Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/aeC4JxsxhFxd97iNG0cLafef3VQ.roa
File: aeC4JxsxhFxd97iNG0cLafef3VQ.roa (raw, json)
Hash identifier: ysnasqurUK2eeDM3AdNB4/ZfZuZ9xpkAFaAEEpiPW1Q=
Subject key identifier: 69:E0:B8:27:1B:31:84:5C:5D:F7:B8:8D:1B:47:0B:69:F7:9F:DD:54
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 019178A014C34DC34A447FB11B912ACE77BB
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/aeC4JxsxhFxd97iNG0cLafef3VQ.roa
Signing time: Thu 22 Aug 2024 05:47:22 +0000
ROA not before: Thu 22 Aug 2024 05:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201749
IP address blocks: 2a04:2dc0:18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 05:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:78:a0:14:c3:4d:c3:4a:44:7f:b1:1b:91:2a:ce:77:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Aug 22 05:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69e0b8271b31845c5df7b88d1b470b69f79fdd54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:28:fe:5e:b2:e6:96:68:bd:0d:3d:9f:4f:52:
9e:2d:4c:55:41:0f:13:05:5d:76:ac:46:8b:8e:1e:
7a:c2:d1:8b:9f:18:05:57:31:fb:f3:0e:48:bb:b5:
bf:a6:4c:c8:d0:c8:1d:f8:df:16:34:52:f6:6c:50:
e8:70:96:3a:88:1a:a2:af:b1:ab:e6:8c:0c:f8:35:
56:c5:04:01:9b:3b:00:7a:3f:32:ed:be:06:14:3e:
f4:b3:6f:4c:c0:7f:62:79:af:95:03:91:58:48:9d:
25:cc:1d:69:12:18:7d:2b:af:03:b0:28:94:ca:1d:
05:85:74:7c:34:8f:5d:d4:1a:3e:ef:3e:cc:87:73:
54:8c:61:67:26:a9:8d:14:c5:ad:67:f3:d3:bf:87:
a6:8f:c5:1b:11:81:88:be:f2:cd:7c:0b:e4:54:95:
63:ce:2d:c8:16:17:26:98:59:32:9a:a1:90:c1:e3:
fe:0b:c5:04:aa:c2:2e:2b:d6:12:e3:88:5f:95:d3:
cf:f7:97:e5:99:e3:e1:ef:a5:30:47:90:7b:2c:04:
32:0e:27:cb:f5:5b:61:47:08:59:64:56:db:57:57:
c1:b6:88:bc:f1:7a:74:cb:76:46:14:76:d7:69:dd:
39:c0:fd:c9:11:0b:38:77:71:37:4e:2c:7b:f2:ad:
fa:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:E0:B8:27:1B:31:84:5C:5D:F7:B8:8D:1B:47:0B:69:F7:9F:DD:54
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/aeC4JxsxhFxd97iNG0cLafef3VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2dc0:18::/48
Signature Algorithm: sha256WithRSAEncryption
1e:b4:20:33:5a:c7:6e:56:58:1b:5d:8c:01:e4:2d:1e:4d:ac:
77:19:cc:7e:e8:43:47:8c:4e:c7:0e:10:71:18:a0:b0:0a:3c:
f9:31:5b:a6:aa:5f:f6:37:a2:da:d3:ab:73:d7:fb:03:08:f4:
6b:d6:0f:8f:f3:db:27:34:ca:65:67:69:1b:cf:71:29:cf:77:
05:6a:73:10:4b:65:1e:db:3c:3d:22:18:d3:9a:0d:bf:e6:03:
9f:d8:e3:17:6e:10:51:74:fa:7d:7d:ab:e7:9d:3a:dc:00:66:
4d:a3:a2:21:8c:2e:1e:24:61:f5:31:da:4f:ed:68:69:ea:1c:
98:d5:5a:4d:54:be:59:58:48:dd:b0:a5:4f:af:dc:3d:74:65:
d0:e5:a8:1d:c1:6b:6d:e5:e6:c7:48:77:fd:70:4f:54:bf:7c:
59:d6:13:c5:c6:a4:47:cf:e0:d7:9b:ad:d8:e3:ba:ef:91:ee:
91:20:5a:5a:0e:0d:b2:1b:14:a2:8b:20:40:4c:38:81:1f:1c:
b4:b1:7b:bd:96:3e:b3:29:ac:b7:af:d6:de:2a:ed:91:f9:80:
9b:94:f9:40:f5:ab:3e:e6:f8:20:be:9d:f1:58:c0:68:9a:fd:
11:41:45:7d:8d:6d:d4:93:bf:01:4c:d1:ef:43:e0:86:60:49:
ed:8e:78:79
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZF4oBTDTcNKRH+xG5Eqzne7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjQwODIyMDU0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWUwYjgyNzFiMzE4NDVjNWRmN2I4OGQxYjQ3MGI2OWY3OWZkZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ij+XrLmlmi9DT2fT1KeLUxVQQ8T
BV12rEaLjh56wtGLnxgFVzH78w5Iu7W/pkzI0Mgd+N8WNFL2bFDocJY6iBqir7Gr
5owM+DVWxQQBmzsAej8y7b4GFD70s29MwH9iea+VA5FYSJ0lzB1pEhh9K68DsCiU
yh0FhXR8NI9d1Bo+7z7Mh3NUjGFnJqmNFMWtZ/PTv4emj8UbEYGIvvLNfAvkVJVj
zi3IFhcmmFkymqGQweP+C8UEqsIuK9YS44hfldPP95flmePh76UwR5B7LAQyDifL
9VthRwhZZFbbV1fBtoi88Xp0y3ZGFHbXad05wP3JEQs4d3E3Tix78q360QIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFGnguCcbMYRcXfe4jRtHC2n3n91UMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL2FlQzRKeHN4aEZ4ZDk3aU5HMGNMYWZlZjNWUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqBC3A
ABgwDQYJKoZIhvcNAQELBQADggEBAB60IDNax25WWBtdjAHkLR5NrHcZzH7oQ0eM
TscOEHEYoLAKPPkxW6aqX/Y3otrTq3PX+wMI9GvWD4/z2yc0ymVnaRvPcSnPdwVq
cxBLZR7bPD0iGNOaDb/mA5/Y4xduEFF0+n19q+edOtwAZk2joiGMLh4kYfUx2k/t
aGnqHJjVWk1UvllYSN2wpU+v3D10ZdDlqB3Ba23l5sdId/1wT1S/fFnWE8XGpEfP
4Nebrdjjuu+R7pEgWloODbIbFKKLIEBMOIEfHLSxe72WPrMprLev1t4q7ZH5gJuU
+UD1qz7m+CC+nfFYwGia/RFBRX2NbdSTvwFM0e9D4IZgSe2OeHk=
-----END CERTIFICATE-----
Generated at Tue Nov 26 11:24:21 2024 by rpki-client on console-fra.rpki-client.org