Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/PffA6g3RgEZ7uR3duANkbB8kYVQ.roa
File: PffA6g3RgEZ7uR3duANkbB8kYVQ.roa (raw, json)
Hash identifier: uYbiSTbdByAzcQ4UTNupPNeKGQfQfuLxI/gwFRdSuvU=
Subject key identifier: 3D:F7:C0:EA:0D:D1:80:46:7B:B9:1D:DD:B8:03:64:6C:1F:24:61:54
Certificate issuer: /CN=40f75d327761b90c0899638f430eb614c87c3106
Certificate serial: 018CC34965AEBD7007A4A3E961089735B12D
Authority key identifier: 40:F7:5D:32:77:61:B9:0C:08:99:63:8F:43:0E:B6:14:C8:7C:31:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPddMndhuQwImWOPQw62FMh8MQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/PffA6g3RgEZ7uR3duANkbB8kYVQ.roa
Signing time: Mon 01 Jan 2024 04:30:16 +0000
ROA not before: Mon 01 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2001:678:2cc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/QPddMndhuQwImWOPQw62FMh8MQY.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/QPddMndhuQwImWOPQw62FMh8MQY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QPddMndhuQwImWOPQw62FMh8MQY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:65:ae:bd:70:07:a4:a3:e9:61:08:97:35:b1:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40f75d327761b90c0899638f430eb614c87c3106
Validity
Not Before: Jan 1 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3df7c0ea0dd180467bb91dddb803646c1f246154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7b:1b:9b:52:8c:0d:7a:01:a9:94:ae:5b:6d:
bd:0d:22:d5:41:c7:c6:3d:50:25:3a:fb:d7:e4:4b:
06:55:c2:60:74:7a:ff:74:c2:74:19:e5:58:98:1a:
8d:b6:19:62:d3:69:18:a2:25:02:33:d0:c4:8c:d8:
b0:e1:dd:ca:da:b3:83:b8:23:16:91:24:6c:d4:83:
e7:96:80:a4:f6:f3:24:c9:eb:c5:46:31:a8:50:ef:
28:40:64:c3:5b:21:41:ec:23:dc:80:0e:49:71:2a:
77:2b:20:fa:9a:c6:48:82:55:9e:a7:4e:d3:4b:16:
91:af:84:56:68:dc:ed:98:f8:46:1a:cd:78:59:95:
e7:e5:64:86:36:1f:3a:2c:73:bc:64:2f:c6:e8:49:
ea:d0:72:b8:23:1a:29:80:4e:cc:10:2a:f4:5f:ea:
5c:b8:33:dd:94:5a:67:d1:ed:a4:a4:1f:de:cc:88:
e5:b8:22:07:71:51:7e:8d:9a:1f:75:ea:c1:4a:1f:
e7:96:15:cf:05:c5:f8:f8:6d:18:d6:1d:3d:af:c7:
a3:6e:94:45:73:49:1e:94:9f:ae:7f:f1:ae:44:00:
36:04:72:35:bf:ce:59:0b:d0:9d:06:19:95:f9:d1:
58:b1:88:6f:6d:a4:bb:0c:db:e1:01:3f:24:94:d2:
9d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F7:C0:EA:0D:D1:80:46:7B:B9:1D:DD:B8:03:64:6C:1F:24:61:54
X509v3 Authority Key Identifier:
keyid:40:F7:5D:32:77:61:B9:0C:08:99:63:8F:43:0E:B6:14:C8:7C:31:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPddMndhuQwImWOPQw62FMh8MQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/PffA6g3RgEZ7uR3duANkbB8kYVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/QPddMndhuQwImWOPQw62FMh8MQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:2cc::/48
Signature Algorithm: sha256WithRSAEncryption
0a:e2:78:8b:8d:c5:0c:c1:c8:fc:60:2b:3c:e4:5c:90:d2:a3:
39:f8:f7:30:f9:02:24:4e:7c:af:aa:52:4e:34:be:3b:54:96:
23:eb:bf:7b:a2:00:d6:60:b4:fa:70:b8:e9:1a:18:72:4a:e8:
7a:37:2e:a1:c5:8b:19:77:02:4a:42:1c:01:17:5a:46:89:0f:
68:82:de:5d:2f:a3:19:06:70:63:fa:06:9f:34:e3:c6:d2:0c:
2e:d1:92:ed:06:bb:99:60:ef:08:3c:67:d4:96:00:c9:8e:69:
6a:ac:70:b2:74:2e:c9:78:45:cc:5b:a1:76:35:71:87:8d:01:
6c:8b:d0:27:0c:16:f2:77:84:80:6a:a1:fc:26:34:27:21:b3:
cc:e2:0f:d0:74:29:aa:05:ee:ee:5d:14:a1:bb:ba:90:35:79:
5e:64:1d:cd:fb:67:f7:fe:4b:a4:11:5f:d1:b8:55:0a:8f:e4:
96:67:6d:23:d1:d0:89:2b:8f:4e:f4:29:14:46:44:50:a6:90:
2f:22:cb:e7:1a:7b:6a:31:e9:2f:e1:3b:2c:d1:f3:8a:3e:7a:
2f:44:b8:2b:c7:d2:35:14:7e:dc:18:ca:4d:fd:d1:9c:4d:b2:
40:73:54:23:ea:85:bc:f4:9a:2b:4f:c0:23:be:fd:e6:aa:a8:
dd:40:4b:38
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSWWuvXAHpKPpYQiXNbEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZjc1ZDMyNzc2MWI5MGMwODk5NjM4ZjQzMGViNjE0Yzg3
YzMxMDYwHhcNMjQwMTAxMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGY3YzBlYTBkZDE4MDQ2N2JiOTFkZGRiODAzNjQ2YzFmMjQ2MTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3sbm1KMDXoBqZSuW229DSLVQcfG
PVAlOvvX5EsGVcJgdHr/dMJ0GeVYmBqNthli02kYoiUCM9DEjNiw4d3K2rODuCMW
kSRs1IPnloCk9vMkyevFRjGoUO8oQGTDWyFB7CPcgA5JcSp3KyD6msZIglWep07T
SxaRr4RWaNztmPhGGs14WZXn5WSGNh86LHO8ZC/G6Enq0HK4IxopgE7MECr0X+pc
uDPdlFpn0e2kpB/ezIjluCIHcVF+jZofderBSh/nlhXPBcX4+G0Y1h09r8ejbpRF
c0kelJ+uf/GuRAA2BHI1v85ZC9CdBhmV+dFYsYhvbaS7DNvhAT8klNKdiQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD33wOoN0YBGe7kd3bgDZGwfJGFUMB8GA1UdIwQY
MBaAFED3XTJ3YbkMCJljj0MOthTIfDEGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVBkZE1uZGh1UXdJbVdPUFF3NjJGTWg4TVFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS82ZTVmNGMtMmVhZS00OGEwLTg1NTAt
MjlhYzQ1ZTJlY2ZmLzEvUGZmQTZnM1JnRVo3dVIzZHVBTmtiQjhrWVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS82ZTVmNGMtMmVhZS00OGEwLTg1NTAtMjlhYzQ1ZTJlY2Zm
LzEvUVBkZE1uZGh1UXdJbVdPUFF3NjJGTWg4TVFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeALM
MA0GCSqGSIb3DQEBCwUAA4IBAQAK4niLjcUMwcj8YCs85FyQ0qM5+Pcw+QIkTnyv
qlJONL47VJYj6797ogDWYLT6cLjpGhhySuh6Ny6hxYsZdwJKQhwBF1pGiQ9ogt5d
L6MZBnBj+gafNOPG0gwu0ZLtBruZYO8IPGfUlgDJjmlqrHCydC7JeEXMW6F2NXGH
jQFsi9AnDBbyd4SAaqH8JjQnIbPM4g/QdCmqBe7uXRShu7qQNXleZB3N+2f3/kuk
EV/RuFUKj+SWZ20j0dCJK49O9CkURkRQppAvIsvnGntqMekv4Tss0fOKPnovRLgr
x9I1FH7cGMpN/dGcTbJAc1Qj6oW89JorT8Ajvv3mqqjdQEs4
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:24:03 2024 by rpki-client on console-ams.rpki-client.org