Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/lVv-L4FsgMAxeCwUBS2D7vNfjzM.roa
File: lVv-L4FsgMAxeCwUBS2D7vNfjzM.roa (raw, json)
Hash identifier: x5qnzZUlpsCUUFFyW/b6XwWTDuJZbv4rZIvu0WWTimo=
Subject key identifier: 95:5B:FE:2F:81:6C:80:C0:31:78:2C:14:05:2D:83:EE:F3:5F:8F:33
Certificate issuer: /CN=537f9bf84b69a09042432dae8377ee0ac8ff1c61
Certificate serial: 018F196C35A42F365A6B677DD4D83A563F76
Authority key identifier: 53:7F:9B:F8:4B:69:A0:90:42:43:2D:AE:83:77:EE:0A:C8:FF:1C:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3-b-EtpoJBCQy2ug3fuCsj_HGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/lVv-L4FsgMAxeCwUBS2D7vNfjzM.roa
Signing time: Fri 26 Apr 2024 08:01:12 +0000
ROA not before: Fri 26 Apr 2024 08:01:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204227
IP address blocks: 2a14:44c0:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/U3-b-EtpoJBCQy2ug3fuCsj_HGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/U3-b-EtpoJBCQy2ug3fuCsj_HGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/U3-b-EtpoJBCQy2ug3fuCsj_HGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 02:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:6c:35:a4:2f:36:5a:6b:67:7d:d4:d8:3a:56:3f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=537f9bf84b69a09042432dae8377ee0ac8ff1c61
Validity
Not Before: Apr 26 08:01:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=955bfe2f816c80c031782c14052d83eef35f8f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:da:b8:7e:08:ac:4b:25:23:99:54:f1:06:77:
41:64:5c:69:3c:19:82:5c:df:3c:07:07:48:d1:58:
59:18:d3:a2:6a:5d:78:54:98:61:ba:91:a5:ec:7b:
b0:80:be:f2:de:1d:c5:78:ab:56:a6:f1:b0:89:e1:
6b:e7:9f:03:6c:fc:81:73:75:ae:89:e0:f7:a7:38:
5c:49:a5:ce:6c:04:af:5f:e8:30:06:b1:ce:4d:4b:
b4:93:1e:8f:99:1c:33:22:3e:10:e1:86:d1:d7:0f:
41:34:ab:3a:d6:0f:dc:d4:fc:58:87:77:f8:6f:b6:
b0:b3:e2:b4:63:cd:b5:03:59:fd:01:f0:b6:fb:03:
ab:70:3d:b8:3c:21:2a:02:86:3c:9b:7d:5f:71:23:
ed:4c:76:18:47:38:5c:2e:40:cf:5b:95:a4:67:34:
b7:88:1e:43:8e:c4:d1:33:bb:6b:ed:05:e6:5b:46:
f4:f5:bb:0c:81:9f:a8:e1:36:b1:54:ff:06:61:05:
ce:46:f2:4a:e0:74:94:7c:82:07:f8:06:e6:34:c7:
e0:20:a0:2d:2e:8b:59:d7:ff:77:c5:65:2b:a1:04:
1c:55:09:9e:4b:4a:84:64:a2:b1:e6:59:6f:65:51:
11:f8:ce:e6:1f:9f:5c:ff:9c:b9:c2:65:55:a9:38:
9d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:5B:FE:2F:81:6C:80:C0:31:78:2C:14:05:2D:83:EE:F3:5F:8F:33
X509v3 Authority Key Identifier:
keyid:53:7F:9B:F8:4B:69:A0:90:42:43:2D:AE:83:77:EE:0A:C8:FF:1C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3-b-EtpoJBCQy2ug3fuCsj_HGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/lVv-L4FsgMAxeCwUBS2D7vNfjzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/U3-b-EtpoJBCQy2ug3fuCsj_HGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:44c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
58:1b:db:e7:bc:77:6b:65:e7:cf:6f:59:fc:0f:3c:36:0e:81:
f9:3d:96:01:c1:a5:84:a3:94:47:8c:8b:1f:b0:dd:15:da:00:
2c:92:a8:99:7b:24:f4:56:23:d0:34:eb:cc:5c:ae:f6:7e:62:
cd:e9:c6:1e:18:3c:f7:10:7c:81:16:62:78:84:85:ce:48:26:
ce:0e:cd:9a:43:2b:48:6a:1b:bf:cd:56:dc:66:d2:66:8d:8d:
a3:e9:e9:1b:d4:63:e9:85:4b:f2:24:86:df:e7:67:e5:0f:3d:
75:a9:53:3d:9f:d5:4a:65:28:8a:0d:16:c5:b6:51:39:54:9a:
7d:86:d4:ca:9b:c6:0b:dd:5e:62:8f:13:5b:42:1f:66:c9:8a:
2d:95:b8:c4:97:ac:22:03:08:87:3a:72:4d:7b:87:97:b2:01:
06:c5:8e:32:f0:5f:cf:91:4b:4c:de:53:d4:5a:aa:b5:d9:77:
ec:80:27:d3:79:04:9a:c5:c1:6d:0a:e8:fe:c0:36:fa:ea:ba:
63:99:9a:a4:9f:e0:f1:5e:29:35:36:e7:27:2f:c9:fe:a3:b6:
65:ea:19:3e:aa:d0:1d:93:1d:26:d8:8d:19:a8:98:61:4f:32:
83:2b:d2:d6:de:24:e4:29:ac:c2:32:42:ad:b0:6f:1e:2f:0e:
db:e7:c6:25
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY8ZbDWkLzZaa2d91Ng6Vj92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzN2Y5YmY4NGI2OWEwOTA0MjQzMmRhZTgzNzdlZTBhYzhm
ZjFjNjEwHhcNMjQwNDI2MDgwMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTViZmUyZjgxNmM4MGMwMzE3ODJjMTQwNTJkODNlZWYzNWY4ZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidq4fgisSyUjmVTxBndBZFxpPBmC
XN88BwdI0VhZGNOial14VJhhupGl7HuwgL7y3h3FeKtWpvGwieFr558DbPyBc3Wu
ieD3pzhcSaXObASvX+gwBrHOTUu0kx6PmRwzIj4Q4YbR1w9BNKs61g/c1PxYh3f4
b7aws+K0Y821A1n9AfC2+wOrcD24PCEqAoY8m31fcSPtTHYYRzhcLkDPW5WkZzS3
iB5DjsTRM7tr7QXmW0b09bsMgZ+o4TaxVP8GYQXORvJK4HSUfIIH+AbmNMfgIKAt
LotZ1/93xWUroQQcVQmeS0qEZKKx5llvZVER+M7mH59c/5y5wmVVqTidOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJVb/i+BbIDAMXgsFAUtg+7zX48zMB8GA1UdIwQY
MBaAFFN/m/hLaaCQQkMtroN37grI/xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTMtYi1FdHBvSkJDUXkydWczZnVDc2pfSEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYmM3NDYtNDE2Yi00ZGE5LTkyMjUt
ODkyZWM2ZmY0NzcxLzEvbFZ2LUw0RnNnTUF4ZUN3VUJTMkQ3dk5manpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYmM3NDYtNDE2Yi00ZGE5LTkyMjUtODkyZWM2ZmY0Nzcx
LzEvVTMtYi1FdHBvSkJDUXkydWczZnVDc2pfSEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhREwAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQBYG9vnvHdrZefPb1n8Dzw2DoH5PZYBwaWEo5RH
jIsfsN0V2gAskqiZeyT0ViPQNOvMXK72fmLN6cYeGDz3EHyBFmJ4hIXOSCbODs2a
QytIahu/zVbcZtJmjY2j6ekb1GPphUvyJIbf52flDz11qVM9n9VKZSiKDRbFtlE5
VJp9htTKm8YL3V5ijxNbQh9myYotlbjEl6wiAwiHOnJNe4eXsgEGxY4y8F/PkUtM
3lPUWqq12XfsgCfTeQSaxcFtCuj+wDb66rpjmZqkn+DxXik1NucnL8n+o7Zl6hk+
qtAdkx0m2I0ZqJhhTzKDK9LW3iTkKazCMkKtsG8eLw7b58Yl
-----END CERTIFICATE-----
Generated at Thu May 30 08:40:50 2024 by rpki-client on console-ams.rpki-client.org