Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/n5oADQeAzlwW-snsYInJ8J1sh2o.roa
File: n5oADQeAzlwW-snsYInJ8J1sh2o.roa (raw, json)
Hash identifier: PisRnHFVSCqKTcq8eRqfBGj3TG3PxM0JWhauYCKmiXU=
Subject key identifier: 9F:9A:00:0D:07:80:CE:5C:16:FA:C9:EC:60:89:C9:F0:9D:6C:87:6A
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01915B7F1D367C06537C30E73E4CA116AE93
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/n5oADQeAzlwW-snsYInJ8J1sh2o.roa
Signing time: Fri 16 Aug 2024 14:02:22 +0000
ROA not before: Fri 16 Aug 2024 14:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a12:39c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:7f:1d:36:7c:06:53:7c:30:e7:3e:4c:a1:16:ae:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Aug 16 14:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f9a000d0780ce5c16fac9ec6089c9f09d6c876a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b5:89:e1:e6:2c:ce:03:22:7d:e9:ce:c4:5f:
ba:4f:e1:9d:23:0d:07:78:99:ea:ca:6b:12:19:d7:
ef:29:8b:ec:61:0e:e8:13:59:20:7e:4c:b7:8d:52:
63:46:db:51:89:65:01:64:54:37:5d:0b:e2:7d:2e:
6a:62:0c:aa:97:ed:da:7a:aa:1b:74:c9:5d:bd:2e:
e0:f5:bf:b9:2b:3e:82:cf:7e:9d:96:d3:ef:62:16:
71:18:a1:75:59:17:c2:00:06:26:2c:71:f7:9b:c7:
4d:bd:6f:12:66:9b:07:ed:88:17:48:3a:04:2f:a1:
c6:8e:ce:4a:4f:c2:d5:17:10:7a:1e:be:3d:d5:bf:
5b:27:e7:80:fa:2a:10:c0:7f:d1:2d:16:5f:da:67:
17:d1:8a:66:24:5b:4c:a5:b5:b0:45:4a:c3:78:6d:
ff:82:4e:ae:ec:66:76:1a:8b:ed:e9:bc:82:d9:6e:
47:0a:5a:bf:46:34:4d:99:b6:33:5f:75:4f:5f:bd:
e8:e6:b1:34:8e:26:4d:24:09:03:2d:f2:96:1c:9e:
c8:57:69:ee:9d:34:61:b1:e8:59:c7:df:fc:67:25:
5f:95:72:80:23:cd:ba:46:77:9e:f9:43:61:6b:d4:
ca:87:7c:eb:f6:c5:c4:be:21:24:ce:18:79:ca:55:
97:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:9A:00:0D:07:80:CE:5C:16:FA:C9:EC:60:89:C9:F0:9D:6C:87:6A
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/n5oADQeAzlwW-snsYInJ8J1sh2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:39c0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:94:45:72:2a:00:ad:d4:6a:4a:71:9c:9e:5a:bb:1a:c7:7b:
fe:b0:7d:91:ae:6b:3e:c9:94:e9:c7:f0:70:2e:fe:08:1b:2d:
4d:97:c6:73:c4:6b:cb:40:29:85:65:1c:c2:47:4e:ba:ce:10:
64:74:63:a4:72:ad:67:45:27:3f:d4:62:a9:66:57:63:8e:af:
a2:51:41:dd:1f:a9:62:37:58:b9:d0:04:dc:68:df:53:a9:53:
90:b9:b1:ed:04:a4:e0:e6:80:a5:59:6d:88:76:fb:2b:48:42:
b5:8c:10:67:1d:32:52:f8:8f:46:29:24:e8:9e:d4:37:38:63:
7d:3a:6e:3c:ee:1b:0e:53:55:e3:53:db:fe:e6:57:af:cf:01:
32:16:15:51:ba:bc:11:75:a9:9b:33:ef:f5:cb:59:81:94:1b:
9f:a2:5b:c4:16:9e:fd:5f:c3:9c:0f:3d:33:8a:95:28:dd:36:
07:61:ec:c4:d1:2b:93:8c:6d:65:c7:f5:b2:57:77:7f:80:fc:
ce:9a:89:c3:48:24:93:9d:a8:af:5e:9b:fd:30:05:3e:5c:65:
9b:8c:0a:9f:61:30:6d:3f:12:be:ec:32:85:66:0f:e7:bf:da:
e5:bc:57:6a:16:14:db:2e:fb:3a:dd:c4:70:8c:b0:d7:28:99:
7f:0b:a7:7a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZFbfx02fAZTfDDnPkyhFq6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwODE2MTQwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjlhMDAwZDA3ODBjZTVjMTZmYWM5ZWM2MDg5YzlmMDlkNmM4NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37WJ4eYszgMifenOxF+6T+GdIw0H
eJnqymsSGdfvKYvsYQ7oE1kgfky3jVJjRttRiWUBZFQ3XQvifS5qYgyql+3aeqob
dMldvS7g9b+5Kz6Cz36dltPvYhZxGKF1WRfCAAYmLHH3m8dNvW8SZpsH7YgXSDoE
L6HGjs5KT8LVFxB6Hr491b9bJ+eA+ioQwH/RLRZf2mcX0YpmJFtMpbWwRUrDeG3/
gk6u7GZ2Govt6byC2W5HClq/RjRNmbYzX3VPX73o5rE0jiZNJAkDLfKWHJ7IV2nu
nTRhsehZx9/8ZyVflXKAI826Rnee+UNha9TKh3zr9sXEviEkzhh5ylWXYwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ+aAA0HgM5cFvrJ7GCJyfCdbIdqMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvbjVvQURRZUF6bHdXLXNuc1lJbko4SjFzaDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhI5wDAN
BgkqhkiG9w0BAQsFAAOCAQEASpRFcioArdRqSnGcnlq7Gsd7/rB9ka5rPsmU6cfw
cC7+CBstTZfGc8Rry0AphWUcwkdOus4QZHRjpHKtZ0UnP9RiqWZXY46volFB3R+p
YjdYudAE3GjfU6lTkLmx7QSk4OaApVltiHb7K0hCtYwQZx0yUviPRikk6J7UNzhj
fTpuPO4bDlNV41Pb/uZXr88BMhYVUbq8EXWpmzPv9ctZgZQbn6JbxBae/V/DnA89
M4qVKN02B2HsxNErk4xtZcf1sld3f4D8zpqJw0gkk52or16b/TAFPlxlm4wKn2Ew
bT8SvuwyhWYP57/a5bxXahYU2y77Ot3EcIyw1yiZfwuneg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:43:23 2024 by rpki-client on console-ams.rpki-client.org