Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/88c5b7-b126-4ed3-9d7a-e5ba4bfa171a/1/eEskLAXxa5lqo7Le0dIhJVhjW4E.roa
File: eEskLAXxa5lqo7Le0dIhJVhjW4E.roa (raw, json)
Hash identifier: 8O5TGGgkLmIZxA+U7DvWep1WBkZlID6lUYSNbpUMzGE=
Subject key identifier: 78:4B:24:2C:05:F1:6B:99:6A:A3:B2:DE:D1:D2:21:25:58:63:5B:81
Certificate issuer: /CN=bd974dc8c645ed235145caaa1355ba85f5257634
Certificate serial: 018CC726F387CE528D9B3337C548F98FC8CD
Authority key identifier: BD:97:4D:C8:C6:45:ED:23:51:45:CA:AA:13:55:BA:85:F5:25:76:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vZdNyMZF7SNRRcqqE1W6hfUldjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/88c5b7-b126-4ed3-9d7a-e5ba4bfa171a/1/eEskLAXxa5lqo7Le0dIhJVhjW4E.roa
Signing time: Mon 01 Jan 2024 22:31:07 +0000
ROA not before: Mon 01 Jan 2024 22:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48724
IP address blocks: 2001:67c:2e4c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/88c5b7-b126-4ed3-9d7a-e5ba4bfa171a/1/vZdNyMZF7SNRRcqqE1W6hfUldjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/88c5b7-b126-4ed3-9d7a-e5ba4bfa171a/1/vZdNyMZF7SNRRcqqE1W6hfUldjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/vZdNyMZF7SNRRcqqE1W6hfUldjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f3:87:ce:52:8d:9b:33:37:c5:48:f9:8f:c8:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd974dc8c645ed235145caaa1355ba85f5257634
Validity
Not Before: Jan 1 22:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=784b242c05f16b996aa3b2ded1d2212558635b81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6a:40:61:92:a9:9c:bd:3a:19:2c:f7:a3:ea:
66:86:ae:4e:1a:17:a1:98:37:1f:a6:b7:7a:ff:96:
99:2b:da:93:b0:1c:c5:bf:99:a8:08:6b:d1:bd:9c:
e7:e2:7b:e9:04:e3:d5:96:2a:a5:c7:f2:d3:c8:37:
7a:8e:87:f5:28:cf:3d:0f:b3:63:c0:b3:79:ec:e9:
c6:e1:fe:24:5b:f2:9e:73:30:ca:aa:39:86:bd:31:
b2:8a:91:fa:b2:4f:80:a3:96:fa:7f:bb:d9:b5:c1:
b0:11:eb:07:49:a6:dd:28:09:88:73:0f:48:c6:eb:
22:09:cb:2b:f1:3b:22:f2:cf:61:ef:16:59:39:d6:
57:4e:0b:79:aa:bf:9e:ab:0b:46:c9:6b:d2:87:f8:
b6:c2:a6:9a:cf:d3:64:03:3a:90:55:7b:ed:6c:3c:
60:64:df:5b:83:4d:55:19:e3:40:c0:65:46:12:81:
5f:dd:a8:06:90:ea:d5:3b:66:55:53:df:d9:fc:21:
36:91:45:8e:39:69:8a:eb:d5:ce:2b:6b:81:5f:29:
eb:bb:07:86:7a:b0:4b:aa:e8:74:5c:7c:bc:a7:7c:
86:23:c7:e3:9b:46:50:d3:ba:ca:2c:c0:bf:48:ca:
d0:d7:7a:03:61:bb:d6:f1:bf:cc:5f:18:fa:57:69:
27:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:4B:24:2C:05:F1:6B:99:6A:A3:B2:DE:D1:D2:21:25:58:63:5B:81
X509v3 Authority Key Identifier:
keyid:BD:97:4D:C8:C6:45:ED:23:51:45:CA:AA:13:55:BA:85:F5:25:76:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vZdNyMZF7SNRRcqqE1W6hfUldjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/88c5b7-b126-4ed3-9d7a-e5ba4bfa171a/1/eEskLAXxa5lqo7Le0dIhJVhjW4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/88c5b7-b126-4ed3-9d7a-e5ba4bfa171a/1/vZdNyMZF7SNRRcqqE1W6hfUldjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2e4c::/48
Signature Algorithm: sha256WithRSAEncryption
01:be:c3:0a:2c:a8:45:29:f9:c7:74:d6:99:e4:7a:07:15:ec:
24:b2:c8:d4:99:65:a3:b7:2e:3d:6e:bd:95:ab:29:54:70:fb:
c3:bd:df:3c:ed:94:a2:45:c7:a7:fc:88:f8:2b:e9:48:5c:13:
42:53:bb:6d:4d:2a:39:b4:90:e2:7c:1e:ae:e8:9b:46:68:25:
ac:bc:96:46:fc:1d:38:39:27:7b:f1:5f:a0:39:1a:05:77:26:
83:ec:b9:4d:23:61:4b:1f:8e:fd:a1:14:ef:ff:b4:f6:30:8a:
2a:b3:1d:b3:bb:78:fc:6d:db:f5:6f:9a:1c:3e:da:6f:00:dc:
96:52:79:ba:b3:81:08:e8:f5:95:fc:39:68:97:f4:08:92:00:
ee:97:6b:24:65:15:fc:0a:cc:28:c4:1a:c0:6f:09:3f:08:36:
d0:4f:64:28:f3:26:4d:6c:c7:b0:29:e3:84:cc:42:c4:c9:d3:
d2:58:47:e7:f1:13:2b:8b:28:d3:92:f4:2e:28:5e:21:cd:af:
f2:70:92:11:1a:81:1f:c5:81:45:10:07:3c:d3:98:42:c5:71:
f5:73:fb:6b:34:eb:a4:dd:c6:4a:04:3f:a3:b1:86:38:b3:50:
26:21:08:6b:28:3f:13:36:12:45:e4:f2:33:5f:dc:b2:f4:87:
48:87:ba:88
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJvOHzlKNmzM3xUj5j8jNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOTc0ZGM4YzY0NWVkMjM1MTQ1Y2FhYTEzNTViYTg1ZjUy
NTc2MzQwHhcNMjQwMTAxMjIzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODRiMjQyYzA1ZjE2Yjk5NmFhM2IyZGVkMWQyMjEyNTU4NjM1YjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumpAYZKpnL06GSz3o+pmhq5OGheh
mDcfprd6/5aZK9qTsBzFv5moCGvRvZzn4nvpBOPVliqlx/LTyDd6jof1KM89D7Nj
wLN57OnG4f4kW/KeczDKqjmGvTGyipH6sk+Ao5b6f7vZtcGwEesHSabdKAmIcw9I
xusiCcsr8Tsi8s9h7xZZOdZXTgt5qr+eqwtGyWvSh/i2wqaaz9NkAzqQVXvtbDxg
ZN9bg01VGeNAwGVGEoFf3agGkOrVO2ZVU9/Z/CE2kUWOOWmK69XOK2uBXynruweG
erBLquh0XHy8p3yGI8fjm0ZQ07rKLMC/SMrQ13oDYbvW8b/MXxj6V2knnwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHhLJCwF8WuZaqOy3tHSISVYY1uBMB8GA1UdIwQY
MBaAFL2XTcjGRe0jUUXKqhNVuoX1JXY0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlpkTnlNWkY3U05SUmNxcUUxVzZoZlVsZGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi84OGM1YjctYjEyNi00ZWQzLTlkN2Et
ZTViYTRiZmExNzFhLzEvZUVza0xBWHhhNWxxbzdMZTBkSWhKVmhqVzRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi84OGM1YjctYjEyNi00ZWQzLTlkN2EtZTViYTRiZmExNzFh
LzEvdlpkTnlNWkY3U05SUmNxcUUxVzZoZlVsZGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC5M
MA0GCSqGSIb3DQEBCwUAA4IBAQABvsMKLKhFKfnHdNaZ5HoHFewkssjUmWWjty49
br2VqylUcPvDvd887ZSiRcen/Ij4K+lIXBNCU7ttTSo5tJDifB6u6JtGaCWsvJZG
/B04OSd78V+gORoFdyaD7LlNI2FLH479oRTv/7T2MIoqsx2zu3j8bdv1b5ocPtpv
ANyWUnm6s4EI6PWV/Dlol/QIkgDul2skZRX8CswoxBrAbwk/CDbQT2Qo8yZNbMew
KeOEzELEydPSWEfn8RMriyjTkvQuKF4hza/ycJIRGoEfxYFFEAc805hCxXH1c/tr
NOuk3cZKBD+jsYY4s1AmIQhrKD8TNhJF5PIzX9yy9IdIh7qI
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:33 2024 by rpki-client on console-ams.rpki-client.org