Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/CCO5lChMATZRnVi9zT_QB9_MdJg.roa
File: CCO5lChMATZRnVi9zT_QB9_MdJg.roa (raw, json)
Hash identifier: SEYqWyrmliouf3EIPLyau7dKVc2J/5Tfe7TQzkIPYPg=
Subject key identifier: 08:23:B9:94:28:4C:01:36:51:9D:58:BD:CD:3F:D0:07:DF:CC:74:98
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019345169E5E0BB6F0D8DD5B62004470C36B
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/CCO5lChMATZRnVi9zT_QB9_MdJg.roa
Signing time: Tue 19 Nov 2024 15:42:10 +0000
ROA not before: Tue 19 Nov 2024 15:42:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213861
IP address blocks: 2a14:7b80::/32 maxlen: 32
2a14:7b81::/32 maxlen: 32
2a14:7b82::/32 maxlen: 32
2a14:7b83::/32 maxlen: 32
2a14:7b84::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:45:16:9e:5e:0b:b6:f0:d8:dd:5b:62:00:44:70:c3:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Nov 19 15:42:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0823b994284c0136519d58bdcd3fd007dfcc7498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:88:c2:f2:b6:82:74:07:fd:6b:b3:17:68:5c:
44:b5:4a:68:7e:5e:ed:17:5b:fb:3b:26:16:db:40:
a0:7b:1c:bc:22:be:10:44:70:b2:e4:f1:1b:60:0a:
6f:41:c1:f5:15:32:34:38:36:c3:1e:94:bb:28:65:
1d:cf:4d:62:a6:54:3b:fe:b6:2a:b0:6e:1c:0a:ce:
a3:57:ca:43:08:4a:99:46:46:53:4f:5d:50:b2:a5:
e3:5c:f6:17:d0:a7:6e:8d:ed:80:8b:ca:1e:3c:17:
7c:47:b7:25:69:9b:9c:4f:cc:de:8a:3c:f2:cb:eb:
e7:5e:27:90:c8:e3:f0:0e:30:8b:9a:1d:8c:78:1c:
de:31:cf:7c:b1:c1:8e:0b:79:c3:70:1f:03:f4:76:
73:9d:95:ab:d3:cf:6a:8c:fd:5c:1b:9d:81:d3:98:
04:0c:26:07:b9:42:f4:f1:cc:db:cb:cf:76:87:46:
0d:ce:4f:cb:e6:fc:d4:5a:fd:0a:d4:23:4a:f4:ed:
a3:d6:e7:b4:c3:e3:63:ec:f2:e6:e2:65:55:3e:66:
2d:ba:26:a4:33:3d:0b:1d:6b:16:e0:34:07:41:fb:
37:8b:e8:8f:86:26:d1:60:b3:ae:5d:a3:59:99:b6:
64:0a:e1:7c:1e:5c:ee:c8:6e:1d:6f:05:94:69:97:
3d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:23:B9:94:28:4C:01:36:51:9D:58:BD:CD:3F:D0:07:DF:CC:74:98
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/CCO5lChMATZRnVi9zT_QB9_MdJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7b80::-2a14:7b84:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4c:59:a5:f6:d9:66:83:5a:f3:0d:91:51:ca:d5:1d:ab:e2:28:
37:c8:7c:c5:dc:26:3a:49:20:a0:92:fa:c8:a4:62:8c:b6:c2:
96:b8:06:de:cf:8c:4f:0f:c8:66:9a:04:7e:e2:32:6f:0c:1a:
15:fa:b4:29:b8:50:2e:00:4a:0c:55:fd:ee:af:de:04:54:00:
dc:35:be:ad:83:9b:5a:bf:88:52:ef:82:4d:64:bc:eb:88:06:
d0:e3:55:7f:0a:e5:62:00:a7:25:7e:06:42:78:71:69:2e:f3:
be:be:ad:c6:3a:6b:f0:d3:39:0d:b7:34:e9:6f:ef:1b:4c:5d:
6e:14:81:38:48:02:90:85:67:50:85:43:a5:fc:52:48:33:dc:
7d:db:b5:c8:46:fa:1b:39:c0:3f:65:02:9d:ae:e5:6c:b2:ca:
b4:f7:bc:d7:ec:56:bb:c5:eb:fc:09:b0:66:ef:e1:e6:24:b6:
e4:7d:b5:d9:d9:78:77:f1:98:41:e8:86:8d:38:59:7b:ca:49:
a8:90:3a:0d:2c:a7:5c:cc:7a:79:45:fc:b0:eb:d0:70:2f:cb:
88:67:f6:44:ec:7c:eb:0b:21:bd:7e:27:c2:99:91:2f:42:ea:
2e:7d:d8:47:a0:94:31:82:b2:38:4d:37:e0:46:97:ac:5b:ff:
fd:74:61:b3
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZNFFp5eC7bw2N1bYgBEcMNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQxMTE5MTU0MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODIzYjk5NDI4NGMwMTM2NTE5ZDU4YmRjZDNmZDAwN2RmY2M3NDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIjC8raCdAf9a7MXaFxEtUpofl7t
F1v7OyYW20Cgexy8Ir4QRHCy5PEbYApvQcH1FTI0ODbDHpS7KGUdz01iplQ7/rYq
sG4cCs6jV8pDCEqZRkZTT11QsqXjXPYX0Kduje2Ai8oePBd8R7claZucT8zeijzy
y+vnXieQyOPwDjCLmh2MeBzeMc98scGOC3nDcB8D9HZznZWr089qjP1cG52B05gE
DCYHuUL08czby892h0YNzk/L5vzUWv0K1CNK9O2j1ue0w+Nj7PLm4mVVPmYtuiak
Mz0LHWsW4DQHQfs3i+iPhibRYLOuXaNZmbZkCuF8HlzuyG4dbwWUaZc9MQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFAgjuZQoTAE2UZ1Yvc0/0AffzHSYMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvQ0NPNWxDaE1BVFpSblZpOXpUX1FCOV9NZEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQcqFHuA
AwUAKhR7hDANBgkqhkiG9w0BAQsFAAOCAQEATFml9tlmg1rzDZFRytUdq+IoN8h8
xdwmOkkgoJL6yKRijLbClrgG3s+MTw/IZpoEfuIybwwaFfq0KbhQLgBKDFX97q/e
BFQA3DW+rYObWr+IUu+CTWS864gG0ONVfwrlYgCnJX4GQnhxaS7zvr6txjpr8NM5
Dbc06W/vG0xdbhSBOEgCkIVnUIVDpfxSSDPcfdu1yEb6GznAP2UCna7lbLLKtPe8
1+xWu8Xr/AmwZu/h5iS25H212dl4d/GYQeiGjThZe8pJqJA6DSynXMx6eUX8sOvQ
cC/LiGf2ROx86wshvX4nwpmRL0LqLn3YR6CUMYKyOE034EaXrFv//XRhsw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:27:32 2024 by rpki-client on console-ams.rpki-client.org