Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/D5qAOXOiJNvuB1N6CuYWQrP7_6U.roa
File: D5qAOXOiJNvuB1N6CuYWQrP7_6U.roa (raw, json)
Hash identifier: U5A6oRKa5Qdmae7ViWRAgIekWrxPm4D2Cdh1m3eie7E=
Subject key identifier: 0F:9A:80:39:73:A2:24:DB:EE:07:53:7A:0A:E6:16:42:B3:FB:FF:A5
Certificate issuer: /CN=dfd046af5edc11964096dc20f6af1de55d9c9030
Certificate serial: 018EF18E1C0DE819056F79E7394F1C8C08FF
Authority key identifier: DF:D0:46:AF:5E:DC:11:96:40:96:DC:20:F6:AF:1D:E5:5D:9C:90:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39BGr17cEZZAltwg9q8d5V2ckDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/D5qAOXOiJNvuB1N6CuYWQrP7_6U.roa
Signing time: Thu 18 Apr 2024 14:13:26 +0000
ROA not before: Thu 18 Apr 2024 14:13:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200040
IP address blocks: 2a14:10c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/39BGr17cEZZAltwg9q8d5V2ckDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/39BGr17cEZZAltwg9q8d5V2ckDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/39BGr17cEZZAltwg9q8d5V2ckDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f1:8e:1c:0d:e8:19:05:6f:79:e7:39:4f:1c:8c:08:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd046af5edc11964096dc20f6af1de55d9c9030
Validity
Not Before: Apr 18 14:13:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f9a803973a224dbee07537a0ae61642b3fbffa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ef:0d:3c:7d:dc:a3:1d:49:97:77:9e:65:ac:
48:6c:95:2b:84:0e:b7:cd:9b:b3:40:ac:f6:bb:9e:
d4:93:48:e3:4f:67:bd:4d:bc:6e:de:7e:13:9f:1b:
59:18:b3:36:00:90:05:b8:f0:60:a8:f4:2b:ae:b4:
bd:a1:80:e2:b0:dd:bf:5a:dc:27:ed:7c:66:6f:ed:
eb:2c:d6:ca:f1:8e:80:4c:5e:59:e6:4b:7e:6c:ba:
5a:fd:6a:eb:b7:3b:29:b5:97:7f:19:dd:af:cf:46:
14:51:9c:d4:21:a2:3e:2f:90:33:96:be:ce:2e:5e:
74:d7:55:45:bf:b9:38:c5:ad:14:9e:17:2a:e7:4d:
b8:75:ef:2f:43:3a:c8:b5:71:65:bc:3c:78:8e:42:
4e:1e:51:c7:66:42:ae:dd:67:63:77:ef:4e:02:0b:
a9:cd:1e:d5:b9:a9:de:e3:20:ea:88:24:10:a7:41:
75:ce:7b:18:7c:fe:7a:52:2b:0e:83:a8:80:b1:a6:
a5:8f:a9:39:f0:7f:52:24:f0:f0:5a:2f:e0:c5:7f:
c3:8a:c3:22:25:f3:7e:4c:e5:93:a6:78:bf:65:06:
8c:77:0b:3c:1b:57:cf:36:b9:15:06:c1:5f:2b:b2:
45:49:35:04:18:91:b1:4e:66:49:04:98:ca:a6:40:
86:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9A:80:39:73:A2:24:DB:EE:07:53:7A:0A:E6:16:42:B3:FB:FF:A5
X509v3 Authority Key Identifier:
keyid:DF:D0:46:AF:5E:DC:11:96:40:96:DC:20:F6:AF:1D:E5:5D:9C:90:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39BGr17cEZZAltwg9q8d5V2ckDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/D5qAOXOiJNvuB1N6CuYWQrP7_6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/39BGr17cEZZAltwg9q8d5V2ckDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:78:1a:92:12:62:be:0b:85:8d:ef:02:fa:79:c2:d0:bf:4d:
c0:3a:ad:79:85:0d:e7:29:43:4a:7a:c7:32:cb:94:11:22:52:
1e:17:8f:b4:db:e4:47:b0:73:6a:98:9a:0b:03:d9:2c:46:e4:
58:51:b5:04:3c:7a:3f:30:f9:44:fa:b7:c9:48:15:0a:26:5f:
86:bd:70:6d:74:bf:cb:7a:6e:1a:5d:6a:b9:b7:0f:22:f3:31:
74:31:3f:f7:9e:82:4c:96:e6:3c:43:77:d9:ae:e1:b9:57:56:
0d:6c:4f:dd:35:cf:00:53:18:ea:0b:97:1b:71:fb:b1:7b:d1:
36:bb:26:9a:34:72:0a:5a:ab:ae:f9:07:91:fc:49:af:00:b0:
ee:bc:19:54:4e:40:de:3a:df:0f:95:fd:d5:eb:b8:26:a3:23:
97:34:00:61:8d:98:24:ff:b8:47:77:ee:01:68:93:64:de:73:
b5:64:7d:dc:b1:c0:44:f5:d3:73:73:a5:ba:56:e3:79:63:af:
c7:40:be:9c:24:55:37:04:11:34:91:e4:72:76:64:9f:dd:19:
58:0a:c3:bb:15:ce:b5:85:1c:a9:8c:41:85:4a:b1:93:57:bd:
ea:a7:89:a5:7a:fe:09:aa:39:78:0e:bb:13:92:11:b0:13:fc:
d7:8d:3a:cc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7xjhwN6BkFb3nnOU8cjAj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDA0NmFmNWVkYzExOTY0MDk2ZGMyMGY2YWYxZGU1NWQ5
YzkwMzAwHhcNMjQwNDE4MTQxMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjlhODAzOTczYTIyNGRiZWUwNzUzN2EwYWU2MTY0MmIzZmJmZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu8NPH3cox1Jl3eeZaxIbJUrhA63
zZuzQKz2u57Uk0jjT2e9Tbxu3n4TnxtZGLM2AJAFuPBgqPQrrrS9oYDisN2/Wtwn
7Xxmb+3rLNbK8Y6ATF5Z5kt+bLpa/WrrtzsptZd/Gd2vz0YUUZzUIaI+L5Azlr7O
Ll5011VFv7k4xa0Unhcq5024de8vQzrItXFlvDx4jkJOHlHHZkKu3Wdjd+9OAgup
zR7Vuane4yDqiCQQp0F1znsYfP56UisOg6iAsaalj6k58H9SJPDwWi/gxX/DisMi
JfN+TOWTpni/ZQaMdws8G1fPNrkVBsFfK7JFSTUEGJGxTmZJBJjKpkCGgwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA+agDlzoiTb7gdTegrmFkKz+/+lMB8GA1UdIwQY
MBaAFN/QRq9e3BGWQJbcIPavHeVdnJAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlCR3IxN2NFWlpBbHR3ZzlxOGQ1VjJja0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iZmQwZmYtODQ1ZS00ZTEyLWFjN2Mt
NTg4ZTBkOTIzYzE1LzEvRDVxQU9YT2lKTnZ1QjFONkN1WVdRclA3XzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iZmQwZmYtODQ1ZS00ZTEyLWFjN2MtNTg4ZTBkOTIzYzE1
LzEvMzlCR3IxN2NFWlpBbHR3ZzlxOGQ1VjJja0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQQwDAN
BgkqhkiG9w0BAQsFAAOCAQEAMngakhJivguFje8C+nnC0L9NwDqteYUN5ylDSnrH
MsuUESJSHhePtNvkR7BzapiaCwPZLEbkWFG1BDx6PzD5RPq3yUgVCiZfhr1wbXS/
y3puGl1qubcPIvMxdDE/956CTJbmPEN32a7huVdWDWxP3TXPAFMY6guXG3H7sXvR
NrsmmjRyClqrrvkHkfxJrwCw7rwZVE5A3jrfD5X91eu4JqMjlzQAYY2YJP+4R3fu
AWiTZN5ztWR93LHARPXTc3OlulbjeWOvx0C+nCRVNwQRNJHkcnZkn90ZWArDuxXO
tYUcqYxBhUqxk1e96qeJpXr+Cao5eA67E5IRsBP81406zA==
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:05:59 2024 by rpki-client on console-fra.rpki-client.org