Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1-Y7esaTKAGIVDrBG1z5ejsXBn5E.roa
File: 1-Y7esaTKAGIVDrBG1z5ejsXBn5E.roa (raw, json)
Hash identifier: EahPqw1qVnPFOLL9WPioNOZp7aW7OgzrQLzcu1t4Xhc=
Subject key identifier: F9:8E:DE:B1:A4:CA:00:62:15:0E:B0:46:D7:3E:5E:8E:C5:C1:9F:91
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018CC7941931EF0E5903A8E0C95411DE0D13
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1-Y7esaTKAGIVDrBG1z5ejsXBn5E.roa
Signing time: Tue 02 Jan 2024 00:30:20 +0000
ROA not before: Tue 02 Jan 2024 00:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49183
IP address blocks: 2001:146b::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:19:31:ef:0e:59:03:a8:e0:c9:54:11:de:0d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 00:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f98edeb1a4ca0062150eb046d73e5e8ec5c19f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:77:9a:65:1e:a5:9f:86:30:7a:cb:64:b6:af:
fe:25:55:c1:fb:b7:b6:7d:7c:94:f1:bb:86:7a:49:
27:87:bb:0a:df:de:77:fc:99:96:79:43:ab:5a:8b:
66:b2:51:b5:15:05:bb:b3:d9:46:50:d5:f0:94:7c:
5a:92:e7:2a:0e:b4:a5:cb:99:34:06:61:8f:b2:9c:
24:3f:b2:02:65:10:9c:eb:07:6d:db:77:83:a8:fb:
53:75:38:51:5e:1a:85:28:2c:c0:5d:a1:d8:82:40:
e4:54:4a:c9:a8:72:62:28:4e:b6:45:39:db:e8:eb:
0a:12:61:23:02:cd:57:0b:59:da:7b:5c:13:b2:92:
21:5c:87:46:96:5c:ee:3d:32:4b:4c:9d:32:a8:d7:
6b:cc:05:d7:4e:f9:af:52:37:07:fc:1d:6d:36:48:
4c:4a:bb:35:1d:6b:fa:bf:85:55:3c:35:2f:84:ae:
8c:f2:91:e6:17:9c:a0:48:3b:d3:7d:67:e6:ab:aa:
85:4e:a4:86:73:bb:55:8b:39:b3:91:a8:13:aa:e5:
0c:a7:dc:b2:5f:b5:c8:ec:3e:76:86:42:9b:b7:50:
cf:c4:f0:99:f2:7a:0a:bc:da:5b:58:24:9f:34:e4:
e2:e6:aa:21:31:0a:ae:81:8e:a8:9b:e9:61:30:51:
71:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8E:DE:B1:A4:CA:00:62:15:0E:B0:46:D7:3E:5E:8E:C5:C1:9F:91
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/1-Y7esaTKAGIVDrBG1z5ejsXBn5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:146b::/32
Signature Algorithm: sha256WithRSAEncryption
89:22:09:d6:f0:35:f9:2e:8a:c1:ba:6f:11:7d:6f:dd:cd:fc:
fa:03:19:27:3a:dd:ee:df:dd:63:5c:93:4e:6b:84:68:77:d3:
36:2c:e6:da:95:e5:cd:78:dc:f4:48:6e:d9:34:58:da:55:96:
c9:ba:87:cd:49:70:28:37:33:40:18:d6:7c:5e:b2:ad:f0:13:
9a:55:38:bd:bf:dd:aa:6e:27:31:49:ff:47:8d:bb:a5:17:16:
14:a2:a6:f4:6c:b4:d3:1e:e0:70:c2:2e:9a:d9:e4:51:a9:90:
34:b9:2a:e6:86:0a:43:83:02:81:c8:88:54:1e:44:ad:0a:25:
17:b3:3c:c5:07:dd:3c:e0:df:c7:18:eb:7c:c4:80:57:43:f6:
be:56:6c:08:da:a8:90:5d:7d:6e:f3:d0:fa:94:46:93:5d:f9:
14:9d:c5:08:04:39:7b:85:49:24:7c:47:71:e1:56:a6:6b:8a:
18:c7:d0:49:77:4d:13:61:fc:68:43:aa:29:1e:df:be:63:ee:
4d:c1:14:64:e5:aa:c8:b1:60:ed:eb:38:64:06:cb:52:21:2c:
0c:ac:42:00:18:9b:75:42:3d:02:2b:56:21:4c:1d:20:b7:cd:
f6:9e:79:7c:d1:cf:e7:73:19:d5:64:4d:a0:d9:31:77:15:10:
50:71:a9:95
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlBkx7w5ZA6jgyVQR3g0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTAyMDAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOThlZGViMWE0Y2EwMDYyMTUwZWIwNDZkNzNlNWU4ZWM1YzE5ZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXeaZR6ln4Ywestktq/+JVXB+7e2
fXyU8buGekknh7sK3953/JmWeUOrWotmslG1FQW7s9lGUNXwlHxakucqDrSly5k0
BmGPspwkP7ICZRCc6wdt23eDqPtTdThRXhqFKCzAXaHYgkDkVErJqHJiKE62RTnb
6OsKEmEjAs1XC1nae1wTspIhXIdGllzuPTJLTJ0yqNdrzAXXTvmvUjcH/B1tNkhM
Srs1HWv6v4VVPDUvhK6M8pHmF5ygSDvTfWfmq6qFTqSGc7tVizmzkagTquUMp9yy
X7XI7D52hkKbt1DPxPCZ8noKvNpbWCSfNOTi5qohMQqugY6om+lhMFFxJQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPmO3rGkygBiFQ6wRtc+Xo7FwZ+RMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvMS1ZN2VzYVRLQUdJVkRyQkcxejVlanNYQm41RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjUvMzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1
ZS8xL2lGdUZkd2JheFU0Z3lnMFJ2V1FXeTJOQ0E3US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABFGsw
DQYJKoZIhvcNAQELBQADggEBAIkiCdbwNfkuisG6bxF9b93N/PoDGSc63e7f3WNc
k05rhGh30zYs5tqV5c143PRIbtk0WNpVlsm6h81JcCg3M0AY1nxesq3wE5pVOL2/
3apuJzFJ/0eNu6UXFhSipvRstNMe4HDCLprZ5FGpkDS5KuaGCkODAoHIiFQeRK0K
JRezPMUH3Tzg38cY63zEgFdD9r5WbAjaqJBdfW7z0PqURpNd+RSdxQgEOXuFSSR8
R3HhVqZrihjH0El3TRNh/GhDqike375j7k3BFGTlqsixYO3rOGQGy1IhLAysQgAY
m3VCPQIrViFMHSC3zfaeeXzRz+dzGdVkTaDZMXcVEFBxqZU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:46:42 2024 by rpki-client on console-ams.rpki-client.org