Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/csohH9t9j8cMVwC4RnlNvr9wncU.roa
File: csohH9t9j8cMVwC4RnlNvr9wncU.roa (raw, json)
Hash identifier: g8xOdCg7xbA/63oze7YSbFoMtuPM4kR8Z2OhayteWQU=
Subject key identifier: 72:CA:21:1F:DB:7D:8F:C7:0C:57:00:B8:46:79:4D:BE:BF:70:9D:C5
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018CC5DC0DED3B39B4BE1BFBDF60B50DB877
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/csohH9t9j8cMVwC4RnlNvr9wncU.roa
Signing time: Mon 01 Jan 2024 16:29:42 +0000
ROA not before: Mon 01 Jan 2024 16:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208753
IP address blocks: 2a05:b0c6:200e::/48 maxlen: 48
2a05:b0c6:200b::/48 maxlen: 48
2a05:b0c6:200a::/48 maxlen: 48
2a05:b0c6:200d::/48 maxlen: 48
2a05:b0c6:200c::/48 maxlen: 48
2a05:b0c6:200f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0d:ed:3b:39:b4:be:1b:fb:df:60:b5:0d:b8:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72ca211fdb7d8fc70c5700b846794dbebf709dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1f:c5:d5:4b:73:ef:82:5b:9b:4a:e2:d1:78:
62:4c:c2:ae:7b:20:ea:9e:78:b4:2c:14:b0:95:42:
eb:73:72:21:03:07:a6:76:c8:35:69:d1:5e:86:d6:
18:7e:cf:ce:d0:8f:35:90:d0:1a:0c:2f:8b:2b:37:
db:78:66:39:14:24:24:28:93:0b:c6:bb:cf:f0:88:
97:41:68:d2:36:f4:83:79:0b:d8:59:fe:2d:cb:7e:
61:38:62:58:8c:57:26:00:bd:f5:aa:76:e6:c8:10:
4a:1c:16:1f:20:06:22:e1:e7:da:64:6f:5c:f3:74:
61:2c:40:bc:bf:88:1d:03:07:f2:ce:20:93:0a:cd:
19:a4:e3:8f:f1:85:de:86:3a:d9:5d:2c:2e:f2:d2:
82:60:ea:8e:87:cd:b3:94:10:b6:30:17:af:af:57:
ec:5c:0b:29:c1:c8:35:71:56:1e:0d:11:07:ec:5c:
23:1b:d4:34:69:43:30:63:c0:39:62:a7:5c:9e:d7:
ab:6c:37:50:a7:3d:b5:6d:c6:79:41:68:86:11:70:
26:d4:fc:5e:5b:c0:3d:b8:26:59:76:97:5f:2e:cd:
0d:33:d6:66:be:38:1b:87:2d:6d:d6:76:7d:c7:d6:
52:16:ee:86:3c:da:ff:07:dd:2b:56:ba:b6:cf:8e:
0a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:CA:21:1F:DB:7D:8F:C7:0C:57:00:B8:46:79:4D:BE:BF:70:9D:C5
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/csohH9t9j8cMVwC4RnlNvr9wncU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:200a::-2a05:b0c6:200f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
58:2c:d9:9e:5c:91:09:e6:af:33:db:b1:79:a1:9b:a2:19:fd:
e4:8c:a9:0a:ef:2b:cf:b1:8d:23:1c:a8:14:82:ec:5f:54:76:
f4:23:7e:9b:e0:7c:53:a7:af:ad:b8:31:67:9f:b5:ba:16:8a:
e3:87:2b:63:eb:6f:e7:f9:d3:47:a9:65:0c:47:47:48:6f:a0:
95:35:08:55:99:1b:1b:ee:43:f7:9a:14:fa:12:f3:96:80:34:
d4:67:9a:81:1f:13:0e:35:78:b4:4b:25:cf:82:f6:0b:6b:3f:
4b:cf:50:82:5f:c1:6e:20:e9:fc:44:af:08:8d:24:2b:16:c9:
bd:dc:b6:34:f2:4a:ca:ea:a5:2d:f5:6d:b7:93:95:a4:d6:d8:
25:e6:71:cf:d6:61:56:ed:a1:7d:5c:32:00:05:0a:de:45:e8:
09:90:61:12:b6:c8:fa:77:2f:4d:a4:22:2b:de:72:36:c8:8b:
6c:e5:23:07:42:4a:34:f2:e0:0b:c5:e4:a4:be:f5:0c:f8:03:
11:04:95:4a:55:47:96:1c:ac:82:69:84:c9:26:1d:60:d6:74:
69:78:75:9c:ed:7a:f1:96:f3:5b:df:f8:79:2a:72:81:c5:0c:
66:d8:3f:a6:76:43:c8:c0:6c:8b:f7:38:92:02:25:c1:b5:d3:
ff:62:36:a5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzF3A3tOzm0vhv732C1Dbh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmNhMjExZmRiN2Q4ZmM3MGM1NzAwYjg0Njc5NGRiZWJmNzA5ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAux/F1Utz74Jbm0ri0XhiTMKueyDq
nni0LBSwlULrc3IhAwemdsg1adFehtYYfs/O0I81kNAaDC+LKzfbeGY5FCQkKJML
xrvP8IiXQWjSNvSDeQvYWf4ty35hOGJYjFcmAL31qnbmyBBKHBYfIAYi4efaZG9c
83RhLEC8v4gdAwfyziCTCs0ZpOOP8YXehjrZXSwu8tKCYOqOh82zlBC2MBevr1fs
XAspwcg1cVYeDREH7FwjG9Q0aUMwY8A5YqdcnterbDdQpz21bcZ5QWiGEXAm1Pxe
W8A9uCZZdpdfLs0NM9Zmvjgbhy1t1nZ9x9ZSFu6GPNr/B90rVrq2z44KPQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHLKIR/bfY/HDFcAuEZ5Tb6/cJ3FMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvY3NvaEg5dDlqOGNNVndDNFJubE52cjl3bmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwEqBbDG
IAoDBwQqBbDGIAAwDQYJKoZIhvcNAQELBQADggEBAFgs2Z5ckQnmrzPbsXmhm6IZ
/eSMqQrvK8+xjSMcqBSC7F9UdvQjfpvgfFOnr624MWeftboWiuOHK2Prb+f500ep
ZQxHR0hvoJU1CFWZGxvuQ/eaFPoS85aANNRnmoEfEw41eLRLJc+C9gtrP0vPUIJf
wW4g6fxErwiNJCsWyb3ctjTySsrqpS31bbeTlaTW2CXmcc/WYVbtoX1cMgAFCt5F
6AmQYRK2yPp3L02kIivecjbIi2zlIwdCSjTy4AvF5KS+9Qz4AxEElUpVR5YcrIJp
hMkmHWDWdGl4dZztevGW81vf+HkqcoHFDGbYP6Z2Q8jAbIv3OJICJcG10/9iNqU=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:35:48 2024 by rpki-client on console-fra.rpki-client.org