Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/AIpnQMeGHFVQY9kyWMKEUvA7GYk.roa
File: AIpnQMeGHFVQY9kyWMKEUvA7GYk.roa (raw, json)
Hash identifier: +tHz4QUGRwtz9pgY5wrXeTpRh6ChmvrwdsFN3JYemak=
Subject key identifier: 00:8A:67:40:C7:86:1C:55:50:63:D9:32:58:C2:84:52:F0:3B:19:89
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 018CC725F7DFA2FE880AD68FB42D75FDA0ED
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/AIpnQMeGHFVQY9kyWMKEUvA7GYk.roa
Signing time: Mon 01 Jan 2024 22:30:03 +0000
ROA not before: Mon 01 Jan 2024 22:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50389
IP address blocks: 2a01:b960:2303::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:f7:df:a2:fe:88:0a:d6:8f:b4:2d:75:fd:a0:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 22:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=008a6740c7861c555063d93258c28452f03b1989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3c:15:6d:f1:47:6c:a9:8e:21:eb:95:38:9f:
b1:97:b9:9b:80:01:d4:c7:89:48:79:44:83:f6:27:
8b:34:d8:29:dc:6a:02:41:72:0c:be:82:d1:cd:c3:
75:45:55:bb:f9:0f:47:5d:fe:cf:06:74:c0:0d:e3:
44:96:1d:3c:8e:15:80:68:6c:97:69:59:72:4a:90:
b9:b5:70:ce:d0:43:42:1c:da:45:02:3f:53:8e:dc:
a2:1a:69:60:2c:d2:b0:fe:40:90:9f:05:ea:d2:fa:
a6:1c:2c:69:de:b9:8e:62:22:97:64:b9:46:e1:87:
ad:4c:20:ee:77:5e:6c:8c:56:07:df:42:a8:3b:5b:
a0:25:6b:c9:61:ef:e3:c7:3e:bd:3b:2a:ce:a8:71:
a3:01:ed:2a:1d:1b:e5:a4:9b:22:64:85:f4:c9:4d:
e7:17:1a:03:cf:d4:21:fb:12:97:f0:03:43:76:4a:
66:30:26:11:6d:35:39:6a:50:a4:45:5d:27:3e:8a:
07:68:57:d7:70:b1:bd:f0:cb:ea:26:57:97:1f:a1:
c9:46:ab:a3:46:d7:52:91:90:65:4b:bb:46:9b:88:
32:2d:c0:3b:55:c4:57:36:92:3e:d9:09:bf:2a:d1:
74:6a:75:f5:43:80:94:32:ea:8f:53:1a:12:50:c5:
69:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8A:67:40:C7:86:1C:55:50:63:D9:32:58:C2:84:52:F0:3B:19:89
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/AIpnQMeGHFVQY9kyWMKEUvA7GYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:2303::/48
Signature Algorithm: sha256WithRSAEncryption
84:1f:41:7d:2e:c9:c2:da:7f:84:b3:ad:a4:84:b4:64:32:2e:
8f:bc:95:ce:f6:dd:ff:ac:21:12:5e:41:91:b3:1a:c9:12:0c:
25:20:43:81:fb:99:8d:c7:00:ea:24:18:ce:de:c8:c4:2e:fd:
ca:eb:03:fc:96:67:90:cb:75:63:43:c8:6b:07:e6:66:eb:01:
e3:f3:26:68:1e:c9:e9:af:4d:26:03:7e:37:fa:84:75:54:74:
53:1e:78:51:91:d8:2c:93:15:cd:89:ca:71:04:a7:84:a7:38:
4e:46:98:f3:42:ad:af:a2:84:8a:85:ec:df:1f:cd:01:4e:bc:
4b:f6:96:82:62:dc:f7:fb:50:d7:35:0e:be:f0:64:47:4a:e9:
0c:84:f5:a2:fa:96:02:fa:41:61:43:24:92:8f:6a:28:44:3b:
32:54:78:3d:9a:e5:13:82:2c:fb:46:b5:1f:5f:6f:bd:03:1c:
b4:c9:ed:c5:c8:09:18:57:01:f8:90:24:fb:f3:3e:47:ab:58:
59:a8:0e:25:3a:65:f3:d0:47:7e:51:39:71:66:ca:ae:99:25:
7a:0d:ad:82:48:f8:8e:38:57:84:fe:c8:ef:71:a1:26:3e:ae:
aa:0c:bc:76:9c:a0:c8:0d:f9:af:34:db:3e:00:ed:c7:2b:48:
13:39:bd:b5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJfffov6ICtaPtC11/aDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjQwMTAxMjIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDhhNjc0MGM3ODYxYzU1NTA2M2Q5MzI1OGMyODQ1MmYwM2IxOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTwVbfFHbKmOIeuVOJ+xl7mbgAHU
x4lIeUSD9ieLNNgp3GoCQXIMvoLRzcN1RVW7+Q9HXf7PBnTADeNElh08jhWAaGyX
aVlySpC5tXDO0ENCHNpFAj9TjtyiGmlgLNKw/kCQnwXq0vqmHCxp3rmOYiKXZLlG
4YetTCDud15sjFYH30KoO1ugJWvJYe/jxz69OyrOqHGjAe0qHRvlpJsiZIX0yU3n
FxoDz9Qh+xKX8ANDdkpmMCYRbTU5alCkRV0nPooHaFfXcLG98MvqJleXH6HJRquj
RtdSkZBlS7tGm4gyLcA7VcRXNpI+2Qm/KtF0anX1Q4CUMuqPUxoSUMVpbQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFACKZ0DHhhxVUGPZMljChFLwOxmJMB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvQUlwblFNZUdIRlZRWTlreVdNS0VVdkE3R1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl
LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgG5YCMD
MA0GCSqGSIb3DQEBCwUAA4IBAQCEH0F9LsnC2n+Es62khLRkMi6PvJXO9t3/rCES
XkGRsxrJEgwlIEOB+5mNxwDqJBjO3sjELv3K6wP8lmeQy3VjQ8hrB+Zm6wHj8yZo
Hsnpr00mA343+oR1VHRTHnhRkdgskxXNicpxBKeEpzhORpjzQq2vooSKhezfH80B
TrxL9paCYtz3+1DXNQ6+8GRHSukMhPWi+pYC+kFhQySSj2ooRDsyVHg9muUTgiz7
RrUfX2+9Axy0ye3FyAkYVwH4kCT78z5Hq1hZqA4lOmXz0Ed+UTlxZsqumSV6Da2C
SPiOOFeE/sjvcaEmPq6qDLx2nKDIDfmvNNs+AO3HK0gTOb21
-----END CERTIFICATE-----
Generated at Sun May 19 16:44:50 2024 by rpki-client on console-fra.rpki-client.org