Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/0UEfQqiT2-lYzoFEjYcwHjTf7Ko.roa
File: 0UEfQqiT2-lYzoFEjYcwHjTf7Ko.roa (raw, json)
Hash identifier: KXghuCfsXANMfy6xAk6+YOob2fuQl69EqMTL4bXPm0Q=
Subject key identifier: D1:41:1F:42:A8:93:DB:E9:58:CE:81:44:8D:87:30:1E:34:DF:EC:AA
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 018CC726DAD97C271DDA0CEC1E3208A077FD
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/0UEfQqiT2-lYzoFEjYcwHjTf7Ko.roa
Signing time: Mon 01 Jan 2024 22:31:01 +0000
ROA not before: Mon 01 Jan 2024 22:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39020
IP address blocks: 2a0f:8c00::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:da:d9:7c:27:1d:da:0c:ec:1e:32:08:a0:77:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Jan 1 22:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1411f42a893dbe958ce81448d87301e34dfecaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:66:2d:5f:8d:11:bc:96:58:b6:bc:81:c7:aa:
c7:70:af:b3:bb:d4:c6:45:8f:d3:d9:78:39:47:b0:
99:3d:69:fd:1f:45:47:40:99:e2:b0:9b:51:28:28:
ff:48:9e:c5:fd:ce:09:87:6b:85:18:f0:da:37:77:
88:03:cc:bf:cf:74:53:ca:06:5e:72:c2:22:28:ec:
11:d4:9b:75:b1:6a:f4:ac:55:f7:6b:4e:f7:e6:d4:
42:7b:9c:29:92:a2:b6:96:fb:a7:8f:1d:8c:aa:93:
41:ab:45:b0:3a:52:e2:fc:93:2f:00:aa:f8:35:bf:
5d:f4:8c:ca:d6:be:c7:ed:fb:07:ef:0c:4b:40:00:
51:a1:8b:9c:03:ab:a5:44:e8:df:ce:39:3f:0c:d2:
d3:7b:ca:16:75:41:f5:fb:c3:73:3a:b8:76:a3:66:
cf:b0:d6:66:61:f4:56:48:6c:59:cb:06:73:86:95:
e9:f9:d5:08:28:92:bd:03:c7:bc:b9:f1:2f:06:bf:
70:ee:83:31:d7:80:f5:00:a5:8e:c7:71:ac:c8:88:
6d:54:e1:ad:2d:85:1e:a5:e7:2d:0e:ec:e1:8c:74:
18:4b:85:7c:4b:2c:9a:93:41:aa:1b:f8:7c:31:c9:
65:4c:d6:27:b1:00:17:1f:2b:e1:05:44:e4:c8:04:
1a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:41:1F:42:A8:93:DB:E9:58:CE:81:44:8D:87:30:1E:34:DF:EC:AA
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/0UEfQqiT2-lYzoFEjYcwHjTf7Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:8c00::/33
Signature Algorithm: sha256WithRSAEncryption
4b:c6:34:e7:d6:9d:10:de:26:1c:e4:20:a9:67:1d:41:ed:3a:
8d:1a:94:53:2d:0a:ef:86:d9:c5:47:fc:67:62:ad:99:ee:dd:
7b:87:2f:6d:08:72:b1:47:9d:47:1f:a0:df:24:b5:56:b7:65:
8a:22:1f:9c:d9:61:c4:f5:6e:49:31:a6:7e:a8:21:ad:3a:90:
7f:20:29:d6:53:34:a7:af:97:59:ef:cb:1a:f9:3f:fc:d6:df:
ac:9c:d1:55:68:38:41:6c:c2:43:f0:e6:51:86:54:6b:34:f3:
d2:a4:2c:cf:a4:2c:87:d3:f6:6b:87:38:28:da:53:7c:3e:ee:
33:cb:51:7a:78:04:51:b5:ee:69:b1:1e:d7:d6:14:2f:a0:53:
c7:83:a2:2b:01:d5:15:f9:a8:bd:b0:08:a5:d2:19:9f:9f:2a:
f8:73:d2:97:33:ff:b2:bc:8f:34:31:b5:78:20:06:48:45:73:
86:92:c4:0f:25:c2:88:c8:3c:6c:7e:ec:69:8b:43:69:70:2c:
44:d7:dc:ac:a6:62:41:81:6c:a5:d4:f3:c5:82:6b:32:d0:d2:
2f:35:38:f8:38:ce:8f:36:40:64:c6:75:07:f3:f1:13:dc:8e:
70:ad:d0:b4:35:f6:af:50:d3:d3:38:91:d8:3d:59:cf:f0:6f:
c4:69:9d:49
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHJtrZfCcd2gzsHjIIoHf9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjQwMTAxMjIzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQxMWY0MmE4OTNkYmU5NThjZTgxNDQ4ZDg3MzAxZTM0ZGZlY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmYtX40RvJZYtryBx6rHcK+zu9TG
RY/T2Xg5R7CZPWn9H0VHQJnisJtRKCj/SJ7F/c4Jh2uFGPDaN3eIA8y/z3RTygZe
csIiKOwR1Jt1sWr0rFX3a0735tRCe5wpkqK2lvunjx2MqpNBq0WwOlLi/JMvAKr4
Nb9d9IzK1r7H7fsH7wxLQABRoYucA6ulROjfzjk/DNLTe8oWdUH1+8NzOrh2o2bP
sNZmYfRWSGxZywZzhpXp+dUIKJK9A8e8ufEvBr9w7oMx14D1AKWOx3GsyIhtVOGt
LYUepectDuzhjHQYS4V8Syyak0GqG/h8McllTNYnsQAXHyvhBUTkyAQalwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNFBH0Kok9vpWM6BRI2HMB403+yqMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvMFVFZlFxaVQyLWxZem9GRWpZY3dIalRmN0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKg+MAAAw
DQYJKoZIhvcNAQELBQADggEBAEvGNOfWnRDeJhzkIKlnHUHtOo0alFMtCu+G2cVH
/GdirZnu3XuHL20IcrFHnUcfoN8ktVa3ZYoiH5zZYcT1bkkxpn6oIa06kH8gKdZT
NKevl1nvyxr5P/zW36yc0VVoOEFswkPw5lGGVGs089KkLM+kLIfT9muHOCjaU3w+
7jPLUXp4BFG17mmxHtfWFC+gU8eDoisB1RX5qL2wCKXSGZ+fKvhz0pcz/7K8jzQx
tXggBkhFc4aSxA8lwojIPGx+7GmLQ2lwLETX3KymYkGBbKXU88WCazLQ0i81OPg4
zo82QGTGdQfz8RPcjnCt0LQ19q9Q09M4kdg9Wc/wb8RpnUk=
-----END CERTIFICATE-----
Generated at Sun Jun 2 07:56:22 2024 by rpki-client on console-fra.rpki-client.org