Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/o_eR2rFgdZdYbG6KMpWCaYYuuCY.roa
File: o_eR2rFgdZdYbG6KMpWCaYYuuCY.roa (raw, json)
Hash identifier: OUFnlGHvV7cebj1QeUqwLSw7MEyvalVghSViHHX3NMo=
Subject key identifier: A3:F7:91:DA:B1:60:75:97:58:6C:6E:8A:32:95:82:69:86:2E:B8:26
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E7FA99AF03CA6F26AC5C338C6BA4630ED
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/o_eR2rFgdZdYbG6KMpWCaYYuuCY.roa
Signing time: Wed 27 Mar 2024 11:26:45 +0000
ROA not before: Wed 27 Mar 2024 11:26:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200612
IP address blocks: 2.23.168.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:a9:9a:f0:3c:a6:f2:6a:c5:c3:38:c6:ba:46:30:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 11:26:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3f791dab1607597586c6e8a32958269862eb826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9a:14:9a:b2:58:f4:ab:12:3e:57:11:e4:d9:
33:e0:62:2b:6f:bf:17:d9:ce:29:2b:06:66:22:ac:
52:99:fe:79:8d:8e:bc:46:ea:91:84:0b:16:c2:5b:
eb:23:09:12:31:8c:0b:d3:57:9d:59:94:ea:24:7c:
24:f7:19:97:ec:b6:f9:10:50:df:41:37:df:70:7e:
3b:4b:da:05:95:ed:e7:8b:92:21:88:32:9c:bd:1b:
03:04:da:22:a1:20:f0:58:99:3e:a9:53:67:e5:f9:
25:cb:f2:e7:2e:4a:de:99:e0:7e:cf:c7:80:34:ed:
29:c6:32:b3:f7:3c:95:e2:ae:1f:b8:85:1f:b4:03:
a5:e8:c3:89:c8:19:e4:f8:95:40:33:ce:e4:93:dc:
0b:52:d9:c4:71:1a:66:6a:f9:03:3b:15:1c:79:09:
28:bd:00:90:de:87:05:e1:95:78:77:8e:2b:66:16:
1d:d3:b2:22:37:4c:de:36:e0:d7:3a:10:2c:bb:45:
79:72:eb:4d:82:f8:e5:cc:55:f3:78:3d:15:5b:40:
5a:d0:ee:00:ba:f6:5b:0a:14:b5:1f:ac:1b:94:61:
f1:2c:68:34:08:a8:40:0b:78:1e:58:e4:54:d8:21:
d0:a5:fc:4b:41:4d:14:87:96:45:aa:6b:33:5d:d0:
dc:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F7:91:DA:B1:60:75:97:58:6C:6E:8A:32:95:82:69:86:2E:B8:26
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/o_eR2rFgdZdYbG6KMpWCaYYuuCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.23.168.0/22
Signature Algorithm: sha256WithRSAEncryption
44:d0:27:bb:0d:cd:1c:ba:bb:b6:bf:70:73:c0:77:61:41:de:
a3:17:69:84:e4:78:0d:a9:8c:4b:44:4b:35:df:99:00:82:61:
59:d1:3e:a1:82:b9:b6:c1:53:68:af:3b:10:e7:52:9e:9c:02:
bb:72:db:7e:51:10:12:4d:ae:0c:11:eb:bf:90:59:3a:a2:8d:
55:b4:a2:c4:d3:8c:d6:28:06:89:55:e9:95:84:e3:f4:47:96:
08:ac:f4:1c:79:11:49:a8:fa:e3:a4:ca:1c:47:c8:0c:3e:04:
34:13:fd:c9:ab:34:3d:81:95:db:25:43:31:93:ff:4e:cc:f7:
58:32:47:1b:95:66:5f:6f:75:dd:7d:ea:ad:cc:64:f4:c8:11:
13:54:a7:57:c2:a1:e7:09:f0:a2:8e:cf:b9:e1:13:a0:9c:ab:
aa:11:95:3c:40:1f:4d:b4:6f:04:99:7a:24:8f:f2:7b:d2:fe:
32:72:bc:30:54:f5:2e:89:46:39:c6:4e:cc:3d:94:b0:0f:eb:
f8:86:bd:f9:b2:d7:08:ee:cf:0c:b2:0f:6b:ae:07:83:71:50:
08:db:95:fb:db:d3:63:e4:30:ad:ba:86:44:5f:02:28:86:77:
a2:3b:af:fa:a7:f0:ae:34:19:93:bd:20:22:a1:e8:02:78:7c:
58:3e:db:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5/qZrwPKbyasXDOMa6RjDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzI3MTEyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y3OTFkYWIxNjA3NTk3NTg2YzZlOGEzMjk1ODI2OTg2MmViODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5oUmrJY9KsSPlcR5Nkz4GIrb78X
2c4pKwZmIqxSmf55jY68RuqRhAsWwlvrIwkSMYwL01edWZTqJHwk9xmX7Lb5EFDf
QTffcH47S9oFle3ni5IhiDKcvRsDBNoioSDwWJk+qVNn5fkly/LnLkremeB+z8eA
NO0pxjKz9zyV4q4fuIUftAOl6MOJyBnk+JVAM87kk9wLUtnEcRpmavkDOxUceQko
vQCQ3ocF4ZV4d44rZhYd07IiN0zeNuDXOhAsu0V5cutNgvjlzFXzeD0VW0Ba0O4A
uvZbChS1H6wblGHxLGg0CKhAC3geWORU2CHQpfxLQU0Uh5ZFqmszXdDcoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKP3kdqxYHWXWGxuijKVgmmGLrgmMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvb19lUjJyRmdkWmRZYkc2S01wV0NhWVl1dUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAheoMA0G
CSqGSIb3DQEBCwUAA4IBAQBE0Ce7Dc0curu2v3BzwHdhQd6jF2mE5HgNqYxLREs1
35kAgmFZ0T6hgrm2wVNorzsQ51KenAK7ctt+URASTa4MEeu/kFk6oo1VtKLE04zW
KAaJVemVhOP0R5YIrPQceRFJqPrjpMocR8gMPgQ0E/3JqzQ9gZXbJUMxk/9OzPdY
MkcblWZfb3XdfeqtzGT0yBETVKdXwqHnCfCijs+54ROgnKuqEZU8QB9NtG8EmXok
j/J70v4ycrwwVPUuiUY5xk7MPZSwD+v4hr35stcI7s8Msg9rrgeDcVAI25X729Nj
5DCtuoZEXwIohneiO6/6p/CuNBmTvSAioegCeHxYPttH
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:28:09 2024 by rpki-client on console-ams.rpki-client.org