Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/oSQl-ulBiLFGFGkOYK9mxmuk4r8.roa
File: oSQl-ulBiLFGFGkOYK9mxmuk4r8.roa (raw, json)
Hash identifier: 5KoMzs9NOXMqMQdNJGucf0NWyvVGcR5F20AWKQzxZwA=
Subject key identifier: A1:24:25:FA:E9:41:88:B1:46:14:69:0E:60:AF:66:C6:6B:A4:E2:BF
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018CC6B8163224F143A5EC11E4F26A990490
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/oSQl-ulBiLFGFGkOYK9mxmuk4r8.roa
Signing time: Mon 01 Jan 2024 20:30:02 +0000
ROA not before: Mon 01 Jan 2024 20:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42087
IP address blocks: 2a00:1fa2:80c0::/48 maxlen: 48
2a00:1fa2:ba00::/40 maxlen: 40
2a00:1fa2:baf0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 07:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:16:32:24:f1:43:a5:ec:11:e4:f2:6a:99:04:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 20:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a12425fae94188b14614690e60af66c66ba4e2bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b8:94:3c:95:49:d6:4a:d8:86:96:45:92:fa:
9b:60:97:36:fb:24:c4:77:73:a4:be:61:98:75:7d:
53:2b:a0:4b:23:fb:a0:5f:30:d4:f7:45:cc:7a:45:
d8:be:08:c0:c7:10:73:ac:28:22:c6:39:14:c6:79:
ee:da:29:d9:32:e3:fe:9c:c1:41:4d:91:e4:0b:4f:
a1:15:e1:08:41:fe:ec:c7:23:a9:2a:d0:60:fe:ca:
c6:2f:c6:ce:f4:c2:c4:46:7f:52:70:93:92:88:40:
b5:1e:41:30:12:18:cc:67:51:5b:6d:b6:5d:16:45:
61:2e:a3:20:27:76:e8:5e:15:cd:aa:0a:6a:0c:5a:
7d:69:8c:ae:13:db:a1:e0:85:85:10:9a:c4:92:2f:
ca:1c:4d:17:7d:87:8b:1f:40:e2:e3:d6:be:c4:b1:
4f:e8:82:0c:78:5c:af:0c:40:63:90:8b:8f:5f:41:
4c:8a:16:a7:74:ef:30:e7:b2:cf:69:a3:5e:c5:61:
fd:f1:b7:b1:fa:6f:b4:df:f0:6a:ea:86:ff:25:4f:
4e:99:bb:9e:d3:56:21:13:7f:1f:6d:c1:29:a0:9f:
23:f0:ec:b2:90:d7:7c:01:a6:fc:df:16:dc:7c:cc:
ec:e3:c2:68:8c:d6:2e:ba:cb:d5:02:5c:0a:1f:c6:
cc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:24:25:FA:E9:41:88:B1:46:14:69:0E:60:AF:66:C6:6B:A4:E2:BF
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/oSQl-ulBiLFGFGkOYK9mxmuk4r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1fa2:80c0::/48
2a00:1fa2:ba00::/40
Signature Algorithm: sha256WithRSAEncryption
2c:98:27:f7:5e:01:b8:9b:73:57:cd:cc:aa:92:12:f6:01:2a:
cc:cd:87:20:5d:c8:b7:90:55:23:b3:dc:d9:6f:e3:7b:54:c7:
b8:b6:42:73:b9:73:9b:7f:27:49:15:bb:3d:31:6f:6a:00:06:
1e:85:95:7c:ba:e7:12:77:1c:10:2f:93:57:22:5d:4d:6e:a5:
a3:b3:b3:a6:09:77:e8:51:f6:b2:ec:66:41:20:da:4e:2b:30:
69:cc:7e:96:e1:1e:09:20:be:c5:7a:fa:bf:06:2d:4d:8a:04:
a3:a6:87:9f:8f:fa:f9:0f:38:6c:d9:6c:cf:a3:0f:85:9d:cd:
8e:78:ef:64:be:d3:e9:f4:b2:18:ab:49:10:e4:f6:1e:0e:9e:
ea:b0:7f:8b:9f:6b:3c:34:fc:92:4f:52:74:72:0b:7b:75:25:
f1:a1:cf:57:52:66:d3:02:dd:89:c1:f7:35:3f:46:13:53:01:
75:28:6b:f2:f2:a4:1e:52:f9:75:ae:de:6b:94:a3:2a:00:54:
6e:b0:fe:e8:81:97:e7:2e:db:a5:5a:89:a3:18:2d:6b:e4:fa:
c6:87:30:a8:79:95:3e:8f:ef:54:68:20:ef:d4:e7:31:ce:66:
5a:ee:2d:10:5e:71:d1:cd:33:31:c3:c6:68:c3:c1:7b:16:14:
85:4c:1e:2a
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzGuBYyJPFDpewR5PJqmQSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMTAxMjAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTI0MjVmYWU5NDE4OGIxNDYxNDY5MGU2MGFmNjZjNjZiYTRlMmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbiUPJVJ1krYhpZFkvqbYJc2+yTE
d3OkvmGYdX1TK6BLI/ugXzDU90XMekXYvgjAxxBzrCgixjkUxnnu2inZMuP+nMFB
TZHkC0+hFeEIQf7sxyOpKtBg/srGL8bO9MLERn9ScJOSiEC1HkEwEhjMZ1FbbbZd
FkVhLqMgJ3boXhXNqgpqDFp9aYyuE9uh4IWFEJrEki/KHE0XfYeLH0Di49a+xLFP
6IIMeFyvDEBjkIuPX0FMihandO8w57LPaaNexWH98bex+m+03/Bq6ob/JU9Ombue
01YhE38fbcEpoJ8j8OyykNd8Aab83xbcfMzs48JojNYuusvVAlwKH8bMywIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFKEkJfrpQYixRhRpDmCvZsZrpOK/MB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvb1NRbC11bEJpTEZHRkdrT1lLOW14bXVrNHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKgAfooDA
AwYAKgAforowDQYJKoZIhvcNAQELBQADggEBACyYJ/deAbibc1fNzKqSEvYBKszN
hyBdyLeQVSOz3Nlv43tUx7i2QnO5c5t/J0kVuz0xb2oABh6FlXy65xJ3HBAvk1ci
XU1upaOzs6YJd+hR9rLsZkEg2k4rMGnMfpbhHgkgvsV6+r8GLU2KBKOmh5+P+vkP
OGzZbM+jD4WdzY5472S+0+n0shirSRDk9h4Onuqwf4ufazw0/JJPUnRyC3t1JfGh
z1dSZtMC3YnB9zU/RhNTAXUoa/LypB5S+XWu3muUoyoAVG6w/uiBl+cu26VaiaMY
LWvk+saHMKh5lT6P71RoIO/U5zHOZlruLRBecdHNMzHDxmjDwXsWFIVMHio=
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:54:37 2024 by rpki-client on console-fra.rpki-client.org