Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/oGJuP4zp5ogFb1jyT-5hnlbtvL8.roa
File: oGJuP4zp5ogFb1jyT-5hnlbtvL8.roa (raw, json)
Hash identifier: +Gwd5RiAAvYH6AdT/RTYhy5dHSs4DEN9n3c+3E9LSnc=
Subject key identifier: A0:62:6E:3F:8C:E9:E6:88:05:6F:58:F2:4F:EE:61:9E:56:ED:BC:BF
Certificate issuer: /CN=17526ccac4f9064e058549b30172c84439787fbc
Certificate serial: 018FDCF13A0DB72185F644EB363B2EC61FB4
Authority key identifier: 17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/oGJuP4zp5ogFb1jyT-5hnlbtvL8.roa
Signing time: Mon 03 Jun 2024 07:12:27 +0000
ROA not before: Mon 03 Jun 2024 07:12:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 2a0c:b6c0::/34 maxlen: 34
2a0c:b6c0:4000::/34 maxlen: 34
2a0c:b6c0:8000::/34 maxlen: 34
2a0c:b6c1::/34 maxlen: 34
2a0c:b6c1:4000::/34 maxlen: 34
2a0c:b6c1:8000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dc:f1:3a:0d:b7:21:85:f6:44:eb:36:3b:2e:c6:1f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17526ccac4f9064e058549b30172c84439787fbc
Validity
Not Before: Jun 3 07:12:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0626e3f8ce9e688056f58f24fee619e56edbcbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:43:71:d2:c8:92:27:35:6c:70:b9:98:28:a5:
73:b6:52:45:db:44:5d:2c:21:bf:12:f5:dd:ed:bf:
57:7e:fa:25:d4:a2:a0:7b:95:52:77:5f:a8:4b:09:
35:f4:79:99:48:62:12:7a:39:2f:c9:c6:7a:97:9d:
47:48:ee:e1:93:52:74:02:40:6e:ee:b3:58:2e:c5:
90:32:5d:54:f1:95:f6:e9:62:34:ff:ad:d0:98:47:
26:fb:b2:f8:83:95:7d:e6:e6:ba:cf:96:fc:e7:19:
da:0a:d1:33:c0:14:3d:f8:a0:0e:d5:a2:9f:ad:e7:
49:87:b5:96:dc:34:28:a3:1d:00:d9:69:3a:e2:41:
1f:fb:4e:32:75:35:1d:9e:4c:78:b7:37:12:b6:55:
1b:04:34:94:4f:23:6f:aa:43:c6:48:c8:ae:5d:ff:
50:84:37:4c:78:a9:9f:57:56:0f:b7:80:ac:5f:5e:
92:36:a9:c8:f3:bc:0e:62:c1:9e:4f:ba:91:f8:fa:
f2:55:3d:e6:e0:19:99:f1:98:9c:9c:c0:29:c2:fa:
9b:71:70:81:b9:10:fe:05:8d:a9:9a:45:94:db:a7:
64:71:f5:b9:f8:5c:2c:ae:7e:ad:30:b7:12:02:34:
44:81:68:d2:57:39:10:ed:e7:cb:5f:7f:9c:9c:26:
49:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:62:6E:3F:8C:E9:E6:88:05:6F:58:F2:4F:EE:61:9E:56:ED:BC:BF
X509v3 Authority Key Identifier:
keyid:17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/oGJuP4zp5ogFb1jyT-5hnlbtvL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b6c0::-2a0c:b6c0:bfff:ffff:ffff:ffff:ffff:ffff
2a0c:b6c1::-2a0c:b6c1:bfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
17:73:5c:5f:e9:bb:86:31:75:ab:bb:d6:fc:99:13:63:d4:9d:
b9:21:1f:67:e2:96:28:3f:43:d9:da:fc:3f:3a:02:c7:b9:3c:
83:3c:8e:5e:5f:b1:46:b8:08:59:47:d3:b9:14:91:c5:dd:86:
1a:a0:9b:e7:69:78:2d:ff:46:86:c0:aa:a1:66:4b:92:0a:14:
03:ef:06:33:f0:e4:76:d9:34:8c:ae:bb:19:89:29:94:99:d6:
4a:55:1e:ba:9e:74:55:02:ed:5d:71:d9:ab:5b:8d:63:bd:c7:
13:0a:b5:70:1f:1b:40:6b:81:21:42:71:05:20:a9:2a:d0:32:
50:1c:5d:ee:3e:0f:08:85:76:a1:8f:be:87:f4:3b:e4:4c:d0:
40:66:f9:94:8f:40:14:16:3d:1d:da:ae:fd:79:23:7f:f8:5a:
97:62:13:ce:19:64:9a:58:d3:0e:b2:fa:5d:73:53:d0:b6:2a:
a3:59:64:6f:2f:6f:f1:30:96:af:00:5a:73:6e:d4:7f:6b:7a:
7c:d8:98:d8:11:55:6b:a9:e2:b7:2a:58:fb:e8:82:65:a9:a5:
e9:90:0c:8c:a4:49:24:88:1d:b4:af:32:87:4b:e3:ea:a4:84:
b3:47:83:ac:b3:64:51:17:ab:60:6f:f3:40:6b:b4:ab:24:42:
92:b0:72:44
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY/c8ToNtyGF9kTrNjsuxh+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTI2Y2NhYzRmOTA2NGUwNTg1NDliMzAxNzJjODQ0Mzk3
ODdmYmMwHhcNMjQwNjAzMDcxMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDYyNmUzZjhjZTllNjg4MDU2ZjU4ZjI0ZmVlNjE5ZTU2ZWRiY2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUNx0siSJzVscLmYKKVztlJF20Rd
LCG/EvXd7b9Xfvol1KKge5VSd1+oSwk19HmZSGISejkvycZ6l51HSO7hk1J0AkBu
7rNYLsWQMl1U8ZX26WI0/63QmEcm+7L4g5V95ua6z5b85xnaCtEzwBQ9+KAO1aKf
redJh7WW3DQoox0A2Wk64kEf+04ydTUdnkx4tzcStlUbBDSUTyNvqkPGSMiuXf9Q
hDdMeKmfV1YPt4CsX16SNqnI87wOYsGeT7qR+PryVT3m4BmZ8ZicnMApwvqbcXCB
uRD+BY2pmkWU26dkcfW5+Fwsrn6tMLcSAjREgWjSVzkQ7efLX3+cnCZJIQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKBibj+M6eaIBW9Y8k/uYZ5W7by/MB8GA1UdIwQY
MBaAFBdSbMrE+QZOBYVJswFyyEQ5eH+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYt
OTQxY2M2YTdiYWQ5LzEvb0dKdVA0enA1b2dGYjFqeVQtNWhubGJ0dkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYtOTQxY2M2YTdiYWQ5
LzEvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiMA8DBQYqDLbA
AwYGKgy2wIAwDwMFACoMtsEDBgYqDLbBgDANBgkqhkiG9w0BAQsFAAOCAQEAF3Nc
X+m7hjF1q7vW/JkTY9SduSEfZ+KWKD9D2dr8PzoCx7k8gzyOXl+xRrgIWUfTuRSR
xd2GGqCb52l4Lf9GhsCqoWZLkgoUA+8GM/Dkdtk0jK67GYkplJnWSlUeup50VQLt
XXHZq1uNY73HEwq1cB8bQGuBIUJxBSCpKtAyUBxd7j4PCIV2oY++h/Q75EzQQGb5
lI9AFBY9Hdqu/Xkjf/hal2ITzhlkmljTDrL6XXNT0LYqo1lkby9v8TCWrwBac27U
f2t6fNiY2BFVa6nitypY++iCZaml6ZAMjKRJJIgdtK8yh0vj6qSEs0eDrLNkURer
YG/zQGu0qyRCkrByRA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:53:32 2024 by rpki-client on console-ams.rpki-client.org