Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/838db2-0c88-4ff4-b9bc-8bae7e9fd75c/1/qIhc-z6vNQtyezIgFZyhwW-4NU8.roa
File: qIhc-z6vNQtyezIgFZyhwW-4NU8.roa (raw, json)
Hash identifier: Y0tGondhu4kaWV+JG7KoJAUPnfaJ7iBlkVKshOR+934=
Subject key identifier: A8:88:5C:FB:3E:AF:35:0B:72:7B:32:20:15:9C:A1:C1:6F:B8:35:4F
Certificate issuer: /CN=f279a3e854f01015e9d0e03e89d8070cc9ebcf89
Certificate serial: 018CC6B873B216A29E66B358F350974CC961
Authority key identifier: F2:79:A3:E8:54:F0:10:15:E9:D0:E0:3E:89:D8:07:0C:C9:EB:CF:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nmj6FTwEBXp0OA-idgHDMnrz4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/838db2-0c88-4ff4-b9bc-8bae7e9fd75c/1/qIhc-z6vNQtyezIgFZyhwW-4NU8.roa
Signing time: Mon 01 Jan 2024 20:30:26 +0000
ROA not before: Mon 01 Jan 2024 20:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30847
IP address blocks: 2a01:8900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/838db2-0c88-4ff4-b9bc-8bae7e9fd75c/1/8nmj6FTwEBXp0OA-idgHDMnrz4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/838db2-0c88-4ff4-b9bc-8bae7e9fd75c/1/8nmj6FTwEBXp0OA-idgHDMnrz4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/8nmj6FTwEBXp0OA-idgHDMnrz4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:73:b2:16:a2:9e:66:b3:58:f3:50:97:4c:c9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f279a3e854f01015e9d0e03e89d8070cc9ebcf89
Validity
Not Before: Jan 1 20:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8885cfb3eaf350b727b3220159ca1c16fb8354f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d8:cb:f9:04:15:61:01:ae:8c:8c:24:6f:83:
78:2f:e4:b7:be:59:4a:9a:2f:9e:21:df:69:e2:01:
db:5d:2b:bb:e5:71:f5:8b:bd:19:f5:22:15:1c:d5:
2c:82:e5:dd:e3:85:e5:9a:15:ca:55:f2:b8:d4:3f:
91:d1:3f:bd:f8:67:3e:68:ba:3d:e3:30:a4:19:dc:
a9:24:c4:ef:ee:6f:3c:20:83:39:98:0c:d1:9e:76:
bf:2a:3b:64:46:2d:6a:e7:67:9e:56:1a:7a:d9:f0:
c7:e1:15:3c:72:31:05:49:92:c1:a8:f8:35:ff:b5:
58:8c:cf:3b:c6:65:8a:0a:61:9e:5d:5c:63:0a:01:
e3:ba:74:aa:b1:e1:61:34:3e:62:4e:f9:e3:13:25:
94:87:10:75:ee:47:c1:49:85:65:75:ae:ef:64:2e:
3e:0c:4c:df:28:83:f6:4e:26:30:63:55:31:7a:ff:
a1:0f:da:b2:ca:ac:76:cd:16:e0:df:29:c6:05:77:
af:08:af:61:f5:41:8d:06:88:45:07:e2:13:7f:f4:
2a:0f:77:d4:16:a3:34:57:5f:52:12:25:f3:75:88:
8e:89:97:c6:d2:a2:9d:a3:97:0a:a8:e2:22:ee:18:
77:b1:0b:8c:34:ec:24:19:23:d3:8f:41:37:0f:f6:
dc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:88:5C:FB:3E:AF:35:0B:72:7B:32:20:15:9C:A1:C1:6F:B8:35:4F
X509v3 Authority Key Identifier:
keyid:F2:79:A3:E8:54:F0:10:15:E9:D0:E0:3E:89:D8:07:0C:C9:EB:CF:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nmj6FTwEBXp0OA-idgHDMnrz4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/838db2-0c88-4ff4-b9bc-8bae7e9fd75c/1/qIhc-z6vNQtyezIgFZyhwW-4NU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/838db2-0c88-4ff4-b9bc-8bae7e9fd75c/1/8nmj6FTwEBXp0OA-idgHDMnrz4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:8900::/32
Signature Algorithm: sha256WithRSAEncryption
9d:8d:ad:44:89:62:95:2c:00:22:ab:dd:23:88:25:f9:d2:a4:
ed:1c:8e:d2:d0:5a:2d:b8:50:d4:e3:a8:7c:2d:19:4c:f2:55:
05:2a:80:4f:d8:97:fa:d2:6b:ab:cc:cd:c4:cd:5e:97:c7:41:
53:54:84:44:81:0e:60:fd:4a:7d:61:e6:81:7f:cd:67:b3:34:
3f:8c:5f:71:63:7f:a3:bd:96:16:63:3a:06:80:95:ad:13:e9:
7a:4b:78:55:b6:fd:69:0b:bc:27:84:b4:6a:88:9f:72:96:bc:
45:be:5f:af:b0:d3:6a:f3:8e:6e:48:2f:f6:c2:b0:8a:0d:86:
98:9c:2f:a5:fe:3c:8f:64:e4:3a:5c:56:e8:d2:3e:f9:22:2a:
be:b0:3a:69:70:de:fb:c2:35:78:92:82:49:b8:14:6a:5a:0e:
f5:a4:6d:01:ef:e8:19:52:0c:8d:d1:21:93:13:e0:a1:14:46:
b0:0a:43:88:a6:54:a0:b4:b6:31:5f:56:1d:5a:f9:26:df:2f:
95:1b:34:89:65:67:dc:6f:ba:8d:88:87:5e:9a:9d:5d:dc:23:
7b:a6:76:68:ec:81:1c:94:b6:f3:cb:b3:1d:6c:aa:8d:1c:9f:
08:66:40:c1:63:0d:e5:f1:2b:c5:9f:64:62:62:e9:41:fb:3e:
c2:7e:00:dc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGuHOyFqKeZrNY81CXTMlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNzlhM2U4NTRmMDEwMTVlOWQwZTAzZTg5ZDgwNzBjYzll
YmNmODkwHhcNMjQwMTAxMjAzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODg4NWNmYjNlYWYzNTBiNzI3YjMyMjAxNTljYTFjMTZmYjgzNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNjL+QQVYQGujIwkb4N4L+S3vllK
mi+eId9p4gHbXSu75XH1i70Z9SIVHNUsguXd44XlmhXKVfK41D+R0T+9+Gc+aLo9
4zCkGdypJMTv7m88IIM5mAzRnna/KjtkRi1q52eeVhp62fDH4RU8cjEFSZLBqPg1
/7VYjM87xmWKCmGeXVxjCgHjunSqseFhND5iTvnjEyWUhxB17kfBSYVlda7vZC4+
DEzfKIP2TiYwY1Uxev+hD9qyyqx2zRbg3ynGBXevCK9h9UGNBohFB+ITf/QqD3fU
FqM0V19SEiXzdYiOiZfG0qKdo5cKqOIi7hh3sQuMNOwkGSPTj0E3D/bcJQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKiIXPs+rzULcnsyIBWcocFvuDVPMB8GA1UdIwQY
MBaAFPJ5o+hU8BAV6dDgPonYBwzJ68+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG5tajZGVHdFQlhwME9BLWlkZ0hETW5yejRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84MzhkYjItMGM4OC00ZmY0LWI5YmMt
OGJhZTdlOWZkNzVjLzEvcUloYy16NnZOUXR5ZXpJZ0ZaeWh3Vy00TlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84MzhkYjItMGM4OC00ZmY0LWI5YmMtOGJhZTdlOWZkNzVj
LzEvOG5tajZGVHdFQlhwME9BLWlkZ0hETW5yejRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgGJADAN
BgkqhkiG9w0BAQsFAAOCAQEAnY2tRIlilSwAIqvdI4gl+dKk7RyO0tBaLbhQ1OOo
fC0ZTPJVBSqAT9iX+tJrq8zNxM1el8dBU1SERIEOYP1KfWHmgX/NZ7M0P4xfcWN/
o72WFmM6BoCVrRPpekt4Vbb9aQu8J4S0aoifcpa8Rb5fr7DTavOObkgv9sKwig2G
mJwvpf48j2TkOlxW6NI++SIqvrA6aXDe+8I1eJKCSbgUaloO9aRtAe/oGVIMjdEh
kxPgoRRGsApDiKZUoLS2MV9WHVr5Jt8vlRs0iWVn3G+6jYiHXpqdXdwje6Z2aOyB
HJS288uzHWyqjRyfCGZAwWMN5fErxZ9kYmLpQfs+wn4A3A==
-----END CERTIFICATE-----
Generated at Mon May 27 19:53:53 2024 by rpki-client on console-fra.rpki-client.org