Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/FfhQiam0ORAtBXuGVuevyjgRNHI.roa
File: FfhQiam0ORAtBXuGVuevyjgRNHI.roa (raw, json)
Hash identifier: D0+zwDDRmGWhfykGCDXAXAZSEjPw9sSshAdk+zUh8H0=
Subject key identifier: 15:F8:50:89:A9:B4:39:10:2D:05:7B:86:56:E7:AF:CA:38:11:34:72
Certificate issuer: /CN=715df9aaf9d1cd17ca40c952ad8f71f0a3432bb7
Certificate serial: 018FE7A5DC0937C087ED79AA5FCD037FDFC7
Authority key identifier: 71:5D:F9:AA:F9:D1:CD:17:CA:40:C9:52:AD:8F:71:F0:A3:43:2B:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/FfhQiam0ORAtBXuGVuevyjgRNHI.roa
Signing time: Wed 05 Jun 2024 09:05:57 +0000
ROA not before: Wed 05 Jun 2024 09:05:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47441
IP address blocks: 2a02:e480::/29 maxlen: 29
2a02:e480::/32 maxlen: 32
2a02:e481::/32 maxlen: 32
2a02:e482::/32 maxlen: 32
2a02:e483::/32 maxlen: 32
2a02:e484::/32 maxlen: 32
2a02:e485::/32 maxlen: 32
2a02:e486::/32 maxlen: 32
2a02:e487::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/cV35qvnRzRfKQMlSrY9x8KNDK7c.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/cV35qvnRzRfKQMlSrY9x8KNDK7c.mft
rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:a5:dc:09:37:c0:87:ed:79:aa:5f:cd:03:7f:df:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=715df9aaf9d1cd17ca40c952ad8f71f0a3432bb7
Validity
Not Before: Jun 5 09:05:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15f85089a9b439102d057b8656e7afca38113472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dc:81:98:82:3b:e1:15:6f:61:fb:db:4a:d4:
16:f8:57:00:9b:55:0d:ed:a7:6a:c3:a9:89:53:a9:
58:66:a1:20:bb:c1:f6:df:0f:34:dd:1a:5e:b2:62:
f0:56:3f:fb:b9:f4:5e:88:cc:af:8c:c1:d1:5f:33:
8c:81:a2:17:b5:42:b6:54:24:94:fd:2b:99:a7:4a:
24:2f:4a:4c:4e:db:0c:91:c6:46:33:3e:f7:e6:a8:
08:e7:32:34:aa:e5:9b:f1:47:8a:56:d3:8f:91:f8:
3a:c5:c9:bf:ef:91:27:dd:39:f7:8b:48:f3:9f:ff:
67:43:2a:9f:3d:6e:57:21:81:74:e6:9b:17:00:df:
65:ed:a1:3f:62:22:60:5e:a4:c8:cc:63:26:c9:25:
ee:a9:2b:68:2b:76:85:69:af:94:7c:61:7b:78:2a:
02:eb:2e:fa:e9:7d:f1:d7:03:58:7d:68:08:bc:e9:
4b:be:ce:4e:12:cf:62:c9:21:92:f3:32:7b:67:13:
29:ad:eb:41:24:5c:bc:57:0a:3d:35:d0:56:49:52:
7b:2c:3a:ba:7e:52:aa:73:35:56:49:84:f8:e6:18:
9e:17:e1:48:82:07:b3:ec:0c:b5:59:82:99:37:f4:
c9:be:4b:76:ab:95:94:0f:bf:55:48:2b:d6:fd:77:
7c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:F8:50:89:A9:B4:39:10:2D:05:7B:86:56:E7:AF:CA:38:11:34:72
X509v3 Authority Key Identifier:
keyid:71:5D:F9:AA:F9:D1:CD:17:CA:40:C9:52:AD:8F:71:F0:A3:43:2B:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/FfhQiam0ORAtBXuGVuevyjgRNHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/cV35qvnRzRfKQMlSrY9x8KNDK7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:e480::/29
Signature Algorithm: sha256WithRSAEncryption
66:85:bf:82:51:fd:5f:56:91:22:46:bc:af:30:b2:d1:53:0c:
3a:aa:0a:c5:95:33:66:03:76:26:39:2a:41:0f:6e:3c:d0:36:
de:83:74:e1:71:0c:40:fe:b5:9d:fe:bf:23:87:03:7f:e8:2b:
83:44:99:d5:46:8e:1a:85:32:15:63:a2:be:d9:32:79:23:ee:
74:31:56:c2:41:1e:d0:51:1e:b6:8a:c8:f3:cb:60:53:68:87:
ff:b9:5b:c1:a3:c5:df:eb:08:23:c5:16:3d:26:ef:18:78:c2:
bf:12:7b:7b:d1:91:d8:00:d9:1b:19:ce:cd:ff:74:14:55:0c:
80:94:6a:1f:70:9d:73:74:04:ec:fd:7c:ee:f7:63:c4:16:cb:
47:09:84:01:60:08:93:ae:4b:ca:c6:81:f0:2e:84:91:ef:77:
ff:d6:0c:b4:c6:18:04:0d:47:73:7d:75:b2:da:04:e5:25:4e:
4f:c3:73:a0:d7:21:90:fe:37:1d:67:09:04:a9:68:bd:89:3a:
0f:66:ed:fe:79:dd:19:7a:f7:d7:94:93:70:46:4b:80:6a:f7:
e3:4a:9c:ba:cd:71:23:fd:8c:2f:03:f9:cb:1f:de:4d:84:ad:
88:b4:17:6a:44:eb:b2:e1:a0:4c:97:db:aa:64:f2:ed:7f:c0:
18:e3:54:0c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY/npdwJN8CH7XmqX80Df9/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNWRmOWFhZjlkMWNkMTdjYTQwYzk1MmFkOGY3MWYwYTM0
MzJiYjcwHhcNMjQwNjA1MDkwNTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWY4NTA4OWE5YjQzOTEwMmQwNTdiODY1NmU3YWZjYTM4MTEzNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNyBmII74RVvYfvbStQW+FcAm1UN
7adqw6mJU6lYZqEgu8H23w803RpesmLwVj/7ufReiMyvjMHRXzOMgaIXtUK2VCSU
/SuZp0okL0pMTtsMkcZGMz735qgI5zI0quWb8UeKVtOPkfg6xcm/75En3Tn3i0jz
n/9nQyqfPW5XIYF05psXAN9l7aE/YiJgXqTIzGMmySXuqStoK3aFaa+UfGF7eCoC
6y766X3x1wNYfWgIvOlLvs5OEs9iySGS8zJ7ZxMpretBJFy8Vwo9NdBWSVJ7LDq6
flKqczVWSYT45hieF+FIggez7Ay1WYKZN/TJvkt2q5WUD79VSCvW/Xd8ywIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBX4UImptDkQLQV7hlbnr8o4ETRyMB8GA1UdIwQY
MBaAFHFd+ar50c0XykDJUq2PcfCjQyu3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1YzNXF2blJ6UmZLUU1sU3JZOXg4S05ESzdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMjNiMDYtNWIxZS00NGU5LTk4ZDgt
NzgxYmU1OThiZjU4LzEvRmZoUWlhbTBPUkF0Qlh1R1Z1ZXZ5amdSTkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMjNiMDYtNWIxZS00NGU5LTk4ZDgtNzgxYmU1OThiZjU4
LzEvY1YzNXF2blJ6UmZLUU1sU3JZOXg4S05ESzdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgLkgDAN
BgkqhkiG9w0BAQsFAAOCAQEAZoW/glH9X1aRIka8rzCy0VMMOqoKxZUzZgN2Jjkq
QQ9uPNA23oN04XEMQP61nf6/I4cDf+grg0SZ1UaOGoUyFWOivtkyeSPudDFWwkEe
0FEetorI88tgU2iH/7lbwaPF3+sII8UWPSbvGHjCvxJ7e9GR2ADZGxnOzf90FFUM
gJRqH3Cdc3QE7P187vdjxBbLRwmEAWAIk65LysaB8C6Eke93/9YMtMYYBA1Hc311
stoE5SVOT8NzoNchkP43HWcJBKlovYk6D2bt/nndGXr315STcEZLgGr340qcus1x
I/2MLwP5yx/eTYStiLQXakTrsuGgTJfbqmTy7X/AGONUDA==
-----END CERTIFICATE-----
Generated at Fri Nov 15 22:21:18 2024 by rpki-client on console-fra.rpki-client.org