Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/VB2qx-aa8ftOvbce_CzOA8GPvgg.roa
File: VB2qx-aa8ftOvbce_CzOA8GPvgg.roa (raw, json)
Hash identifier: QEmaJN6G3AA42TcTcAWg4PuNLfgPMZf5jqZ7ClqJiyY=
Subject key identifier: 54:1D:AA:C7:E6:9A:F1:FB:4E:BD:B7:1E:FC:2C:CE:03:C1:8F:BE:08
Certificate issuer: /CN=95461fbee1c06e3eafac0f2f95253ca8603accf2
Certificate serial: 018D69E19CC55C589E17B3392E0CC9FFD836
Authority key identifier: 95:46:1F:BE:E1:C0:6E:3E:AF:AC:0F:2F:95:25:3C:A8:60:3A:CC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUYfvuHAbj6vrA8vlSU8qGA6zPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/VB2qx-aa8ftOvbce_CzOA8GPvgg.roa
Signing time: Fri 02 Feb 2024 12:53:29 +0000
ROA not before: Fri 02 Feb 2024 12:53:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 2a03:21e0::/36 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/lUYfvuHAbj6vrA8vlSU8qGA6zPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/lUYfvuHAbj6vrA8vlSU8qGA6zPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/lUYfvuHAbj6vrA8vlSU8qGA6zPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:e1:9c:c5:5c:58:9e:17:b3:39:2e:0c:c9:ff:d8:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95461fbee1c06e3eafac0f2f95253ca8603accf2
Validity
Not Before: Feb 2 12:53:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=541daac7e69af1fb4ebdb71efc2cce03c18fbe08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9f:09:59:1f:eb:c1:93:49:b9:d0:63:5e:01:
f5:25:64:22:53:41:80:e8:75:1a:35:6d:ba:45:2a:
9b:2e:78:70:0d:1b:fa:be:63:b5:d3:08:af:3d:02:
4b:a2:0d:63:95:c7:66:00:04:e9:9b:88:76:e1:6c:
00:86:38:c7:4c:3b:39:03:00:bc:5a:9a:b1:67:d0:
08:54:30:bd:71:17:05:28:f1:d2:6f:43:6b:79:9f:
00:42:eb:a2:7a:44:93:5f:70:20:55:8d:b3:c6:9d:
55:f7:65:88:7b:56:69:41:56:b2:88:c2:9b:3f:4e:
ca:cf:db:03:da:74:93:1a:aa:41:41:e4:5b:51:6b:
5e:0e:9d:e2:c4:18:0a:e0:3e:6d:90:96:20:5d:b7:
4a:5b:ba:fe:51:45:8f:ba:a9:32:14:a6:8e:01:55:
00:22:c4:9b:97:21:25:07:3f:63:5a:41:34:4d:10:
e3:e1:d4:d4:bb:24:2c:24:9c:8a:15:62:05:8c:29:
21:f7:13:81:c9:69:b9:9a:84:a1:a9:50:bb:74:83:
6a:74:c6:67:9e:b5:63:86:ff:c7:7e:32:b3:8a:fc:
90:a3:91:50:41:57:f4:23:f3:32:ad:9a:93:1f:f0:
f4:48:04:75:f6:4f:31:3e:7d:8c:d8:8e:84:0e:db:
0e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:1D:AA:C7:E6:9A:F1:FB:4E:BD:B7:1E:FC:2C:CE:03:C1:8F:BE:08
X509v3 Authority Key Identifier:
keyid:95:46:1F:BE:E1:C0:6E:3E:AF:AC:0F:2F:95:25:3C:A8:60:3A:CC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUYfvuHAbj6vrA8vlSU8qGA6zPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/VB2qx-aa8ftOvbce_CzOA8GPvgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e5ce8f-5ea0-479f-93e9-89d5c60f501f/1/lUYfvuHAbj6vrA8vlSU8qGA6zPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:21e0::/36
Signature Algorithm: sha256WithRSAEncryption
0e:e2:cb:55:60:05:7a:45:dc:9d:ef:d3:a7:3b:44:80:07:81:
3f:64:09:91:2e:3f:64:5c:78:34:a3:68:b7:c4:9f:3b:60:b0:
49:92:bf:ce:dc:5c:81:6d:2d:95:a7:e3:9f:1b:41:dc:40:07:
81:7a:5a:fb:b9:e3:b9:4b:a7:2f:10:81:32:0e:34:c4:a2:39:
3f:55:a8:90:b3:fe:fa:8b:d0:98:43:be:ed:ab:ca:10:13:c2:
0c:b9:0d:17:fe:96:9d:00:63:84:69:9f:21:63:70:18:af:24:
e4:bf:74:e1:0f:a8:9a:c7:3e:24:44:9c:eb:fa:ae:f8:64:ea:
5c:9e:dd:1b:7f:f2:b6:88:9d:e7:1a:f0:71:85:c4:e4:0d:fb:
1e:21:6e:78:44:07:d7:1e:dc:d6:6a:7f:14:38:12:56:0d:81:
a8:b2:f7:29:cb:92:73:b8:67:9a:61:63:ae:53:93:03:ae:2f:
69:7f:cb:2b:39:c8:3e:77:dd:ae:e6:21:f3:4e:97:50:09:13:
6c:da:21:b3:41:ae:c2:55:b2:cb:c9:02:80:aa:ff:ba:60:01:
09:4d:d1:a2:7e:50:eb:1b:41:dc:80:ff:06:d1:f6:9b:83:5d:
b5:3b:06:be:90:35:02:38:cf:1c:1d:38:05:76:76:65:04:30:
69:6d:35:86
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY1p4ZzFXFieF7M5LgzJ/9g2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NDYxZmJlZTFjMDZlM2VhZmFjMGYyZjk1MjUzY2E4NjAz
YWNjZjIwHhcNMjQwMjAyMTI1MzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDFkYWFjN2U2OWFmMWZiNGViZGI3MWVmYzJjY2UwM2MxOGZiZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ8JWR/rwZNJudBjXgH1JWQiU0GA
6HUaNW26RSqbLnhwDRv6vmO10wivPQJLog1jlcdmAATpm4h24WwAhjjHTDs5AwC8
WpqxZ9AIVDC9cRcFKPHSb0NreZ8AQuuiekSTX3AgVY2zxp1V92WIe1ZpQVayiMKb
P07Kz9sD2nSTGqpBQeRbUWteDp3ixBgK4D5tkJYgXbdKW7r+UUWPuqkyFKaOAVUA
IsSblyElBz9jWkE0TRDj4dTUuyQsJJyKFWIFjCkh9xOByWm5moShqVC7dINqdMZn
nrVjhv/HfjKzivyQo5FQQVf0I/MyrZqTH/D0SAR19k8xPn2M2I6EDtsOnQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFQdqsfmmvH7Tr23HvwszgPBj74IMB8GA1UdIwQY
MBaAFJVGH77hwG4+r6wPL5UlPKhgOszyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVZZnZ1SEFiajZ2ckE4dmxTVThxR0E2elBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9lNWNlOGYtNWVhMC00NzlmLTkzZTkt
ODlkNWM2MGY1MDFmLzEvVkIycXgtYWE4ZnRPdmJjZV9Dek9BOEdQdmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9lNWNlOGYtNWVhMC00NzlmLTkzZTktODlkNWM2MGY1MDFm
LzEvbFVZZnZ1SEFiajZ2ckE4dmxTVThxR0E2elBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgMh4AAw
DQYJKoZIhvcNAQELBQADggEBAA7iy1VgBXpF3J3v06c7RIAHgT9kCZEuP2RceDSj
aLfEnztgsEmSv87cXIFtLZWn458bQdxAB4F6Wvu547lLpy8QgTIONMSiOT9VqJCz
/vqL0JhDvu2ryhATwgy5DRf+lp0AY4RpnyFjcBivJOS/dOEPqJrHPiREnOv6rvhk
6lye3Rt/8raIneca8HGFxOQN+x4hbnhEB9ce3NZqfxQ4ElYNgaiy9ynLknO4Z5ph
Y65TkwOuL2l/yys5yD533a7mIfNOl1AJE2zaIbNBrsJVssvJAoCq/7pgAQlN0aJ+
UOsbQdyA/wbR9puDXbU7Br6QNQI4zxwdOAV2dmUEMGltNYY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:54:23 2024 by rpki-client on console-ams.rpki-client.org