Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/98_9CoAMX8vA5L3MYhfBSBgXfro.roa
File: 98_9CoAMX8vA5L3MYhfBSBgXfro.roa (raw, json)
Hash identifier: IwsJMuEY5xWJbdx7MeR39o7So0mLisUmoGY6ITCrBvA=
Subject key identifier: F7:CF:FD:0A:80:0C:5F:CB:C0:E4:BD:CC:62:17:C1:48:18:17:7E:BA
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 018CC725F9C6DB77157D3BF5640664FFDC49
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/98_9CoAMX8vA5L3MYhfBSBgXfro.roa
Signing time: Mon 01 Jan 2024 22:30:03 +0000
ROA not before: Mon 01 Jan 2024 22:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209485
IP address blocks: 2a01:b960:2309::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:f9:c6:db:77:15:7d:3b:f5:64:06:64:ff:dc:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 22:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7cffd0a800c5fcbc0e4bdcc6217c14818177eba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:15:f5:dc:6c:b9:2a:f0:b1:4a:d6:54:2d:82:
a6:cc:1b:b0:e1:bd:b9:0c:09:6c:c5:03:32:6c:ce:
c8:96:e9:b5:18:a2:d6:72:13:48:8a:be:28:df:2d:
40:7c:a3:bf:ed:c2:ea:e1:b3:bc:83:de:0b:ba:68:
7b:a8:d1:6c:44:09:67:2c:ab:3a:2e:5e:34:a8:ce:
65:9c:1f:a2:e5:38:47:32:ef:f3:17:72:74:1c:67:
81:88:a4:31:56:4b:16:16:b1:0a:d8:7b:b1:79:a0:
51:7a:3b:f3:fd:ac:aa:09:33:82:b2:a4:1e:ba:3c:
58:7b:21:fa:42:0e:10:46:0b:04:9a:d8:87:af:e9:
99:5c:0f:48:55:ba:2f:6a:1c:63:52:a7:f7:b4:7f:
cf:30:52:c8:8d:fe:b7:82:4d:62:60:fc:fb:02:ae:
76:c6:01:15:d2:e9:54:f0:fd:ca:ef:8b:17:32:e1:
06:4d:37:e4:be:c4:3d:10:64:c2:b7:0a:08:f8:85:
4c:e8:b2:c5:45:ed:30:db:9c:fa:0e:29:b1:b1:d8:
03:74:58:0c:3a:6c:35:ce:01:05:32:15:7a:84:bc:
88:31:55:a2:fe:b0:61:c9:1d:15:c2:f6:70:93:9b:
7a:e4:ab:1e:3d:85:ef:3d:dc:26:8a:c3:1f:0a:9b:
21:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CF:FD:0A:80:0C:5F:CB:C0:E4:BD:CC:62:17:C1:48:18:17:7E:BA
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/98_9CoAMX8vA5L3MYhfBSBgXfro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:2309::/48
Signature Algorithm: sha256WithRSAEncryption
9b:9f:3f:f9:b7:e5:3f:b5:fe:7e:22:73:89:b7:12:bc:1d:96:
e0:5e:33:49:6e:f7:f0:6f:fd:41:a7:ef:64:6a:11:7e:47:08:
29:49:b3:94:3f:38:b7:3e:5a:ce:50:00:08:26:9b:3f:55:54:
6a:f3:27:28:a5:e9:ea:e7:af:f5:d4:09:6f:e1:af:da:fd:de:
40:4c:a5:62:28:73:f5:9f:67:4a:25:2c:f3:85:da:9c:ae:77:
7f:ec:88:59:e1:bb:be:ed:e7:c7:3f:7b:78:21:67:c4:5b:33:
d2:bd:d7:03:61:15:9d:2b:93:f2:68:fe:30:29:b2:84:99:57:
00:65:10:23:1c:b4:25:b5:c5:aa:e7:9b:e6:c6:0d:cf:e1:8e:
11:e5:57:9b:be:f6:10:a8:44:76:82:98:88:7f:8d:b4:d4:c0:
5f:19:8c:9d:50:ed:84:db:75:1c:df:67:1a:e7:cb:6e:30:76:
df:e6:d8:b4:8b:4d:e7:03:b7:c3:6c:ee:7d:be:8b:98:10:af:
89:63:02:c9:92:13:84:cc:1f:66:2d:5d:64:f0:29:26:98:4c:
a6:86:ed:8f:96:13:28:b4:2d:e3:c5:63:50:b7:e7:bc:02:b8:
d6:db:f8:c5:cb:37:18:9b:e1:02:d1:e6:58:2c:a0:5b:d2:f4:
f3:d8:fb:b0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJfnG23cVfTv1ZAZk/9xJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjQwMTAxMjIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2NmZmQwYTgwMGM1ZmNiYzBlNGJkY2M2MjE3YzE0ODE4MTc3ZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBX13Gy5KvCxStZULYKmzBuw4b25
DAlsxQMybM7Ilum1GKLWchNIir4o3y1AfKO/7cLq4bO8g94Lumh7qNFsRAlnLKs6
Ll40qM5lnB+i5ThHMu/zF3J0HGeBiKQxVksWFrEK2HuxeaBRejvz/ayqCTOCsqQe
ujxYeyH6Qg4QRgsEmtiHr+mZXA9IVbovahxjUqf3tH/PMFLIjf63gk1iYPz7Aq52
xgEV0ulU8P3K74sXMuEGTTfkvsQ9EGTCtwoI+IVM6LLFRe0w25z6DimxsdgDdFgM
Omw1zgEFMhV6hLyIMVWi/rBhyR0VwvZwk5t65KsePYXvPdwmisMfCpshRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPfP/QqADF/LwOS9zGIXwUgYF366MB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvOThfOUNvQU1YOHZBNUwzTVloZkJTQmdYZnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl
LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgG5YCMJ
MA0GCSqGSIb3DQEBCwUAA4IBAQCbnz/5t+U/tf5+InOJtxK8HZbgXjNJbvfwb/1B
p+9kahF+RwgpSbOUPzi3PlrOUAAIJps/VVRq8ycopenq56/11Alv4a/a/d5ATKVi
KHP1n2dKJSzzhdqcrnd/7IhZ4bu+7efHP3t4IWfEWzPSvdcDYRWdK5PyaP4wKbKE
mVcAZRAjHLQltcWq55vmxg3P4Y4R5VebvvYQqER2gpiIf4201MBfGYydUO2E23Uc
32ca58tuMHbf5ti0i03nA7fDbO59vouYEK+JYwLJkhOEzB9mLV1k8CkmmEymhu2P
lhMotC3jxWNQt+e8ArjW2/jFyzcYm+EC0eZYLKBb0vTz2Puw
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:27:28 2024 by rpki-client on console-ams.rpki-client.org