Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/cFwLHD4NpMM1Dua6PsWOaspl5j4.roa
File: cFwLHD4NpMM1Dua6PsWOaspl5j4.roa (raw, json)
Hash identifier: 4H2fO4Ee4CgKJ+bosPThB5PLtNkKEFVptJjOWvCN6Mo=
Subject key identifier: 70:5C:0B:1C:3E:0D:A4:C3:35:0E:E6:BA:3E:C5:8E:6A:CA:65:E6:3E
Certificate issuer: /CN=d23708099f7a205564b5f8e05d217bd2fae4de88
Certificate serial: 018CC793E7E99534DCCF171E8EC76B22E5FD
Authority key identifier: D2:37:08:09:9F:7A:20:55:64:B5:F8:E0:5D:21:7B:D2:FA:E4:DE:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jcICZ96IFVktfjgXSF70vrk3og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/cFwLHD4NpMM1Dua6PsWOaspl5j4.roa
Signing time: Tue 02 Jan 2024 00:30:08 +0000
ROA not before: Tue 02 Jan 2024 00:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58132
IP address blocks: 2001:678:594::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/0jcICZ96IFVktfjgXSF70vrk3og.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/0jcICZ96IFVktfjgXSF70vrk3og.mft
rsync://rpki.ripe.net/repository/DEFAULT/0jcICZ96IFVktfjgXSF70vrk3og.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 15:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:e7:e9:95:34:dc:cf:17:1e:8e:c7:6b:22:e5:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d23708099f7a205564b5f8e05d217bd2fae4de88
Validity
Not Before: Jan 2 00:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=705c0b1c3e0da4c3350ee6ba3ec58e6aca65e63e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:36:1c:60:8e:a2:22:d3:89:bf:99:4a:b3:a9:
d8:9c:b6:23:85:0a:99:71:11:20:7a:c3:ef:68:d1:
08:72:c0:37:64:4c:77:16:46:36:3a:57:da:d4:0e:
d7:45:26:bc:8f:8c:ca:0d:6a:fc:45:c9:f0:5b:c6:
30:45:ae:50:0f:52:ad:b9:bd:b3:ca:ac:47:18:99:
79:f3:ad:63:a0:3f:2a:49:cf:e6:f4:ab:2d:ef:56:
7b:69:fc:c9:8e:1d:4c:ad:2e:69:be:35:f9:70:e0:
e6:2c:8a:ae:d3:99:b1:e1:e2:b1:5d:fe:7c:e1:40:
0c:0f:93:a9:6b:8e:9b:e3:37:3a:75:f2:69:c7:fa:
39:63:d0:05:fc:18:86:0f:8f:4d:e7:5d:85:7b:0b:
a7:f5:78:51:1d:19:0c:31:ad:12:bb:75:af:8b:7c:
4d:34:83:49:92:57:f3:89:9f:39:d7:07:24:cc:ee:
40:bb:d9:7d:39:1a:25:fb:3d:34:8d:4b:53:03:6c:
52:54:45:98:54:a9:b5:e6:07:b2:5c:fc:7c:c7:55:
2a:ab:36:d7:ec:b6:2b:ab:45:4f:0f:cd:af:cc:f8:
eb:2d:a5:45:7a:c9:2c:c2:1e:4b:54:64:d3:45:3c:
73:59:e2:8b:55:32:4d:2a:9b:f4:c5:8f:ae:d2:9e:
2c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:5C:0B:1C:3E:0D:A4:C3:35:0E:E6:BA:3E:C5:8E:6A:CA:65:E6:3E
X509v3 Authority Key Identifier:
keyid:D2:37:08:09:9F:7A:20:55:64:B5:F8:E0:5D:21:7B:D2:FA:E4:DE:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jcICZ96IFVktfjgXSF70vrk3og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/cFwLHD4NpMM1Dua6PsWOaspl5j4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/0jcICZ96IFVktfjgXSF70vrk3og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:594::/48
Signature Algorithm: sha256WithRSAEncryption
b3:51:c1:47:7c:b1:b6:16:5c:06:69:83:7e:8a:f7:1a:88:9a:
c1:ef:65:df:51:b9:e6:0a:03:09:06:d7:0d:1b:9d:0e:2b:82:
cf:09:aa:d2:f1:31:d9:8d:25:7d:0f:f2:9d:b9:94:40:fa:01:
4a:b3:0c:2a:14:cd:5d:09:aa:13:39:21:6a:5e:1b:b0:aa:4c:
19:90:eb:e0:02:10:f0:9f:fc:23:ad:a8:11:70:22:f4:fa:d5:
64:ec:35:df:65:91:7e:bf:ab:28:59:a1:a3:c8:9d:b6:e0:4d:
f4:ab:7e:8f:3b:59:3f:4d:73:19:e3:03:a0:7d:ff:99:7c:f2:
1b:a2:55:23:3c:4e:b8:96:c3:45:5c:4a:98:e7:30:0c:fa:1e:
ed:6e:9d:4f:ee:f9:31:97:19:ad:32:ec:43:c6:bb:db:c7:c6:
eb:cf:8a:c5:f1:4b:1d:7d:65:9c:c3:16:b5:a7:f2:0a:fc:e0:
5e:df:04:c2:cd:e2:3a:85:be:f6:22:e1:4d:82:09:db:09:f7:
fd:40:56:ff:bc:52:f8:03:fb:c1:9a:bb:7a:a0:ba:db:6d:17:
d9:15:49:c1:e6:17:88:3a:0c:06:26:6d:c3:16:7e:7c:8d:1a:
16:ff:45:25:1f:c5:58:0e:8c:32:6f:7b:bf:11:74:32:6c:9e:
59:d7:79:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHk+fplTTczxcejsdrIuX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzcwODA5OWY3YTIwNTU2NGI1ZjhlMDVkMjE3YmQyZmFl
NGRlODgwHhcNMjQwMTAyMDAzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDVjMGIxYzNlMGRhNGMzMzUwZWU2YmEzZWM1OGU2YWNhNjVlNjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8zYcYI6iItOJv5lKs6nYnLYjhQqZ
cREgesPvaNEIcsA3ZEx3FkY2Olfa1A7XRSa8j4zKDWr8RcnwW8YwRa5QD1Ktub2z
yqxHGJl5861joD8qSc/m9Kst71Z7afzJjh1MrS5pvjX5cODmLIqu05mx4eKxXf58
4UAMD5Opa46b4zc6dfJpx/o5Y9AF/BiGD49N512Fewun9XhRHRkMMa0Su3Wvi3xN
NINJklfziZ851wckzO5Au9l9ORol+z00jUtTA2xSVEWYVKm15geyXPx8x1UqqzbX
7LYrq0VPD82vzPjrLaVFeskswh5LVGTTRTxzWeKLVTJNKpv0xY+u0p4s/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHBcCxw+DaTDNQ7muj7FjmrKZeY+MB8GA1UdIwQY
MBaAFNI3CAmfeiBVZLX44F0he9L65N6IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpjSUNaOTZJRlZrdGZqZ1hTRjcwdnJrM29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8wMWI1YWYtYjc3Ny00YjU5LWE1YjIt
NWU5N2Y0YTUxMmU1LzEvY0Z3TEhENE5wTU0xRHVhNlBzV09hc3BsNWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8wMWI1YWYtYjc3Ny00YjU5LWE1YjItNWU5N2Y0YTUxMmU1
LzEvMGpjSUNaOTZJRlZrdGZqZ1hTRjcwdnJrM29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAWU
MA0GCSqGSIb3DQEBCwUAA4IBAQCzUcFHfLG2FlwGaYN+ivcaiJrB72XfUbnmCgMJ
BtcNG50OK4LPCarS8THZjSV9D/KduZRA+gFKswwqFM1dCaoTOSFqXhuwqkwZkOvg
AhDwn/wjragRcCL0+tVk7DXfZZF+v6soWaGjyJ224E30q36PO1k/TXMZ4wOgff+Z
fPIbolUjPE64lsNFXEqY5zAM+h7tbp1P7vkxlxmtMuxDxrvbx8brz4rF8UsdfWWc
wxa1p/IK/OBe3wTCzeI6hb72IuFNggnbCff9QFb/vFL4A/vBmrt6oLrbbRfZFUnB
5heIOgwGJm3DFn58jRoW/0UlH8VYDowyb3u/EXQybJ5Z13l7
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:19:05 2024 by rpki-client on console-ams.rpki-client.org