Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/okQVuq6WBviYXylo1Kv66OyH5Jg.roa
File: okQVuq6WBviYXylo1Kv66OyH5Jg.roa (raw, json)
Hash identifier: t8RkZkWjS1TGnWWHSH9pe/iu4sCY3zxh6XIWpB0FMGk=
Subject key identifier: A2:44:15:BA:AE:96:06:F8:98:5F:29:68:D4:AB:FA:E8:EC:87:E4:98
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018FDBF834B0803C571530EDFF2981546E99
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/okQVuq6WBviYXylo1Kv66OyH5Jg.roa
Signing time: Mon 03 Jun 2024 02:40:27 +0000
ROA not before: Mon 03 Jun 2024 02:40:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 2a02:afc0::/32 maxlen: 32
2a06:da41::/32 maxlen: 32
2a06:da43::/32 maxlen: 32
2a0b:1f01::/32 maxlen: 32
2a0b:1f04::/32 maxlen: 32
2a0e:31c2::/32 maxlen: 32
2a0e:31c5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:db:f8:34:b0:80:3c:57:15:30:ed:ff:29:81:54:6e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jun 3 02:40:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a24415baae9606f8985f2968d4abfae8ec87e498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c9:8a:77:64:30:93:a5:02:75:f4:63:0f:cc:
ca:13:23:e0:70:6c:d5:21:4e:85:f9:b8:b1:e9:3a:
ef:dd:b8:81:44:12:f4:e7:80:8e:ec:1f:85:89:a9:
1d:e5:a7:92:9c:5f:6a:d8:87:2b:3e:5c:c3:b4:15:
d5:0b:1b:ac:09:dc:86:8f:69:38:af:15:92:25:32:
42:2e:09:6f:8a:8f:82:d1:8a:15:41:a3:c7:9c:73:
c2:d9:bc:7e:15:1f:e9:b6:dc:16:f0:4f:ae:8b:62:
c5:68:65:8d:0a:db:ef:22:85:68:68:cf:3b:0d:ba:
95:f1:29:a8:b6:c8:81:65:1d:b9:6b:cd:46:5b:24:
d9:08:af:ca:2c:a9:c5:1e:86:90:76:43:72:66:d0:
9f:b0:b8:53:28:d4:4c:0e:8a:d3:e1:02:bf:de:93:
d7:25:24:fb:8a:20:b4:ac:48:42:e7:6f:42:33:cd:
45:08:7a:03:75:99:c0:34:00:2a:b0:38:76:bf:c7:
38:3d:33:7b:20:d8:c3:98:83:15:1a:48:61:6d:24:
84:87:1c:af:10:1e:3c:38:15:6f:e6:5a:f7:f3:36:
cb:30:2e:f4:cd:61:bb:84:9c:fd:ad:0b:23:8d:5d:
46:56:e4:24:f4:bd:62:3f:3f:a9:fa:07:af:2d:bf:
81:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:44:15:BA:AE:96:06:F8:98:5F:29:68:D4:AB:FA:E8:EC:87:E4:98
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/okQVuq6WBviYXylo1Kv66OyH5Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:afc0::/32
2a06:da41::/32
2a06:da43::/32
2a0b:1f01::/32
2a0b:1f04::/32
2a0e:31c2::/32
2a0e:31c5::/32
Signature Algorithm: sha256WithRSAEncryption
1e:32:76:92:e1:0b:a8:24:76:1f:d9:d2:96:96:83:59:3e:42:
04:dd:62:6f:c8:78:2c:bc:89:56:18:cb:b4:60:1e:2d:3d:3b:
30:20:03:49:64:e6:35:0d:89:e6:2e:cc:5f:ad:f8:6b:56:8c:
34:45:dc:4b:47:3d:96:76:eb:36:f8:ac:ab:1e:cd:4d:28:9e:
54:51:ec:3e:1d:26:fb:64:6a:31:af:bd:89:17:b0:91:f7:ce:
33:65:07:13:4d:05:5b:3d:9b:77:ab:fe:32:f0:52:c2:4c:c0:
66:06:f9:2f:36:d7:cd:b2:12:b4:9d:9b:0b:a4:09:7c:2f:0b:
97:6d:11:54:34:47:49:c0:ae:64:31:63:db:56:bd:d8:9e:7c:
0e:59:3f:33:c2:63:e9:94:ee:48:ac:32:2b:31:f1:ef:bb:5d:
3f:ff:ac:d0:30:68:57:b2:c7:f9:eb:66:0e:71:d6:27:8e:64:
46:2f:94:05:4b:d1:38:2e:d0:7f:a5:2c:f2:24:b2:43:d8:27:
1d:3b:f0:e0:ab:8a:70:b9:aa:f4:d6:6f:1b:71:4f:c3:e5:2f:
e0:38:45:b3:78:59:49:42:fb:9b:bc:08:4d:8f:4b:1c:4c:61:
ac:2b:24:bc:99:72:36:ce:2b:dc:ea:65:cf:d4:49:12:4e:f9:
01:05:c9:4c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY/b+DSwgDxXFTDt/ymBVG6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwNjAzMDI0MDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQ0MTViYWFlOTYwNmY4OTg1ZjI5NjhkNGFiZmFlOGVjODdlNDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsmKd2Qwk6UCdfRjD8zKEyPgcGzV
IU6F+bix6Trv3biBRBL054CO7B+Fiakd5aeSnF9q2IcrPlzDtBXVCxusCdyGj2k4
rxWSJTJCLglvio+C0YoVQaPHnHPC2bx+FR/pttwW8E+ui2LFaGWNCtvvIoVoaM87
DbqV8SmotsiBZR25a81GWyTZCK/KLKnFHoaQdkNyZtCfsLhTKNRMDorT4QK/3pPX
JST7iiC0rEhC529CM81FCHoDdZnANAAqsDh2v8c4PTN7INjDmIMVGkhhbSSEhxyv
EB48OBVv5lr38zbLMC70zWG7hJz9rQsjjV1GVuQk9L1iPz+p+gevLb+B4QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKJEFbqulgb4mF8paNSr+ujsh+SYMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvb2tRVnVxNldCdmlZWHlsbzFLdjY2T3lINUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKgKvwAMF
ACoG2kEDBQAqBtpDAwUAKgsfAQMFACoLHwQDBQAqDjHCAwUAKg4xxTANBgkqhkiG
9w0BAQsFAAOCAQEAHjJ2kuELqCR2H9nSlpaDWT5CBN1ib8h4LLyJVhjLtGAeLT07
MCADSWTmNQ2J5i7MX634a1aMNEXcS0c9lnbrNvisqx7NTSieVFHsPh0m+2RqMa+9
iRewkffOM2UHE00FWz2bd6v+MvBSwkzAZgb5LzbXzbIStJ2bC6QJfC8Ll20RVDRH
ScCuZDFj21a92J58Dlk/M8Jj6ZTuSKwyKzHx77tdP/+s0DBoV7LH+etmDnHWJ45k
Ri+UBUvROC7Qf6Us8iSyQ9gnHTvw4KuKcLmq9NZvG3FPw+Uv4DhFs3hZSUL7m7wI
TY9LHExhrCskvJlyNs4r3Oplz9RJEk75AQXJTA==
-----END CERTIFICATE-----
Generated at Thu Jun 13 08:24:43 2024 by rpki-client on console-ams.rpki-client.org