Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/z_OSxH5iGsT8eyHBWAB4PlAaBdg.roa
File: z_OSxH5iGsT8eyHBWAB4PlAaBdg.roa (raw, json)
Hash identifier: B/qNXskgn5/9s9mRL5WbSNv4Af6gElvNCX0khONc9Tk=
Subject key identifier: CF:F3:92:C4:7E:62:1A:C4:FC:7B:21:C1:58:00:78:3E:50:1A:05:D8
Certificate issuer: /CN=807709e7b0efba127025c83e5d3194c71ba428c3
Certificate serial: 018CC492957AA37994B22160849B3ECE5D2D
Authority key identifier: 80:77:09:E7:B0:EF:BA:12:70:25:C8:3E:5D:31:94:C7:1B:A4:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/z_OSxH5iGsT8eyHBWAB4PlAaBdg.roa
Signing time: Mon 01 Jan 2024 10:29:49 +0000
ROA not before: Mon 01 Jan 2024 10:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a0f:6040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/gHcJ57DvuhJwJcg-XTGUxxukKMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/gHcJ57DvuhJwJcg-XTGUxxukKMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 15:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:95:7a:a3:79:94:b2:21:60:84:9b:3e:ce:5d:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=807709e7b0efba127025c83e5d3194c71ba428c3
Validity
Not Before: Jan 1 10:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cff392c47e621ac4fc7b21c15800783e501a05d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:99:9f:1b:05:1e:0f:8d:16:55:ba:11:4a:1b:
f9:0c:5d:f0:1e:f1:24:5a:62:11:aa:10:29:be:54:
aa:c8:d2:e2:19:72:ee:3b:de:a9:34:b1:90:64:32:
da:44:14:53:ab:2b:06:70:b2:aa:aa:de:01:7b:60:
37:4d:79:bc:34:4c:15:54:08:0e:81:aa:74:2e:c1:
bb:bf:ee:4d:25:73:1c:1e:35:33:e5:99:47:04:21:
ba:6f:c8:16:be:14:68:25:7e:27:29:a4:df:70:a1:
96:06:0a:73:43:58:66:78:50:9d:c6:02:d1:21:fc:
8b:87:35:e0:b8:e8:7f:f1:0e:fc:33:5e:67:e0:f9:
64:81:c0:b5:67:e5:b8:da:77:db:69:61:03:68:42:
e8:22:f1:a1:c9:38:bb:e2:4f:62:14:f7:a2:6c:2f:
b6:c0:5c:d4:92:cf:cb:b0:21:4b:79:ba:2e:4b:c0:
61:cf:10:5e:80:58:04:cd:83:e7:22:cc:8a:52:39:
f8:e3:de:e8:8c:37:0a:19:e8:76:2b:85:8c:a6:2b:
ea:a4:39:2e:6c:d9:99:ed:95:de:32:6a:2d:c6:48:
ec:dd:93:d2:7d:d5:8b:e9:0b:b7:3e:fd:47:a2:5a:
74:ed:23:43:15:17:32:8f:ce:6a:bc:d1:5b:df:31:
59:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F3:92:C4:7E:62:1A:C4:FC:7B:21:C1:58:00:78:3E:50:1A:05:D8
X509v3 Authority Key Identifier:
keyid:80:77:09:E7:B0:EF:BA:12:70:25:C8:3E:5D:31:94:C7:1B:A4:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHcJ57DvuhJwJcg-XTGUxxukKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/z_OSxH5iGsT8eyHBWAB4PlAaBdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c426c3-4f03-46bb-8008-be9ad2bf725f/1/gHcJ57DvuhJwJcg-XTGUxxukKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6040::/29
Signature Algorithm: sha256WithRSAEncryption
8c:32:21:ae:cd:34:e2:90:33:f6:3b:02:f7:5c:73:56:6a:b6:
db:75:b3:04:9e:cc:a4:94:f0:b3:0b:65:c5:b6:25:e7:7f:3f:
8d:34:3d:25:9d:ef:2d:c8:1f:aa:7c:69:6d:3f:19:bf:e2:7c:
9c:b3:33:4a:f0:4f:ae:99:4f:9e:0d:4d:7a:7e:77:1a:9c:28:
1d:0d:83:44:9c:79:e0:cb:9c:f1:c4:43:11:e0:d3:cf:b5:9c:
26:29:99:c6:02:7f:48:f7:d4:4e:13:ac:fd:0b:be:ef:7a:6a:
c0:9e:9e:be:e3:48:12:70:ac:91:95:71:fb:8c:64:ba:d8:cb:
0e:d2:ed:d6:b5:a5:13:7e:87:8e:40:64:56:c4:fc:32:69:3a:
47:00:69:63:42:6b:e0:ff:78:0a:88:fb:00:1b:fb:c7:08:d8:
5c:57:25:11:58:1c:e4:d2:f1:71:0f:84:e8:20:49:d3:3b:8c:
13:65:af:15:41:cd:e2:e1:94:b6:30:0a:98:4d:d5:ba:bb:f7:
ab:41:08:48:db:7a:74:f4:95:5c:34:d2:ea:da:db:17:31:d2:
65:7f:25:6c:fc:39:16:c4:7b:17:ba:07:fd:fe:73:f8:0c:bc:
88:55:69:34:82:64:f1:8d:b6:8f:57:d8:65:53:24:0c:05:55:
03:c8:dc:05
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEkpV6o3mUsiFghJs+zl0tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzcwOWU3YjBlZmJhMTI3MDI1YzgzZTVkMzE5NGM3MWJh
NDI4YzMwHhcNMjQwMTAxMTAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmYzOTJjNDdlNjIxYWM0ZmM3YjIxYzE1ODAwNzgzZTUwMWEwNWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJmfGwUeD40WVboRShv5DF3wHvEk
WmIRqhApvlSqyNLiGXLuO96pNLGQZDLaRBRTqysGcLKqqt4Be2A3TXm8NEwVVAgO
gap0LsG7v+5NJXMcHjUz5ZlHBCG6b8gWvhRoJX4nKaTfcKGWBgpzQ1hmeFCdxgLR
IfyLhzXguOh/8Q78M15n4PlkgcC1Z+W42nfbaWEDaELoIvGhyTi74k9iFPeibC+2
wFzUks/LsCFLebouS8BhzxBegFgEzYPnIsyKUjn4497ojDcKGeh2K4WMpivqpDku
bNmZ7ZXeMmotxkjs3ZPSfdWL6Qu3Pv1Holp07SNDFRcyj85qvNFb3zFZPwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM/zksR+YhrE/HshwVgAeD5QGgXYMB8GA1UdIwQY
MBaAFIB3Ceew77oScCXIPl0xlMcbpCjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0hjSjU3RHZ1aEp3SmNnLVhUR1V4eHVrS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jNDI2YzMtNGYwMy00NmJiLTgwMDgt
YmU5YWQyYmY3MjVmLzEvel9PU3hINWlHc1Q4ZXlIQldBQjRQbEFhQmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jNDI2YzMtNGYwMy00NmJiLTgwMDgtYmU5YWQyYmY3MjVm
LzEvZ0hjSjU3RHZ1aEp3SmNnLVhUR1V4eHVrS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9gQDAN
BgkqhkiG9w0BAQsFAAOCAQEAjDIhrs004pAz9jsC91xzVmq223WzBJ7MpJTwswtl
xbYl538/jTQ9JZ3vLcgfqnxpbT8Zv+J8nLMzSvBPrplPng1Nen53GpwoHQ2DRJx5
4Muc8cRDEeDTz7WcJimZxgJ/SPfUThOs/Qu+73pqwJ6evuNIEnCskZVx+4xkutjL
DtLt1rWlE36HjkBkVsT8Mmk6RwBpY0Jr4P94Coj7ABv7xwjYXFclEVgc5NLxcQ+E
6CBJ0zuME2WvFUHN4uGUtjAKmE3Vurv3q0EISNt6dPSVXDTS6trbFzHSZX8lbPw5
FsR7F7oH/f5z+Ay8iFVpNIJk8Y22j1fYZVMkDAVVA8jcBQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:51:29 2024 by rpki-client on console-ams.rpki-client.org