:AB:93:83:5F:CB:4A:83:5E:99:47:C8:B0
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/b5lZAJf7gPGrk4Nfy0qDXplHyLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:668:1f8::/46
Signature Algorithm: sha256WithRSAEncryption
50:62:a5:9a:76:ca:60:87:07:32:38:5c:89:d6:e7:38:1a:f9:
45:97:1d:a1:a6:0a:94:92:41:f0:01:8a:53:e0:6c:97:f4:6a:
03:c3:c9:48:b3:47:10:5a:f8:fb:26:2f:fe:e1:7e:06:2d:58:
77:f5:cf:25:14:f5:b2:45:b8:e8:f5:35:01:e7:5a:b7:90:36:
1c:10:9e:2b:08:14:72:d8:d4:88:b4:7a:55:45:e8:51:33:9d:
b7:f9:7c:60:54:ec:c9:8d:6f:0d:a4:30:d5:a0:51:32:04:db:
f2:4b:24:74:34:ca:6d:a7:02:1a:4a:d4:75:4b:59:f9:60:ef:
3a:c6:79:16:b4:82:2f:4f:89:56:56:f1:20:1f:5a:05:c5:35:
5a:d6:c9:b5:7d:f5:e8:b3:b9:d1:c3:75:d8:20:89:6d:5c:b9:
af:b6:a3:cd:1b:b0:61:9f:5d:8e:79:c6:2d:92:79:cc:a5:32:
dd:5b:d5:3c:58:34:41:49:53:45:ba:a8:41:05:44:1d:69:bb:
52:88:31:39:b2:da:8b:c2:da:7c:9e:05:1b:af:42:3c:d8:b7:
0b:3c:eb:cd:e7:99:c9:e8:9a:a8:91:aa:bf:42:bc:4b:a1:e6:
01:7a:5f:25:4b:20:e5:85:86:2c:15:76:a3:91:0e:eb:75:5e:
57:e0:ea:e2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHlES9Z6pSP7imrewRMuuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjQwMTAyMDAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjk5NTkwMDk3ZmI4MGYxYWI5MzgzNWZjYjRhODM1ZTk5NDdjOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3G41bpa0ie/7Prsj9nW3X+Tmts4
03X5kZ/hbuFqxckuZhbljT0rslYibzkoNkd5G+1Ml1GnM8XLWxvGdDRgV4k4i3fN
QS7+Cby3L1LtE9GILTBCrmZ9zKblbJskAr/zWvP3xNPseZRxS4jgKGNIpOtluFlg
2HxOmuL7LR6bMkHgWNixAVD8HLN/29YtYM4deRvRtcpbhAGkNu8nAZ5rRaqEKxmf
mY+d3pjN0CyUXToYOV9dBktQL3SE8dpoFXKS8bUSdNk3fEexFxQGt9fwbOlBE3fi
2WpphXvNhvD3nuvc9au+suK9Kycv6f+L3aSElYOSzgX1oGOzzwu6zjeUbwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG+ZWQCX+4Dxq5ODX8tKg16ZR8iwMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvYjVsWkFKZjdnUEdyazROZnkwcURYcGxIeUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCIAEGaAH4
MA0GCSqGSIb3DQEBCwUAA4IBAQBQYqWadspghwcyOFyJ1uc4GvlFlx2hpgqUkkHw
AYpT4GyX9GoDw8lIs0cQWvj7Ji/+4X4GLVh39c8lFPWyRbjo9TUB51q3kDYcEJ4r
CBRy2NSItHpVRehRM523+XxgVOzJjW8NpDDVoFEyBNvySyR0NMptpwIaStR1S1n5
YO86xnkWtIIvT4lWVvEgH1oFxTVa1sm1ffXos7nRw3XYIIltXLmvtqPNG7Bhn12O
ecYtknnMpTLdW9U8WDRBSVNFuqhBBUQdabtSiDE5stqLwtp8ngUbr0I82LcLPOvN
55nJ6Jqokaq/QrxLoeYBel8lSyDlhYYsFXajkQ7rdV5X4Ori
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:50:04 2024 by rpki-client on console-fra.rpki-client.org