Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/SdITyx60ptY_jki0QqIZzLGfWGQ.roa
File: SdITyx60ptY_jki0QqIZzLGfWGQ.roa (raw, json)
Hash identifier: 8uOqDrxNewwtyoYBFcJf2g7t8peH0bPiB1UfCuek6Po=
Subject key identifier: 49:D2:13:CB:1E:B4:A6:D6:3F:8E:48:B4:42:A2:19:CC:B1:9F:58:64
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 018CC5005E33B153D764D2F52BF5C628CD40
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/SdITyx60ptY_jki0QqIZzLGfWGQ.roa
Signing time: Mon 01 Jan 2024 12:29:44 +0000
ROA not before: Mon 01 Jan 2024 12:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 2a05:541:127::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:5e:33:b1:53:d7:64:d2:f5:2b:f5:c6:28:cd:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Jan 1 12:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49d213cb1eb4a6d63f8e48b442a219ccb19f5864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:47:1f:0c:07:01:0b:a9:3f:85:28:fc:84:0d:
51:13:73:89:68:75:a2:ee:e4:97:3a:01:f5:13:16:
92:81:87:eb:a3:af:b8:a9:51:16:dd:4c:a3:a0:97:
69:df:20:07:e3:50:17:2e:53:b1:bb:1b:8e:2d:94:
b7:b9:5d:89:c7:77:cb:75:b9:bd:b6:12:df:7e:ad:
a3:25:13:d4:3d:fa:42:b6:4b:9c:39:eb:58:d0:95:
3a:3c:81:eb:2b:b5:6a:92:a6:e7:be:65:46:47:47:
fa:3e:f1:8c:09:a6:21:38:fb:30:d6:65:43:56:5a:
32:c9:95:7b:3a:01:e5:e0:10:73:5a:90:f9:ef:b2:
75:ae:34:48:32:90:d7:a0:42:00:f6:b3:68:93:46:
bf:6c:b6:f1:01:78:3e:14:4c:48:3e:5e:e8:31:af:
35:a9:88:b0:bd:dc:8f:9c:d4:ce:ec:cd:be:bf:de:
5a:ca:1c:33:18:0e:b9:a3:1f:b5:e4:0b:97:37:27:
d5:96:a1:ca:29:08:43:5e:af:46:92:62:d2:63:51:
97:bc:78:52:c4:8b:2c:ff:0c:ec:e2:4b:a9:7a:bf:
c2:ea:29:16:62:b6:31:7e:cd:75:6b:05:28:a6:07:
64:97:b1:5e:ea:51:cd:3b:0d:43:ae:9e:12:45:66:
65:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D2:13:CB:1E:B4:A6:D6:3F:8E:48:B4:42:A2:19:CC:B1:9F:58:64
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/SdITyx60ptY_jki0QqIZzLGfWGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:541:127::/48
Signature Algorithm: sha256WithRSAEncryption
10:95:3e:59:4e:1f:60:47:81:dc:d3:09:ac:cf:88:34:6f:f3:
5e:ed:c9:3e:f8:f9:b7:85:05:af:40:b4:bc:71:ac:9c:bb:89:
0a:d6:e6:82:09:0b:0c:04:50:78:02:61:78:98:5e:94:9b:c2:
27:65:c8:c8:fc:be:87:19:9a:3a:00:83:7e:3a:41:42:9a:bd:
22:83:26:34:d0:cb:06:ce:c7:66:c0:70:7d:48:34:16:39:fd:
0a:91:b0:9d:bb:60:a7:4e:ce:62:e6:36:3b:75:24:3c:a1:f5:
09:d4:fd:35:5e:74:8f:10:d2:00:a7:64:dd:3a:78:de:c2:dc:
2c:60:af:48:d5:2e:45:fb:b9:cf:d5:d5:80:e9:73:e8:6b:62:
ba:8d:7b:dd:32:a4:b9:dd:8b:94:cc:a6:71:11:51:50:fb:68:
50:15:0a:72:32:e1:73:2b:92:2c:11:aa:e6:ec:62:07:35:5c:
ca:84:c5:b4:4e:1c:7e:ca:de:c7:84:f4:9f:e5:35:c7:7b:33:
bf:73:03:cc:6c:48:ed:d9:36:df:44:c6:19:6e:53:c0:fc:7d:
73:50:34:e1:81:ed:8e:36:25:83:af:cf:61:46:28:71:2c:2b:
bf:5e:5b:b9:f5:cc:b6:7d:4b:72:45:fd:54:13:12:c5:f5:73:
0a:78:eb:ff
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFAF4zsVPXZNL1K/XGKM1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjQwMTAxMTIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWQyMTNjYjFlYjRhNmQ2M2Y4ZTQ4YjQ0MmEyMTljY2IxOWY1ODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0cfDAcBC6k/hSj8hA1RE3OJaHWi
7uSXOgH1ExaSgYfro6+4qVEW3UyjoJdp3yAH41AXLlOxuxuOLZS3uV2Jx3fLdbm9
thLffq2jJRPUPfpCtkucOetY0JU6PIHrK7VqkqbnvmVGR0f6PvGMCaYhOPsw1mVD
VloyyZV7OgHl4BBzWpD577J1rjRIMpDXoEIA9rNok0a/bLbxAXg+FExIPl7oMa81
qYiwvdyPnNTO7M2+v95ayhwzGA65ox+15AuXNyfVlqHKKQhDXq9GkmLSY1GXvHhS
xIss/wzs4kuper/C6ikWYrYxfs11awUopgdkl7Fe6lHNOw1Drp4SRWZlrQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEnSE8setKbWP45ItEKiGcyxn1hkMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvU2RJVHl4NjBwdFlfamtpMFFxSVp6TEdmV0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgUFQQEn
MA0GCSqGSIb3DQEBCwUAA4IBAQAQlT5ZTh9gR4Hc0wmsz4g0b/Ne7ck++Pm3hQWv
QLS8caycu4kK1uaCCQsMBFB4AmF4mF6Um8InZcjI/L6HGZo6AIN+OkFCmr0igyY0
0MsGzsdmwHB9SDQWOf0KkbCdu2CnTs5i5jY7dSQ8ofUJ1P01XnSPENIAp2TdOnje
wtwsYK9I1S5F+7nP1dWA6XPoa2K6jXvdMqS53YuUzKZxEVFQ+2hQFQpyMuFzK5Is
Earm7GIHNVzKhMW0Thx+yt7HhPSf5TXHezO/cwPMbEjt2TbfRMYZblPA/H1zUDTh
ge2ONiWDr89hRihxLCu/Xlu59cy2fUtyRf1UExLF9XMKeOv/
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:27:17 2024 by rpki-client on console-fra.rpki-client.org